END-TO-END SECURE PAYMENT PROCESSES

US 20100030697A1
Filed: 08/04/2008
Published: 02/04/2010
Est. Priority Date: 08/04/2008
Status: Active Grant

First Claim

Patent Images

1. A method for a merchant to perform a payment processing transaction without requiring the merchant to store payment device data or use payment device data to make a payment processing request, the method comprising:

at a merchant payment system,identifying unencrypted payment device data;

encrypting the unencrypted payment device data without storing the unencrypted payment device data or encrypted payment device data at a merchant payment system;

submitting a first payment processing request to a secure payment system, wherein the payment processing request includes the encrypted payment device data; and

receiving a status from the secure payment system that the payment processing request is approved, declined, or has experienced an instance of process failure.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and method for performing secure electronic payment transactions to allow merchants to perform payment processing such that the merchant payment system is not required to store data specific to a particular payment device.

103 Citations

View as Search Results

17 Claims

1. A method for a merchant to perform a payment processing transaction without requiring the merchant to store payment device data or use payment device data to make a payment processing request, the method comprising:
- at a merchant payment system,identifying unencrypted payment device data;
  
  encrypting the unencrypted payment device data without storing the unencrypted payment device data or encrypted payment device data at a merchant payment system;
  
  submitting a first payment processing request to a secure payment system, wherein the payment processing request includes the encrypted payment device data; and
  
  receiving a status from the secure payment system that the payment processing request is approved, declined, or has experienced an instance of process failure.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method as recited in claim 1, wherein encrypting the unencrypted payment device data includes using an algorithm that the secure payment system can decrypt.
  - 3. The method as recited in claim 1, wherein encrypting the unencrypted payment device data includes using an algorithm that a payment authorizing network can decrypt, wherein the secure payment system forwards the first payment processing request to the payment authorizing network without decrypting the encrypted payment device data.
  - 4. The method as recited in claim 1, wherein encrypting the unencrypted payment device data is performed in real-time with submitting a first payment processing request to the secure payment system.
  - 5. The method as recited in claim 1, wherein encrypting the unencrypted payment device data is delayed from submitting a first payment processing request to the secure payment system.

6. A method for a merchant to perform a payment processing transaction without requiring the merchant to store payment device data, the method comprising:
- at a merchant payment system,identifying customer identification data and unencrypted payment device data;
  
  encrypting the unencrypted payment device data without storing the unencrypted payment device data or encrypted payment device data at any storage device controlled by the merchant;
  
  submitting a first payment processing request to a secure payment system, wherein the payment processing request includes the customer identification data and the encrypted payment device data;
  
  receiving a unique identifier associated with a customer account that was generated in response to the first payment processing request;
  
  submitting a second payment processing request to the secure payment system such that the merchant is only required to identify the unique identifier of the customer account and not unencrypted payment device data or encrypted payment device data of the at least one payment device; and
  
  receiving a status from the secure payment system that the second payment processing request is approved, declined, or has experienced an instance of process failure.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The method as recited in claim 6, wherein encrypting the unencrypted payment device data includes using an algorithm that the secure payment system can decrypt.
  - 8. The method as recited in claim 6, wherein encrypting the unencrypted payment device data includes using an algorithm that a payment authorizing network can decrypt, wherein the secure payment system forwards the first payment processing request to the payment authorizing network without decrypting the encrypted payment device data.
  - 9. The method as recited in claim 6, wherein encrypting the unencrypted payment device data is performed in real-time with submitting a first payment processing request to the secure payment system.
  - 10. The method as recited in claim 6, wherein encrypting the unencrypted payment device data is delayed from submitting a first payment processing request to the secure payment system.
  - 11. The method as recited in claim 6, wherein identifying customer identification data and unencrypted payment device data and encrypting the unencrypted payment device data includes providing a secure storage device forcapturing at least the unencrypted payment device data and encrypting the unencrypted payment device data, andstoring the encrypted payment device data while the secure storage device does not have an active connection to the secure payment system.
  - 12. The method as recited in claim 11, wherein submitting a first payment processing request to a secure payment system further comprises:
    - establishing a connection between the secure storage device and the secure payment system; and
      
      using a client application on the merchant payment system to read the stored encrypted payment device data to generate the first payment processing request without storing the encrypted payment device data at the merchant payment system such that the encrypted payment device data is not visible to the merchant.
  - 13. The method as recited in claim 12, further comprising, after receiving the status from the secure payment system that the second payment processing request is approved, declined, or has experienced an instance of process failure, deleting the stored encrypted payment device data from the secure storage device.

14. A method of processing electronic payment transactions using at least one payment device of a customer without requiring a merchant payment system to store data specific to the at least one payment device, the method comprising:
- at a secure payment system,receiving a payment processing request from a merchant payment system that includes encrypted payment device data;
  
  generating a payment authorization request using the encrypted payment device data;
  
  sending the payment authorization request to a payment authorizing network;
  
  receiving a status from the payment authorizing network that the payment authorization request is approved, declined, or has experienced an instance of process failure; and
  
  forwarding the status to the merchant payment system.
- View Dependent Claims (15, 17)
- - 15. The method as recited in claim 14, wherein the secure payment system is not able to decrypt the encrypted payment device data.
  - 17. The method as recited in claim 15, further comprising receiving one or more preferences associated with the customer account.

16. A method of processing electronic payment transactions using at least one payment device of a customer without requiring a merchant payment system to store data specific to the at least one payment device, the method comprising:
- at a secure payment system,receiving a first payment processing request from a merchant payment system that includes customer identification data and encrypted payment device data;
  
  decrypting the encrypted payment device data;
  
  generating a unique identifier and a customer account such that the unique identifier and the customer account are associated with the customer identification data and the decrypted payment device data;
  
  providing the unique identifier to the merchant payment system;
  
  receiving a second payment processing request from the merchant payment system that includes the unique identifier such that the merchant payment system is only required to identify the unique identifier of the customer account and not the encrypted or decrypted payment device data;
  
  using the unique identifier to access the decrypted payment device data;
  
  generating a payment authorization request using the decrypted payment device data;
  
  sending the payment authorization request to a payment authorizing network;
  
  receiving a status from the payment authorizing network that the payment authorization request is approved, declined, or has experienced an instance of process failure; and
  
  forwarding the status to the merchant payment system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Propay Incorporated (Global Payments Incorporated)
Original Assignee
Propay Incorporated (Global Payments Incorporated)
Inventors
Thacker, Bryce Weldon, Pesci, Gregori, Peck, Wayne William, Goodrich, Gary B.

Granted Patent

US 8,069,121 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/75
CPC Class Codes

G06Q 20/027   involving a payment switch ...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/382   insuring higher security of...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/401   Transaction verification

G06Q 30/0222   During e-commerce, i.e. onl...

G06Q 40/00   Finance; Insurance; Tax str...

END-TO-END SECURE PAYMENT PROCESSES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

103 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

END-TO-END SECURE PAYMENT PROCESSES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

103 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links