SECURE PAYMENT CARD TRANSACTIONS
First Claim
1. Non-transitory computer storage having stored thereon computer-executable instructions that direct a computer-implemented payment system to perform a method for securing payment transactions, the method comprising:
- capturing payment data, the payment data comprising card data from a payment card;
generating substitute payment data; and
providing the substitute payment data to a payment application, thereby causing the payment application to use the substitute payment data in place of the card data when sending an authorization request, said substitute payment data not being valid payment data, but being capable of being treated as actual payment data by the payment application.
3 Assignments
0 Petitions
Accused Products
Abstract
Payment card transactions at a point of sale (POS) are secured in certain embodiments by intercepting, with a POS security layer installed on a POS terminal, payment data from the POS terminal, transmitting the payment data from the POS security layer to a server security application installed on a POS server, and providing false payment data from the POS security layer to a POS terminal application installed on the POS terminal. The false payment data in various embodiments is processed as if it were the payment data, such that the POS terminal transmits an authorization request to the POS server using the false payment data. In addition, the authorization request may be transmitted from the POS server to a payment gateway.
-
Citations
35 Claims
-
1. Non-transitory computer storage having stored thereon computer-executable instructions that direct a computer-implemented payment system to perform a method for securing payment transactions, the method comprising:
-
capturing payment data, the payment data comprising card data from a payment card; generating substitute payment data; and providing the substitute payment data to a payment application, thereby causing the payment application to use the substitute payment data in place of the card data when sending an authorization request, said substitute payment data not being valid payment data, but being capable of being treated as actual payment data by the payment application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method of generating false payment data, the method comprising:
-
detecting a payment data entry associated with a payment card; in response to detecting the payment data entry, capturing payment data included in the payment data entry, the payment data comprising an account number; and performing, by a computing device, a substitute payment data generation process on the payment data to obtain substitute payment data, said performing comprising; obtaining false data; replacing at least a first portion of the account number with the false data; and preserving at least a second portion of the account number, wherein preserving the second portion of the account number enables a POS system to process the substitute payment data as if it were payment data. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. Non-transitory computer storage having stored thereon computer-executable instructions that direct a computer-implemented payment system to perform a method for generating false payment data, the method comprising:
-
detecting a payment data entry associated with a payment card; in response to detecting the payment data entry, capturing payment data included in the payment data entry, the payment data comprising an account number; and performing, by a computing device, format preserving encryption on the payment data to obtain substitute payment data, said performing comprising; obtaining false data; replacing at least a first portion of the account number with the false data; and preserving at least a second portion of the account number, wherein preserving the second portion of the account number enables a POS system to process the substitute payment data as if it were payment data. - View Dependent Claims (33, 34)
-
-
35. Non-transitory computer storage having stored thereon computer-executable instructions that direct a computer-implemented payment system to perform a method for securing payment transactions, the method comprising:
-
capturing payment data; generating substitute payment data by replacing at least a portion of the payment data to obtain the substitute payment data; and providing the substitute payment data to a payment application thereby enabling the payment application to transmit an authorization request using the substitute payment data in place of the captured payment data, wherein the substitute payment data is formatted to enable the payment application to process the substitute payment data as if it were actual payment data.
-
Specification