Enhancing information security via the use of a dummy credit card number

US 10,373,169 B2
Filed: 08/11/2015
Issued: 08/06/2019
Est. Priority Date: 08/11/2015
Status: Active Grant

First Claim

Patent Images

1. A system of enhancing electronic information security, the system comprising:

a non-transitory memory storing instructions; and

one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;

accessing an account associated with an electronic device of a user, wherein the accessing comprises at least one of;

retrieving a first device identifier that is unique to the electronic device obtained during a registration of the electronic device;

orretrieving a first location of the electronic device via Global Positioning System (GPS) obtained during the registration of the electronic device;

generating a dummy credit card number for the user;

communicating the dummy credit card number to the registered electronic device;

receiving, after the accessing, the generating, and the communicating, a request to conduct a transaction electronically, the request containing the dummy credit card number;

determining whether the request was sent from the registered electronic device, wherein the determining comprises;

in response to the retrieving the first device identifier, extracting a second device identifier from a machine that sent the request and matching the second device identifier with the first device identifier;

orin response to the retrieving the first location, extracting a second location from the machine that sent the request and matching the second location with the first location; and

processing the request if the request has been determined to come from the registered electronic device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure is directed to enhancing electronic information security. An electronic device is registered in a registration process. The registration process of the electronic device includes at least one of: obtaining a device identifier that is unique to the electronic device and storing the device identifier as a registered device identifier; or obtaining a location of the electronic device via Global Positioning System (GPS) and storing the location as a registered location of the electronic device. A dummy credit card number is generated. After the registration process and after the dummy credit card number is generated, a request to conduct a transaction electronically is received. The request contains the dummy credit card number. A determination is made as to whether the request was sent from the registered electronic device. The request is processed if the request has been determined to come from the registered electronic device.

Citations

20 Claims

1. A system of enhancing electronic information security, the system comprising:
- a non-transitory memory storing instructions; and
  
  one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;
  
  accessing an account associated with an electronic device of a user, wherein the accessing comprises at least one of;
  
  retrieving a first device identifier that is unique to the electronic device obtained during a registration of the electronic device;
  
  orretrieving a first location of the electronic device via Global Positioning System (GPS) obtained during the registration of the electronic device;
  
  generating a dummy credit card number for the user;
  
  communicating the dummy credit card number to the registered electronic device;
  
  receiving, after the accessing, the generating, and the communicating, a request to conduct a transaction electronically, the request containing the dummy credit card number;
  
  determining whether the request was sent from the registered electronic device, wherein the determining comprises;
  
  in response to the retrieving the first device identifier, extracting a second device identifier from a machine that sent the request and matching the second device identifier with the first device identifier;
  
  orin response to the retrieving the first location, extracting a second location from the machine that sent the request and matching the second location with the first location; and
  
  processing the request if the request has been determined to come from the registered electronic device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein the extracting the second device identifier further comprise:
    - extracting, from the machine that sent the request, a Media Access Control (MAC) address, a Bluetooth address, a serial number, or an International Mobile Station Equipment Identity (IMEI) as the second device identifier.
  - 3. The system of claim 1, wherein the extracting the second location further comprise:
    - extracting, from the machine that sent the request, a geographical location of the machine as the second location, wherein the extracting the geographical location is performed using GPS coordinates of the machine or a cellular network triangulation of the machine.
  - 4. The system of claim 1, wherein:
    - the registration of the electronic device associates a user-specified time slot with the electronic device; and
      
      the processing of the request is performed when the request is sent at a time that falls within the user-specified time slot.
  - 5. The system of claim 1, wherein:
    - the registration of the electronic device associates a user-specified retailer with the electronic device; and
      
      the processing of the request is performed when the request includes a purchasing transaction involving the user-specified retailer.
  - 6. The system of claim 1, wherein the generating of the dummy credit card number comprises storing a user-specified number as the dummy credit card number.
  - 7. The system of claim 1, wherein the generating of the dummy credit card number comprises storing a randomly generated number as the dummy credit card number.
  - 8. The system of claim 1, wherein the generating of the dummy credit card number comprises communicating, to a plurality of users including the user, a generic number is to be used as the dummy credit card number for each of the plurality of the users.
  - 9. The system of claim 1, wherein the operations further comprise:
    - authenticating an identity of a person sending the request to conduct the transaction, the authenticating including a biometric identification process or asking the person to verify a secret code, wherein the processing of the request is performed only if the person has been successfully authenticated.

10. A method of enhancing electronic information security, comprising:
- accessing an account associated with an electronic device of a user, wherein the accessing comprises at least one of;
  
  retrieving a first device identifier that is unique to the electronic device obtained during a registration of the electronic device;
  
  orretrieving a first location of the electronic device via Global Positioning System (GPS) obtained during the registration of the electronic device;
  
  generating a dummy credit card number for the user;
  
  communicating the dummy credit card number to the user;
  
  receiving, after the accessing, the generating, and the communicating, a request to conduct a transaction electronically, the request containing the dummy credit card number;
  
  determining whether the request was sent from the registered electronic device, wherein the determining comprises;
  
  in response to the retrieving the first device identifier, extracting a second device identifier from a machine that sent the request and matching the second device identifier with the first device identifier;
  
  orin response to the retrieving the first location, extracting a second location from the machine that sent the request and matching the second location with the first location; and
  
  processing the request if the request has been determined to come from the registered electronic device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein the extracting the second device identifier further comprise:
    - extracting, from the machine that sent the request, a Media Access Control (MAC) address, a Bluetooth address, a serial number, or an International Mobile Station Equipment Identity (IMEI) as the second device identifier.
  - 12. The method of claim 10, wherein the extracting the second location further comprise:
    - extracting, from the machine that sent the request, a geographical location of the machine as the second location, wherein the extracting the geographical location is performed using GPS coordinates of the machine or a cellular network triangulation of the machine.
  - 13. The method of claim 10, further comprising:
    - associating a user-specified time slot with the electronic device, wherein the processing of the request is performed when the request is sent at a time that falls within the user-specified time slot.
  - 14. The method of claim 10, further comprising:
    - associating a user-specified retailer with the electronic device, wherein the processing of the request is performed when the request includes a purchasing transaction involving the user-specified retailer.
  - 15. The method of claim 10, wherein the generating of the dummy credit card number comprises storing a user-specified number as the dummy credit card number.
  - 16. The method of claim 10, wherein the generating of the dummy credit card number comprises storing a randomly generated number as the dummy credit card number.
  - 17. The method of claim 10, wherein the generating of the dummy credit card number comprises communicating, to a plurality of users including the user, a generic number is to be used as the dummy credit card number for each of the plurality of the users.
  - 18. The method of claim 10, further comprising:
    - authenticating an identity of a person sending the request to conduct the transaction, the authenticating including a biometric identification process or asking the person to verify a secret code, wherein the processing of the request is performed only if the person has been successfully authenticated.

19. A non-transitory computer-readable medium having stored thereon machine-readable instructions executable to cause a system to perform operations comprising:
- accessing an account associated with an electronic device of a user, wherein the accessing comprises at least one of;
  
  retrieving a first device identifier that is unique to the electronic device obtained during a registration of the electronic device;
  
  retrieving a first location of the electronic device via Global Positioning System (GPS) obtained during the registration of the electronic device;
  
  associating a user-specified time slot with the electronic device;
  
  orassociating a user-specified retailer with the electronic device;
  
  generating a dummy credit card number for the user, wherein the generating of the dummy credit card number comprises one of;
  
  storing a user-specified number as the dummy credit card number, storing a randomly generated number as the dummy credit card number, or assigning a generic number to be used as the dummy credit card number;
  
  communicating the dummy credit card number to the user;
  
  receiving, after the accessing, the generating, and the communicating, a request from a machine to conduct a transaction electronically, the request containing the dummy credit card number;
  
  extracting information from the machine; and
  
  processing the request when the following conditions are met based on the information extracted from the machine;
  
  a second device identifier extracted from the machine matches the first device identifier;
  
  a second location extracted from the machine matches the first location;
  
  the request is sent at a time that falls within the user-specified time slot; and
  
  the request includes a purchasing transaction involving the user-specified retailer.
- View Dependent Claims (20)
- - 20. The non-transitory computer-readable medium of claim 19, wherein the operations further comprise authenticating an identity of a person sending the request to conduct the transaction, the authenticating including a biometric identification process or asking the person to verify a secret code, wherein the processing of the request is performed only after the person has been successfully authenticated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Todasco, Michael Charles
Primary Examiner(s)
Ojiaku, Chikaodinaka

Application Number

US14/823,156
Publication Number

US 20170046712A1
Time in Patent Office

1,456 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06Q 20/3224   Transactions dependent on l...

G06Q 20/40145   Biometric identity checks

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/4097   using mutual authentication...

H04L 2463/102   applying security measure f...

H04L 63/0414   during transmission, i.e. p...

H04L 63/0876   based on the identity of th...

H04L 63/107   wherein the security polici...

H04L 63/126   the source of the received ...

Enhancing information security via the use of a dummy credit card number

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Enhancing information security via the use of a dummy credit card number

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links