Financial transactions with dynamic personal account numbers
First Claim
1. A system for securing financial transactions with payment cards in card-not-present financial transactions with merchants in which a payment card is not accessible to a merchant terminal, comprising:
- a payment card for use in card-not-present financial transactions with a merchant, and which does not depend on receiving data from said merchant in card-not-present financial transactions;
a personal account number (PAN) disposed on the surface of the payment card and visibly readable by a user, and including a dynamic part in which the digits presented can vary, and a static part in which the digits do not change;
a crypto-table of individual table-values externally preprogrammed into the payment card and dependent on personalization information;
a user display disposed on the payment card in said dynamic part of the PAN, and providing an electronic visual output for a selected table-value from said crypto-table;
an electronic trigger to select a next table-value from said crypto-table for the user display;
a timer connected to the electronic trigger, and providing a limit on the frequency at which said new next table-value from said crypto-table can be retrieved; and
a payment infrastructure connected through said merchant and providing for financial transaction authorizations based at least on the validity of said dynamic and static parts of the PAN, for generating and preprogramming crypto-table and table-values into the payment card according to a cryptogram generation process that is not included in the payment card.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for securing financial transactions involving payment cards includes associating a sixteen-digit personal account number (PAN) with a particular payment card and user, wherein are included fields for a system number, a bank/product number, a user account number, and a check digit. A four-digit expiration date (MMYY) associated with the PAN. A magnetic stripe on the payment card is encoded with the PAN for periodic reading by a magnetic card reader during a financial transaction. A table of cryptographic values associated with the PAN and the MMYY is stored on each user'"'"'s payment card during personalization by an issuing bank. A next financial transaction being commenced with the payment card is sensed. A cryptographic value from the table of cryptographic values is selected for inclusion as a dynamic portion of the user account number with the PAN when a next financial transaction is sensed. Any cryptographic value from the table of cryptographic values will not be used again in another financial transaction after being used once. The issuing bank authorizes the next financial transaction only if the PAN includes a correct cryptographic value in the user account number field.
-
Citations
13 Claims
-
1. A system for securing financial transactions with payment cards in card-not-present financial transactions with merchants in which a payment card is not accessible to a merchant terminal, comprising:
-
a payment card for use in card-not-present financial transactions with a merchant, and which does not depend on receiving data from said merchant in card-not-present financial transactions; a personal account number (PAN) disposed on the surface of the payment card and visibly readable by a user, and including a dynamic part in which the digits presented can vary, and a static part in which the digits do not change; a crypto-table of individual table-values externally preprogrammed into the payment card and dependent on personalization information; a user display disposed on the payment card in said dynamic part of the PAN, and providing an electronic visual output for a selected table-value from said crypto-table; an electronic trigger to select a next table-value from said crypto-table for the user display; a timer connected to the electronic trigger, and providing a limit on the frequency at which said new next table-value from said crypto-table can be retrieved; and a payment infrastructure connected through said merchant and providing for financial transaction authorizations based at least on the validity of said dynamic and static parts of the PAN, for generating and preprogramming crypto-table and table-values into the payment card according to a cryptogram generation process that is not included in the payment card. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A construction and operation method for securing payment card financial transactions in a secure financial transaction network and payment infrastructure, comprising:
-
associating a personal account number (PAN) with a particular payment card and user by embossing and magnetically recording on said payment card fields for a system number, a bank/product number, a user account number, and a check digit; associating an expiration date with said PAN by embossing and magnetically recording on said payment card; encoding a magnetic stripe disposed on said payment card with a magnetic data recording to represent said PAN for periodic electronic reading by a magnetic card reader during a card-present financial transaction with a merchant terminal; electronically storing data for a table of cryptographic values associated with said PAN on each user'"'"'s payment card during personalization; electronically sensing a financial transaction being commenced with the payment card with the use of a swipe sensor; separating in time a current financial transaction with a merchant terminal from a next, new financial transaction, with an electronic timer disposed in said payment card, and triggered by a user input; electronically presenting a current variable part of said PAN on the user display only during a current financial transaction with said merchant terminal; electronically presenting a new, next variable part of said PAN on said user display only during a next, new financial transaction with any merchant terminal; imposing an electronic limit on how frequently a new, next variable part of said PAN can be electronically generated and presented on said user display; data selecting a cryptographic value from a table of cryptographic values for inclusion as a dynamic portion of said PAN when a next, new financial transaction is electronically sensed with any merchant terminal; not repeating the use of any cryptographic data value from said table of cryptographic values in another financial transaction with any merchant terminal after being used once; and authorizing with an electronic data message said next financial transaction only if said PAN electronically read by any merchant terminal includes a correct cryptographic value in said user account number field. - View Dependent Claims (9)
-
-
10. A secure financial transaction network for payment cards, comprising:
-
a personal account number (PAN) with an included set of variations in a predictable sequence for linking with a particular payment card and user, wherein are included fields for a system number, a bank/product number, a user account number, and a check digit; static and dynamic magnetic recording devices for encoding a magnetic stripe on said payment card with said PAN and its variations in use-once sequence for periodic reading by a magnetic card reader during a financial transaction, wherein said PAN does not necessarily match another PAN that may be presented on a user display disposed on the same payment card; a secure message of personalization information to enable programming of a table of cryptographic values constituting sequenced predictable variations in said PAN on each user'"'"'s payment card; a card-present trigger for sensing a next financial transaction being commenced with said payment card; a device for selecting a cryptographic value from said table of cryptographic values for inclusion as a dynamic portion of said user account number in said PAN when a next financial transaction is sensed; a device for not repeating the use of any cryptographic value from said table of cryptographic values in another financial transaction after its being used once; and a transaction authorized message for authorizing by said issuing bank said next financial transaction only if said PAN matches an expected variation defined originally in said secure message of personalization information for said table of cryptographic values. - View Dependent Claims (11)
-
-
12. A secure payment card, comprising:
-
a payment card for use in card-present and card-not-present financial transactions with merchants; a set of personal account numbers (PAN'"'"'s) that are predictable and sequentially issued visually or magnetically by the payment card, wherein are included data fields for a system number, a bank/product number, a user account number, and a check digit; a magnetic stripe disposed on the payment and providing static and dynamic magnetic data representing a selected one from the set of PAN'"'"'s for periodic reading one-way access by a magnetic card reader during a card-present financial transaction; a precomputed and preprogrammed table of cryptographic values for constructing individual ones of the set of PAN'"'"'s on the payment card when triggered by a use; a detector for sensing a next, new financial transaction being commenced with the payment card and providing a trigger to issue a new PAN; a cryptographic value selectable from the table of cryptographic values for inclusion as a dynamic portion of said user account number with said each PAN when a next financial transaction is sensed. - View Dependent Claims (13)
-
Specification