Processing transactions with an extended application ID and dynamic cryptograms

US 10,354,321 B2
Filed: 06/11/2012
Issued: 07/16/2019
Est. Priority Date: 01/22/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A method for processing a transaction related to an account having an account number, wherein the transaction is conducted with a presentation instrument device (PI device) communicating with a point of sale device (POS device), the method comprising:

detecting initiation of the transaction with the PI device;

providing from the PI device to the POS device a list of one or more application IDs, each application ID identifying an associated application from a plurality of applications, at least one of the applications being stored at both the PI device and the POS device, each application defining types of data and the format of that data that is communicated between the PI device and the POS device for conducting the transaction, each application ID having a structure that includes a provider ID field identifying a payment processor that provides the application for loading onto the PI and the point of sale device, an application code field identifying the application of the payment processor, an issuer code field identifying the issuer of the PI device, and an account type field identifying a type for the account with which the application is used for conducting transactions, all for the purpose of distinguishing the application IDs from one another;

selecting by the POS device an application associated with one of the application IDs provided by the PI device;

receiving at the PI device from the POS device an application ID from the one or more application IDs, the received application ID identifying the application selected by the POS device for the transaction;

initiating communications between the PI device and the POS device using the selected application, including;

generating under the control of the selected application, a Dynamic Transaction Cryptogram (DTC) at the PI device that is valid for a single transaction, the DTC encrypted at the PI device using a unique card key for the PI device and based on personal information known to a user of the PI device and that identifies the user;

generating, under the control of the selected application, a dynamic PAN at the PI device, the dynamic PAN comprising an encrypted form of the real PAN that is valid for the single transaction; and

providing the DTC and the dynamic PAN from the PI device to the POS device for use in the transaction.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and machine-readable media are disclosed for handling information related to a transaction conducted with a presentation instrument at a POS device. Extended application IDs and dynamic cryptograms are used for the transaction. According to one embodiment, a method of processing a financial transaction for an account having a primary account number (PAN) can comprise detecting initiation of the transaction with the presentation instrument, and providing from the presentation instrument to the POS device a list of one or more applications IDs. Each application ID identifies an application that can be used to communicate data concerning the transaction between the presentation instrument and the POS device. The POS device selects one of the application IDs and returns it to the presentation instrument. Under the control of the selected application, the presentation instrument generates a Dynamic Transaction Cryptogram (DTC) and a dynamic PAN that are each valid for only a single transaction.

Citations

20 Claims

1. A method for processing a transaction related to an account having an account number, wherein the transaction is conducted with a presentation instrument device (PI device) communicating with a point of sale device (POS device), the method comprising:
- detecting initiation of the transaction with the PI device;
  
  providing from the PI device to the POS device a list of one or more application IDs, each application ID identifying an associated application from a plurality of applications, at least one of the applications being stored at both the PI device and the POS device, each application defining types of data and the format of that data that is communicated between the PI device and the POS device for conducting the transaction, each application ID having a structure that includes a provider ID field identifying a payment processor that provides the application for loading onto the PI and the point of sale device, an application code field identifying the application of the payment processor, an issuer code field identifying the issuer of the PI device, and an account type field identifying a type for the account with which the application is used for conducting transactions, all for the purpose of distinguishing the application IDs from one another;
  
  selecting by the POS device an application associated with one of the application IDs provided by the PI device;
  
  receiving at the PI device from the POS device an application ID from the one or more application IDs, the received application ID identifying the application selected by the POS device for the transaction;
  
  initiating communications between the PI device and the POS device using the selected application, including;
  
  generating under the control of the selected application, a Dynamic Transaction Cryptogram (DTC) at the PI device that is valid for a single transaction, the DTC encrypted at the PI device using a unique card key for the PI device and based on personal information known to a user of the PI device and that identifies the user;
  
  generating, under the control of the selected application, a dynamic PAN at the PI device, the dynamic PAN comprising an encrypted form of the real PAN that is valid for the single transaction; and
  
  providing the DTC and the dynamic PAN from the PI device to the POS device for use in the transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the transaction is a financial transaction and the account is a financial account.
  - 3. The method of claim 2, wherein the type of account identified by the account type field comprises one of a credit card account, debit card account, checking account, savings account, and stored value account.
  - 4. Then method of claim 1, wherein the transaction is a loyalty award transaction and the type of account identified by the account type field is a loyalty award account.
  - 5. The method of claim 1, wherein the PI device is used to gain access to a premises, and the account and account number are assigned to a user for purposes of gaining such access.
  - 6. The method of claim 1, wherein the dynamic PAN provided to the POS device is thereafter decrypted in order to determine the real PAN for processing of the transaction, wherein the determined real PAN is then used to retrieve a key corresponding the card key, and wherein the DTC is provided in order to authenticate the transaction, using the retrieved key.
  - 7. The method of claim 1, wherein generating the dynamic PAN is based on the real PAN, an Institution Key Card Variant (IKCV) that is a variant of an institution key of an issuer of the financial account stored in the device, and an undeterminable number generated or received by the device.
  - 8. The method of claim 7, wherein generating the dynamic PAN further comprises:
    - reading the real PAN from a memory of the PI device;
      
      generating Pseudo-PAN-Dynamic-Data (PPDD) representing the real PAN by combining the real PAN with the undeterminable number; and
      
      encrypting the PPDD using the IKCV.
  - 9. The method of claim 1, further comprising including an unencrypted portion of the real PAN in the dynamic PAN.
  - 10. The method of claim 9, wherein the portion of the real PAN comprises less than all of the real PAN and includes information for routing of the transaction to a financial institution.
  - 11. The method of claim 9, wherein a right-most four digits of the real PAN are retained and re-used on a printed receipt.
  - 12. The method of claim 1, further comprising providing the DTC and the dynamic PAN from the POS device to a payment processor system.
  - 13. The method of claim 12, further comprising authenticating the transaction at the payment processor system based on the DTC.
  - 14. The method of claim 12, further comprising authenticating the transaction at a financial institution based on the DTC.
  - 15. The method of claim 12, further comprising determining the real PAN of the financial account at the payment processor system.
  - 16. The method of claim 15, wherein determining the real PAN comprises decrypting the dynamic PAN using an institution key of an issuer of the financial account.
  - 17. The method of claim 15, further comprising submitting the real PAN from the payment processor system to a financial institution to affect processing of the transaction.

18. A method for processing a financial transaction related to a financial account having a Primary Account Number (PAN), wherein the transaction is conducted with a device used as a presentation instrument (PI) communicating with a point of sale device (POS device), the method comprising:
- detecting initiation of the transaction with the device;
  
  providing from the device to the POS device a list of one or more application IDs, each identifying an associated application, at least one of which being stored at both the PI and the POS device, and that defines types of data and the format of that data that is communicated between the PI and the POS device for conducting the transaction, each application ID having a structure that includes a provider ID field identifying a payment processor that provides the application for loading onto the PI and the POS device an application code field identifying the application of the payment processor, an issuer code field identifying the issuer of the device, and an account type field identifying a type for the financial account with which the application is used for conducting transactions, all for the purpose of distinguishing the application IDs from one another;
  
  selecting by the POS device the application to be used for the transaction;
  
  providing from the POS device the application ID for the selected application to the PI;
  
  managing communications between the device and the POS device using the selected application;
  
  generating, under the control of the selected application, a Dynamic Transaction Cryptogram (DTC) at the device that is valid for a single transaction, the DTC encrypted at the PI device using a unique card key for the PI device and based on personal information known to a user of the PI device and that identifies the user;
  
  generating, under the control of the selected application, a dynamic PAN at the device, the dynamic PAN comprising an encrypted form of the real PAN that is valid for the single transaction; and
  
  providing the DTC and the dynamic PAN from the device to the POS device for use in the transaction.

19. A presentation instrument device (PI device) for initiating with a point-of-sale device (POS device) a transaction related to an account, the presentation instrument device comprising:
- a processor;
  
  an output device communicatively coupled with the processor; and
  
  a memory communicatively coupled with and readable by the processor, the memory having stored therein one or more applications and an application ID associated with each of the applications, each application stored at both the PI device and the POS device and defining the types of data and the format of that data that is communicated between the PI device and the POS device, and including a series of instructions which, when executed by the processor, cause the processor to communicate data concerning the transaction between the PI device and the POS device, each application ID having a structure that includes a provider ID field identifying a payment processor that provides the application, an application code field identifying the application of the payment processor, an issuer code field identifying the issuer of the PI device, and an account type field identifying a type for the account with which the application is used for conducting transactions, all for the purpose of distinguishing each application ID from one another;
  
  wherein application IDs are provided by the PI device to the POS device and wherein an application ID is returned to the PI device, the returned application ID corresponding to an application selected by the POS device; and
  
  wherein the series of instructions further cause the processor to;
  
  generate, with the processor, a Dynamic Transaction Cryptogram (DTC) at the PI device that is valid for a single transaction, the DTC encrypted at the device using a card key and based on personal information that is known to a user and that identifies the user;
  
  generate, with the processor, a dynamic PAN at the PI device, the dynamic PAN comprising an encrypted form of the real PAN that is valid for the single transaction; and
  
  provide both the DTC and the dynamic PAN from the PI device to the POS device for use in the transaction, wherein the provided dynamic PAN is decrypted in order to determine the real PAN for processing of the transaction, wherein the real PAN that is determined from the provided dynamic PAN is then used to retrieve a key corresponding to the card key, and wherein the DTC is provided in order to authenticate the transaction, using the retrieved key.
- View Dependent Claims (20)
- - 20. The system of claim 19, wherein the account is a financial account, wherein the memory has further stored therein a real Primary Account Number (PAN) for the financial account, a unique, card-level key, and an Institution Key Card Variant (IKCV) that is a variant of an institution key of an issuer of the financial account, and wherein each application further includes a series of instructions which, when executed by the processor, cause the processor to detect initiation of the transaction, generate a Dynamic Transaction Cryptogram (DTC) using the unique card-level key, generate a dynamic PAN based on the real PAN, the IKCV, and an undeterminable number, and provide the DTC and the dynamic PAN to the output device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Royyuru, Vijay K., Klotz, Robert P., Fullett, John, Loomis, Nancy
Primary Examiner(s)
Agwumezie, Chinedu C

Application Number

US13/493,316
Publication Number

US 20120317035A1
Time in Patent Office

2,591 Days
Field of Search

705 71
US Class Current
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/204   comprising interface for re...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/352   Contactless payments by cards

G06Q 20/3574   Multiple applications on card

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/385   using an alias or single-us...

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/02   Banking, e.g. interest calc...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0861   Generation of secret inform...

Processing transactions with an extended application ID and dynamic cryptograms

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Processing transactions with an extended application ID and dynamic cryptograms

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links