System and method for secure transactions manageable by a transaction account provider
First Claim
1. A method for securely completing a transaction, comprising:
- assigning a transaction account to a user according to user personal information;
assigning a transaction account code to said transaction account, said transaction account and said user personal information being sensitive information;
receiving a proxy code from a transaction device associated with said user, wherein said transaction device generates said proxy code;
associating said proxy code to said transaction account code, said proxy code configured to be provided to a merchant system for transaction completion, wherein said proxy code is absent of said sensitive information, and includes the same format as said transaction account code;
receiving from said merchant system a transaction request, said transaction request including said proxy code;
locating said transaction account code associated with said proxy code;
locating said transaction account using said transaction account code; and
processing said transaction request in accordance with said transaction accounts;
wherein said transaction device is configured to interface with a transponder/reader system comprising;
a Radio Frequency Identification (RFID) reader configured to provide a first radio frequency (RF) interrogation signal for powering a transponder system, to receive a transponder system RF signal, and to communicate transponder system account data related to said transponder system RF signal to a merchant system, said RFID reader including, a first interrogator for providing said first RF interrogation signal;
an RFID reader authentication circuit in communication with said first interrogator for authenticating said transponder system RF signal;
an RFID reader database for storing RFID reader data, said RFID reader database in communication with said RFID reader authentication circuit;
an RFID reader protocol/sequence controller in communication with at least one of said first interrogator, said RFID reader authentication circuit, and said RFID reader database, said RFID reader protocol/sequence controller configured to facilitate control of an order of operation of said first interrogator, said RFID reader authentication circuit, and said RFID reader database;
an RFID reader communications interface configured to communicate with said merchant system, said RFID reader communications interface configured to provide said transponder system account data, wherein said transponder system is configured to receive said first RF interrogation signal, to authenticate said first RF interrogation signal, and to transmit said transponder system account data, said transponder system further comprising;
a first transponder responsive to said first RF interrogation signal;
a transponder system authentication circuit in communication with said first transponder, said transponder system authentication circuit configured to authenticate said first RF interrogation signal;
a transponder system database for storing said transponder system account data, said transponder system database in communication with said transponder system authentication circuit; and
a transponder system protocol/sequence controller in communication with at least one of said first transponder, said transponder system authentication circuit, and said transponder system database, said transponder system protocol/sequence controller configured to control the order of operation of said first transponder, said transponder system authentication circuit, and said transponder system database, wherein said transponder system protocol/sequence controller is configured to activate said transponder system authentication circuit in response to said first RF interrogation signal having an RFID reader authentication code, said transponder system authentication circuit configured to encrypt said RFID reader authentication code to provide an encrypted RFID reader authentication code, said transponder system authentication circuit configured to provide said encrypted RFID reader authentication code to said first transponder for providing to said RFID reader, wherein said RFID reader is configured to receive said encrypted RFID reader authentication code, and wherein said RFID reader protocol/sequence controller is configured to activate said RFID reader authentication circuit in response to said encrypted RFID reader authentication code, wherein said RFID reader database is configured to provide a transponder system decryption security key to said RFID reader authentication circuit in response to said encrypted RFID reader authentication code, said transponder system decryption security key for use in decrypting said encrypted RFID reader authentication code to form a decrypted RFID reader authentication code, said transponder system decryption security key provided to said RFID reader based on an unique transponder identification code, wherein said RFID reader authentication circuit is configured to compare said decrypted RFID reader authentication code and said RFID reader authentication code to determine whether a match exists, and wherein said RFID reader protocol/sequence controller is configured to activate said RFID reader communications interface where said RFID reader authentication circuit matches said decrypted RFID reader authentication code and said RFID reader authentication code.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for securing a financial transaction using a proxy code, which is assigned a transaction account number. An account issuer permanently assigns the proxy code to a transaction account correlated to the transaction device. The proxy code is uploaded onto the transaction device for later use in completing a transaction request. During transaction completion, the proxy code is provided to a merchant system in lieu of any sensitive account information. Since the proxy code is permanently assigned, the number need not be changed or updated on the merchant system once uploaded into a payment device or merchant database. The account issuer may manipulate the sensitive account information without need to alter the information stored on the merchant database. Since the proxy code contains no sensitive information, the sensitive information related to the transaction account is secured from theft.
-
Citations
11 Claims
-
1. A method for securely completing a transaction, comprising:
-
assigning a transaction account to a user according to user personal information; assigning a transaction account code to said transaction account, said transaction account and said user personal information being sensitive information; receiving a proxy code from a transaction device associated with said user, wherein said transaction device generates said proxy code; associating said proxy code to said transaction account code, said proxy code configured to be provided to a merchant system for transaction completion, wherein said proxy code is absent of said sensitive information, and includes the same format as said transaction account code; receiving from said merchant system a transaction request, said transaction request including said proxy code; locating said transaction account code associated with said proxy code; locating said transaction account using said transaction account code; and processing said transaction request in accordance with said transaction accounts; wherein said transaction device is configured to interface with a transponder/reader system comprising; a Radio Frequency Identification (RFID) reader configured to provide a first radio frequency (RF) interrogation signal for powering a transponder system, to receive a transponder system RF signal, and to communicate transponder system account data related to said transponder system RF signal to a merchant system, said RFID reader including, a first interrogator for providing said first RF interrogation signal; an RFID reader authentication circuit in communication with said first interrogator for authenticating said transponder system RF signal; an RFID reader database for storing RFID reader data, said RFID reader database in communication with said RFID reader authentication circuit; an RFID reader protocol/sequence controller in communication with at least one of said first interrogator, said RFID reader authentication circuit, and said RFID reader database, said RFID reader protocol/sequence controller configured to facilitate control of an order of operation of said first interrogator, said RFID reader authentication circuit, and said RFID reader database; an RFID reader communications interface configured to communicate with said merchant system, said RFID reader communications interface configured to provide said transponder system account data, wherein said transponder system is configured to receive said first RF interrogation signal, to authenticate said first RF interrogation signal, and to transmit said transponder system account data, said transponder system further comprising;
a first transponder responsive to said first RF interrogation signal;a transponder system authentication circuit in communication with said first transponder, said transponder system authentication circuit configured to authenticate said first RF interrogation signal; a transponder system database for storing said transponder system account data, said transponder system database in communication with said transponder system authentication circuit; and a transponder system protocol/sequence controller in communication with at least one of said first transponder, said transponder system authentication circuit, and said transponder system database, said transponder system protocol/sequence controller configured to control the order of operation of said first transponder, said transponder system authentication circuit, and said transponder system database, wherein said transponder system protocol/sequence controller is configured to activate said transponder system authentication circuit in response to said first RF interrogation signal having an RFID reader authentication code, said transponder system authentication circuit configured to encrypt said RFID reader authentication code to provide an encrypted RFID reader authentication code, said transponder system authentication circuit configured to provide said encrypted RFID reader authentication code to said first transponder for providing to said RFID reader, wherein said RFID reader is configured to receive said encrypted RFID reader authentication code, and wherein said RFID reader protocol/sequence controller is configured to activate said RFID reader authentication circuit in response to said encrypted RFID reader authentication code, wherein said RFID reader database is configured to provide a transponder system decryption security key to said RFID reader authentication circuit in response to said encrypted RFID reader authentication code, said transponder system decryption security key for use in decrypting said encrypted RFID reader authentication code to form a decrypted RFID reader authentication code, said transponder system decryption security key provided to said RFID reader based on an unique transponder identification code, wherein said RFID reader authentication circuit is configured to compare said decrypted RFID reader authentication code and said RFID reader authentication code to determine whether a match exists, and wherein said RFID reader protocol/sequence controller is configured to activate said RFID reader communications interface where said RFID reader authentication circuit matches said decrypted RFID reader authentication code and said RFID reader authentication code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for securely completing a transaction comprising:
-
a transaction account issuer system for collecting personal data from a user, said transaction account issuer system configured to facilitate issuing a transaction account to said user in accordance with said personal data, assign said transaction account code to said transaction account, receive a proxy code from a transaction device associated with said user, wherein said transaction device is configured to generate said proxy code, associate said proxy code to said transaction account code, receiving said proxy code from a merchant in a merchant transaction request, locate said transaction account code in accordance with said proxy code, and process said transaction request in accordance with said transaction account, wherein said personal data, and said transaction account code are sensitive information and said proxy code is absent of said sensitive information, wherein said proxy code has a similar format as said transaction account code, wherein said proxy code is provided to a merchant system and said transaction account code is not provided to said merchant system, and wherein said transaction account issuer system is further configured to alter said sensitive information and to keep said proxy code fixed, wherein said transaction device is configured to interface with a transponder/reader system comprising; a Radio Frequency Identification (RFID) reader configured to provide a first radio frequency (RF) interrogation signal for powering a transponder system, to receive a transponder system RF signal, and to communicate transponder system account data related to said transponder system RF signal to a merchant system, said RFID reader including, a first interrogator for providing said first RF interrogation signal; an RFID reader authentication circuit in communication with said first interrogator for authenticating said transponder system RF signal; an RFID reader database for storing RFID reader data, said RFID reader database in communication with said RFID reader authentication circuit; an RFID reader protocol/sequence controller in communication with at least one of said first interrogator, said RFID reader authentication circuit, and said RFID reader database, said RFID reader protocol/sequence controller configured to facilitate control of an order of operation of said first interrogator, said RFID reader authentication circuit, and said RFID reader database; an RFID reader communications interface configured to communicate with said merchant system, said RFID reader communications interface configured to provide said transponder system account data, wherein said transponder system is configured to receive said first RF interrogation signal, to authenticate said first RF interrogation signal, and to transmit said transponder system account data, said transponder system further comprising;
a first transponder responsive to said first RF interrogation signal;a transponder system authentication circuit in communication with said first transponder, said transponder system authentication circuit configured to authenticate said first RF interrogation signal; a transponder system database for storing said transponder system account data, said transponder system database in communication with said transponder system authentication circuit; and a transponder system protocol/sequence controller in communication with at least one of said first transponder, said transponder system authentication circuit, and said transponder system database, said transponder system protocol/sequence controller configured to control the order of operation of said first transponder, said transponder system authentication circuit, and said transponder system database, wherein said transponder system protocol/sequence controller is configured to activate said transponder system authentication circuit in response to said first RF interrogation signal having an RFID reader authentication code, said transponder system authentication circuit configured to encrypt said RFID reader authentication code to provide an encrypted RFID reader authentication code, said transponder system authentication circuit configured to provide said encrypted RFID reader authentication code to said first transponder for providing to said RFID reader, wherein said RFID reader is configured to receive said encrypted RFID reader authentication code, and wherein said RFID reader protocol/sequence controller is configured to activate said RFID reader authentication circuit in response to said encrypted RFID reader authentication code, wherein said RFID reader database is configured to provide a transponder system decryption security key to said RFID reader authentication circuit in response to said encrypted RFID reader authentication code, said transponder system decryption security key for use in decrypting said encrypted RFID reader authentication code to form a decrypted RFID reader authentication code, said transponder system decryption security key provided to said RFID reader based on an unique transponder identification code, wherein said RFID reader authentication circuit is configured to compare said decrypted RFID reader authentication code and said RFID reader authentication code to determine whether a match exists, and wherein said RFID reader protocol/sequence controller is configured to activate said RFID reader communications interface where said RFID reader authentication circuit matches said decrypted RFID reader authentication code and said RFID reader authentication code.
-
Specification