ENCRYPTION SWITCH PROCESSING

US 20170186001A1
Filed: 03/13/2017
Published: 06/29/2017
Est. Priority Date: 11/05/2009
Status: Abandoned Application

First Claim

Patent Images

1. A processing server computer comprising:

a processor; and

a non-transitory computer readable medium coupled to the processor, the non-transitory computer readable medium comprising code executable by the processor for implementing operations including;

receiving an envelope associated with a transaction, wherein the envelope includes unencrypted transaction details, a token derived from a key associated an account identifier, and a first portion of the transaction details in an encrypted format, the first portion of the transaction details encrypted using the key;

retrieving the key associated from a key database;

converting the token to the account identifier using the key;

verifying that the account identifier is associated with a valid account; and

decrypting the first portion of the transaction details and comparing the decrypted first portion of the transaction details with the unencrypted transaction details in the envelope associated with the transaction to determine whether the transaction is approved or declined.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for eliminating the need for merchants and acquirers to conduct Payment Card Industry (“PCI”) security audit procedures are provided. Merchants and acquirers can eliminate the operating expenses associated with conducting audits to ensure compliance with PCI Data Security Standards (“DSS”), while at the same time ensuring that cardholders'"'"' data remains secure, thus protecting the cardholders from fraudulent transactions. System security is further enhanced through the use of per transaction audits, with the scope of the audit being directly between the Point of Sale (POS) terminal and the payment processing network. PCI DSS compliance can thus be assured on a per transaction basis, as opposed to only ensuring compliance generally for a merchant or acquirer on a periodic basis. Per transaction PCI DSS compliance is assured, while at the same time eliminating the need for merchants or acquirers to conduct compliance audits.

66 Citations

20 Claims

1. A processing server computer comprising:
- a processor; and
  
  a non-transitory computer readable medium coupled to the processor, the non-transitory computer readable medium comprising code executable by the processor for implementing operations including;
  
  receiving an envelope associated with a transaction, wherein the envelope includes unencrypted transaction details, a token derived from a key associated an account identifier, and a first portion of the transaction details in an encrypted format, the first portion of the transaction details encrypted using the key;
  
  retrieving the key associated from a key database;
  
  converting the token to the account identifier using the key;
  
  verifying that the account identifier is associated with a valid account; and
  
  decrypting the first portion of the transaction details and comparing the decrypted first portion of the transaction details with the unencrypted transaction details in the envelope associated with the transaction to determine whether the transaction is approved or declined.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 20)
- - 2. The processing server computer of claim 1, wherein the envelope includes a hashed message authentication code computed using the key and the first portion of the transaction details.
  - 3. The processing server computer of claim 2, wherein the operations further includes:
    - recalculating the hashed message authentication code using the key and a portion the unencrypted transaction details; and
      
      comparing the recalculated hashed message authentication code with the hashed message authentication code received in the envelope.
  - 4. The processing server computer of claim 1, wherein the operations further includes:
    - sending the account identifier and a second portion of transaction details to an issuer to determine if the transaction is authorized.
  - 5. The processing server computer of claim 4, wherein the first and second portions of the transaction details are the same.
  - 6. The processing server computer of claim 4, wherein the first portion of the transaction details is different than the second portion of the transaction details.
  - 7. The processing server computer of claim 1, wherein the envelope includes a personal identification number associated with the account identifier, the personal identification number encrypted using the key.
  - 8. The processing server computer of claim 1, wherein the key is associated with a terminal that generated the envelope.
  - 9. The processing server computer of claim 1, wherein the envelope includes a terminal identifier associated with the terminal.
  - 10. The processing server computer of claim 1, wherein the first portion of the transaction details includes a transaction amount and a transaction date.
  - 20. The method of claim 1, wherein the first portion of the transaction details includes a transaction amount and a transaction date.

11. A method comprising:
- receiving, by a server, an envelope associated with a transaction, wherein the envelope includes unencrypted transaction details, a token derived from a key associated an account identifier, and a first portion of the transaction details in an encrypted format, the first portion of the transaction details encrypted using the key;
  
  retrieving, by the server, the key associated from a key database;
  
  converting, by the server, the token to the account identifier using the key;
  
  verifying, by the server, that the account identifier is associated with a valid account; and
  
  decrypting, by the server, the first portion of the transaction details and comparing the decrypted first portion of the transaction details with the unencrypted transaction details in the envelope associated with the transaction to determine whether the transaction is approved or declined.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, wherein the envelope includes a hashed message authentication code computed using the key and the first portion of the transaction details.
  - 13. The method of claim 12, further comprising:
    - recalculating the hashed message authentication code using the key and a portion the unencrypted transaction details; and
      
      comparing the recalculated hashed message authentication code with the hashed message authentication code received in the envelope.
  - 14. The method of claim 11, further comprising:
    - sending the account identifier and a second portion of transaction details to an issuer to determine if the transaction is authorized.
  - 15. The method of claim 14, wherein the first and second portions of the transaction details are the same.
  - 16. The method of claim 14, wherein the first portion of the transaction details is different than the second portion of the transaction details.
  - 17. The method of claim 11, wherein the envelope includes a personal identification number associated with the account identifier, the personal identification number encrypted using the key.
  - 18. The method of claim 11, wherein the key is associated with a terminal that generated the envelope.
  - 19. The method of claim 11, wherein the envelope includes a terminal identifier associated with the terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ben Rewis, Judson Reed, Patrick Faith
Original Assignee
Ben Rewis, Judson Reed, Patrick Faith
Inventors
Reed, Judson, Faith, Patrick, Rewis, Ben

Application Number

US15/457,765
Publication Number

US 20170186001A1
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/3829   involving key management

G06Q 20/383   Anonymous user system

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

ENCRYPTION SWITCH PROCESSING

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

ENCRYPTION SWITCH PROCESSING

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links