Off-line generation of limited-use credit card numbers
First Claim
Patent Images
1. A method for facilitating transactions, comprising the steps of:
- receiving from a merchant, desiring to receive authorization for a transaction, a token and information identifying an account with a card issuer;
decrypting the token using a symmetric cryptographic key converted from an account number associated with the account with the card issuer; and
verifying information retrieved from the token and approving the transaction if the transaction satisfies any restrictions retrieved from the token.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention discloses a protocol that reduces the risk of misuse of a user'"'"'s card number while avoiding having to securely contact and authenticate with a card issuer before each transaction in an “online” manner.
-
Citations
21 Claims
-
1. A method for facilitating transactions, comprising the steps of:
-
receiving from a merchant, desiring to receive authorization for a transaction, a token and information identifying an account with a card issuer;
decrypting the token using a symmetric cryptographic key converted from an account number associated with the account with the card issuer; and
verifying information retrieved from the token and approving the transaction if the transaction satisfies any restrictions retrieved from the token. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for facilitating transactions, comprising the steps of:
-
receiving an account number and a set of transaction restrictions from a user having an account with a card issuer;
converting the account number into a symmetric cryptographic key; and
encrypting information encoding the restrictions using the symmetric cryptographic key to obtain a token which may be utilized in a transaction and verified by a card issuer using the account number. - View Dependent Claims (9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21)
-
-
15. A processor readable medium containing executable program instructions for performing a method on a device, comprising the steps of:
-
receiving an account number and a set of transaction restrictions from a user having an account with a card issuer;
converting the account number into a symmetric cryptographic key; and
encrypting information encoding the restrictions using the symmetric cryptographic key to obtain a token which may be utilized in a transaction and verified by a card issuer using the account number.
-
Specification