Abstract: A system and method provides electronic transaction verification using multiple different units. A first unit initiates an electronic transaction in response to user authentication affirmation by, for example, a server (such as a web server). After the user has been authenticated, another unit, such as a mobile device, receives a transaction confirmation request for the electronic transaction that is ongoing via the first unit. In addition, the second unit also receives from, for example, the server, transaction information based on the electronic transaction. The second device through a user interface and without requiring a user to enter transaction information, provides the received transaction information from the server for evaluation by a user of the second unit. The second unit requests from the user, in response to the transaction confirmation request, confirmation of the transaction.

Abstract: A method and apparatus provides user authentication by communicating primary authentication information, such as user identification data and/or password data to an authentication unit via a primary channel such as over the Internet. An authentication code is generated by the authentication unit on a per session basis and is sent to a destination unit via a first secondary channel during the session. The destination unit then retransmits the authentication code, on a second secondary channel, to the first unit in a way that is transparent to a user of the first unit. The first device then send the received re-transmitted authentication code back to the authentication unit via the primary channel during the session.

Abstract: An apparatus and method provides non-repudiation of transaction information such as mark up language forms, using a non-proxy cryptographic application, such as an applet, that provides information to and from the Web browser. Once a user fills out a mark up language-based form as provided, for example, through a Web browser and selects a “submit” button, the non-proxy cryptographic application sends the completed form to a server or the receiving unit that provided the incomplete form and waits for the server to present confirmation data such as a confirmation request form. In one embodiment, once a confirmation request form is received, the non-proxy cryptographic application temporarily maintains the confirmation request form, namely a representation of the completed form as provided by the server, in temporary (e.g., volatile) memory, such as RAM. The non-proxy cryptographic application then sends a copy of the temporarily maintained confirmation request form to the Web browser for display to a user.

Abstract: A method and apparatus provides user authentication by communicating primary authentication information, such as user identification data and/or password data to an authentication unit via a primary channel such as over the Internet. An authentication code is generated by the authentication unit on a per session basis and is sent to a destination unit via a first secondary channel during the session. The destination unit then retransmits the authentication code, on a second secondary channel, to the first unit in a way that is transparent to a user of the first unit. The first device then send the received re-transmitted authentication code back to the authentication unit via the primary channel during the session.