Method and device for generating a single-use financial account number
DCFirst Claim
1. A method for providing a second account identifier for use in place of a first account identifier, comprising the steps of:
- accessing a first data element, specific to an account having a first account identifier;
accessing a second data element including transaction-specific data; and
combining said first data element and said second data element to produce a second account identifier for use in place of said first account identifier.
10 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A device for facilitating financial account transactions is described which includes a processing unit including a cryptographic processor. The device also includes an input unit, a display unit and a memory device connected to the processing unit. The memory device contains a private cryptographic key, a first data element and a second data element. The processing unit encrypts the first data element using the private cryptographic key and the second data element, modifies the second data element, combines the encrypted first data element and the second data element to generate a single-use financial account identifier, and displays the single-use financial account identifier. This identifier is then transmitted to a central processor for authorization of the transaction. The central processor extracts and decrypts data elements from the transmitted identifier using the private cryptographic key, compares those data elements with data elements stored in a memory, and verifies the single-use financial account identifier in accordance with the comparison.
858 Citations
21 Claims
-
1. A method for providing a second account identifier for use in place of a first account identifier, comprising the steps of:
-
accessing a first data element, specific to an account having a first account identifier; accessing a second data element including transaction-specific data; and combining said first data element and said second data element to produce a second account identifier for use in place of said first account identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A device for providing a second account identifier for use in place of a first account identifier, comprising:
-
a processing unit, said processing unit including a cryptographic processor; an input unit, connected to said processing unit, operable to input information thereto; a display unit, connected to said processing unit, operable to display a processing result therefrom; and a memory device connected to said processing unit, said memory device containing a private cryptographic key, a first data element, a second data element and a program, adapted to be executed by said processing unit, to encrypt the first data element using the private cryptographic key and the second data element, modify the second data element, combine the encrypted first data element and the second data element to generate an account identifier that indicates another account identifier, and display the generated account identifier using said display unit.
-
-
15. A method for providing a second account identifier for use in place of a first account identifier, comprising the steps of:
-
providing a memory device containing a private cryptographic key, a first data element, and a second data element; encrypting the first data element using the private cryptographic key and the second data element; modifying the second data element; combining the encrypted first data element and the second data element to generate a second account identifier for use in place of a first account identifier; and displaying the second account identifier.
-
-
16. A device for providing a second account identifier for use in place of a first account identifier, said device comprising:
-
a memory storing data representing a plurality of predetermined account identifiers, data representing a status for each of said plurality of predetermined account identifiers, and data representing a pointer to one of said plurality of predetermined account identifiers; an output device operable to present said one of said plurality of predetermined account identifiers; and a processor coupled to said memory and to said output device, said processor being configured to identify said one of said plurality of predetermined account identifiers based on said data representing a pointer, said processor being further configured to transmit a signal to said output device directing said output device to present said one of said plurality of predetermined account identifiers. - View Dependent Claims (17, 18)
-
-
19. A method for providing a second account identifier for use in place of a first account identifier, comprising the steps of:
-
providing a memory storing data representing a plurality of predetermined account identifiers, data representing a status for each of said plurality of predetermined account identifiers, and data representing a pointer to one of said plurality of predetermined account identifiers; identifying said one of said plurality of predetermined account identifiers based on said data representing a pointer; and transmitting a signal to an output device to present said one of said plurality of predetermined account identifiers.
-
-
20. A method for providing a second account identifier for use in place of a first account identifier, comprising the steps of:
-
receiving a plurality of requests to produce second account identifiers, each second account identifier for use in place of a first account identifier; and outputting, in response to each request, a respective second account identifier, each output second account identifier indicating the first account identifier, each second account identifier being different from remaining second account identifiers. - View Dependent Claims (21)
-
Specification