Abstract: Systems and methods for anti-phishing are disclosed. At a computing device: identifying, from a user input data stream, a first set of one or more characters, and a second set of one or more characters. The first set of characters represents a portion of first private information, and the second set of characters represents a portion of second private information. In accordance with a determination that the first set of characters and second set of characters are identified in accordance with a predefined sequential relationship, taking a protective action, prior to transmitting at least a subset of the characters of the first or second private information to a server remotely located from the computing device, to protect the first or second private information. In some implementations, the first private information includes a username, and the second private information includes a password corresponding to the username.

Abstract: Systems and methods for anti-phishing are disclosed. At a computing device: identifying, from a user input data stream, a first set of one or more characters, and a second set of one or more characters. The first set of characters represents a portion of first private information, and the second set of characters represents a portion of second private information. In accordance with a determination that the first set of characters and second set of characters are identified in accordance with a predefined sequential relationship, taking a protective action, prior to transmitting at least a subset of the characters of the first or second private information to a server remotely located from the computing device, to protect the first or second private information. In some implementations, the first private information includes a username, and the second private information includes a password corresponding to the username.

Abstract: An anti-phishing system and method includes monitoring a user input data stream input to a computing device, identifying, in the user input data stream, one or more characters corresponding to a trigger event related to private information of a user, and taking an action to protect the private information based on identifying the one or more characters corresponding to the trigger event.

Abstract: One embodiment provides a system for mutual authentication. During operation, a first entity receives an access request from a second entity. In response, the first entity requests information about the second entity's account with a financial service provider (FSP) and transfers a fund to the account. The first entity sends first and second messages through the FSP to the second entity with the fund. Subsequently, the first entity receives from the second entity a first input corresponding to the first message and determines that a first condition is met based on the received first input and the first message. The first entity sends a second input to the second entity based on the second message, thereby allowing the second entity to verify that a second condition is met based on the second input and the second message. The system then produces a result indicating that both the first and second entities are mutually authenticated.

Abstract: One embodiment of the present invention provides a system for controlling access to resources using small payments. The system receives a request from an entity to access a resource. In response, the system requests the entity to submit information about the entity's account with a financial service provider (FSP). The system then transfers a fund to the entity's account and sends a message through the FSP to the entity with the fund transfer. The system receives from the entity an input corresponding to the message and determines that a first condition is met based on the received input and the message. As a result, the system grants the entity access to the resource.

Abstract: A computer implemented method for enabling a third party by a user to execute a transaction on behalf of the user, said method comprising: generating a token based on at least an account identifier identifying an account of said user, a secret authorization identifier known only by the user and said bank and corresponding to said account of said user, and a transaction definition defining the type of transaction to be performed; encrypting said token by an encryption method to generate an encrypted token, said encryption method being predefined such that it is known by said bank and can either be performed inversely or can be repeated by said bank; transferring said encrypted token from said user to said user to said third party to thereby authorize said third party to define the transaction as defined in said transaction definition on behalf of the account of said user specified in said token; wherein for executing said transaction said token is transferred to the bank to which the account specified in said