Method and system for generating a dynamic verification value

US 20050043997A1
Filed: 08/18/2003
Published: 02/24/2005
Est. Priority Date: 08/18/2003
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a payment service being used in a transaction comprising:

generating on a payment device a first verification value unique to the transaction wherein said first verification value is derived from data comprising a first data value and a second data value;

communicating a payment record from the payment device to a point of sale terminal, wherein the payment record comprising the first verification value and payment data;

communicating the payment record from the point of sale terminal to a service provider computer;

generating a second verification value on the service provider computer, wherein the second verification value is generated solely from data residing on the service provider computer; and

disapproving the transaction when the first verification value does not equal the second verification value.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for dynamically generating a verification value for a transaction and for utilizing such value to verify the authenticity of the payment service application. The dynamically created verification value may be generated on a payment device, such as an integrated circuit credit card or smart card, embedded into the payment data, and transmitted to a point of sale terminal. Alternatively, payment data is sent by a payment device to a point of sale terminal, which generates a verification value and embeds it into the payment data. The embedded verification value is used by a service provider to verify the authenticity of the transaction. The methods and systems may be used in a contactless (wireless) environment or a non-wireless environment.

Citations

38 Claims

1. A method for authenticating a payment service being used in a transaction comprising:
- generating on a payment device a first verification value unique to the transaction wherein said first verification value is derived from data comprising a first data value and a second data value;
  
  communicating a payment record from the payment device to a point of sale terminal, wherein the payment record comprising the first verification value and payment data;
  
  communicating the payment record from the point of sale terminal to a service provider computer;
  
  generating a second verification value on the service provider computer, wherein the second verification value is generated solely from data residing on the service provider computer; and
  
  disapproving the transaction when the first verification value does not equal the second verification value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1 wherein said first data value comprises:
    - a primary account number for the payment service.
  - 3. The method of claim 1 wherein said first data value comprises:
    - a unique identification number for the payment device.
  - 4. The method of claim 1 wherein said first data value comprises:
    - a unique identification number for the service provider.
  - 5. The method of claim 1 wherein said second data value comprises:
    - an application transaction counter.
  - 6. The method of claim 1 wherein said second data value comprises:
    - a cryptogram.
  - 7. The method of claim 1 wherein said second data value comprises:
    - a digital signature.
  - 8. The method of claim 1 wherein said second data value comprises:
    - a value derived from the payment data.
  - 9. The method of claim 1 wherein said first verification value is derived from data further comprising:
    - a service code which identifies the payment service; and
      
      an expiration date for the payment service.
  - 10. The method of claim 1 wherein the application transaction counter is incremented with any non-zero value with each executed transaction.
  - 11. The method of claim 1 wherein the payment record further comprises an application transaction counter.
  - 12. The method of claim 11 further comprising:
    - storing the application transaction counter in memory accessible by the service provider computer.
  - 13. The method of claim 1 wherein the payment device communicates the payment record to the point of sale terminal via wireless communications.

14. A method of dynamically creating a verification value for a transaction comprising:
- creating a base record comprising a first data value and a second data value for a payment service being used in the transaction;
  
  splitting the base record into a first field and a second field;
  
  encrypting the first field using a first encryption key;
  
  performing an exclusive-OR (XOR) operation on the encrypted first field and the second field to produce a first result;
  
  encrypting the first result using a second encryption key to produce a second result;
  
  decrypting the second result using a decryption key to produce a third result;
  
  encrypting the third result using a third encryption key to produce a fourth result;
  
  sequentially extracting each value between 0 and 9 from the most-significant digit to the least-significant digit of the fourth result to produce a fifth result;
  
  sequentially extracting and subtracting hexadecimal A from each value between hexadecimal A and hexadecimal F from the most-significant digit to the least-significant digit of the fourth result to produce the sixth result;
  
  concatenating the fifth result and the sixth result to produce a seventh result; and
  
  selecting one or more values from the seventh result as the card verification value.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 15. The method of claim 14 wherein the first encryption key, the second encryption key, and the third encryption key are equivalent.
  - 16. The method of claim 14 wherein the decryption key differs from the first encryption key.
  - 17. The method of claim 14 wherein the decryption key differs from each of the first encryption key, the second encryption key, and the third encryption key.
  - 18. The method of claim 14 wherein the base record is 128-bits in length.
  - 19. The method of claim 14 wherein said first data value comprises:
    - a primary account number for the payment service.
  - 20. The method of claim 14 wherein said first data value comprises:
    - a unique identification number for the payment device.
  - 21. The method of claim 14 wherein said first data value comprises:
    - a unique identification number for the service provider.
  - 22. The method of claim 14 wherein said second data value comprises:
    - an application transaction counter.
  - 23. The method of claim 14 wherein said second data value comprises:
    - a cryptogram.
  - 24. The method of claim 14 wherein said second data value comprises:
    - a digital signature.
  - 25. The method of claim 14 wherein said second data value comprises:
    - a value derived from the payment data.
  - 26. The method of claim 14 wherein said first verification value is derived from data further comprising:
    - a service code which identifies the payment service; and
      
      an expiration date for the payment service.
  - 27. The method of claim 14 wherein the base record further comprises padding characters to extend the base record to a predetermined length.
  - 28. The method of claim 14 wherein the first encryption key, the second encryption key, the decryption key, and the third encryption key are derived from data residing on the payment device.

29. A system for verifying a transaction comprising:
- a first electronic device with a payment service deployed thereon;
  
  a second electronic device in communication with the first electronic device wherein the second electronic device receives a payment record from the first electronic device, the payment record comprising an account number for the payment service and a first verification value generated on the first electronic device;
  
  a service provider system in communication with the second electronic device wherein the service provider computer independently generates a second verification value and disapproves the transaction where the first verification value and the second verification value are not equal.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 30. The system of claim 29 wherein the first electronic device is an integrated circuit card.
  - 31. The system of claim 29 wherein the first electronic device is a personal digital assistant.
  - 32. The system of claim 29 wherein the first electronic device is a cell phone.
  - 33. The system of claim 29 wherein the first electronic device is a device comprising:
    - a microprocessor; and
      
      means for communicating with the second electronic device.
  - 34. The system of claim 29 wherein the first electronic device communicates with the second electronic device via radio frequency waves.
  - 35. The system of claim 29 wherein the electronic device communicates with the second electronic device via infrared frequency waves.
  - 36. The system of claim 29 wherein the electronic device communicates with the second electronic device via laser communication.
  - 37. The system of claim 29 wherein the second electronic device is comprised of:
    - means for communicating with the first electronic device; and
      
      a terminal.
  - 38. The system of claim 37 wherein the second electronic device is further comprised of a hardware security key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Aabye, Christian, Sahota, Jagdeep Singh

Granted Patent

US 7,761,374 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/16
CPC Class Codes

G06Q 20/10   specially adapted for elect...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/388   using mutual authentication...

G06Q 20/401   Transaction verification

G06Q 20/4018   using the card verification...

G06Q 20/4093   Monitoring of device authen...

G07F 7/1008   Active credit-cards provide...

Method and system for generating a dynamic verification value

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for generating a dynamic verification value

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links