Processing transactions with an extended application ID and dynamic cryptograms
First Claim
1. A method for processing a transaction related to an account having an account number, wherein the transaction is conducted with a presentation instrument device (PI device) communicating with a point of sale device (POS device), the method comprising:
- detecting initiation of the transaction with the PI device;
providing from the PI device to the POS device a list of one or more application IDs, each application ID identifying an associated application from a plurality of applications, at least one of the applications being stored at both the PI device and the POS device, each application defining types of data and the format of that data that is communicated between the PI device and the POS device for conducting the transaction, each application ID having a structure that includes a provider ID field identifying a payment processor that provides the application for loading onto the PI and the point of sale device, an application code field identifying the application of the payment processor, an issuer code field identifying the issuer of the PI device, and an account type field identifying a type for the account with which the application is used for conducting transactions, all for the purpose of distinguishing the application IDs from one another;
selecting by the POS device an application associated with one of the application IDs provided by the PI device;
receiving at the PI device from the POS device an application ID from the one or more application IDs, the received application ID identifying the application selected by the POS device for the transaction;
initiating communications between the PI device and the POS device using the selected application, including;
generating under the control of the selected application, a Dynamic Transaction Cryptogram (DTC) at the PI device that is valid for a single transaction, the DTC encrypted at the PI device using a unique card key for the PI device and based on personal information known to a user of the PI device and that identifies the user;
generating, under the control of the selected application, a dynamic PAN at the PI device, the dynamic PAN comprising an encrypted form of the real PAN that is valid for the single transaction; and
providing the DTC and the dynamic PAN from the PI device to the POS device for use in the transaction.
5 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and machine-readable media are disclosed for handling information related to a transaction conducted with a presentation instrument at a POS device. Extended application IDs and dynamic cryptograms are used for the transaction. According to one embodiment, a method of processing a financial transaction for an account having a primary account number (PAN) can comprise detecting initiation of the transaction with the presentation instrument, and providing from the presentation instrument to the POS device a list of one or more applications IDs. Each application ID identifies an application that can be used to communicate data concerning the transaction between the presentation instrument and the POS device. The POS device selects one of the application IDs and returns it to the presentation instrument. Under the control of the selected application, the presentation instrument generates a Dynamic Transaction Cryptogram (DTC) and a dynamic PAN that are each valid for only a single transaction.
-
Citations
20 Claims
-
1. A method for processing a transaction related to an account having an account number, wherein the transaction is conducted with a presentation instrument device (PI device) communicating with a point of sale device (POS device), the method comprising:
-
detecting initiation of the transaction with the PI device; providing from the PI device to the POS device a list of one or more application IDs, each application ID identifying an associated application from a plurality of applications, at least one of the applications being stored at both the PI device and the POS device, each application defining types of data and the format of that data that is communicated between the PI device and the POS device for conducting the transaction, each application ID having a structure that includes a provider ID field identifying a payment processor that provides the application for loading onto the PI and the point of sale device, an application code field identifying the application of the payment processor, an issuer code field identifying the issuer of the PI device, and an account type field identifying a type for the account with which the application is used for conducting transactions, all for the purpose of distinguishing the application IDs from one another; selecting by the POS device an application associated with one of the application IDs provided by the PI device; receiving at the PI device from the POS device an application ID from the one or more application IDs, the received application ID identifying the application selected by the POS device for the transaction; initiating communications between the PI device and the POS device using the selected application, including; generating under the control of the selected application, a Dynamic Transaction Cryptogram (DTC) at the PI device that is valid for a single transaction, the DTC encrypted at the PI device using a unique card key for the PI device and based on personal information known to a user of the PI device and that identifies the user; generating, under the control of the selected application, a dynamic PAN at the PI device, the dynamic PAN comprising an encrypted form of the real PAN that is valid for the single transaction; and providing the DTC and the dynamic PAN from the PI device to the POS device for use in the transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for processing a financial transaction related to a financial account having a Primary Account Number (PAN), wherein the transaction is conducted with a device used as a presentation instrument (PI) communicating with a point of sale device (POS device), the method comprising:
-
detecting initiation of the transaction with the device; providing from the device to the POS device a list of one or more application IDs, each identifying an associated application, at least one of which being stored at both the PI and the POS device, and that defines types of data and the format of that data that is communicated between the PI and the POS device for conducting the transaction, each application ID having a structure that includes a provider ID field identifying a payment processor that provides the application for loading onto the PI and the POS device an application code field identifying the application of the payment processor, an issuer code field identifying the issuer of the device, and an account type field identifying a type for the financial account with which the application is used for conducting transactions, all for the purpose of distinguishing the application IDs from one another; selecting by the POS device the application to be used for the transaction; providing from the POS device the application ID for the selected application to the PI; managing communications between the device and the POS device using the selected application; generating, under the control of the selected application, a Dynamic Transaction Cryptogram (DTC) at the device that is valid for a single transaction, the DTC encrypted at the PI device using a unique card key for the PI device and based on personal information known to a user of the PI device and that identifies the user; generating, under the control of the selected application, a dynamic PAN at the device, the dynamic PAN comprising an encrypted form of the real PAN that is valid for the single transaction; and providing the DTC and the dynamic PAN from the device to the POS device for use in the transaction.
-
-
19. A presentation instrument device (PI device) for initiating with a point-of-sale device (POS device) a transaction related to an account, the presentation instrument device comprising:
-
a processor; an output device communicatively coupled with the processor; and a memory communicatively coupled with and readable by the processor, the memory having stored therein one or more applications and an application ID associated with each of the applications, each application stored at both the PI device and the POS device and defining the types of data and the format of that data that is communicated between the PI device and the POS device, and including a series of instructions which, when executed by the processor, cause the processor to communicate data concerning the transaction between the PI device and the POS device, each application ID having a structure that includes a provider ID field identifying a payment processor that provides the application, an application code field identifying the application of the payment processor, an issuer code field identifying the issuer of the PI device, and an account type field identifying a type for the account with which the application is used for conducting transactions, all for the purpose of distinguishing each application ID from one another; wherein application IDs are provided by the PI device to the POS device and wherein an application ID is returned to the PI device, the returned application ID corresponding to an application selected by the POS device; and wherein the series of instructions further cause the processor to; generate, with the processor, a Dynamic Transaction Cryptogram (DTC) at the PI device that is valid for a single transaction, the DTC encrypted at the device using a card key and based on personal information that is known to a user and that identifies the user; generate, with the processor, a dynamic PAN at the PI device, the dynamic PAN comprising an encrypted form of the real PAN that is valid for the single transaction; and provide both the DTC and the dynamic PAN from the PI device to the POS device for use in the transaction, wherein the provided dynamic PAN is decrypted in order to determine the real PAN for processing of the transaction, wherein the real PAN that is determined from the provided dynamic PAN is then used to retrieve a key corresponding to the card key, and wherein the DTC is provided in order to authenticate the transaction, using the retrieved key. - View Dependent Claims (20)
-
Specification