METHODS FOR SECURE TRANSMISSION OF SENSITIVE DATA AND DEVICES THEREOF

US 20140250017A1
Filed: 03/04/2014
Published: 09/04/2014
Est. Priority Date: 03/04/2013
Status: Abandoned Application

First Claim

Patent Images

1. A method for managing sensitive data comprising:

receiving by a transaction management device data encrypted using a public asymmetric key and a symmetric key from a mobile computing device, wherein the public asymmetric key and the symmetric key is shared between the transaction management device and the mobile computing device prior to receiving the data;

decrypting by the transaction management device the received data using the received symmetric key and an asymmetric private key, wherein the asymmetric private key is generated by the transaction management device prior to receiving the data; and

performing by the transaction management device one or more actions on the decrypted data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, non-transitory computer readable medium and transaction management device comprising receiving data encrypted using a public asymmetric key and a symmetric key from a mobile computing device, wherein the public asymmetric key and the symmetric key is shared between the transaction management device and the mobile computing device prior to receiving the data. The received data is decrypted using the received symmetric key and an asymmetric private key, wherein the asymmetric private key is generated by the transaction management device prior to receiving the data. One or more actions are performed on the decrypted data

Citations

33 Claims

1. A method for managing sensitive data comprising:
- receiving by a transaction management device data encrypted using a public asymmetric key and a symmetric key from a mobile computing device, wherein the public asymmetric key and the symmetric key is shared between the transaction management device and the mobile computing device prior to receiving the data;
  
  decrypting by the transaction management device the received data using the received symmetric key and an asymmetric private key, wherein the asymmetric private key is generated by the transaction management device prior to receiving the data; and
  
  performing by the transaction management device one or more actions on the decrypted data.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method as set forth in claim 1 wherein the receiving further comprises:
    - receiving by the transaction management device the symmetric key from the mobile computing device prior to receiving the data; and
      
      storing by the transaction management device the received symmetric key until completion of authorizing the transaction.
  - 3. The method as set forth in claim 1 wherein the public asymmetric key is generated by the transaction management device prior to receiving the data and sent to the requesting mobile computing device.
  - 4. The method as set forth in claim 1 further comprising deleting by the transaction management device the public asymmetric key, the symmetric key and the asymmetric private key after authorizing the transaction.
  - 5. The method as set forth in claim 3 further comprising generating by the transaction management device a new public asymmetric key for each of a new subsequent transaction.
  - 6. The method as set forth in claim 1 wherein the performing one or more actions further comprises:
    - obtaining by the transaction management device an authorization status from one or more data servers after sending the decrypted data to the one or more data server; and
      
      authorizing by the transaction management device a transaction based on the received authorization status.

7. A non-transitory computer readable medium having stored thereon instructions for managing sensitive data comprising machine executable code which when executed by at least one processor, causes the processor to perform steps comprising:
- receiving data encrypted using a public asymmetric key and a symmetric key from a mobile computing device, wherein the public asymmetric key and the symmetric key is shared between a transaction management device and the mobile computing device prior to receiving the data;
  
  decrypting the received data using the received symmetric key and an asymmetric private key, wherein the asymmetric private key is generated by the transaction management device prior to receiving the data; and
  
  performing one or more actions on the decrypted data.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The medium as set forth in claim 7 wherein the receiving further comprises:
    - receiving the symmetric key from the mobile computing device prior to receiving the data; and
      
      storing the received symmetric key until completion of authorizing the transaction.
  - 9. The medium as set forth in claim 7 wherein the public asymmetric key is generated prior to receiving the data and sent to the requesting mobile computing device.
  - 10. The medium as set forth in claim 7 further comprising, deleting the public asymmetric key, the symmetric key and the asymmetric private key after authorizing the transaction.
  - 11. The medium as set forth in claim 9 further comprising generating by the a new public asymmetric key for each of a new subsequent transaction.
  - 12. The medium as set forth in claim 7 wherein the performing one or more actions further comprises:
    - obtaining an authorization status from data server after sending the decrypted data to the one or more data server; and
      
      authorizing a transaction based on the received authorization status.

13. A transaction management device comprising:
- at least one of configurable hardware logic configured to be capable of implementing or a processor coupled to a memory and configured to execute programmed instructions stored in the memory comprising;
  
  receiving data encrypted using a public asymmetric key and a symmetric key from a mobile computing device, wherein the public asymmetric key and the symmetric key is shared between the transaction management device and the mobile computing device prior to receiving the data;
  
  decrypting the received data using the received symmetric key and an asymmetric private key, wherein the asymmetric private key is generated by the transaction management device prior to receiving the data; and
  
  performing one or more actions on the decrypted data.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The device as set forth in claim 13 wherein the at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory wherein the receiving further comprises:
    - receiving the symmetric key from the mobile computing device prior to receiving the data; and
      
      storing the received symmetric key until completion of authorizing the transaction.
  - 15. The device as set forth in claim 13 wherein the at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory wherein the public asymmetric key is generated prior to receiving the data and sent to the requesting mobile computing device.
  - 16. The device as set forth in claim 13 wherein the at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory further comprising deleting the public asymmetric key, the symmetric key and the asymmetric private key after authorizing the transaction.
  - 17. The device as set forth in claim 15 wherein the at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory further comprising generating by the a new public asymmetric key for each of a new subsequent transaction.
  - 18. The device as set forth in claim 13 wherein the at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory wherein the performing one or more actions further comprises:
    - obtaining an authorization status from one or more data server after sending the decrypted data to the one or more data server; and
      
      authorizing a transaction based on the received authorization status.

19. A method for encrypting data comprising:
- receiving by a mobile computing device an encrypted data from a card reader;
  
  encrypting by the mobile computing device the encrypted data using a public asymmetric key and a symmetric key; and
  
  sending by the mobile computing device the encrypted data to a transaction management device for authorization.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The method as set forth in claim 19 wherein the encrypting further comprises, receiving by the mobile computing device the public asymmetric key from the transaction management device prior to the encrypting.
  - 21. The method as set forth in claim 19 wherein the symmetric key is generated by the mobile computing device prior to the encrypting.
  - 22. The method as set forth in claim 19 further comprising:
    - receiving by the mobile computing device an authorization status from the transaction management device based on the sent encrypted data;
      
      authorizing by the mobile computing device a transaction when the received authorization status is an approved status;
      
      declining by the mobile computing device the transaction when the received authorization status is rejected status; and
      
      deleting by the mobile computing device the public asymmetric key and the symmetric key after receiving the authorization status.
  - 23. The method as set forth in claim 19 further comprising generating by the mobile computing device the symmetric key using one or more of at least a part of the received public asymmetric key, a hashing pattern identifier, or a unique device identifier of the mobile computing device.

24. A non-transitory computer readable medium having stored thereon instructions for encrypting data comprising machine executable code which when executed by at least one processor, causes the processor to perform steps comprising:
- receiving an encrypted data from a card reader;
  
  encrypting the received data using a public asymmetric key and a symmetric key; and
  
  sending the encrypted data to a transaction management device for authorization.
- View Dependent Claims (25, 26, 27, 28)
- - 25. The medium as set forth in claim 24 wherein the encrypting further comprises, receiving the public asymmetric key from the transaction management device prior to the encrypting.
  - 26. The medium as set forth in claim 24 wherein the symmetric key is generated by the mobile computing device prior to the encrypting.
  - 27. The medium as set forth in claim 24 further comprising:
    - receiving an authorization status from the transaction management device based on the sent encrypted data;
      
      authorizing a transaction when the received authorization status is an approved status;
      
      declining the transaction when the received authorization status is rejected status; and
      
      deleting the public asymmetric key and the symmetric key after receiving the authorization status.
  - 28. The medium as set forth in claim 24 further comprising generating the symmetric key using one or more of at least a part of the received public asymmetric key, a hashing pattern identifier, or a unique device identifier of the mobile computing device.

29. A mobile computing device comprising:
- a card reader communicably coupled to a processor and a memory, wherein the card reader is configured to obtain one or more information from a financial data card; and
  
  at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory comprising;
  
  receiving an encrypted data from the card reader;
  
  encrypting the received data using a public asymmetric key and a symmetric key; and
  
  sending the encrypted data to a transaction management device for authorization.
- View Dependent Claims (30, 31, 32, 33)
- - 30. The device as set forth in claim 29 wherein the at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory wherein the encrypting further comprises receiving the public asymmetric key from the transaction management device prior to the encrypting.
  - 31. The device as set forth in claim 29 wherein the symmetric key is generated by the mobile computing device prior to the encrypting.
  - 32. The device as set forth in claim 29 wherein the at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory further comprising:
    - receiving an authorization status from the transaction management device based on the sent encrypted data;
      
      authorizing a transaction when the received authorization status is an approved status;
      
      declining the transaction when the received authorization status is rejected status; and
      
      deleting the public asymmetric key and the symmetric key after receiving the authorization status.
  - 33. The device as set forth in claim 29 wherein the at least one of configurable hardware logic configured to be capable of implementing or the processor coupled to the memory and configured to execute programmed instructions stored in the memory further comprising generating the symmetric key using one or more of at least a part of the received public asymmetric key, a hashing pattern identifier, or a unique device identifier of the mobile computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Infosys Limited
Original Assignee
Infosys Limited
Inventors
Sadasivan, Manesh, Khan, Sameer Mohamed, Varghese, Koshy Kottoorazhikathu

Application Number

US14/195,996
Publication Number

US 20140250017A1
Time in Patent Office

Days
Field of Search
US Class Current

705/71
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/3829   involving key management

G07F 7/0886   the card reader being porta...

METHODS FOR SECURE TRANSMISSION OF SENSITIVE DATA AND DEVICES THEREOF

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS FOR SECURE TRANSMISSION OF SENSITIVE DATA AND DEVICES THEREOF

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links