SECURE PAYMENT CARD TRANSACTIONS
First Claim
Patent Images
1. Non-transitory computer storage having stored thereon computer-executable instructions that direct a computer-implemented payment system to perform a method for securing payment transactions, the method comprising:
- capturing payment data, the payment data comprising card data from a payment card;
generating substitute payment data; and
providing the substitute payment data to a payment application, thereby causing the payment application to use the substitute payment data in place of the card data when sending an authorization request, said substitute payment data not being valid payment data, but being capable of being treated as actual payment data by the payment application.
3 Assignments
0 Petitions
Accused Products
Abstract
Payment card transactions at a point of sale (POS) are secured in certain embodiments by intercepting, with a POS security layer installed on a POS terminal, payment data from the POS terminal, transmitting the payment data from the POS security layer to a server security application installed on a POS server, and providing false payment data from the POS security layer to a POS terminal application installed on the POS terminal. The false payment data in various embodiments is processed as if it were the payment data, such that the POS terminal transmits an authorization request to the POS server using the false payment data. In addition, the authorization request may be transmitted from the POS server to a payment gateway.
224 Citations
35 Claims
-
1. Non-transitory computer storage having stored thereon computer-executable instructions that direct a computer-implemented payment system to perform a method for securing payment transactions, the method comprising:
-
capturing payment data, the payment data comprising card data from a payment card; generating substitute payment data; and providing the substitute payment data to a payment application, thereby causing the payment application to use the substitute payment data in place of the card data when sending an authorization request, said substitute payment data not being valid payment data, but being capable of being treated as actual payment data by the payment application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method of generating false payment data, the method comprising:
-
detecting a payment data entry associated with a payment card; in response to detecting the payment data entry, capturing payment data included in the payment data entry, the payment data comprising an account number; and performing, by a computing device, a substitute payment data generation process on the payment data to obtain substitute payment data, said performing comprising; obtaining false data; replacing at least a first portion of the account number with the false data; and preserving at least a second portion of the account number, wherein preserving the second portion of the account number enables a POS system to process the substitute payment data as if it were payment data. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. Non-transitory computer storage having stored thereon computer-executable instructions that direct a computer-implemented payment system to perform a method for generating false payment data, the method comprising:
-
detecting a payment data entry associated with a payment card; in response to detecting the payment data entry, capturing payment data included in the payment data entry, the payment data comprising an account number; and performing, by a computing device, format preserving encryption on the payment data to obtain substitute payment data, said performing comprising; obtaining false data; replacing at least a first portion of the account number with the false data; and preserving at least a second portion of the account number, wherein preserving the second portion of the account number enables a POS system to process the substitute payment data as if it were payment data. - View Dependent Claims (33, 34)
-
-
35. Non-transitory computer storage having stored thereon computer-executable instructions that direct a computer-implemented payment system to perform a method for securing payment transactions, the method comprising:
-
capturing payment data; generating substitute payment data by replacing at least a portion of the payment data to obtain the substitute payment data; and providing the substitute payment data to a payment application thereby enabling the payment application to transmit an authorization request using the substitute payment data in place of the captured payment data, wherein the substitute payment data is formatted to enable the payment application to process the substitute payment data as if it were actual payment data.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeShift4 Corporation (Shift4 Payments, Inc.)
-
Original AssigneeShift4 Corporation (Shift4 Payments, Inc.)
-
InventorsOder, John David, Cronic, Kevin James, Sommers, Steven Mark, Warner, Dennis William, Oder ("J.D."), John David II
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current705/16
-
CPC Class CodesG06Q 20/20 Point-of-sale [POS] network...G06Q 20/202 Interconnection or interact...G06Q 20/3278 RFID or NFC payments by mea...G06Q 20/34 using cards, e.g. integrate...G06Q 20/382 insuring higher security of...G06Q 20/3821 Electronic credentialsG06Q 20/40 Authorisation, e.g. identif...G06Q 20/401 Transaction verificationG06Q 20/409 Device specific authenticat...G06Q 2220/00 Business processing using c...G06Q 40/00 Finance; Insurance; Tax str...G07F 7/088 the card reader being part ...
