ENSURING SECURE ELECTRONIC TRANSACTIONS WITH A CLUSTER OF SERVICE FACILITIES

US 20140067690A1
Filed: 11/13/2013
Published: 03/06/2014
Est. Priority Date: 10/06/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method of establishing security and authentication credentials for secure communication between a cluster of service facilities and an electronic transaction facility provided at a user device, the method comprising:

enrolling an electronic transaction facility for a user device with a main service facility by transmitting electronic transaction facility software to a user device, the electronic transaction facility software having public security credentials of the main service facility, and the main service facility acting as a primary server for that electronic transaction facility;

receiving, at the main service facility, at least one of security and authentication keys having been generated by the electronic transaction facility software;

registering the electronic transaction facility with the main service facility by certifying the received security and authentication keys;

installing security certificates of a cluster of service facility servers as trusted SSL/HTTPS credentials at the main service facility; and

updating an electronic transaction facility with at least one of security and authentication credentials of a service facility in the cluster, different to the main service facility, when a user opts to avail a service from that further service facility, so as to enable secure communication between the electronic transaction facility and that further service facility.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Ensuring secure electronic transactions between clusters of service facilities and at least one electronic transaction facility provided at a user device involves enrolling and registering the electronic transaction facility with a main service facility via software delivered from the main service facility to the user device, establishing security credentials for the clusters of service facilities with the main service facility, and configuring the electronic transaction facility with transaction credentials of at least one service facility in the clusters of service facilities when a user opts to avail a service from the service facility.

Citations

15 Claims

1. A method of establishing security and authentication credentials for secure communication between a cluster of service facilities and an electronic transaction facility provided at a user device, the method comprising:
- enrolling an electronic transaction facility for a user device with a main service facility by transmitting electronic transaction facility software to a user device, the electronic transaction facility software having public security credentials of the main service facility, and the main service facility acting as a primary server for that electronic transaction facility;
  
  receiving, at the main service facility, at least one of security and authentication keys having been generated by the electronic transaction facility software;
  
  registering the electronic transaction facility with the main service facility by certifying the received security and authentication keys;
  
  installing security certificates of a cluster of service facility servers as trusted SSL/HTTPS credentials at the main service facility; and
  
  updating an electronic transaction facility with at least one of security and authentication credentials of a service facility in the cluster, different to the main service facility, when a user opts to avail a service from that further service facility, so as to enable secure communication between the electronic transaction facility and that further service facility.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method according to claim 1, wherein when a user opts to avail a service from a further service facility, the main service facility forwards security credentials of the electronic transaction facility to that further service facility to enable secure communication between the electronic transaction facility and that further service facility.
  - 3. The method according to claim 2, wherein the cluster of service facilities includes at least one server for a card-issuer service and at least one server for a transaction-acquirer service.
  - 4. The method according to claim 1, wherein when a user opts to avail a service from the further service facility, the further service facility issues a one-time activation code to the user, and when the user contacts the service facility for the first time, the one-time-activation code is verified by the service facility for authentication.
  - 5. The method according to claim 4, wherein the further service facility then certifies a unique set of credentials for the electronic transaction facility.
  - 6. The method according to any of the claim 1, wherein the method further comprises establishing security and authentication credentials for secure communication between a main service facility and a cluster of electronic transaction facilities provided at a user device.
  - 7. The method of claim 6, wherein establishing security and authentication credentials for secure communication with the cluster of electronic transaction facilities comprises, for each transaction facility;
    - issuing a one-time-activation code to a user, and storing securely the one-time activation code at the main service facility for subsequent verification;
      
      receiving, at the main service facility, the one-time-activation code, having been encrypted by the electronic transaction facility software using public security credentials of the main service facility; and
      
      verifying the one-time-activation code, and sending latest encryption and signing keys to the device for secure communication between the main service facility and an electronic transaction facility of the cluster.
  - 8. The method according to claim 7 wherein, after verifying the one-time-activation code, and sending latest encryption and signing keys to the device, the main service facility receives a certification request from the electronic transaction facility comprising an encryption key-pair and a signing key-pair;
    - and in response to receiving an acknowledgment of completion of registration from the electronic transaction facility of the cluster, the main service facility activates an account of the electronic transaction facility.
  - 9. The method according to claim 8, wherein the further service facility sends a one-time activation code directly to the electronic transaction facility, receives a registration request comprising the one-time-activation code and a serviceid, both having been encrypted by the electronic transaction facility software using the public security credentials of the further service facility, and upon receipt of acknowledgement of registration the further service facility activates the electronic transaction facility'"'"'s account/services.
  - 10. The method according to claim 8, wherein the cluster of service facilities includes at least one server for a card-issuer service and at least one server for a transaction-acquirer service.

11. A main service facility configured to establish security and authentication credentials for secure communication between a cluster of service facilities and an electronic transaction facility provided at a user device, the main service facility configured to:
- enroll an electronic transaction facility for a user device for activating an account with the main service facility by transmitting electronic transaction facility software to a user device, the electronic transaction facility software having public security credentials of the main service facility, and the main service facility acting as a primary server for that electronic transaction facility;
  
  receive at least one of security and authentication keys having been generated by the electronic transaction facility software;
  
  register the electronic transaction facility with the main service facility by certifying the received at least one of security and authentication keys;
  
  install security certificates of a cluster of service facility servers as trusted SSL/HTTPS credentials at the main service facility; and
  
  update an electronic transaction facility with at least one of security and authentication credentials of a service facility in the cluster, different to the main service facility, when a user opts to avail a service from that further service facility, so as to enable secure communication between the electronic transaction facility and that further service facility.
- View Dependent Claims (12)
- - 12. The main service facility according to claim 11, wherein when a user opts to avail a service from a further service facility, the main service facility is configured to forward security credentials of the electronic transaction facility to that further service facility to enable secure communication between the electronic transaction facility and that further service facility.

13. A secure transaction platform comprising:
- a main service facility configured to establish security and authentication credentials for secure communication between a cluster of service facilities and an electronic transaction facility provided at a user device, the main service facility configured to;
  
  enroll an electronic transaction facility for a user device for activating an account with the main service facility by transmitting electronic transaction facility software to a user device, the electronic transaction facility software having public security credentials of the main service facility, and the main service facility acting as a primary server for that electronic transaction facility;
  
  receive at least one of security and authentication keys having been generated by the electronic transaction facility software;
  
  register the electronic transaction facility with the main service facility by certifying the received at least one of security and authentication keys;
  
  install security certificates of a cluster of service facility servers as trusted SSL/HTTPS credentials at the main service facility; and
  
  update an electronic transaction facility with at least one of security and authentication credentials of a service facility in the cluster, different to the main service facility, when a user opts to avail a service from that further service facility, so as to enable secure communication between the electronic transaction facility and that further service facility; and
  
  at least one cluster of service facilities.
- View Dependent Claims (14, 15)
- - 14. The platform according to claim 13, wherein the cluster of service facilities includes at least one server for a card-issuer service and at least one server for a transaction-acquirer service, and optionally wherein the platform additionally comprises at least one cluster of electronic transaction facilities provided at a user device, each enrolled with the main service facility to securely opt to avail a service from a further service facility of the cluster of service facilities.
  - 15. The platform according to claim 13, wherein when a user opts to avail a service from the further service facility, the further service facility is configured to issue a one-time activation code to the user, such that when the user contacts the service facility for the first time, the further service provider is configured to verify the one-time activation code for authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard Mobile Transactions Solutions, Inc. (MasterCard Incorporated)
Original Assignee
C-SAM Incorporated (MasterCard Incorporated)
Inventors
Pitroda, Satyan G., Desai, Mehul

Application Number

US14/078,868
Publication Number

US 20140067690A1
Time in Patent Office

Days
Field of Search
US Class Current

705/71
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06Q 20/02   involving a neutral party, ...

G06Q 20/045   using payment protocols inv...

G06Q 20/047   using payment protocols inv...

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/145   Payments according to the d...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3223   Realising banking transacti...

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3227   using secure elements embed...

G06Q 20/325   using wireless networks

G06Q 20/327   Short range or proximity pa...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/40 : Authorisation, e.g. identif...

G06Q 20/4014 : Identity check for transact...

G06Q 20/42 : Confirmation, e.g. check or...

G06Q 2220/00 : Business processing using c...

G06Q 30/06 : Buying, selling or leasing ...

G16H 10/60 : for patient-specific data, ...

G16Z 99/00 : Subject matter not provided...

H04L 63/0428 : wherein the data content is...

H04L 63/06 : for supporting key manageme...

H04L 63/08 : for authentication of entit...

H04L 63/0838 : using one-time-passwords

View All

ENSURING SECURE ELECTRONIC TRANSACTIONS WITH A CLUSTER OF SERVICE FACILITIES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

ENSURING SECURE ELECTRONIC TRANSACTIONS WITH A CLUSTER OF SERVICE FACILITIES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links