US Patent 9858401 Securing transactions against cyberattacks

Methods and systems are provided for performing a secure transaction. Users register biometric and/or other identifying information. A registration code and an encryption key are generated from the biometric information and/or information obtained from a unpredictable physical process and are stored in a secure area of a device and also transmitted to a service provider. A transaction passcode generator may be computed based on the stored registration code. In at least one embodiment, a unique transaction passcode depends upon the transaction information, so that on the next step of that transaction, only that unique transaction passcode will be valid. In an embodiment, the passcode includes the transaction information. In at least one embodiment, if the transaction information has been altered relative to the transaction information stored in the device's secure area, then the transaction passcode sent during this step will be invalid and transaction may be aborted.