Method and systems for securely exchanging data in an electronic transaction

US 20040268127A1
Filed: 06/17/2004
Published: 12/30/2004
Est. Priority Date: 06/17/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method of ensuring secure data exchange, comprising:

transmitting, via a communication interface, one or more public key certificates from a user device to a point of transaction terminal;

performing one or more first encryption algorithms using the one or more public key certificates and one or more keys to produce an encrypted data block at the point of transaction terminal;

transmitting, via the communication interface, the encrypted data block from the point of transaction terminal to the user device;

performing a first decryption algorithm on the encrypted data block using a device private key to decrypt a random session key on the user device;

performing a second encryption algorithm using transaction data and the random session key to produce encrypted transaction data on the user device;

transmitting, via the communication interface, the encrypted transaction data from the user device to the point of transaction terminal; and

performing a second decryption algorithm on the encrypted transaction data to decrypt the transaction data at the point of transaction terminal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems of encrypting and authenticating transaction data via the use of encryption and authentication algorithms are disclosed. Encryption and decryption algorithms are stored within a computer-readable storage medium and executed by a processor on a user device. These algorithms are used when a transaction is initiated by the user device with a point of transaction terminal across a communication interface to establish a secure connection for the transmission of data. Data relating to the transaction is then sent across the communication interface through the secure connection.

62 Citations

View as Search Results

18 Claims

1. A method of ensuring secure data exchange, comprising:
- transmitting, via a communication interface, one or more public key certificates from a user device to a point of transaction terminal;
  
  performing one or more first encryption algorithms using the one or more public key certificates and one or more keys to produce an encrypted data block at the point of transaction terminal;
  
  transmitting, via the communication interface, the encrypted data block from the point of transaction terminal to the user device;
  
  performing a first decryption algorithm on the encrypted data block using a device private key to decrypt a random session key on the user device;
  
  performing a second encryption algorithm using transaction data and the random session key to produce encrypted transaction data on the user device;
  
  transmitting, via the communication interface, the encrypted transaction data from the user device to the point of transaction terminal; and
  
  performing a second decryption algorithm on the encrypted transaction data to decrypt the transaction data at the point of transaction terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - initiating a transaction from the user device.
  - 3. The method of claim 1, further comprising:
    - initiating a transaction from the point of transaction terminal;
  - 4. The method of claim 1 wherein the user device comprises:
    - a storage medium for storing the one or more public key certificates and the device private key; and
      
      a processing module for performing encryption and decryption algorithms.
  - 5. The method of claim 1 wherein the one or more public key certificates comprise:
    - a service provider public key certificate; and
      
      a device public key certificate.
  - 6. The method of claim 1 wherein performing one or more encryption algorithms comprises:
    - performing an encryption algorithm using the service provider public key certificate and a service provider certificate authority public key to produce a service provider public key;
      
      performing an encryption algorithm using the device public key certificate and the service provider public key to produce a device public key;
      
      generating a session key; and
      
      performing an encryption algorithm using the session key and the device public key to produce an encrypted data block.
  - 7. The method of claim 1 wherein each of the first encryption algorithms and the second encryption algorithm comprises one or more of the following:
    - an RSA encryption algorithm;
      
      a DES encryption algorithm; and
      
      a Triple-DES encryption algorithm.
  - 8. The method of claim 1 wherein each of the first decryption algorithm and the second decryption algorithm comprises one or more of the following:
    - an RSA decryption algorithm;
      
      a DES decryption algorithm; and
      
      a Triple-DES decryption algorithm.

9. A user device for ensuring secure data exchange, comprising:
- a processor;
  
  a communication interface operably connected to the processor; and
  
  a computer-readable storage medium operably connected to the processor, wherein the computer-readable storage medium contains one or more programming instructions for performing a method for ensuring secure data exchange, the method comprising;
  
  transmitting, via the communication interface, one or more public key certificates, receiving, via the communication interface, an encrypted data block, performing a decryption algorithm on the encrypted data block using a device private key to decrypt a random session key, performing an encryption algorithm using transaction data and the random session key to produce encrypted transaction data, and transmitting, via the communication interface, the encrypted transaction data.
- View Dependent Claims (10, 11, 12)
- - 10. The user device of claim 9 wherein the one or more public key certificates comprise:
    - a service provider public key certificate; and
      
      a device public key certificate.
  - 11. The user device of claim 9 wherein the encryption algorithm comprises one or more of the following:
    - an RSA encryption algorithm;
      
      a DES encryption algorithm; and
      
      a Triple-DES encryption algorithm.
  - 12. The user device of claim 9 wherein the decryption algorithm comprises one or more of the following:
    - an RSA decryption algorithm;
      
      a DES decryption algorithm; and
      
      a Triple-DES decryption algorithm.

13. A point of transaction terminal for ensuring secure data exchange, comprising:
- a processor;
  
  a communication interface operably connected to the processor; and
  
  a computer-readable storage medium operably connected to the processor, wherein the computer-readable storage medium contains one or more programming instructions for performing a method for ensuring secure data exchange, the method comprising;
  
  receiving, via the communication interface, one or more public key certificates, performing one or more encryption algorithms using the one or more public key certificates and one or more keys to produce an encrypted data block, transmitting, via the communication interface, the encrypted data block, receiving, via the communication interface, encrypted transaction data from, and performing a decryption algorithm on the encrypted transaction data to decrypt the transaction data.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The point of transaction terminal of claim 13 wherein the one or more public key certificates comprise:
    - a service provider public key certificate; and
      
      a device public key certificate.
  - 15. The point of transaction terminal of claim 13 wherein performing one or more encryption algorithms comprises:
    - performing an encryption algorithm using the service provider public key certificate and a service provider certificate authority public key to produce a service provider public key;
      
      performing a first encryption algorithm using the device public key certificate and the service provider public key to produce a device public key;
      
      generating a session key; and
      
      performing a second encryption algorithm using the session key and the device public key to produce an encrypted data block.
  - 16. The point of transaction terminal of claim 13 wherein each of the encryption algorithms comprises one or more of the following:
    - an RSA encryption algorithm;
      
      a DES encryption algorithm; and
      
      a Triple-DES encryption algorithm.
  - 17. The point of transaction terminal of claim 13 wherein the decryption algorithm comprises one or more of the following:
    - an RSA decryption algorithm;
      
      a DES decryption algorithm; and
      
      a Triple-DES decryption algorithm.

18. A system for securing data exchange, comprising:
- a user device, wherein the user device comprises;
  
  a device processor, a device communication interface operably connected to the device processor, and a device computer-readable storage medium operably connected to the device processor, wherein the device computer-readable storage medium contains one or more programming instructions for performing a method of securing data exchange, the method comprising;
  
  transmitting, via the device communication interface, one or more public key certificates, receiving, via the device communication interface, an encrypted data block, performing a decryption algorithm on the encrypted data block using a device private key to decrypt a random session key, performing an encryption algorithm using transaction data and the random session key to produce encrypted transaction data, and transmitting, via the device communication interface, the encrypted transaction data; and
  
  a point of transaction terminal, wherein the point of transaction terminal comprises;
  
  a terminal processor, a terminal communication interface operably connected to the terminal processor and the device communication interface, and a terminal computer-readable storage medium operably connected to the terminal processor, wherein the terminal computer-readable storage medium contains one or more programming instructions for performing a method for ensuring secure data exchange, the method comprising;
  
  receiving, via the terminal communication interface, one or more public key certificates, performing one or more encryption algorithms using the one or more public key certificates and one or more keys to produce an encrypted data block, transmitting, via the terminal communication interface, the encrypted data block, receiving, via the terminal communication interface, encrypted transaction data from, and performing a decryption algorithm on the encrypted transaction data to decrypt the transaction data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Sahota, Jagdeep Singh

Application Number

US10/870,511
Publication Number

US 20040268127A1
Time in Patent Office

Days
Field of Search
US Class Current

713/175
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0625   with splitting of the data ...

H04L 9/302   involving the integer facto...

H04L 9/3263   involving certificates, e.g...

Method and systems for securely exchanging data in an electronic transaction

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

62 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and systems for securely exchanging data in an electronic transaction

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

62 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links