Data protection with translation

US 10,147,089 B2
Filed: 01/07/2013
Issued: 12/04/2018
Est. Priority Date: 01/05/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by an access device of a merchant system, a personal identification number (PIN) and sensitive data associated with a transaction, the access device having a security module programmed with an initial key derived from a base derivation key that is associated with a key serial number;

encrypting, by the access device of the merchant system, the PIN, wherein PIN encryption uses a first encryption key variant based on the initial key;

encrypting, by the access device of the merchant system, the sensitive data including a primary account number (PAN) identifying an account, wherein sensitive data encryption uses a second encryption key variant based on the same initial key, the second encryption key variant being unique from the first encryption key variant;

obtaining, by a host processor of the merchant system, the key serial number and an authorization request message including the encrypted PIN and the encrypted sensitive data;

retrieving, by the host processor of the merchant system, the base derivation key using the key serial number;

deriving, by the host processor of the merchant system, the initial key from the base derivation key, and decryption keys from the initial key according to a derived unique key per transaction (DUKPT) key management scheme, wherein the decryption keys include a first decryption key variant corresponding to the first encryption key variant and a second decryption key variant corresponding to the second encryption key variant;

decrypting, by the host processor of the merchant system, the encrypted PIN with the first decryption key variant and the encrypted sensitive data with the second decryption key variant;

selecting, by the host processor of the merchant system, a processing network from a plurality of processing networks to route the authorization request message based on the PAN from the decrypted sensitive data;

when the selected processing network is a first processing network, re-encrypting the PIN and the sensitive data using a first set of at least one zone encryption key associated with the first processing network, and when the selected processing network is a second processing network, re-encrypting the PIN and the sensitive data using a second set of at least one zone encryption key associated with the second processing network;

transmitting the re-encrypted PIN and the re-encrypted sensitive data to the selected processing network; and

receiving an authorization response message from the selected processing network, the authorization response message indicating whether the transaction is approved based in part on verification of the PIN associated with the account identified by the PAN.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.

603 Citations

26 Claims

1. A method comprising:
- receiving, by an access device of a merchant system, a personal identification number (PIN) and sensitive data associated with a transaction, the access device having a security module programmed with an initial key derived from a base derivation key that is associated with a key serial number;
  
  encrypting, by the access device of the merchant system, the PIN, wherein PIN encryption uses a first encryption key variant based on the initial key;
  
  encrypting, by the access device of the merchant system, the sensitive data including a primary account number (PAN) identifying an account, wherein sensitive data encryption uses a second encryption key variant based on the same initial key, the second encryption key variant being unique from the first encryption key variant;
  
  obtaining, by a host processor of the merchant system, the key serial number and an authorization request message including the encrypted PIN and the encrypted sensitive data;
  
  retrieving, by the host processor of the merchant system, the base derivation key using the key serial number;
  
  deriving, by the host processor of the merchant system, the initial key from the base derivation key, and decryption keys from the initial key according to a derived unique key per transaction (DUKPT) key management scheme, wherein the decryption keys include a first decryption key variant corresponding to the first encryption key variant and a second decryption key variant corresponding to the second encryption key variant;
  
  decrypting, by the host processor of the merchant system, the encrypted PIN with the first decryption key variant and the encrypted sensitive data with the second decryption key variant;
  
  selecting, by the host processor of the merchant system, a processing network from a plurality of processing networks to route the authorization request message based on the PAN from the decrypted sensitive data;
  
  when the selected processing network is a first processing network, re-encrypting the PIN and the sensitive data using a first set of at least one zone encryption key associated with the first processing network, and when the selected processing network is a second processing network, re-encrypting the PIN and the sensitive data using a second set of at least one zone encryption key associated with the second processing network;
  
  transmitting the re-encrypted PIN and the re-encrypted sensitive data to the selected processing network; and
  
  receiving an authorization response message from the selected processing network, the authorization response message indicating whether the transaction is approved based in part on verification of the PIN associated with the account identified by the PAN.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein at least one of the PIN and the sensitive data are encrypted using Triple DES Encryption Algorithm (TDEA).
  - 3. The method of claim 1, wherein the sensitive data further includes at least one of a cardholder name, a cardholder address, and discretionary data.
  - 4. The method of claim 1, wherein a subset of discretionary data remains unencrypted when discretionary data is included in encrypted sensitive data.
  - 5. The method of claim 1, wherein an encrypted PAN is written to a PAN field of the authorization request message, wherein the encrypted PAN has the same format as the unencrypted PAN.
  - 6. The method of claim 5, wherein a subset of digits of the unencrypted PAN remain unencrypted in the encrypted PAN.
  - 7. The method of claim 6, wherein the first six digits of the encrypted PAN are the same as the first six digits of the unencrypted PAN and wherein the last four digits of the encrypted PAN are the same as the last four digits of the unencrypted PAN.
  - 8. The method of claim 6, further comprising calculating a value for a designated digit of the encrypted PAN such that the last digit of the unencrypted PAN has the same value as the last digit of the encrypted PAN, wherein the last digit of the unencrypted PAN is a valid check digit for the encrypted PAN.
  - 9. The method of claim 8, wherein the designated digit is the twelfth digit of the encrypted PAN.
  - 10. The method of claim 5, wherein an expiration date field of the authorization request message is overwritten with an altered expiration date to indicate that the PAN field of the authorization request message contains an encrypted PAN.
  - 11. The method of claim 10, wherein the altered expiration date is derived by adding at least twenty years to an expiration date associated with the PAN.
  - 12. The method of claim 1, wherein the access device is a point of sale terminal.
  - 13. The method of claim 1, wherein the access device receives information associated with an e-commerce transaction.
  - 14. The method of claim 1, wherein the PIN and the sensitive data are re-encrypted using different zone encryption keys associated with the determined processing network.
  - 15. The method of claim 1, wherein the sensitive data is converted to base-10 alphabet prior being encrypted.

16. A system comprising:
- a hardware access device programmed with an initial key derived from a base derivation key that is associated with a key serial number, and configured to perform a first set of operations including;
  
  encrypting a personal identification number (PIN), wherein the PIN encryption uses a first encryption key variant based on an initial key; and
  
  encrypting sensitive data including a primary account number (PAN) identifying an account, wherein the sensitive data encryption uses a second encryption key variant based on the same initial key, the second encryption key variant being unique from the first encryption key variant; and
  
  a host processor, the host processor configured to perform a second set of operations including;
  
  obtaining the key serial number and an authorization request message including the encrypted PIN and encrypted sensitive data;
  
  retrieving the base derivation key using the key serial number;
  
  deriving the initial key from the base derivation key, and decryption keys from the initial key according to a derived unique key per transaction (DUKPT) key management scheme, wherein the decryption keys include a first decryption key variant corresponding to the first encryption key variant and a second decryption key variant corresponding to the second encryption key variant;
  
  decrypting the encrypted PIN and the encrypted sensitive data using the decryption keys;
  
  selecting a processing network from a plurality of processing networks to route the authorization request message based on the PAN from the decrypted sensitive data;
  
  when the selected processing network is a first processing network, re-encrypting the PIN and the sensitive data using a first set of at least one zone encryption key associated with the first processing network, and when the selected processing network is a second processing network, re-encrypting the PIN and the sensitive data using a second set of at least one zone encryption key associated with the second processing network;
  
  transmitting the re-encrypted PIN and the re-encrypted sensitive data to the selected processing network; and
  
  receiving an authorization response message from the selected processing network, the authorization response message indicating whether the transaction is approved based in part on verification of the PIN associated with the account identified by the PAN.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 17. The system of claim 16, wherein the hardware access device includes a tamper resistant security module.
  - 18. The system of claim 16, wherein the hardware access device includes a hardware security module.
  - 19. The system of claim 16, wherein an encrypted PAN is written to a PAN field of the authorization request message, wherein the encrypted PAN has the same format as the unencrypted PAN.
  - 20. The system of claim 19, wherein a subset of digits of the unencrypted PAN remain unencrypted in the encrypted PAN.
  - 21. The system of claim 20, wherein the first six digits of the encrypted PAN are the same as the first six digits of the unencrypted PAN and wherein the last four digits of the encrypted PAN are the same as the last four digits of the unencrypted PAN.
  - 22. The system of claim 20, wherein a designated digit of the encrypted PAN has a value such that the last digit of the unencrypted PAN has the same value as the last digit of the encrypted PAN, wherein the last digit of the unencrypted PAN is a valid check digit for the encrypted PAN.
  - 23. The system of claim 22, wherein the designated digit is the twelfth digit of the encrypted PAN.
  - 24. The system of claim 19, wherein an expiration date field of the authorization request message is overwritten with an altered expiration date to indicate that the PAN field of the authorization request message contains an encrypted PAN.
  - 25. The system of claim 24, wherein the altered expiration date is derived by adding at least twenty years to an expiration date associated with the PAN.
  - 26. The system of claim 16, wherein the PIN and the sensitive data are re-encrypted using different zone encryption keys associated with the determined processing network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Powell, Glenn, Sheets, John, Tait, Paul, Wagner, Kim, Koganti, Krishna, Perl, Marc, Rodriguez, Hector, Zloth, Susan
Primary Examiner(s)
Obeid, Mamon
Assistant Examiner(s)
MARTINEZ-HERNANDE, EDGAR R

Application Number

US13/735,800
Publication Number

US 20130212026A1
Time in Patent Office

2,157 Days
Field of Search

705 64, 705 75, 705 39, 705 72, 705 71, 705 16, 705 261, 235380, 380277, 707747, 902 2
US Class Current
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/4012   Verifying personal identifi...

G07F 7/1091   Use of an encrypted form of...

H04L 2209/56   Financial cryptography, e.g...

H04L 2463/061   applying further key deriva...

H04L 2463/102   applying security measure f...

H04L 63/06   for supporting key manageme...

H04L 9/0866   involving user or device id...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/3226   using a predetermined code,...

Data protection with translation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

603 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Data protection with translation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

603 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links