Payment service authentication for a transaction using a generated dynamic verification value

US 10,528,951 B2
Filed: 03/14/2013
Issued: 01/07/2020
Est. Priority Date: 08/18/2003
Status: Expired due to Term

First Claim

Patent Images

1. A method of creating and processing a verification value for a transaction, the method comprising:

creating, by a microprocessor of a payment device, a base record comprising a data value comprising an account number;

overlaying, by the microprocessor of the payment device, an application transaction counter (ATC), or hash value based on transaction data for the transaction over a portion of the data value;

splitting, by the microprocessor, the overlaid data value into at least a first block and a second block;

encrypting, by the microprocessor, the first block using a first encryption key;

performing, by the microprocessor, at least an exclusive-OR (XOR) operation on the encrypted first block and the second block to produce a first result;

encrypting, by the microprocessor, the first result using the first encryption key to produce a second result;

selecting, by the microprocessor, one or more values based at least in part on the second result as the verification value for the transaction; and

transmitting, from the payment device through a contact-based or contactless interface to a service provider computer via a POS terminal, the verification value for the transaction, wherein the service provider computer is configured to approve or disapprove of the transaction based on a comparison of the transmitted verification value to a second verification value independently generated from the transaction data at the service provider computer.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for dynamically generating a verification value for a transaction and for utilizing such value to verify the authenticity of the payment service application. The dynamically created verification value may be generated on a payment device, such as an integrated circuit credit card or smart card, embedded into the payment data, and transmitted to a point of sale terminal. Alternatively, payment data is sent by a payment device to a point of sale terminal, which generates a verification value and embeds it into the payment data. The embedded verification value is used by a service provider to verify the authenticity of the transaction. The methods and systems may be used in a contactless (wireless) environment or a non-wireless environment.

Citations

14 Claims

1. A method of creating and processing a verification value for a transaction, the method comprising:
- creating, by a microprocessor of a payment device, a base record comprising a data value comprising an account number;
  
  overlaying, by the microprocessor of the payment device, an application transaction counter (ATC), or hash value based on transaction data for the transaction over a portion of the data value;
  
  splitting, by the microprocessor, the overlaid data value into at least a first block and a second block;
  
  encrypting, by the microprocessor, the first block using a first encryption key;
  
  performing, by the microprocessor, at least an exclusive-OR (XOR) operation on the encrypted first block and the second block to produce a first result;
  
  encrypting, by the microprocessor, the first result using the first encryption key to produce a second result;
  
  selecting, by the microprocessor, one or more values based at least in part on the second result as the verification value for the transaction; and
  
  transmitting, from the payment device through a contact-based or contactless interface to a service provider computer via a POS terminal, the verification value for the transaction, wherein the service provider computer is configured to approve or disapprove of the transaction based on a comparison of the transmitted verification value to a second verification value independently generated from the transaction data at the service provider computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further comprising:
    - decrypting the second result using a second encryption key to produce a third result; and
      
      encrypting the third result using the first encryption key to produce a fourth result,wherein the selecting of one or more values is based at least in part on the fourth result.
  - 3. The method of claim 2 further comprising:
    - sequentially extracting each value between 0 and 9 from the most-significant digit to the least significant digit of the fourth result to produce a fifth result;
      
      wherein the selecting of one or more values is based at least in part on the fifth result.
  - 4. The method of claim 3 further comprising:
    - sequentially extracting and subtracting hexadecimal A from each value between hexadecimal A and hexadecimal F from the most-significant digit to the least-significant digit of the fourth result to produce a sixth result; and
      
      concatenating the fifth result and the sixth result to produce a seventh result,wherein the selecting of one or more values is from the seventh result.
  - 5. The method of claim 1 wherein the first encryption key is derived from a unique derived key, the unique derived key derived from at least the account number encrypted with a master derivation key.
  - 6. The method of claim 2 wherein the first encryption key and the second encryption key are derived from a unique derived key, the unique derived key derived from at least the account number encrypted with a master derivation key.
  - 7. The method of claim 1 wherein the splitting includes bisecting the data value.

8. A payment device comprising a processor and a computer readable medium coupled to the processor, the computer readable medium comprising code, executable by the processor, for implementing a method comprising:
- creating, by the processor, a base record comprising a data value comprising an account number;
  
  overlaying an application transaction counter (ATC), or hash value based on transaction data for a transaction over a portion of the data value;
  
  splitting the overlaid data value into a first block and a second block;
  
  encrypting the first block using a first encryption key;
  
  performing an exclusive-OR (XOR) operation on the encrypted first block and the second block to produce a first result;
  
  encrypting the first result using a second encryption key to produce a second result;
  
  selecting one or more values based on the second result as a verification value for the transaction; and
  
  transmitting, from the payment device through a contact-based or contactless interface to a service provider computer via a POS terminal, the verification value of the transaction,wherein the service provider computer is configured to approve or disapprove the transaction based on a comparison of the transmitted verification value to a second verification value independently generated from the transaction data at the service provider computer.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The device of claim 8 wherein the implemented method further comprises:
    - decrypting the second result using a second encryption key to produce a third result; and
      
      encrypting the third result using the first encryption key to produce a fourth result,wherein the selecting of one or more values is based at least in part on the fourth result.
  - 10. The device of claim 9 wherein the implemented method further comprises:
    - sequentially extracting each value between 0 and 9 from the most-significant digit to the least significant digit of the fourth result to produce a fifth result;
      
      wherein the selecting of one or more values is based on at least the fifth result.
  - 11. The device of claim 10 wherein the implemented method further comprises:
    - sequentially extracting and subtracting hexadecimal A from each value between hexadecimal A and hexadecimal F from the most-significant digit to the least-significant digit of the fourth result to produce a sixth result; and
      
      concatenating the fifth result and the sixth result to produce a seventh result,wherein the selecting of one or more values is from the seventh result.
  - 12. The device of claim 8 wherein the first encryption key is derived from a unique derived key, the unique derived key derived from at least the account number encrypted with a master derivation key.
  - 13. The device of claim 9 wherein the first encryption key and the second encryption key are derived from a unique derived key, the unique derived key derived from at least the account number encrypted with a master derivation key.
  - 14. The device of claim 8 wherein the splitting includes bisecting the data value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Sahota, Jagdeep Singh, Aabye, Christian
Primary Examiner(s)
Chakravarti, Arunava

Application Number

US13/828,504
Publication Number

US 20130204794A1
Time in Patent Office

2,490 Days
Field of Search

705 16
US Class Current
CPC Class Codes

G06Q 20/10   specially adapted for elect...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/388   using mutual authentication...

G06Q 20/401   Transaction verification

G06Q 20/4018   using the card verification...

G06Q 20/4093   Monitoring of device authen...

G07F 7/1008   Active credit-cards provide...

Payment service authentication for a transaction using a generated dynamic verification value

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Payment service authentication for a transaction using a generated dynamic verification value

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links