Secure Remote Payment Transaction Processing Using a Secure Element

US 20150052064A1
Filed: 08/15/2014
Published: 02/19/2015
Est. Priority Date: 08/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method of processing a remote transaction initiated by a mobile device, the method comprising:

receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device;

validating, by the mobile payment application, that the transaction processor application is authentic; and

in response to validating the transaction processor application, providing, by the mobile payment application, encrypted payment credentials to the transaction processor application, wherein the transaction processor application initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device. The method comprises receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device. The method further comprises validating that the transaction processor application is authentic and in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application. The transaction processor application further initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.

Citations

20 Claims

1. A method of processing a remote transaction initiated by a mobile device, the method comprising:
- receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device;
  
  validating, by the mobile payment application, that the transaction processor application is authentic; and
  
  in response to validating the transaction processor application, providing, by the mobile payment application, encrypted payment credentials to the transaction processor application, wherein the transaction processor application initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the transaction data further comprises a transaction processor certificate and wherein validating that the transaction processor application is authentic further comprises:
    - verifying, by the mobile payment application, that the transaction processor certificate is currently valid with a certificate authority; and
      
      validating, by the mobile payment application, that the transaction processor certificate is authentic using a certificate authority public key.
  - 3. The method of claim 1, wherein the transaction data further comprises a transaction processor certificate and the method further comprises:
    - extracting, by the mobile payment application, a transaction processor public key from the transaction processor certificate;
      
      determining, by the mobile payment application, payment credentials stored in the secure memory associated with the transaction data; and
      
      encrypting, by the mobile payment application, the payment credentials using the extracted transaction processor public key.
  - 4. The method of claim 1, wherein the transaction processor application initiates a payment transaction with a remote server computer using the encrypted payment credentials by decrypting the payment credentials using a transaction processor private key.
  - 5. The method of claim 1, wherein the transaction processor application initiates remote transaction processing by sending the encrypted payment credentials and the transaction data to the transaction processor server computer, and wherein the transaction processor server computer decrypts the payment credentials using a transaction processor private key and generates an authorization request message using the decrypted payment credentials.
  - 6. The method of claim 5, wherein the transaction processor server computer generates the authorization request message using the decrypted payment credentials by mapping the decrypted payment information to an authorization request message configured to be processed by a payment processing network.
  - 7. The method of claim 1, wherein the transaction processor application initiates the payment transaction by decrypting the payment credentials using a transaction processor application private key, generating an authorization request message including the decrypted payment credentials, and sending the authorization request message to the transaction processor server computer.
  - 8. The method of claim 1, wherein the transaction processor application and the transaction processor server computer are associated with a merchant.
  - 9. The method of claim 2, wherein the certificate authority is associated with a payment processing network.
  - 10. The method of claim 2, wherein validating that the transaction processing application is authentic further comprises:
    - determining, by the mobile payment application, that the transaction processor certificate is not currently valid with the certificate authority; and
      
      updating, by the mobile payment application, the transaction processor certificate with the certificate authority.
  - 11. The method of claim 1, wherein providing the encrypted payment credentials to the transaction processor application further comprises:
    - generating, by the mobile payment application, a dynamic value using a shared algorithm associated with a payment processing network or an issuer, wherein the dynamic value is validated by the payment processing network or the issuer during transaction processing.
  - 12. The method of claim 1, wherein the payment encrypted credentials include an encrypted account identifier and an encrypted expiration date.
  - 13. The method of claim 1, wherein the transaction processor application is a merchant application, the transaction processor server computer is a merchant server computer, the transaction processor public key is a merchant public key, and the transaction processor private key is a merchant private key.
  - 14. The method of claim 1, wherein the transaction processor application is an acquirer application, wherein the transaction processor is an acquirer computer, the transaction processor public key is an acquirer public key, and the transaction processor private key is an acquirer private key.

15. A mobile device comprising:
- a processor;
  
  a computer-readable medium coupled to the processor, the computer-readable medium comprising a transaction processor application;
  
  a secure processor; and
  
  a secure computer-readable medium coupled to the secure processor, the secure computer-readable medium comprising code, executable by the secure processor, for performing a method of processing a remote transaction, the method comprising;
  
  receiving transaction data from the transaction processor application on the mobile device;
  
  validating that the transaction processor application is authentic; and
  
  in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application, wherein the transaction processor application initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The mobile device of claim 15, wherein the transaction data further comprises a transaction processor certificate and wherein validating that the transaction processor application is authentic further comprises:
    - verifying that the transaction processor certificate is currently valid with a certificate authority; and
      
      validating that the transaction processor certificate is authentic using a certificate authority public key.
  - 17. The mobile device of claim 15, wherein the transaction data further comprises a transaction processor certificate and the method further comprises:
    - extracting a transaction processor public key from the transaction processor certificate;
      
      determining payment credentials stored in the secure memory associated with the transaction data; and
      
      encrypting the payment credentials using the extracted transaction processor public key.
  - 18. The mobile device of claim 15, wherein the transaction processor application initiates a payment transaction with a remote server computer using the encrypted payment credentials by decrypting the payment credentials using a transaction processor private key and generates an authorization request message using the decrypted payment credentials.
  - 19. The mobile device of claim 15, wherein the transaction processor application initiates remote transaction processing by sending the encrypted payment credentials and the transaction data to the transaction processor server computer, and wherein the transaction processor server computer decrypts the payment credentials using a transaction processor private key and generates an authorization request message using the decrypted payment credentials.
  - 20. A system for processing a remote transaction, the system comprising:
    - the mobile device of claim 15; and
      
      the transaction processor server computer communicatively coupled to the mobile device, the transaction processor server configured to;
      
      provide transaction information to the mobile device;
      
      receive the encrypted payment information from the transaction processor application on the mobile device;
      
      decrypt the encrypted payment information using a transaction processor private key stored at the transaction processor server computer; and
      
      initiate transaction processing using the decrypted payment information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Karpenko, Igor, Makhotin, Oleg, Pirzadeh, Kiushan, Powell, Glenn, Sheets, John, Wong, Erick

Granted Patent

US 9,646,303 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/71
CPC Class Codes

G06Q 20/3227   using secure elements embed...

G06Q 20/326   Payment applications instal...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/401   Transaction verification

G06Q 20/409   Device specific authenticat...

Secure Remote Payment Transaction Processing Using a Secure Element

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Remote Payment Transaction Processing Using a Secure Element

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links