You may recall that, last year, I was very excited about Intel Identity Protection Technology (IPT). Then it was all about One Time Password (OTP); basically using the 2nd generation Intel Core processor as an OTP key FOB. This year, IPT is getting some new, and even cooler features. I've already written about PKI and one aspect of Protected Transaction Display. Today, let's talk briefly about another aspect of Protected Transaction Display.
Protected Transaction display provides a method to get secure input from a user. It works by giving the Management Engine (ME) the ability to draw on the screen. When it does this, any software running in windows does not see what's on the screen. All it sees it a black square. For input, there is a key pad with the numbers in a randomized location. The user uses the mouse to enter a number by clicking the key pad. Although windows can tell where on the screen the mouse is, only the ME knows that numbers where actually typed.
What the user sees.
What malicious software sees.
OK, that sounds a little complicated just to get a number from a user. So how's it useful? Well, one way is to get a PIN code. When PIN codes are entered using Protected Transaction Display, malicious software will be unable to determine the code entered. This protects the code from spying eyes.
Another use is for transaction verification. For example, let's say you want to transfer $100 from your bank to your friend. It's possible that malicious software could change the $100 dollar value without you, or the bank knowing it. However, using the ME, the bank can verify the transaction amount like so; the bank asks to ME to verify the number it thinks you want. The ME pops up and asks you to enter the amount. If what you enter matches what the bank asked for, the ME will respond to the bank with that it matches. Otherwise ME responds that it doesn't match and the bank can then deny the transaction.
Of course, there are probably many other possible uses for Protected Transaction Display. That's what excites me the most about it. It's a totally new technology. I think we're just beginning to imagine all that may be possible.