Systems, methods, and computer readable media for conducting a transaction using cloud based credentials
First Claim
1. A method for conducting an electronic transaction, the method comprising:
- establishing by a mobile application in a mobile device upon an initial use of the mobile application, a shared secret with an issuer server via a cellular network or Internet network;
initiating an electronic transaction between the mobile device and a point of sale (POS) reader device over a wireless connection via the mobile application that is configured to be selected and launched on the mobile device after the mobile device establishes the wireless connection with the POS reader device when positioned in close proximity to the POS reader device;
applying both a consumer personal device identifier that identifies the mobile device and shared secret data as inputs to a cryptographic function in the mobile device, such that the consumer personal device identifier and the shared secret data are encrypted by the cryptographic function, wherein the shared secret data is a key or password shared by both the mobile device and an issuer server;
generating, by the mobile device, the output of the cryptographic function that is formatted as legacy transaction formatted data, wherein the legacy transaction formatted data includes a user identifier that is unencrypted;
wirelessly providing, by the mobile device, the legacy transaction formatted data to the POS reader device via the electronic transaction;
forwarding, from the POS reader device, the legacy transaction formatted data to the issuer server;
processing, at the issuer server, the legacy transaction formatted data to verify the user identifier and authorize the electronic transaction, wherein processing the legacy transaction formatted data includes, by the issuer server, using the user identifier to access a shared secret database in the issuer server to obtain a local copy of the shared secret data, decrypting the encrypted consumer personal device identifier included in the legacy transaction formatted data using the local copy of the shared secret data, and verifying, by the issuer server, an identity of a user associated with the user identifier by determining that the decrypted consumer personal device identifier matches stored information in the issuer server that is associated with the user;
querying, by the issuer server, an account server to determine if payment card credentials associated with the user and locally stored at the account server are valid after the identity of the user is verified;
in response to determining that the payment card credentials are valid, sending, by the issuer server to the POS reader device, a notification message that authorizes the electronic transaction; and
conducting, at the POS reader device, the electronic transaction upon receipt of the notification message.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for conducting an electronic transaction that includes initiating an electronic transaction between a mobile device and a POS reader device and applying at least a user identifier that is associated with a user of the mobile device and shared secret data as inputs to a cryptographic function in the mobile device. The method further includes inserting the output of the cryptographic function into legacy transaction formatted data, wirelessly providing the legacy transaction formatted data to the POS reader device via the electronic transaction, forwarding the legacy transaction formatted data to the issuer server, and processing, at the issuer server, the legacy transaction formatted data to verify the user identifier and request authorization for the electronic transaction. The method also includes sending a notification message to the POS reader device that indicates that the electronic transaction is authorized and conducting the electronic transaction upon receipt of the notification message.
-
Citations
19 Claims
-
1. A method for conducting an electronic transaction, the method comprising:
-
establishing by a mobile application in a mobile device upon an initial use of the mobile application, a shared secret with an issuer server via a cellular network or Internet network; initiating an electronic transaction between the mobile device and a point of sale (POS) reader device over a wireless connection via the mobile application that is configured to be selected and launched on the mobile device after the mobile device establishes the wireless connection with the POS reader device when positioned in close proximity to the POS reader device; applying both a consumer personal device identifier that identifies the mobile device and shared secret data as inputs to a cryptographic function in the mobile device, such that the consumer personal device identifier and the shared secret data are encrypted by the cryptographic function, wherein the shared secret data is a key or password shared by both the mobile device and an issuer server; generating, by the mobile device, the output of the cryptographic function that is formatted as legacy transaction formatted data, wherein the legacy transaction formatted data includes a user identifier that is unencrypted; wirelessly providing, by the mobile device, the legacy transaction formatted data to the POS reader device via the electronic transaction; forwarding, from the POS reader device, the legacy transaction formatted data to the issuer server; processing, at the issuer server, the legacy transaction formatted data to verify the user identifier and authorize the electronic transaction, wherein processing the legacy transaction formatted data includes, by the issuer server, using the user identifier to access a shared secret database in the issuer server to obtain a local copy of the shared secret data, decrypting the encrypted consumer personal device identifier included in the legacy transaction formatted data using the local copy of the shared secret data, and verifying, by the issuer server, an identity of a user associated with the user identifier by determining that the decrypted consumer personal device identifier matches stored information in the issuer server that is associated with the user; querying, by the issuer server, an account server to determine if payment card credentials associated with the user and locally stored at the account server are valid after the identity of the user is verified; in response to determining that the payment card credentials are valid, sending, by the issuer server to the POS reader device, a notification message that authorizes the electronic transaction; and conducting, at the POS reader device, the electronic transaction upon receipt of the notification message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for conducting an electronic transaction, the system comprising:
-
a point of sale (POS) reader device located a point of sale that is configured to process an electronic transaction; a mobile device that includes a mobile application that establishes upon an initial use of the mobile application, a shared secret with an issuer server via a cellular network or Internet network, wherein the mobile device is configured to initiate the electronic transaction over a wireless connection with the POS reader device via a mobile application that is configured to be selected and launched on the mobile device after the mobile device establishes the wireless connection with the POS reader device when positioned in close proximity to the POS reader device, to apply both consumer personal device identifier that identifies the mobile device and shared secret data as inputs to a cryptographic function in the mobile device, such that the consumer personal device identifier and the shared secret data are encrypted by the cryptographic function, wherein the shared secret data is a key or password shared by both the mobile device and an issuer server, to generate the output of the cryptographic function that is formatted as legacy transaction formatted data, wherein the legacy transaction formatted data includes a user identifier that is unencrypted, and to wirelessly provide the legacy transaction formatted data to the POS reader device via the electronic transaction; and an issuer server configured to receive the legacy transaction formatted data from the POS reader device, to process the legacy transaction formatted data to verify the user identifier and to authorize the electronic transaction by using the user identifier to access a shared secret database in the issuer server to obtain a local copy of the shared secret data, decrypting the encrypted consumer personal device identifier included in the legacy transaction formatted data using the local copy of the shared secret data, and verifying an identity of a user associated with the user identifier by determining that the decrypted consumer personal device identifier matches stored information in the issuer server that is associated with the user, to query an account server to determine if validating payment card credentials associated with the user and locally stored at the account server are valid after the identity of the user is verified, and, and in response to determining that the payment card credentials are valid, sending a notification message to the POS reader device that authorizes the electronic transaction.
-
-
19. A non-transitory computer readable medium having stored thereon executable instructions for controlling a computer to perform steps comprising:
-
establishing by a mobile application in a mobile device upon an initial use of the mobile application, a shared secret with an issuer server via a cellular network or Internet network; initiating an electronic transaction between the mobile device and a point of sale (POS) reader device over a wireless connection via the mobile application that is configured to be selected and launched on the mobile device after the mobile device establishes the wireless connection with the POS reader device when positioned in close proximity to the POS reader device; applying a consumer personal device identifier that is associated the mobile device and shared secret data as inputs to a cryptographic function in the mobile device, such that the consumer personal device identifier and the shared secret data are encrypted by the cryptographic function, wherein the shared secret data is a key or password shared by both the mobile device and an issuer server; generating, by the mobile device, the output of the cryptographic function that is formatted as legacy transaction formatted data, wherein the legacy transaction formatted data includes a user identifier that is unencrypted; wirelessly providing, by the mobile device, the legacy transaction formatted data to the POS reader device via the electronic transaction; forwarding, from the POS reader device, the legacy transaction formatted data to the issuer server; processing, at the issuer server, the legacy transaction formatted data to verify the user identifier and authorize the electronic transaction, wherein processing the legacy transaction formatted data includes, by the issuer server, using the user identifier to access a shared secret database in the issuer server to obtain a local copy of the shared secret data, decrypting the encrypted consumer personal device identifier included in the legacy transaction formatted data using the local copy of the shared secret data, and verifying, by the issuer server, an identity of a user associated with the user identifier by determining that the decrypted consumer personal device identifier matches stored information in the issuer server that is associated with the user; querying, by the issuer server, an account server to determine if payment card credentials associated with the user and locally stored at the account server are valid after the identity of the user is verified; in response to determining that the payment card credentials are valid, sending, by the issuer server to the POS reader device, a notification message that authorizes the electronic transaction; and conducting, at the POS reader device, the electronic transaction upon receipt of the notification message.
-
Specification