Cloud-based virtual wallet NFC apparatuses, methods and systems

US 10,192,216 B2
Filed: 09/11/2013
Issued: 01/29/2019
Est. Priority Date: 09/11/2012
Status: Active Grant

First Claim

Patent Images

1. A cloud-based virtual wallet secure transaction processor-implemented method, comprising:

receiving, by a merchant computer, a purchase payment request from a consumer device in a transaction;

obtaining, by the merchant computer, transaction details including a payment amount from the purchase payment request;

determining, by the merchant computer, that a transaction bounding token is required to process the purchase payment request;

determining, by the merchant computer, a transaction bounding token type;

querying, by the merchant computer, a security digital certificate database for a token generation certificate based on the purchase payment request and the transaction bounding token type;

receiving, by the merchant computer, the token generation certificate;

transmitting, by the merchant computer, a transaction bounding token request including the token generation certificate and the transaction details to a third-party server, which determines that the token generation certificate matches a stored token generation certificate, and then generates the transaction bounding token;

receiving, by the merchant computer, the transaction bounding token from the third-party server, after the third-party server determines that the token generation certificate matches the stored token generation certificate;

providing, by the merchant computer, the transaction bounding token to a transaction security server in a transaction authorization request to process a payment for the transaction, wherein the transaction security server determines whether or not the transaction bounding token is valid for the transaction; and

receiving, by the merchant computer, a transaction authorization response indicating whether the transaction is approved or declined, wherein the methodfurther comprises;

signing, by the merchant computer, using a cryptographic key, a concatenated string comprising a merchant ID, a transaction amount, a consumer identifier, and a time of the transaction to form an encrypted string, wherein the encrypted string is included in the transaction token bounding request, and wherein the third-party server decrypts the encrypted string and generates the transaction bounding token based upon the decrypted encrypted string.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The CLOUD-BASED VIRTUAL WALLET NFC APPARATUSES, METHODS AND SYSTEMS (“EAE”) transform user enhanced security transaction initiation requests using EAE components into time-limited, session-specific transaction bounding tokens. In some implementations, the disclosure provides a processor-implemented method of transforming a transaction bounding token request into transaction bounded tokens and purchase authorizations.

Citations

20 Claims

1. A cloud-based virtual wallet secure transaction processor-implemented method, comprising:
- receiving, by a merchant computer, a purchase payment request from a consumer device in a transaction;
  
  obtaining, by the merchant computer, transaction details including a payment amount from the purchase payment request;
  
  determining, by the merchant computer, that a transaction bounding token is required to process the purchase payment request;
  
  determining, by the merchant computer, a transaction bounding token type;
  
  querying, by the merchant computer, a security digital certificate database for a token generation certificate based on the purchase payment request and the transaction bounding token type;
  
  receiving, by the merchant computer, the token generation certificate;
  
  transmitting, by the merchant computer, a transaction bounding token request including the token generation certificate and the transaction details to a third-party server, which determines that the token generation certificate matches a stored token generation certificate, and then generates the transaction bounding token;
  
  receiving, by the merchant computer, the transaction bounding token from the third-party server, after the third-party server determines that the token generation certificate matches the stored token generation certificate;
  
  providing, by the merchant computer, the transaction bounding token to a transaction security server in a transaction authorization request to process a payment for the transaction, wherein the transaction security server determines whether or not the transaction bounding token is valid for the transaction; and
  
  receiving, by the merchant computer, a transaction authorization response indicating whether the transaction is approved or declined, wherein the methodfurther comprises;
  
  signing, by the merchant computer, using a cryptographic key, a concatenated string comprising a merchant ID, a transaction amount, a consumer identifier, and a time of the transaction to form an encrypted string, wherein the encrypted string is included in the transaction token bounding request, and wherein the third-party server decrypts the encrypted string and generates the transaction bounding token based upon the decrypted encrypted string.
- View Dependent Claims (19, 20)
- - 19. The method of claim 1, wherein the transaction security server is the same as the third-party server.
  - 20. The method of claim 1, wherein the transaction bounding token is decrypted by the transaction security server to determine an amount, which is compared with an amount in the transaction authorization request.

2. A cloud-based virtual wallet secure transaction processor-implemented method, comprising:
- receiving, by a merchant computer, a purchase payment request from a consumer device in a transaction;
  
  obtaining, by the merchant computer, transaction details including a payment amount from the purchase payment request;
  
  determining, by the merchant computer, that a transaction bounding token is required to process the purchase payment request;
  
  transmitting, by the merchant computer, a transaction bounding token request including a token generation certificate to a server, which then generates the transaction bounding token;
  
  receiving, by the merchant computer, the transaction bounding token related to a payment account from the server after the server determines that the token generation certificate matches a stored token generation certificate, wherein the transaction bounding token sets boundaries for authorizing transactions on the payment account based upon transaction parameters, the boundaries associated with one or more of a certain length of time, a certain user, or a certain amount; and
  
  providing, by the merchant computer, the transaction bounding token to a transaction security server in a transaction authorization request to process the transaction, wherein the transaction security server approves the transaction after the transaction security server determines that the transaction parameters associated with the transaction satisfy the boundaries associated with the transaction bounding token;
  
  receiving, by the merchant computer, a transaction authorization response indicating whether the transaction is approved or declined, andwherein the method also comprises;
  
  querying a security digital certificate database for the token generation certificate based on the purchase payment request; and
  
  receiving the token generation certificate, wherein the token generation certificate is associated with the transaction bounding token, wherein the method further comprises;
  
  signing, by the merchant computer, using a cryptographic key, a concatenated string comprising a merchant ID, a transaction amount, a consumer identifier, and a time of the transaction to form an encrypted string, wherein the encrypted string is included in the transaction token bounding request, and wherein the third-party server decrypts the encrypted string and generates the transaction bounding token based upon the decrypted encrypted string.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 16, 17, 18)
- - 3. The method of claim 2, wherein the consumer device is a smart phone having a connection via NFC to a point-of-sale terminal.
  - 4. The method of claim 2, wherein the transaction details additionally include an indication of the items for purchase and wherein the consumer device is a pin-and-chip card in communication with a smart phone having a connection via NFC to a point-of-sale terminal.
  - 5. The method of claim 3, additionally comprising:
    - determining a type of transaction bounding token to generate, and wherein querying the security digital certificate database for the token generation certificate is based on the transaction bounding token type.
  - 6. The method of claim 2, wherein the received purchase payment request is oblivious of any actual payment card credential.
  - 7. The method of claim 3,wherein the token generation certificate is received from a remote certificate database.
  - 8. The method of claim 2, wherein the transaction bounding token is time bounded.
  - 9. The method of claim 8, wherein the time bounded transaction bounding token may not be used to process the transaction after a time quantum has elapsed.
  - 10. The method of claim 8, wherein the time bounded transaction bounding token may not be used to process the transaction until a time quantum has elapsed.
  - 16. The method of claim 2, wherein the purchase payment request is received from the consumer device by the merchant computer via the Internet.
  - 17. The method of claim 2, wherein the boundaries include the certain length of time, the certain user, and the certain amount.
  - 18. The method of claim 2, wherein the transaction is a remote transaction wherein the merchant computer is remote with respect to the consumer device.

11. A cloud-based virtual wallet secure transaction processor-implemented system, comprising:
- a processor; and
  
  a non-transitory computer readable medium comprising code, executable by the processor, for implementing a method comprisingreceiving a purchase payment request from a consumer device operated by a consumer;
  
  obtaining transaction details including a payment amount from the purchase payment request;
  
  determining that a transaction bounding token is required to process the purchase payment request;
  
  transmitting a transaction bounding token request including a token generation certificate to a server, which then generates the transaction bounding token;
  
  receiving the transaction bounding token related to a payment account of the consumer, wherein the transaction bounding token sets boundaries for authorizing transactions on the payment account based upon transaction parameters, the boundaries associated with one or more of a certain length of time, a certain user, or a certain amount from the server after the server determines that the token generation certificate matches a stored token generation certificate; and
  
  providing the transaction bounding token to a transaction security server in a transaction authorization request to process a transaction, wherein the transaction security server approves the transaction after the transaction security server determines that the transaction parameters associated with the transaction satisfy the boundaries associated with the transaction bounding token; and
  
  receiving a transaction authorization response indicating whether the transaction is approved or declined, andwherein the method also comprisesquerying a security digital certificate database for a generation certificate based on the purchase payment request; and
  
  receiving the token generation certificate, wherein the token generation certificate is associated with the transaction bounding token, wherein the method further comprises;
  
  signing, by the merchant computer, using a cryptographic key, a concatenated string comprising a merchant ID, a transaction amount, a consumer identifier, and a time of the transaction to form an encrypted string, wherein the encrypted string is included in the transaction token bounding request, and wherein the third-party server decrypts the encrypted string and generates the transaction bounding token based upon the decrypted encrypted string.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system of claim 11, wherein the consumer device is a smart phone having a connection via NFC to a point-of-sale terminal.
  - 13. The system of claim 11, wherein the transaction details additionally include an indication of the items for purchase and wherein the consumer device is a pin-and-chip card in communication with a smart phone having a connection via NFC to a point-of-sale terminal.
  - 14. The system of claim 12, wherein the method additionally comprises:
    - determining a type of transaction bounding token to generate, and whereinquerying the security digital certificate database for the token generation certificate is based on the transaction bounding token type.
  - 15. The system of claim 11, wherein the system comprises a merchant server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Hammad, Ayman
Primary Examiner(s)
Goyea, Olusegun

Application Number

US14/024,605
Publication Number

US 20140074637A1
Time in Patent Office

1,966 Days
Field of Search

705 16, 705 261, 705 39, 705 40, 705 41, 705 44
US Class Current
CPC Class Codes

G06Q 20/12   specially adapted for elect...

G06Q 20/204   comprising interface for re...

G06Q 20/227   characterised in that multi...

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3227   using secure elements embed...

G06Q 20/325   using wireless networks

G06Q 20/326   Payment applications instal...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/351   Virtual cards

G06Q 20/352   Contactless payments by cards

G06Q 20/353   Payments by cards read by M...

G06Q 20/36   using electronic wallets or...

G06Q 20/384   using social networks

G06Q 20/385   using an alias or single-us...

G06Q 20/425   using two different network...

Cloud-based virtual wallet NFC apparatuses, methods and systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud-based virtual wallet NFC apparatuses, methods and systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links