×

Secure transmission of sensitive information over a public/insecure communications medium

  • US 5,878,143 A
  • Filed: 08/16/1996
  • Issued: 03/02/1999
  • Est. Priority Date: 08/16/1996
  • Status: Expired due to Fees
First Claim
Patent Images

1. A procedure for communicating sensitive information securely over an insecure medium from a first computer system to a second computer system to carry out transactions therebetween, the procedure comprising:

  • A) developing an account initialization data set at the first computer system, the account initialization data set including a plurality of fields, at least a first one of which fields includes information which is unique to the hardware comprising the first computer system;

    B) duplicating the account initialization data set on the second computer system through a secure medium;

    C) independently developing and storing at each of the first and second computer systems, from information included in the account initialization data set, using functionally identical algorithms, an initial client control file data set including a plurality of control fields, at least one of which control fields includes data developed from information which is unique to the hardware comprising the first computer system;

    D) subsequently, communicating over an insecure communications medium an initial validation string generated from a plurality of client control file data set fields stored in the first computer system, at least one of which control file data set fields includes data developed from information which is unique to the hardware comprising the first computer system, and at least one additional field containing transaction specific information from the first computer system to the second computer system during initiation of a first transaction;

    E) checking, at the second computer system, that the information in the initial validation string received from the first computer system is identical to a counterpart initial validation string generated from a plurality of client control file data set fields stored in the second computer system, at least one of which control file data set fields includes data developed from information which is unique to the hardware comprising the first computer system;

    F) if the initial validation string received from the first computer system is found during step E) to be identical to the initial validation string generated at the second computer system, carrying out the transaction and going to step H);

    G) if the initial validation string received from the first computer system is found during step E) to be different from the initial validation string generated at the second computer system, aborting the transaction;

    H) developing and storing, at the first computer system, an updated client control file data set which is modified from the previous client control file data set, according to a predetermined modification procedure, based on new information which is specific to the transaction just carried out;

    I) developing and storing, at the second computer system, an updated client control file data set which is modified from the previous client control file data set, according to the same predetermined modification procedure employed in step H), based on new information which is specific to the transaction just carried out such that the new client control files stored, respectively, in each of the first and second computer systems are identical;

    J) subsequently, communicating over an insecure communications medium an updated validation string generated from a plurality of client control file data set fields stored in the first computer system, at least one of which control file data set fields includes data developed from information which is unique to the hardware comprising the first computer system, and at least one additional field containing transaction specific information from the first computer system to the second computer system during initiation of a transaction;

    K) checking, at the second computer system, that the information in the updated validation string received from the first computer system is identical to a counterpart updated validation string generated from a plurality of client control file data set fields stored in the second computer system, at least one of which control file data set fields includes data developed from information which is unique to the hardware comprising the first computer system;

    L) if the updated validation string received from the first computer system is found during step K) to be identical to the updated validation string generated at the second computer system, carrying out the transaction and going to step J); and

    M) if the updated validation string received from the first computer system is found during step K) to be different from the updated validation string generated at the second computer system, aborting the transaction.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×