Method for Generating Customer Secure Card Numbers

US 20070215688A1
Filed: 03/09/2007
Published: 09/20/2007
Est. Priority Date: 09/21/2001
Status: Active Grant

First Claim

Patent Images

1. A method for providing one or more secure transactions between a first entity and at least one additional entity, comprising the steps of:

(a) generating an encrypted transaction validation code which positively identifies a transaction for a first entity, the first entity having a first entity identifier;

(b) transferring the validation code and the first entity identifier to a second entity in a first transaction;

(c) transferring the validation code and the first entity identifier from the second entity to a money source; and

(d) verifying that the first transaction is valid with the money source by use of the first entity identifier and the validation code.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for providing secure transactions generates a Secure Card Number (“SCN”) for a first entity that is transferred with a first entity identifier to a second entity and then to a money source that verifies that the transaction is valid by use of the first entity identifier and the SCN. The SCN includes a Transaction Information Block (“TIB”), a Counter Block, and an encrypted Personal Identification Number (“PIN”) Block. The SCN is transferred to the money source in an account number or a non-account data field. The money source can use the TIB to determine whether the SCN should be used once or multiple times or to identify one of several physical devices, all of which are issued to the first entity, used to generate the SCN. The money source validates the SCN by duplicating the encryption process used to create an encrypted PIN Block and comparing the result to the encrypted PIN Block received with the transaction. A Triple Data Encryption Standard algorithm encrypts a PIN Block generated from a PIN, a Sequence Insertion Number (“SIN”) and a known starting value. The SIN can be a combination of three seed values and a random value generated by a Pseudo Random Number Generator (“PRNG”) initialized with the seed values. A Counter value is associated with the Counter Block and the seed values.

49 Citations

View as Search Results

32 Claims

1. A method for providing one or more secure transactions between a first entity and at least one additional entity, comprising the steps of:
- (a) generating an encrypted transaction validation code which positively identifies a transaction for a first entity, the first entity having a first entity identifier;
  
  (b) transferring the validation code and the first entity identifier to a second entity in a first transaction;
  
  (c) transferring the validation code and the first entity identifier from the second entity to a money source; and
  
  (d) verifying that the first transaction is valid with the money source by use of the first entity identifier and the validation code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. A method as recited in claim 1, wherein the validation code is transferred to the money source in an account number and the first entity identifier is transferred to the money source in a non-account data field.
  - 3. A method as recited in claim 1, wherein the first entity identifier is transferred to the money source as an account number and the validation code is transferred to the money source in a non-account data field.
  - 4. A method as recited in claim 1, wherein the validation code is used by the money source to identify a physical device used to generate the validation code.
  - 5. A method as recited in claim 1, wherein the validation code is formed by using a Triple Data Encryption Standard algorithm (“
    - TDES”
      
      ).
  - 6. A method as recited in claim 1, wherein the money source validates the validation code by duplicating the encryption process used to create the validation code and by then comparing the result to the validation code received with the first transaction.
  - 7. A method as recited in claim 1 wherein the validation code and first entity identifier are transferred to the second entity in a form.
  - 8. A method as recited in claim 1 wherein the validation code is transmitted through an Address Verification System Billing Address.
  - 9. A method as recited in claim 1 wherein a unique validation code is assigned to each first entity which is valid only for at least one of mail order, telephone order, and Internet transactions, and which is used for multiple transactions with multiple merchants.
  - 10. A method as recited in claim 1 wherein the second entity uses the validation code to authenticate the first entity.
  - 11. A method as recited in claim 1 wherein the validation code is readable from either a Track 1 or a Track 2 of an electronic device.
  - 12. A method as recited in claim 11 wherein the electronic device is an electronic card.
  - 13. A method as recited in claim 1 wherein the validation code is, at least in part, encrypted, and wherein the money source validates the validation code by duplicating a validation code encryption process and by then comparing the result to the validation code received with the first transaction.
  - 14. A method as recited in claim 1 wherein an electronic device generates the validation code.
  - 15. A method as recited in claim 14 wherein the electronic device is an electronic card.
  - 16. A method as recited in claim 14 wherein the electronic device is a telephone.
  - 17. A method as recited in claim 16 wherein the telephone is capable of mobile commerce.
  - 18. A method as recited in claim 17 wherein the electronic device includes a software program used in a network application.
  - 19. A method as recited in claim 18 wherein the network includes the Internet.

20. A system for providing secure transactions comprising:
- an electronic device associated with a first entity and having a first entity identifier, the electronic device being operative to generate an encrypted transaction validation code which positively identifies a transaction for the first entity;
  
  a second entity apparatus operative to receive the validation code and the first entity identifier for a transaction;
  
  a money source apparatus operative to receive the validation code and the first entity identifier from the second entity system and to verify that the transaction is valid by use of the first entity identifier and the validation code.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 21. A system for providing secure transactions as recited in claim 20 wherein the validation code is transferred to the money source in an account number and the first entity identifier is transferred to the money source in a non-account data field.
  - 22. A system for providing secure transactions as recited in claim 20 wherein the first entity identifier is transferred to the money source as an account number and the validation code is transferred to the money source in a non-account data field.
  - 23. A system for providing secure transactions as recited in claim 20 wherein the validation code is used by the money source to identify a physical device used to generate the validation code.
  - 24. A system for providing secure transactions as recited in claim 20 wherein the validation code is formed by using a Triple Data Encryption Standard algorithm (“
    - TDES”
      
      ).
  - 25. A system for providing secure transactions as recited in claim 20 wherein the money source validates the validation code by duplicating the encryption process used to create the validation code and by then comparing the result to the validation code received with the first transaction.
  - 26. A system for providing secure transactions as recited in claim 20 wherein the second entity apparatus uses the validation code to authenticate the first entity.
  - 27. A system for providing secure transactions as recited in claim 20 wherein the electronic device is an electronic card.
  - 28. A system for providing secure transactions as recited in claim 20 wherein the electronic device is a telephone.
  - 29. A system for providing secure transactions as recited in claim 28 wherein the telephone is capable of mobile commerce.
  - 30. A system for providing secure transactions as recited in claim 20 wherein the electronic device includes a software program used in a network application.
  - 31. A system for providing secure transactions as recited in claim 30 wherein the network includes the Internet.

32. A system for providing one or more secure transactions between a first entity and at least one additional entity comprising:
- (a) means for generating an encrypted transaction validation code which positively identifies a transaction for a first entity, the first entity having a first entity identifier;
  
  (b) means for transferring the validation code and the first entity identifier to a second entity in a first transaction;
  
  (c) means for transferring the validation code and the first entity identifier from the second entity to a money source; and
  
  (d) means for verifying that the first transaction is valid with the money source by use of the first entity identifier and the validation code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Privasys Incorporated
Original Assignee
Privasys Incorporated
Inventors
Routhenstein, Larry

Granted Patent

US 7,874,480 B2
Time in Patent Office

Days
Field of Search
US Class Current

235/379
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3823   combining multiple encrypti...

G06Q 20/385   using an alias or single-us...

G07F 7/08   by coded identity card or c...

G07F 7/10   together with a coded signa...

G07F 7/12   Card verification

Method for Generating Customer Secure Card Numbers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

49 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method for Generating Customer Secure Card Numbers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links