×

End-to-end encryption system and method of operation

  • US 4,423,287 A
  • Filed: 06/26/1981
  • Issued: 12/27/1983
  • Est. Priority Date: 06/26/1981
  • Status: Expired due to Term
First Claim
Patent Images

1. A method of operating a network/interchange transaction execution system of the type comprising a plurality of transaction terminals, a plurality of acquirer stations, each being associated with one or more separate transaction terminals, a plurality of issuer stations, each of which includes a data processor which stores account information for a plurality of accounts, and a network switch which communicatively interconnects the acquirers with the issuers;

  • the method comprising the steps of;

    (a) receiving and identifying network/interchange transaction information and a personal identification number, PINc, from a user at one of said transaction terminals, encrypting the PINc with a first session key, KS1, transmitting to the acquirer station associated with said transaction terminal a network/interchange request message comprised of the encrypted PINc and the transaction data;

    (b) at the associated acquirer station, receiving the network/interchange request message from said transaction terminal and retransmitting the network/interchange request message to the network switch along with the session key encrypted in a second master key, e[KM2 ](KS1),(c) at the network switch, receiving the network/interchange request message and the encrypted session key, re-encrypting the session key in a third master key, e[KM3 ](KS1), and retransmitting the network/interchange request message along with the third master key encrypted session key to a particular issuer station specified by data in the network/interchange request message;

    (d) at the issuer station, receiving the request message and the encrypted session key, e[KM3 ](KS1), decrypting the session key, decrypting the encrypted PINc, accessing the data base for the account specified in the transaction data, comparing and verifying the PINc with a corresponding PIN stored in the data base for that account, specifying an authorization code in response to the transaction data, and transmitting a reply message, which includes the authorization code, to the acquirer station through the network switch,(e) at the acquirer station, relaying the reply message to said transaction terminal, and,(f) acting on the authorization code to respond to the transaction terminal user.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×