Tokenized Payment Processing Schemes
First Claim
1. A first-computer-implemented method for preventing the transmission of confidential information between a first computer and a second computer in communication with the first computer, the method comprising the steps of:
- (a) the first computer receiving information for performing a transaction, the information including confidential information manually entered by a user;
(b) the first computer sending the confidential information to a third computer;
(c) the first computer receiving, from the third computer, an executable script containing a token having no algorithmic relationship to the confidential information;
(d) the first computer executing the script to obtain the token; and
(e) the first computer sending to the second computer (i) the information for performing the transaction, except for the confidential information, and (ii) the token.
11 Assignments
0 Petitions
Accused Products
Abstract
A payment processing system for accepting manually-entered payment-card numbers. Rather than entering a payment-card account number into an application module, the card number is instead captured and stored within a tokenizer prior to being sent to the application module. The tokenizer then returns a random token to the calling application as a pointer to the original payment-card number. The token has no algorithmic relationship with the original payment-card number, so that the payment-card number cannot be derived based on the token itself. Since the token is not considered cardholder data, the token may be used in an application module without the module or its connected hardware from being subject to regulatory standards compliance. Some embodiments involve browser-based schemes, and some embodiments involve PIN-entry device-based schemes.
-
Citations
24 Claims
-
1. A first-computer-implemented method for preventing the transmission of confidential information between a first computer and a second computer in communication with the first computer, the method comprising the steps of:
-
(a) the first computer receiving information for performing a transaction, the information including confidential information manually entered by a user; (b) the first computer sending the confidential information to a third computer; (c) the first computer receiving, from the third computer, an executable script containing a token having no algorithmic relationship to the confidential information; (d) the first computer executing the script to obtain the token; and (e) the first computer sending to the second computer (i) the information for performing the transaction, except for the confidential information, and (ii) the token. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. Apparatus for preventing the transmission of confidential information to a second computer in communication with the apparatus, the apparatus adapted to:
-
(a) receive information for performing a transaction, the information including confidential information manually entered by a user; (b) send the confidential information to a third computer; (c) receive, from the third computer, an executable script containing a token having no algorithmic relationship to the confidential information; (d) execute the script to obtain the token; and (e) send to the second computer (i) the information for performing the transaction, except for the confidential information, and (ii) the token. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A first-computer-implemented method for preventing the transmission of confidential information between a first computer and a second computer in communication with the first computer, the method comprising the steps of:
-
(a) the first computer receiving, from an entry device in communication with the first computer, information for performing a transaction, the information including confidential information manually entered by a user on the entry device; (b) the first computer sending the confidential information to a third computer; (c) the first computer receiving, from the third computer, a token having no algorithmic relationship to the confidential information; and (d) the first computer sending to the second computer (i) the information for performing the transaction, except for the confidential information, and (ii) the token. - View Dependent Claims (14, 15, 16)
-
-
17. The invention of claim 17, wherein the number is encrypted using a Derived Unique Key Per Transaction (DUKPT) key-management scheme.
-
18. Apparatus for preventing the transmission of confidential information between a first computer and a second computer in communication with the first computer, the apparatus adapted to:
-
(a) receive, from an entry device in communication with the first computer, information for performing a transaction, the information including confidential information manually entered by a user on the entry device; (b) send the confidential information to a third computer; (c) receive, from the third computer, a token having no algorithmic relationship to the confidential information; and (d) send to the second computer (i) the information for performing the transaction, except for the confidential information, and (ii) the token. - View Dependent Claims (19, 20, 21, 22)
-
-
23. A method for generating an encrypted payment-card number, the method comprising:
-
accepting, via a keypad, a number longer than four digits and sufficiently long to accommodate a payment-card number; encrypting the number; and outputting, via an interface, the encrypted number.
-
-
24. A payment-card number entry device comprising:
-
a keypad; a processor; an interface; and a memory containing instructions for the processor to; accept, via the keypad, a number longer than four digits and sufficiently long to accommodate a payment-card number; encrypt the number; and output, via the interface, the encrypted number.
-
Specification