Off-line generation of limited-use credit card numbers

US 20020073045A1
Filed: 10/23/2001
Published: 06/13/2002
Est. Priority Date: 10/23/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method for facilitating transactions, comprising the steps of:

receiving from a merchant, desiring to receive authorization for a transaction, a token and information identifying an account with a card issuer;

decrypting the token using a symmetric cryptographic key converted from an account number associated with the account with the card issuer; and

verifying information retrieved from the token and approving the transaction if the transaction satisfies any restrictions retrieved from the token.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses a protocol that reduces the risk of misuse of a user'"'"'s card number while avoiding having to securely contact and authenticate with a card issuer before each transaction in an “online” manner.

Citations

21 Claims

1. A method for facilitating transactions, comprising the steps of:
- receiving from a merchant, desiring to receive authorization for a transaction, a token and information identifying an account with a card issuer;
  
  decrypting the token using a symmetric cryptographic key converted from an account number associated with the account with the card issuer; and
  
  verifying information retrieved from the token and approving the transaction if the transaction satisfies any restrictions retrieved from the token.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The invention of claim 1 wherein the token has a length that is identical to the account number.
  - 3. The invention of claim 2 wherein the card is a credit card and wherein the account number is a credit card number.
  - 4. The invention of claim 2 wherein the card is a calling card and wherein the account number is a calling card number.
  - 5. The invention of claim 3 or 4 wherein the symmetric cryptographic key is converted from an account number using a cryptographic hash function.
  - 6. The invention of claim 3 wherein the restrictions retrieved from the token are selected from the group consisting of restrictions on a monetary limit, restrictions on number of uses, monetary restrictions, restrictions on category of product, restrictions on recipients, and restrictions on validity period of the token.
  - 7. The invention of claim 4 wherein the restrictions retrieved from the token are selected from the group consisting of restrictions on calling number, restrictions on time of call, restrictions on duration of call, and restrictions on number of calls.

8. A method for facilitating transactions, comprising the steps of:
- receiving an account number and a set of transaction restrictions from a user having an account with a card issuer;
  
  converting the account number into a symmetric cryptographic key; and
  
  encrypting information encoding the restrictions using the symmetric cryptographic key to obtain a token which may be utilized in a transaction and verified by a card issuer using the account number.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21)
- - 9. The invention of claim 8 wherein the token has a length that is identical to the account number.
  - 10. The invention of claim 9 wherein the card is a credit card and wherein the account number is a credit card number.
  - 11. The invention of claim 9 wherein the card is a calling card and wherein the account number is a calling card number.
  - 12. The invention of claim 10 or 11 wherein the symmetric cryptographic key is converted from an account number using a cryptographic hash function.
  - 13. The invention of claim 10 wherein the restrictions encoded in information in the token are selected from the group consisting of restrictions on a monetary limit, restrictions on number of uses, monetary restrictions, restrictions on category of product, restrictions on recipients, and restrictions on validity period of the token.
  - 14. The invention of claim 11 wherein the restrictions encoded in information in the token are selected from the group consisting of restrictions on calling number, restrictions on time of call, restrictions on duration of call, and restrictions on number of calls.
  - 16. The invention of claim 15 wherein the token has a length that is identical to the account number.
  - 17. The invention of claim 16 wherein the card is a credit card and wherein the account number is a credit card number.
  - 18. The invention of claim 16 wherein the card is a calling card and wherein the account number is a calling card number.
  - 19. The invention of claim 17 or 18 wherein the symmetric cryptographic key is converted from an account number using a cryptographic hash function.
  - 20. The invention of claim 17 wherein the restrictions encoded in information in the token are selected from the group consisting of restrictions on a monetary limit, restrictions on number of uses, monetary restrictions, restrictions on category of product, restrictions on recipients, and restrictions on validity period of the token.
  - 21. The invention of claim 18 wherein the restrictions encoded in information in the token are selected from the group consisting of restrictions on calling number, restrictions on time of call, restrictions on duration of call, and restrictions on number of calls.

15. A processor readable medium containing executable program instructions for performing a method on a device, comprising the steps of:
- receiving an account number and a set of transaction restrictions from a user having an account with a card issuer;
  
  converting the account number into a symmetric cryptographic key; and
  
  encrypting information encoding the restrictions using the symmetric cryptographic key to obtain a token which may be utilized in a transaction and verified by a card issuer using the account number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Corporation (AT&T, Inc.)
Original Assignee
AT&T Corporation (AT&T, Inc.)
Inventors
Wright, Rebecca N., Rubin, Aviel D.

Application Number

US09/682,830
Publication Number

US 20020073045A1
Time in Patent Office

Days
Field of Search
US Class Current

705/65
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/367   involving electronic purses...

G06Q 20/385   using an alias or single-us...

Off-line generation of limited-use credit card numbers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Off-line generation of limited-use credit card numbers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links