SECURE PAYMENT CARD TRANSACTIONS
First Claim
1. A method of adding security to a point-of-sale (POS) system that comprises a POS terminal which communicates over a network with a POS server, the POS terminal including a payment card reader and having a POS terminal application installed thereon, the POS server having a POS server application installed thereon which communicates with the POS terminal application over a non-secure channel to process payment card transactions, the method comprising:
- installing a POS security layer on the POS terminal, the POS security layer configured to at least (a) intercept actual card data received from the payment card reader when a user initiates a payment card transaction, (b) pass false card data to the POS terminal application for use in place of the actual card data, such that the false card data is transmitted over the non-secure channel to the POS server in place of the actual card data, and (c) transmit the actual card data to the POS server over a secure channel; and
installing a server security application on the POS server, the server security application configured to receive the actual card data from the POS security layer over the secure channel and to use the false card data to process the payment card transaction.
4 Assignments
0 Petitions
Accused Products
Abstract
Payment card transactions at a point of sale (POS) are secured in certain embodiments by intercepting, with a POS security layer installed on a POS terminal, payment data from the POS terminal, transmitting the payment data from the POS security layer to a server security application installed on a POS server, and providing false payment data from the POS security layer to a POS terminal application installed on the POS terminal. The false payment data in various embodiments is processed as if it were the payment data, such that the POS terminal transmits an authorization request to the POS server using the false payment data. In addition, the authorization request may be transmitted from the POS server to a payment gateway.
-
Citations
42 Claims
-
1. A method of adding security to a point-of-sale (POS) system that comprises a POS terminal which communicates over a network with a POS server, the POS terminal including a payment card reader and having a POS terminal application installed thereon, the POS server having a POS server application installed thereon which communicates with the POS terminal application over a non-secure channel to process payment card transactions, the method comprising:
-
installing a POS security layer on the POS terminal, the POS security layer configured to at least (a) intercept actual card data received from the payment card reader when a user initiates a payment card transaction, (b) pass false card data to the POS terminal application for use in place of the actual card data, such that the false card data is transmitted over the non-secure channel to the POS server in place of the actual card data, and (c) transmit the actual card data to the POS server over a secure channel; and installing a server security application on the POS server, the server security application configured to receive the actual card data from the POS security layer over the secure channel and to use the false card data to process the payment card transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for securing payment card transactions at a point of sale (POS), the method comprising:
-
intercepting, with a POS security layer installed on a POS terminal, payment data from the POS terminal, the payment data comprising actual card data from a payment card; transmitting the payment data from the POS security layer to a server security application installed on a POS server; providing false payment data from the POS security layer to a POS terminal application installed on the POS terminal, the false payment data configured to be processed as if it were the payment data, such that the POS terminal is configured to transmit a first authorization request to the POS server using the false payment data; and transmitting a second authorization request from the POS server to a remote server, the second authorization request comprising at least the payment data. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method for securing payment card transactions at a point of sale (POS), the method comprising:
-
intercepting payment data from a POS terminal, the payment data comprising actual card data from a payment card; transmitting the actual card data from the POS terminal to a gateway security application installed on a gateway server; receiving, at the POS terminal, false card data, the false card data configured to be processed in place of the actual card data; and providing the false card data to the POS terminal, such that the POS terminal is configured to transmit an authorization request comprising the false card data. - View Dependent Claims (29, 30, 31, 32, 33, 34)
-
-
35. A payment card processing system for securing payment card transactions at a point of sale (POS), the system comprising:
-
a POS terminal comprising a host computer and a card entry device, the host computer having a POS terminal application installed thereon; a POS server in communication with the POS terminal over a network, the POS server having a POS server application installed thereon that communicates with the POS terminal application to process payment card transactions, a POS security layer installed on the host computer of the POS terminal, the POS security layer configured to at least (a) intercept actual card data received from the card entry device when a user initiates a payment card transaction, (b) pass false card data to the POS terminal application for use in place of the actual card data, such that the false card data is transmitted to the POS server in place of the actual card data, and (c) transmit the actual card data to the POS server; and a server security application installed on the POS server, the server security application in communication with the POS security layer over the secure channel, the server security application configured to receive the actual card data from the POS security layer over the secure channel and to use the false card data to process the payment card transaction. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42)
-
Specification