Systems, methods, and computer readable media for conducting a transaction using cloud based credentials

US 10,528,944 B2
Filed: 04/15/2013
Issued: 01/07/2020
Est. Priority Date: 04/13/2012
Status: Active Grant

First Claim

Patent Images

1. A method for conducting an electronic transaction, the method comprising:

establishing by a mobile application in a mobile device upon an initial use of the mobile application, a shared secret with an issuer server via a cellular network or Internet network;

initiating an electronic transaction between the mobile device and a point of sale (POS) reader device over a wireless connection via the mobile application that is configured to be selected and launched on the mobile device after the mobile device establishes the wireless connection with the POS reader device when positioned in close proximity to the POS reader device;

applying both a consumer personal device identifier that identifies the mobile device and shared secret data as inputs to a cryptographic function in the mobile device, such that the consumer personal device identifier and the shared secret data are encrypted by the cryptographic function, wherein the shared secret data is a key or password shared by both the mobile device and an issuer server;

generating, by the mobile device, the output of the cryptographic function that is formatted as legacy transaction formatted data, wherein the legacy transaction formatted data includes a user identifier that is unencrypted;

wirelessly providing, by the mobile device, the legacy transaction formatted data to the POS reader device via the electronic transaction;

forwarding, from the POS reader device, the legacy transaction formatted data to the issuer server;

processing, at the issuer server, the legacy transaction formatted data to verify the user identifier and authorize the electronic transaction, wherein processing the legacy transaction formatted data includes, by the issuer server, using the user identifier to access a shared secret database in the issuer server to obtain a local copy of the shared secret data, decrypting the encrypted consumer personal device identifier included in the legacy transaction formatted data using the local copy of the shared secret data, and verifying, by the issuer server, an identity of a user associated with the user identifier by determining that the decrypted consumer personal device identifier matches stored information in the issuer server that is associated with the user;

querying, by the issuer server, an account server to determine if payment card credentials associated with the user and locally stored at the account server are valid after the identity of the user is verified;

in response to determining that the payment card credentials are valid, sending, by the issuer server to the POS reader device, a notification message that authorizes the electronic transaction; and

conducting, at the POS reader device, the electronic transaction upon receipt of the notification message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for conducting an electronic transaction that includes initiating an electronic transaction between a mobile device and a POS reader device and applying at least a user identifier that is associated with a user of the mobile device and shared secret data as inputs to a cryptographic function in the mobile device. The method further includes inserting the output of the cryptographic function into legacy transaction formatted data, wirelessly providing the legacy transaction formatted data to the POS reader device via the electronic transaction, forwarding the legacy transaction formatted data to the issuer server, and processing, at the issuer server, the legacy transaction formatted data to verify the user identifier and request authorization for the electronic transaction. The method also includes sending a notification message to the POS reader device that indicates that the electronic transaction is authorized and conducting the electronic transaction upon receipt of the notification message.

Citations

19 Claims

1. A method for conducting an electronic transaction, the method comprising:
- establishing by a mobile application in a mobile device upon an initial use of the mobile application, a shared secret with an issuer server via a cellular network or Internet network;
  
  initiating an electronic transaction between the mobile device and a point of sale (POS) reader device over a wireless connection via the mobile application that is configured to be selected and launched on the mobile device after the mobile device establishes the wireless connection with the POS reader device when positioned in close proximity to the POS reader device;
  
  applying both a consumer personal device identifier that identifies the mobile device and shared secret data as inputs to a cryptographic function in the mobile device, such that the consumer personal device identifier and the shared secret data are encrypted by the cryptographic function, wherein the shared secret data is a key or password shared by both the mobile device and an issuer server;
  
  generating, by the mobile device, the output of the cryptographic function that is formatted as legacy transaction formatted data, wherein the legacy transaction formatted data includes a user identifier that is unencrypted;
  
  wirelessly providing, by the mobile device, the legacy transaction formatted data to the POS reader device via the electronic transaction;
  
  forwarding, from the POS reader device, the legacy transaction formatted data to the issuer server;
  
  processing, at the issuer server, the legacy transaction formatted data to verify the user identifier and authorize the electronic transaction, wherein processing the legacy transaction formatted data includes, by the issuer server, using the user identifier to access a shared secret database in the issuer server to obtain a local copy of the shared secret data, decrypting the encrypted consumer personal device identifier included in the legacy transaction formatted data using the local copy of the shared secret data, and verifying, by the issuer server, an identity of a user associated with the user identifier by determining that the decrypted consumer personal device identifier matches stored information in the issuer server that is associated with the user;
  
  querying, by the issuer server, an account server to determine if payment card credentials associated with the user and locally stored at the account server are valid after the identity of the user is verified;
  
  in response to determining that the payment card credentials are valid, sending, by the issuer server to the POS reader device, a notification message that authorizes the electronic transaction; and
  
  conducting, at the POS reader device, the electronic transaction upon receipt of the notification message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1 wherein the legacy transaction formatted data includes at least one of:
    - Track 1 data, Track 2 data, Track 3 data, and EMV data.
  - 3. The method of claim 1 wherein the electronic transaction includes an electronic payment transaction or an electronic non-payment transaction.
  - 4. The method of claim 1 wherein the cryptographic function is at least one of:
    - a one way function, a cryptographic hash function, a standard encryption function, and proprietary encryption function.
  - 5. The method of claim 1 wherein the mobile device includes a near field communications (NFC) enabled mobile device.
  - 6. The method of claim 1 wherein the mobile device is equipped with at least one of:
    - a Quick Response (QR) code reader, a barcode reader, a camera, a WiFi enabling chip, and another wireless technology enabling chip.
  - 7. The method of claim 1 wherein the electronic transaction is conducted in a magnetic stripe based network or a Europay, MasterCard, and Visa (EMV) card based network.
  - 8. The method of claim 1 wherein the POS reader device is either located at a fixed location or comprises a mobile POS reader device.
  - 9. The method of claim 1 wherein the user identifier is mapped to a mobile device identifier or a subscriber identity module (SIM) identifier.
  - 10. The method of claim 9 wherein the mobile device identifier includes a serial number or an international mobile equipment identity (IMEI) number.
  - 11. The method of claim 1 wherein the cryptographic function is generated using at least one of:
    - an account number, the user identifier, a password, a subscriber identity module (SIM) identifier, an employer identification number (EIN), a WIN, an international mobile equipment identity (IMEI) number, biometric data, a sequence number, a random number, and a unique transaction identifier.
  - 12. The method of claim 1 wherein the shared secret data includes at least one of:
    - a password, a public key, and a shared key.
  - 13. The method of claim 1 wherein the shared secret data includes a combination of a password and biometric data.
  - 14. The method of claim 1 wherein the user identifier is linked to an application account that is used to facilitate the electronic transaction.
  - 15. The method of claim 1 wherein the user identifier is linked to card credentials stored in the issuer server.
  - 16. The method of claim 15 wherein the card credentials includes magnetic stripe data or Europay, MasterCard, and Visa (EMV) payment card data.
  - 17. The method of claim 1 wherein a bank identifier number (BIN) is added to the output of the cryptographic function to form Track 1 and Track 2 data and is used to route the Track 1 and Track 2 data to the issuer server over an existing POS, payment, or non-payment network infrastructure.

18. A system for conducting an electronic transaction, the system comprising:
- a point of sale (POS) reader device located a point of sale that is configured to process an electronic transaction;
  
  a mobile device that includes a mobile application that establishes upon an initial use of the mobile application, a shared secret with an issuer server via a cellular network or Internet network, wherein the mobile device is configured to initiate the electronic transaction over a wireless connection with the POS reader device via a mobile application that is configured to be selected and launched on the mobile device after the mobile device establishes the wireless connection with the POS reader device when positioned in close proximity to the POS reader device, to apply both consumer personal device identifier that identifies the mobile device and shared secret data as inputs to a cryptographic function in the mobile device, such that the consumer personal device identifier and the shared secret data are encrypted by the cryptographic function, wherein the shared secret data is a key or password shared by both the mobile device and an issuer server, to generate the output of the cryptographic function that is formatted as legacy transaction formatted data, wherein the legacy transaction formatted data includes a user identifier that is unencrypted, and to wirelessly provide the legacy transaction formatted data to the POS reader device via the electronic transaction; and
  
  an issuer server configured to receive the legacy transaction formatted data from the POS reader device, to process the legacy transaction formatted data to verify the user identifier and to authorize the electronic transaction by using the user identifier to access a shared secret database in the issuer server to obtain a local copy of the shared secret data, decrypting the encrypted consumer personal device identifier included in the legacy transaction formatted data using the local copy of the shared secret data, and verifying an identity of a user associated with the user identifier by determining that the decrypted consumer personal device identifier matches stored information in the issuer server that is associated with the user, to query an account server to determine if validating payment card credentials associated with the user and locally stored at the account server are valid after the identity of the user is verified, and, and in response to determining that the payment card credentials are valid, sending a notification message to the POS reader device that authorizes the electronic transaction.

19. A non-transitory computer readable medium having stored thereon executable instructions for controlling a computer to perform steps comprising:
- establishing by a mobile application in a mobile device upon an initial use of the mobile application, a shared secret with an issuer server via a cellular network or Internet network;
  
  initiating an electronic transaction between the mobile device and a point of sale (POS) reader device over a wireless connection via the mobile application that is configured to be selected and launched on the mobile device after the mobile device establishes the wireless connection with the POS reader device when positioned in close proximity to the POS reader device;
  
  applying a consumer personal device identifier that is associated the mobile device and shared secret data as inputs to a cryptographic function in the mobile device, such that the consumer personal device identifier and the shared secret data are encrypted by the cryptographic function, wherein the shared secret data is a key or password shared by both the mobile device and an issuer server;
  
  generating, by the mobile device, the output of the cryptographic function that is formatted as legacy transaction formatted data, wherein the legacy transaction formatted data includes a user identifier that is unencrypted;
  
  wirelessly providing, by the mobile device, the legacy transaction formatted data to the POS reader device via the electronic transaction;
  
  forwarding, from the POS reader device, the legacy transaction formatted data to the issuer server;
  
  processing, at the issuer server, the legacy transaction formatted data to verify the user identifier and authorize the electronic transaction, wherein processing the legacy transaction formatted data includes, by the issuer server, using the user identifier to access a shared secret database in the issuer server to obtain a local copy of the shared secret data, decrypting the encrypted consumer personal device identifier included in the legacy transaction formatted data using the local copy of the shared secret data, and verifying, by the issuer server, an identity of a user associated with the user identifier by determining that the decrypted consumer personal device identifier matches stored information in the issuer server that is associated with the user;
  
  querying, by the issuer server, an account server to determine if payment card credentials associated with the user and locally stored at the account server are valid after the identity of the user is verified;
  
  in response to determining that the payment card credentials are valid, sending, by the issuer server to the POS reader device, a notification message that authorizes the electronic transaction; and
  
  conducting, at the POS reader device, the electronic transaction upon receipt of the notification message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Khan, Mohammad
Primary Examiner(s)
Choo, Johann Y

Application Number

US13/862,968
Publication Number

US 20130275307A1
Time in Patent Office

2,458 Days
Field of Search
US Class Current
CPC Class Codes

G06Q 20/204   comprising interface for re...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/363   with the personal data of a...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

H04W 12/068   using credential vaults, e....

H04W 12/08   Access security

Systems, methods, and computer readable media for conducting a transaction using cloud based credentials

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Systems, methods, and computer readable media for conducting a transaction using cloud based credentials

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links