Method for purchasing items over a non-secure communication channel
First Claim
1. A method for purchasing items over a network using a secure communication device, the secure communication device including a host processor, a secure memory that includes a laser-scribed encryption key, and a non-secure memory for storing encrypted data, wherein sensitive data is encrypted within the secure memory using the laser-scribed encryption key and stored as encrypted data in the non-secure memory, the method comprising the steps of:
- retrieving an encrypted credit card number and an encrypted secret key from the non-secure memory;
decrypting the encrypted credit card and secret key with the laser-scribed encryption key;
encrypting the credit card number with a communication encryption key, the communication encryption key being related to the secret key; and
transferring the credit card number, as encrypted with the communication encryption key, over the network to a destination.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for purchasing items over a non-secure communication channel uses a secure communication device. The secure communication device includes a host processor, a secure memory that includes a laser-scribed encryption key, and a non-secure memory for storing encrypted data. A user'"'"'s sensitive data is encrypted within the secure memory using the laser-scribed encryption key and stored as encrypted data in the non-secure memory. An encrypted credit card number and an encrypted secret key is retrieved from the non-secure memory, the encrypted credit card and secret key are decrypted with the laser-scribed encryption key, the credit card number is encrypted with a session key, and the encrypted credit card number is transferred over the network to a destination such as an internet vendor.
57 Citations
19 Claims
-
1. A method for purchasing items over a network using a secure communication device, the secure communication device including a host processor, a secure memory that includes a laser-scribed encryption key, and a non-secure memory for storing encrypted data, wherein sensitive data is encrypted within the secure memory using the laser-scribed encryption key and stored as encrypted data in the non-secure memory, the method comprising the steps of:
-
retrieving an encrypted credit card number and an encrypted secret key from the non-secure memory; decrypting the encrypted credit card and secret key with the laser-scribed encryption key; encrypting the credit card number with a communication encryption key, the communication encryption key being related to the secret key; and transferring the credit card number, as encrypted with the communication encryption key, over the network to a destination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for transferring sensitive data over a non-secure communication channel using a secure communication device, the secure communication device including a host processor, a secure memory that including a laser-scribed encryption key, and a non-secure memory for storing the sensitive data in encrypted form, wherein sensitive data is encrypted within the secure memory using the laser-scribed encryption key and stored as encrypted data in the non-secure memory, the method comprising the steps of:
-
retrieving the encrypted sensitive data and an encrypted secret key from the non-secure memory; decrypting, in the secure memory, the encrypted sensitive data and the secret key with the laser-scribed encryption key; encrypting the decrypted sensitive data with a session encryption key related to the secret key; and transferring the sensitive data encrypted with the session encryption key over the non-secure communication channel to a destination. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
Specification