VALIDATION CRYPTOGRAM FOR TRANSACTION

US 20170272253A1
Filed: 03/10/2017
Published: 09/21/2017
Est. Priority Date: 03/15/2016
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a server computer, an interaction request including interaction details and a first cryptogram, the interaction details including receiver information, wherein the first cryptogram was generated using the receiver information;

verifying, by the server computer, the first cryptogram; and

coordinating, by the server computer, a transfer from a sender to a receiver.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for validating an interaction is disclosed. A first interaction cryptogram can be generated by a first device using information about a first party to the interaction and a second party to the interaction. A second interaction cryptogram can be generated by a second device also using information about the first party to the interaction and the second party to the interaction. Verifying each cryptogram can validate that the interaction details have not been changed, and that both the first party and second party legitimately authorized the interaction.

70 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, by a server computer, an interaction request including interaction details and a first cryptogram, the interaction details including receiver information, wherein the first cryptogram was generated using the receiver information;
  
  verifying, by the server computer, the first cryptogram; and
  
  coordinating, by the server computer, a transfer from a sender to a receiver.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the first cryptogram was generated by a sender device.
  - 3. The method of claim 2, wherein the interaction details further include sender information, wherein the interaction request further includes a second cryptogram that was generated by a receiver device, wherein the second cryptogram was generated using the sender information, and wherein the method further comprises:
    - verifying, by the server computer, the second cryptogram.
  - 4. The method of claim 3, wherein the first cryptogram was generated further using the sender information, and wherein the second cryptogram was generated further using the receiver information, such that the first cryptogram and the second cryptogram were both generated using both the sender information and the receiver information.
  - 5. The method of claim 3, the method further comprising:
    - determining, by the server computer, a first key associated with the sender device, wherein the first cryptogram is verified using the first key;
      
      determining, by the server computer, a second key associated with the receiver device, wherein the second cryptogram is verified using the second key;
      
      determining, by the server computer, a third key associated with a coordination computer, wherein the interaction request includes a digital signature generated using the interaction details by the coordination computer; and
      
      verifying, by the server computer, the digital signature using the third key.

6. A server computer comprising:
- a processor; and
  
  a computer readable medium, the computer readable medium comprising code, executable by the processor, for implementing a method comprising;
  
  receiving an interaction request including interaction details and a first cryptogram, the interaction details including receiver information, wherein the first cryptogram was generated using the receiver information;
  
  verifying the first cryptogram; and
  
  coordinating a transfer from a sender to a receiver.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The server computer of claim 6, wherein the first cryptogram was generated by a sender device.
  - 8. The server computer of claim 7, wherein the interaction details further include sender information, wherein the interaction request further includes second cryptogram that was generated by a receiver device, wherein the second cryptogram was generated using the sender information, and wherein the method further comprises:
    - verifying the second cryptogram.
  - 9. The server computer of claim 8, wherein the first cryptogram was generated further using the sender information, and wherein the second cryptogram was generated further using the receiver information, such that the first cryptogram and the second cryptogram were both generated using both the sender information and the receiver information.
  - 10. The server computer of claim 8, the method further comprising:
    - determining a first key associated with the sender device, wherein the first cryptogram is verified using the first key;
      
      determining a second key associated with the receiver device, wherein the second cryptogram is verified using the second key;
      
      determining a third key associated with a coordination computer, wherein the interaction request includes a digital signature generated using the interaction details by the coordination computer; and
      
      verifying the digital signature using the third key.

11. A method comprising:
- receiving, by a first computer, interaction details and a first cryptogram, the interaction details including receiver information, wherein the first cryptogram was generated using the receiver information;
  
  sending, by the first computer, an interaction confirmation request to a receiver device associated with the receiver information;
  
  receiving, by the first computer, an interaction confirmation response from the receiver device; and
  
  sending, by the first computer, to a second computer, an interaction request including the interaction details and the first cryptogram, wherein the second computer verifies the first cryptogram and coordinates a transfer from a sender to a receiver.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11, wherein the first cryptogram was generated by a sender device.
  - 13. The method of claim 12, wherein the interaction details further include sender information, and wherein the interaction confirmation response further includes a second cryptogram generated by the receiver device using the sender information, wherein the interaction request sent to the second computer includes the second cryptogram, and wherein the second computer verifies the second cryptogram.
  - 14. The method of claim 13, wherein the first cryptogram was generated further using the sender information, and wherein the second cryptogram was generated further using the receiver information, such that the first cryptogram and the second cryptogram were both generated using both the sender information and the receiver information.
  - 15. The method of claim 13, further comprising:
    - generating, by the first computer, a digital signature using the interaction details, wherein the interaction request includes the digital signature, wherein the second computer determines a third key associated with a coordination computer, wherein the second computer verifies the digital signature using the third key, wherein the second computer determines a first key associated with the sender device, wherein the second computer verifies the first cryptogram using the first key, wherein the second computer determines a second key associated with the receiver device, and wherein the second computer verifies the second cryptogram using the second key.

16. A first computer comprising:
- a processor; and
  
  a computer readable medium, the computer readable medium comprising code, executable by the processor, for implementing a method comprising;
  
  receiving interaction details and a first cryptogram, the interaction details including receiver information, wherein the first cryptogram was generated using the receiver information;
  
  sending an interaction confirmation request to a receiver device associated with the receiver information;
  
  receiving an interaction confirmation response from the receiver device; and
  
  sending, to a second computer, an interaction request including the interaction details and the first cryptogram, wherein the second computer verifies the first cryptogram and coordinates a transfer from a sender to a receiver.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The first computer of claim 16, wherein the first cryptogram was generated by a sender device.
  - 18. The first computer of claim 17, wherein the interaction details further include sender information, and wherein the interaction confirmation response further includes a second cryptogram generated by the receiver device using the sender information, wherein the interaction request sent to the second computer includes the second cryptogram, and wherein the second computer verifies the second cryptogram.
  - 19. The first computer of claim 18, wherein the first cryptogram was generated further using the sender information, and wherein the second cryptogram was generated further using the receiver information, such that the first cryptogram and the second cryptogram were both generated using both the sender information and the receiver information.
  - 20. The first computer of claim 18, further comprising:
    - generating a digital signature using the interaction details, wherein the interaction request includes the digital signature, wherein the second computer determines a third key associated with a coordination computer, wherein the second computer verifies the digital signature using the third key, wherein the second computer determines a first key associated with the sender device, wherein the second computer verifies the first cryptogram using the first key, wherein the second computer determines a second key associated with the receiver device, and wherein the second computer verifies the second cryptogram using the second key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Lavender, Phillip, Modi, Vikram, Powell, Glenn Leon

Granted Patent

US 10,742,419 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

H04L 63/12   Applying verification of th...

H04L 9/0618   Block ciphers, i.e. encrypt...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3247   involving digital signatures

VALIDATION CRYPTOGRAM FOR TRANSACTION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

70 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

VALIDATION CRYPTOGRAM FOR TRANSACTION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links