Managing payload decryption via fingerprints
First Claim
Patent Images
1. A point to point encryption management computing system comprising at least one hardware processor operatively coupled to memory, the at least one hardware processor configured to:
- receive a first payload from a device, the first payload comprising data in a particular format and a device indicator comprising a unique identifier used for identifying the device;
parse the first payload to extract the unique identifier;
retrieve a unique identifier table from memory;
compare the unique identifier to the unique identifier table to determine whether the unique identifier is included in the unique identifier table;
upon determining that the unique identifier is included in the unique identifier table, create a fingerprint associated with the unique identifier, wherein the fingerprint is created by;
parsing the particular format of the first payload into one or more distinct sections of the particular format;
determining the section format of each of the one or more distinct sections; and
creating a record of the section format of each of the one or more distinct sections; and
compare a format of each subsequent payload received from the device to the fingerprint for the device to determine whether the device has been compromised.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for creating fingerprints for encryption devices are described herein. In various embodiments, the system includes an encryption device operatively connected to a device management system. According to particular embodiments, the device management system: 1) receives a first payload from the encryption device, the first payload including data in a particular format; 2) creates a fingerprint for the encryption device, the fingerprint including a section format for each of one or more distinct sections of the particular format; 3) storing a record of the fingerprint for the encryption device and the unique identifier at the at least one database; and 4) comparing a format of each subsequent payload received from the encryption device to the fingerprint for the device to determine whether the device has been compromised.
-
Citations
20 Claims
-
1. A point to point encryption management computing system comprising at least one hardware processor operatively coupled to memory, the at least one hardware processor configured to:
-
receive a first payload from a device, the first payload comprising data in a particular format and a device indicator comprising a unique identifier used for identifying the device; parse the first payload to extract the unique identifier; retrieve a unique identifier table from memory; compare the unique identifier to the unique identifier table to determine whether the unique identifier is included in the unique identifier table; upon determining that the unique identifier is included in the unique identifier table, create a fingerprint associated with the unique identifier, wherein the fingerprint is created by; parsing the particular format of the first payload into one or more distinct sections of the particular format; determining the section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections; and compare a format of each subsequent payload received from the device to the fingerprint for the device to determine whether the device has been compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A point to point encryption management computing system comprising at least one hardware processor operatively coupled to memory, the at least one hardware processor configured to:
-
receive an initial payload from one or more devices, each initial payload comprising encrypted and unencrypted data in a format; parse each initial payload to extract a unique identifier; retrieve a unique identifier table from memory; compare each of the unique identifiers to the unique identifier table to determine whether each of the unique identifiers are included in the unique identifier table; upon determining that each of the unique identifiers are included in the unique identifier table, create a fingerprint associated with each unique identifier, wherein each fingerprint is created by; parsing the format of each initial payload into one or more distinct sections; determining a section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections; and compare the format of each subsequent payload from the one or more devices to the fingerprint associated with the unique identifier for the one or more devices; and upon determining that the format of a particular payload of the subsequent payloads received from a particular device does not match the fingerprint associated with the unique identifier for the particular device, decline to decrypt any encrypted data of the particular payload and transmit a notification of declining to decrypt the encrypted data to a user computing system. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer-implemented method for managing payload decryption via a computing system operatively coupled to an encryption device, the method comprising:
-
receiving, by at least one processor, a first payload from the encryption device, the first payload comprising data in a particular format, a unique identifier used for identifying the encryption device, and encrypted data; extracting the unique identifier from the first payload; comparing the unique identifier to a unique identifier table retrieved from memory to determine whether the unique identifier is included in the unique identifier table; upon determining that the unique identifier is included in the unique identifier table, creating, by a fingerprint creation means, a fingerprint for the encryption device, by; parsing the particular format into one or more distinct sections of the particular format; determining the section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections; storing a record of the fingerprint and the unique identifier in memory and changing a state of the encryption device to active by the at least one processor; comparing, by the at least one processor, a second particular format of a subsequent payload received from the encryption device to the fingerprint for the encryption device to determine whether the encryption device has been compromised; and upon determining that the encryption device has not been compromised, decrypting encrypted data of the subsequent payload. - View Dependent Claims (19, 20)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeBluefin Payment Systems LLC
-
Original AssigneeBluefin Payment Systems LLC
-
InventorsBarnett, Timothy William, Kasatkin, Alexander I., Miyata, Christopher Hozumi
-
Primary Examiner(s)Patel, Haresh N
-
Application NumberUS15/923,330Publication NumberTime in Patent Office515 DaysField of Search713189US Class CurrentCPC Class CodesG06F 11/0766 Error or fault reporting or...G06F 16/23 UpdatingG06F 16/2379 Updates performed during on...G06F 16/955 using information identifie...G06F 21/44 Program or device authentic...G06F 21/602 Providing cryptographic fac...G06F 21/6227 where protection concerns t...G06F 21/6245 Protecting personal data, e...G06F 21/73 by creating or determining ...G06F 21/77 in smart cardsG06Q 10/00 Administration; ManagementG06Q 10/10 Office automation; Time man...G06Q 20/20 Point-of-sale [POS] network...G06Q 20/223 based on the use of peer-to...G06Q 20/382 insuring higher security of...G06Q 20/3823 combining multiple encrypti...G06Q 20/401 Transaction verificationG06Q 20/4014 Identity check for transact...G06Q 20/409 Device specific authenticat...G06Q 2220/00 Business processing using c...View All
