The second largest American Bank Bank of America received a patent for a system for remote storage of private keys based on the processing of sensor signals, allowing you to respond quickly to attempt to gain unauthorized access to information.
According to the patent application, originally filed two years ago, but with some changes made to the Protocol Office for patents and trademarks (USPTO) last week, the problem of existing methods for the storage of private crypto keys that “such devices do not provide the possibility of obtaining a response in real time in respect of such vulnerabilities that would prevent misappropriation of the crypto keys”. The document States that the vast majority of private keys is stored on the controlled devices in the consumer class, and “affected opportunities to be misappropriated”.
Thus, Bank of America can become the Bank for private keys — a sort of digital Deposit box with the necessary insurance mechanisms and support for major banking Corporation. It is hoped that this product easily and in a short time will find its market, and the availability of a patent may allow the decision — if the company comercializare him for a long time become the optimum choice of consumers.
In any case, the novelty of the device or system, whatever form the decision, already provides a breakthrough. Now Bank of America is able to offer customers the opportunity to learn about the existing threat to private keys in real time and to have some way to influence such events. The invention can be useful to different categories of customers, but come immediately to mind exchanges and other large companies that are the most frequent targets of hackers seeking to win big.
The patent describes a system backup keys are automatically responsive to attempts to access, delete key from a potentially compromised device.
“Specific applications of the system storage device includes one or more sensors connected to the first processor. In such embodiments, the application of the system, the first processor configured to, in response to receipt of signals related to the unauthorized access attempt by one or more sensors, remove one or more private cryptographic keys”, — explained in the document.
The system works in a similar way, if the detected the physical intervention, in other words — if the device is stolen:
“In other specific related embodiments, the application of the system of one or more sensors include at least one of shock sensors, acceleration sensor and temperature sensor. In such embodiments, the application of the system the first processor is additionally configured so that in response to the receipt relevant to unlawful interference signals of at least one of shock sensors, acceleration or temperature sensor, to remove one or more private cryptographic keys from the first memory.”
Another example, when the secure key may be removed from the device — detection of a virus or malicious code BY:
“In other specific embodiments, the use of the system the first processor is configured to obtain relevant to illegal access signal from a compute node. In such embodiments, the application of the system relevant to illegal access signal indicates that the user exceeded the preset number of attempts for entering information identification data in the framework of the authentication procedures”.
According to the patent application, users will need to configure the system signals and their subsequent processing.
Well, recently, banks continue to hedge their bets in the sphere of cryptocurrency or even work on their implementation — the number of patent applications in this area speaks for itself. Creating a trusted storage of private keys remains one of the most important topics, especially considering that the community is growing, and with it, as usual, increasing the number of participants wishing to earn at the expense of others.