Systems and methods for dynamic formjacking protection
US-11947692-B1 · Apr 2, 2024 · US
System and method for protecting form field sensitive data with dynamic user feedback
US2024411921A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2024411921-A1 |
| Application number | US-202318208616-A |
| Country | US |
| Kind code | A1 |
| Filing date | Jun 12, 2023 |
| Priority date | Jun 12, 2023 |
| Publication date | Dec 12, 2024 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system and method for preventing erroneous data entry is disclosed. When presented with a form, such as in a website or an app, users are often requested to submit private information that should not be made public. However, form fields are often not protected, and users commonly erroneously enter private information into forms requesting non-private information. Therefore, an alternative entry display is provided to the user to allow the user to separately and securely submit form field entries. This display analyzes the information provided to the user to determine the type of data being requested by a selected form field. This information is used not only to prompt the user in the alternative entry display, but also to verify that the information provided by the user matches the type being requested for security purposes.
First claim
Opening claim text (preview).
What is claimed is: 1 . A data entry security system comprising: a transceiver configured to communicate with an external device; a display configured to display a user interface to a user, the user interface including a form field; an input device configured to receive user inputs; and one or more processors configured to: detect that the user has selected the form field; generate an alternative data entry field in the user interface configured to receive form field data from the user; receive the form field data from the user via the alternative data entry field; validate the form field data; and automatically enter, in response to the validating, the form field data into the form field. 2 . The data entry security system of claim 1 , wherein the alternative data entry field is an overlay that includes a visual copy of the form field. 3 . The data entry security system of claim 1 , wherein the alternative data entry field is a pop-up window that includes the alternative data entry field. 4 . The data entry security system of claim 1 , wherein the one or more processors are further configured to detect a data type associated with the form field. 5 . The data entry security system of claim 4 , wherein the alternative data entry field is labeled with the data type. 6 . The data entry security system of claim 4 , wherein the validating includes: identifying a data type associated with the form field data; comparing the data type of the form field data to the data type of the form field; and making a validation decision of validating or not validating the form field data based on the comparing of the data type. 7 . The data entry security system of claim 6 , wherein the one or more processors are further configured to, in response to not validating the form field data: request confirmation from the user of the validation decision; receive reply data from the user the denies the confirmation request; in response to the reply data, request an actual data type from the user; and provide the form field data and the actual data type to a model. 8 . A method for data entry security, comprising: displaying, to a user, a user interface having a form field; detecting selection of the form field; generating an alternative data entry field in the user interface configured to receive form field data from the user; receiving the form field data from the user via the alternative data entry field; validating the form field data; and automatically entering, in response to the validating, the form field data into the form field. 9 . The method of claim 8 , wherein the alternative data entry field is an overlay that includes a visual copy of the form field. 10 . The method of claim 8 , wherein the alternative data entry field is a pop-up window that includes the alternative data entry field. 11 . The method of claim 8 , further comprising detecting a data type associated with the form field. 12 . The method of claim 11 , further comprising labeling the alternative data entry field with the data type associated with the form field. 13 . The method of claim 11 , wherein the validating includes: detecting a data type associated with the form field data; comparing the data type of the form field data to the data type of the form field; and making a validation decision of validating or not validating the form field data based on the comparing of the data type. 14 . The method of claim 11 , further comprising: requesting confirmation from the user of the validation decision; receiving reply data from the user denying the confirmation request; in response to the receiving of the reply data, request an actual data type from the user; and provide the form field data and the actual data type to a model. 15 . A method for securely entering data in a form, comprising: detecting selection of a form field by a user in a user interface; in response to the detecting, providing to the user an alternative form field; receiving form field data via the alternative form field from the user; validating that the form field data corresponds to the data requested by the form field; and automatically entering the form field data into the form field in response to the validating. 16 . The method of claim 15 , further comprising: generating a secondary user interface that includes the alternative form field, wherein the providing includes displaying the secondary user interface to the user. 17 . The method of claim 16 , wherein the secondary user interface is displayed to the user as one of a pop-up window or an overlay. 18 . The method of claim 16 , wherein the validating includes: detecting a first data type associated with the form field; detecting a second data type associated with the form field data; and comparing the first data type and the second data type. 19 . The method of claim 18 , wherein the validating further includes: determining that the first data type and the second data type do not match; request an actual data type from the user, and perform an updated comparison between the second data type and the actual data type. 20 . The method of claim 19 , further comprising: providing the form field data, the detected first data type and the actual data type to an external model; and updating the model based on the form field data, the detected first data type, and the actual data type.
Assignees
Inventors
Classifications
- G06F21/6245Primary
Protecting personal data, e.g. for financial or medical purposes · CPC title
- G06F40/174Primary
Form filling; Merging · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2024411921A1 cover?
- A system and method for preventing erroneous data entry is disclosed. When presented with a form, such as in a website or an app, users are often requested to submit private information that should not be made public. However, form fields are often not protected, and users commonly erroneously enter private information into forms requesting non-private information. Therefore, an alternative ent…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6245. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Dec 12 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).