SECURE SYSTEM AND METHOD FOR PAYMENT CARD AND DATA STORAGE AND PROCESSING VIA INFORMATION SPLITTING

US 20090261162A1
Filed: 07/01/2009
Published: 10/22/2009
Est. Priority Date: 02/23/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for securely storing and retrieving data, comprising:

in a first splitting stage;

splitting, by a splitting entity, a data unit of a data originator into a first component and at least a further second component such that the data unit cannot be reconstructed without having the first and second component; and

storing the second component on a secure server in a non-volatile memory, the secure server being separate from any entity that may store the first component; and

in a second accessing stage;

accessing, by a secure data retriever who is not the data originator, the first component provided directly or indirectly by the data originator;

accessing, by the data retriever, the second component from the secure server;

combining the first component, the second component, and any further necessary components that make up the data unit by the data retriever into a retrieved data unit that is identical to the data unit that was split; and

outputting the retrieved data unit to a user readable device or a system memory.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided for securely storing and retrieving data. A data unit is split by an entity, into a first component and at least a further second component such that the data unit cannot be reconstructed without having the first and second component. The second component is stored on a secure server in a non-volatile memory, the secure server being separate from any entity that may store the first component. The first and second component of the data unit are then subsequently accessed by a secure data retriever who is not an originator of the data, where the second component is accessed from the secure server. The secure data retriever combines these components into the original data unit. The method is particularly applied in commerce for credit card information in which significant restrictions are placed on the permanent storage of such data.

69 Citations

View as Search Results

19 Claims

1. A method for securely storing and retrieving data, comprising:
- in a first splitting stage;
  
  splitting, by a splitting entity, a data unit of a data originator into a first component and at least a further second component such that the data unit cannot be reconstructed without having the first and second component; and
  
  storing the second component on a secure server in a non-volatile memory, the secure server being separate from any entity that may store the first component; and
  
  in a second accessing stage;
  
  accessing, by a secure data retriever who is not the data originator, the first component provided directly or indirectly by the data originator;
  
  accessing, by the data retriever, the second component from the secure server;
  
  combining the first component, the second component, and any further necessary components that make up the data unit by the data retriever into a retrieved data unit that is identical to the data unit that was split; and
  
  outputting the retrieved data unit to a user readable device or a system memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The method according to claim 1, wherein the data unit comprises data related to a PIN, code, combination, account number, password, medical data, customer data, and user proprietary information.
  - 3. The method according to claim 1, wherein the splitting is performed based on a position of data within the data unit.
  - 4. The method according to claim 1, wherein the splitting is performed based on cryptographic techniques.
  - 5. The method according to claim 1, wherein:
    - the data unit comprises customer credit card information in a context of a purchase by the customer from a merchant; and
      
      the secure data retriever is a credit card company.
  - 6. The method according to claim 5, wherein the splitting entity is the customer.
  - 7. The method according to claim 6, further comprising:
    - presenting the customer with a data entry element on a display screen;
      
      entering, by the user, data associated with the first component in a first part of the data entry element;
      
      entering, by the user, data associated with the second component in a second part of the data entry element;
      
      sending the data associated with the first component to the merchant; and
      
      sending the data associated with the second component to the secure server.
  - 8. The method according to claim 7, further comprising:
    - providing a check digit or MD5 on each of the data associated with the first component and the second component, and including the check digit or MD5 with the sending of the components.
  - 9. The method according to claim 5, wherein the splitting entity is the secure server.
  - 10. The method according to claim 5, wherein the splitting entity is the credit card company.
  - 11. The method according to claim 5, wherein the splitting entity is the merchant.
  - 12. The method according to claim 11, further comprising:
    - determining by the merchant if a purchase by the customer is a first secure purchase;
      
      if yes (for an initial secure purchase);
      
      submitting, by the merchant, an authorization request to the credit card company with the data unit; and
      
      if the credit card information is approved by the credit card company, then performing the splitting of the data unit by the merchant and performing the storing of the second component of the data unit; and
      
      if no (for a subsequent purchase);
      
      obtaining the first component by the merchant from the customer;
      
      providing the first component to the credit card company either directly or indirectly;
      
      initiating, by the merchant, the accessing of the second component by the credit card company and initiating, by the merchant, the combining of the first and second components.
  - 13. The method according to claim 12, wherein the secure store pushes the second component to the credit card company.
  - 14. The method according to claim 12, wherein the credit card company pulls the second component from the credit card company.
  - 15. The method according to claim 11, further comprising:
    - asking, by a customer representative of the merchant, for the first component information from the customer;
      
      transferring the customer to a voice response unit with a token referencing unique telephone transaction identification information;
      
      providing, by the customer, the second component information to the voice response unit;
      
      transmitting the second component information to the secure store;
      
      transferring the customer back to the customer representative and indicating success or failure of the transmitting.
  - 16. The method according to claim 15, wherein the voice response unit is located at the secure server.
  - 17. The method according to claim 15, wherein the voice response unit is located at the merchant.
  - 18. The method according to claim 15, wherein the voice response unit is located at the credit card company.
  - 19. The method according to claim 11, further comprising:
    - creating, by the merchant, a random encode key and first and second secure payment vectors;
      
      encrypting and storing, by the merchant, the first secure payment vector;
      
      sending, by the merchant to a credit card processor, a unique customer number, a merchant number, the encode key, and the first secure payment vector;
      
      sending, by the merchant to the secure store, the unique customer number, the merchant number, a portion of the credit card number, and the second secure payment vector, a transaction number, its date, and time;
      
      sending, by the secure store to the credit card processor, the transaction number, the merchant number, the unique customer number, and the second secure payment vector with the date and time; and
      
      reconstructing, by the credit card processor, the first and second secure payment vector, into the merchant number, the credit card number, expiration date, and card security code; and
      
      sending, by the credit card processor, a confirmation transaction number to the merchant and to the secure store.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ipdev Company
Original Assignee
Ipdev Company
Inventors
Asher, Marc, Kargman, James B.

Application Number

US12/496,251
Publication Number

US 20090261162A1
Time in Patent Office

Days
Field of Search
US Class Current

235/380
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/204   comprising interface for re...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 30/06   Buying, selling or leasing ...

SECURE SYSTEM AND METHOD FOR PAYMENT CARD AND DATA STORAGE AND PROCESSING VIA INFORMATION SPLITTING

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

69 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE SYSTEM AND METHOD FOR PAYMENT CARD AND DATA STORAGE AND PROCESSING VIA INFORMATION SPLITTING

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

69 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links