MULTI-PATH COMMUNICATION OF ELECTRONIC DEVICE SECURE ELEMENT DATA FOR ONLINE PAYMENTS

US 20170011395A1
Filed: 09/23/2016
Published: 01/12/2017
Est. Priority Date: 09/30/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

at a commercial entity subsystem;

receiving device transaction data from an electronic device, wherein the device transaction data comprises;

token information indicative of a payment credential on the electronic device;

crypto information indicative of the electronic device; and

transaction information indicative of a transaction between the electronic device and a merchant subsystem;

deriving a transaction key based on transaction key data, wherein the transaction key data comprises;

the token information; and

a first portion of the transaction information;

transmitting merchant payment data to at least one of the merchant subsystem and the electronic device, wherein the merchant payment data comprises;

the token information; and

a second portion of the transaction information; and

sharing commercial payment data with a financial institution subsystem using the transaction key, wherein the commercial payment data comprises the crypto information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and computer-readable media for communicating electronic device secure element data over multiple paths for online payments are provided. In one example embodiment, a method includes, inter alia, at a commercial entity subsystem, receiving, from an electronic device, device transaction data that includes credential data indicative of a payment credential on the electronic device for funding a transaction with a merchant subsystem, accessing a transaction identifier, deriving a transaction key based on transaction key data that includes the accessed transaction identifier, transmitting, to one of the merchant subsystem and the electronic device, merchant payment data that includes a first portion of the credential data and the accessed transaction identifier, and sharing, with a financial institution subsystem using the transaction key, commercial payment data that includes a second portion of the credential data that is different than the first portion of the credential data. Additional embodiments are also provided.

182 Citations

39 Claims

1. A method comprising:
- at a commercial entity subsystem;
  
  receiving device transaction data from an electronic device, wherein the device transaction data comprises;
  
  token information indicative of a payment credential on the electronic device;
  
  crypto information indicative of the electronic device; and
  
  transaction information indicative of a transaction between the electronic device and a merchant subsystem;
  
  deriving a transaction key based on transaction key data, wherein the transaction key data comprises;
  
  the token information; and
  
  a first portion of the transaction information;
  
  transmitting merchant payment data to at least one of the merchant subsystem and the electronic device, wherein the merchant payment data comprises;
  
  the token information; and
  
  a second portion of the transaction information; and
  
  sharing commercial payment data with a financial institution subsystem using the transaction key, wherein the commercial payment data comprises the crypto information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the token information comprises at least one of:
    - a primary account number of the payment credential; and
      
      an expiry date of the payment credential.
  - 3. The method of claim 1, wherein:
    - the transaction information comprises merchant information indicative of the merchant subsystem; and
      
      the first portion of the transaction information comprises the merchant information.
  - 4. The method of claim 3, wherein the second portion of the transaction information comprises the merchant information.
  - 5. The method of claim 3, wherein the second portion of the transaction information does not comprise the merchant information.
  - 6. The method of claim 3, wherein the merchant information comprises a merchant identification element associated with an acquiring bank of the merchant subsystem.
  - 7. The method of claim 1, wherein the transaction information comprises at least one of:
    - an amount of the cost of the transaction; and
      
      a currency of the transaction.
  - 8. The method of claim 1, further comprising, at the commercial entity subsystem, generating a transaction identifier, wherein the transaction key data further comprises the generated transaction identifier.
  - 9. The method of claim 8, wherein the merchant payment data further comprises the generated transaction identifier.
  - 10. The method of claim 1, wherein the sharing comprises sharing the commercial payment data with the financial institution subsystem in response to receiving a key from the financial institution subsystem at the commercial entity subsystem that is the same as the transaction key.
  - 11. The method of claim 1, wherein the sharing comprises sharing the commercial payment data and the transaction key with the financial institution subsystem.
  - 12. The method of claim 1, wherein the commercial payment data further comprises transaction-enhancer information that comprises at least one of:
    - a partial shipment indicator; and
      
      a recurring billing indicator.
  - 13. The method of claim 1, wherein the commercial payment data further comprises transaction-enhancer information that comprises at least one of:
    - an amount restriction; and
      
      a time restriction.
  - 14. The method of claim 1, wherein the crypto information is based on a shared secret between the electronic device and the financial institution subsystem.

15. A method comprising:
- at a commercial entity subsystem;
  
  receiving device transaction data from an electronic device, wherein the device transaction data comprises credential data indicative of a payment credential on the electronic device to be used for funding a transaction with a merchant subsystem;
  
  accessing a transaction identifier;
  
  deriving a transaction key based on transaction key data, wherein the transaction key data comprises the accessed transaction identifier;
  
  transmitting merchant payment data to at least one of the merchant subsystem and the electronic device, wherein the merchant payment data comprises;
  
  a first portion of the credential data; and
  
  the accessed transaction identifier; and
  
  sharing commercial payment data with a financial institution subsystem using the transaction key, wherein the commercial payment data comprises a second portion of the credential data that is different than the first portion of the credential data.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, wherein both the first portion of the credential data and the second portion of the credential data are required by the financial institution subsystem to validate the credential data for funding the transaction.
  - 17. The method of claim 15, wherein:
    - the first portion of the credential data comprises an account number of the payment credential; and
      
      the second portion of the credential data comprises a cryptogram generated using a shared secret of the electronic device and the financial institution subsystem.
  - 18. The method of claim 15, wherein the second portion of the credential data links the first portion of the credential data to the electronic device and to the transaction.
  - 19. The method of claim 15, wherein:
    - the first portion of the credential data comprises a cryptogram generated using a shared secret of the electronic device and the financial institution subsystem; and
      
      the second portion of the credential data comprises an account number of the payment credential.

20. A product comprising:
- a non-transitory computer-readable medium; and
  
  computer-readable instructions, stored on the computer-readable medium, that, when executed, are effective to cause a computer to;
  
  receive credential data from a user electronic device;
  
  transmit a first portion of the credential data from the computer to a financial institution subsystem using a first communication path that comprises a merchant subsystem; and
  
  transmit a second portion of the credential data from the computer to the financial institution subsystem using a second communication path that does not comprise the merchant subsystem.
- View Dependent Claims (21)
- - 21. The product of claim 20, wherein:
    - the first portion of the credential data comprises an account number of a payment credential on a secure element of the user electronic device; and
      
      the second portion of the credential data comprises a cryptogram generated using a shared secret of the secure element and the financial institution subsystem.

22-24. -24. (canceled)

25. A method comprising:
- at a financial institution subsystem;
  
  receiving, via a first communication path, merchant payment data that comprises token data of an electronic device;
  
  deriving first crypto data using the token data of the merchant payment data and a shared secret between the financial institution subsystem and the electronic device;
  
  accessing, via a second communication path that is different than the first communication path, commercial payment data that comprises second crypto data;
  
  comparing the first crypto data to the second crypto data; and
  
  validating a transaction request based on the comparing.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 26. The method of claim 25, wherein the first communication path is between the financial institution subsystem and one of a merchant subsystem and an acquiring bank subsystem.
  - 27. The method of claim 26, wherein the second communication path is between the financial institution subsystem and a commercial entity subsystem.
  - 28. The method of claim 26, wherein the second communication path is between the financial institution subsystem and the electronic device.
  - 29. The method of claim 25, further comprising, at the financial institution subsystem, deriving a transaction key based on at least a portion of the merchant payment data, wherein the accessing comprises accessing, via the second communication path, the commercial payment data using the derived transaction key.
  - 30. The method of claim 29, further comprising, at the financial institution subsystem, prior to the accessing, transmitting, via the second communication path, a request for the commercial payment data, wherein the request comprises the derived transaction key.
  - 31. The method of claim 29, wherein the accessing comprises:
    - receiving, via the second communication path, the commercial payment data; and
      
      identifying the second crypto data from the received commercial payment data using the derived transaction key.
  - 32. The method of claim 25, wherein:
    - the commercial payment data further comprises transaction enhancer data;
      
      the method further comprises, at the financial institution subsystem, prior to the validating, analyzing the transaction enhancer data; and
      
      the validating comprises validating the transaction request based on the comparing and based on the analyzing.
  - 33. The method of claim 25, wherein the second crypto data comprises crypto data of the electronic device.
  - 34. The method of claim 33, wherein the second communication path is between the financial institution subsystem and a commercial entity subsystem.
  - 35. The method of claim 33, wherein the second communication path is between the financial institution subsystem and the electronic device.
  - 36. The method of claim 33, wherein the first communication path is between the financial institution subsystem and one of a merchant subsystem and an acquiring bank subsystem.
  - 37. The method of claim 33, wherein:
    - the first communication path comprises a merchant subsystem;
      
      the second communication path does not comprise the merchant subsystem.
  - 38. The method of claim 37, wherein the transaction request is associated with a financial transaction between the electronic device and the merchant subsystem.

39-62. -62. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Pillai, Manoj K. Thulaseedharan, Elliott, Thomas, Bailey, Jennifer J., Brudnicki, David E., Khan, Ahmer A., Hurley, Timothy S.

Granted Patent

US 11,748,746 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/12   specially adapted for elect...

G06Q 20/3227   using secure elements embed...

G06Q 20/325   using wireless networks

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/382   insuring higher security of...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3829   involving key management

G06Q 20/40   Authorisation, e.g. identif...

G06Q 2220/00   Business processing using c...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 9/0861   Generation of secret inform...

MULTI-PATH COMMUNICATION OF ELECTRONIC DEVICE SECURE ELEMENT DATA FOR ONLINE PAYMENTS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

182 Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

MULTI-PATH COMMUNICATION OF ELECTRONIC DEVICE SECURE ELEMENT DATA FOR ONLINE PAYMENTS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

182 Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links