System and method for secure communication for cashless transactions
First Claim
1. A computer-implemented method in an access point facilitating client to point-of sale communication over a data network secured with mutual authentication during client association, the method comprising:
- receiving, by the access point, authentication credentials from a point-of-sale device;
periodically broadcasting, by the access point, at least one beacon message to advertise payment services of the point-of-sale device, wherein the at least one beacon message comprises information elements including transaction type, a payment network, and merchant information;
receiving, by the access point, a probe request from a client based on the payment services advertised in the at least one beacon message;
sending, by the access point, a probe response to the client responsive to the probe request;
performing, by the access point, an authentication operation to authenticate a connection with the client;
performing, by the access point, an association operation with mutual authentication to create an association with the client, wherein the association operation comprises;
receiving a client challenge from the client with an association request, and sending the client challenge to the point-of-sale device on behalf of the client,receiving a response from the point-of-sale device to the client challenge with a point-of-sale challenge, and sending the client challenge response and the point-of-sale challenge to the client with an association response on behalf of the point-of-sale device, andreceiving an acknowledgment from the client of the association response with a response to the point-of-sale challenge, and sending the point-of-sale challenge response to the point-of-sale device on behalf of the client;
assigning, by the access point, at least one dynamic IP address to the client; and
establishing, by the access point, an https session between the client and the point-of-sale device over the data network.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide a system and method for an access point providing client to point-of-sale communication over a network, comprising: receiving credentials from the point-of-sale; sending at least one beacon message; receiving a probe request from a client; sending a probe response to the client; authenticating a connection with the client; exchanging capabilities with the client; performing a security handshake with the client; assigning at least one dynamic IP address to the client; and establishing an https session between the client and the point-of-sale over the network.
85 Citations
3 Claims
-
1. A computer-implemented method in an access point facilitating client to point-of sale communication over a data network secured with mutual authentication during client association, the method comprising:
-
receiving, by the access point, authentication credentials from a point-of-sale device; periodically broadcasting, by the access point, at least one beacon message to advertise payment services of the point-of-sale device, wherein the at least one beacon message comprises information elements including transaction type, a payment network, and merchant information; receiving, by the access point, a probe request from a client based on the payment services advertised in the at least one beacon message; sending, by the access point, a probe response to the client responsive to the probe request; performing, by the access point, an authentication operation to authenticate a connection with the client; performing, by the access point, an association operation with mutual authentication to create an association with the client, wherein the association operation comprises; receiving a client challenge from the client with an association request, and sending the client challenge to the point-of-sale device on behalf of the client, receiving a response from the point-of-sale device to the client challenge with a point-of-sale challenge, and sending the client challenge response and the point-of-sale challenge to the client with an association response on behalf of the point-of-sale device, and receiving an acknowledgment from the client of the association response with a response to the point-of-sale challenge, and sending the point-of-sale challenge response to the point-of-sale device on behalf of the client; assigning, by the access point, at least one dynamic IP address to the client; and establishing, by the access point, an https session between the client and the point-of-sale device over the data network. - View Dependent Claims (2, 3)
-
Specification