Financial transactions with dynamic card verification values
First Claim
Patent Images
1. A system for securing financial transactions with payment cards, comprising:
- a payment card for use at least in card-not-present financial transactions with a merchant, and that is not itself capable of cryptographic calculations;
a precomputed set of dynamic variable card verification values (CVVs) disposed electronically in the payment card, and in which the CVVs are distinct and separate from a personal account number and not transmitted in card-present financial transactions;
a user display for visually presenting any said CVV permanently stored in a table and individually selected on the payment card;
a user trigger for starting an electronic selection of a next CVV in a table loaded previously by a cryptographic process and calculated outside the payment card, and for causing a new value of said CVVs to be visually presented on the user display;
a timer connected to the user trigger and providing a limit on the frequency at which a new CVV can be generated or retrieved; and
a payment infrastructure connected through said merchant and providing for financial transaction authorizations based at least on the validity of said CVV values according to said cryptographic process, and including at least a payment authorization, personalization, or card manufacturing component that includes said cryptographic process for pre-computing all said CVV values external to the payment card and that can thereafter be visually presented on the user display of respective payment cards.
3 Assignments
0 Petitions
Accused Products
Abstract
A payment card comprises an internal dynamic card verification value (CVV) generator and a user display for card-not-present transactions. Card-present transactions with merchant card readers are enabled by a dynamic magnetic array internally associated with the card'"'"'s magnetic stripe. The user display and a timer are triggered by the user when the user needs to see the card verification value and/or begin a new transaction. A new card verification value is provided for each new transaction according to a cryptographic process, but the timer limits how soon a next new card verification value can be generated.
676 Citations
14 Claims
-
1. A system for securing financial transactions with payment cards, comprising:
-
a payment card for use at least in card-not-present financial transactions with a merchant, and that is not itself capable of cryptographic calculations; a precomputed set of dynamic variable card verification values (CVVs) disposed electronically in the payment card, and in which the CVVs are distinct and separate from a personal account number and not transmitted in card-present financial transactions; a user display for visually presenting any said CVV permanently stored in a table and individually selected on the payment card; a user trigger for starting an electronic selection of a next CVV in a table loaded previously by a cryptographic process and calculated outside the payment card, and for causing a new value of said CVVs to be visually presented on the user display; a timer connected to the user trigger and providing a limit on the frequency at which a new CVV can be generated or retrieved; and a payment infrastructure connected through said merchant and providing for financial transaction authorizations based at least on the validity of said CVV values according to said cryptographic process, and including at least a payment authorization, personalization, or card manufacturing component that includes said cryptographic process for pre-computing all said CVV values external to the payment card and that can thereafter be visually presented on the user display of respective payment cards. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for securing payment card financial transactions with electronic devices inside a payment card and a financial transaction network, comprising:
-
electronically associating a card verification value (CVV) printed on a particular payment card with the identity of an authorized user; a personal account number (PAN) electronically embedded in each said payment card, wherein are included data fields for a system number, a bank/product number, a user account number, and a check digit; electronically associating a four-digit expiration date (MMYY) with said CVV; electronically encoding a magnetic stripe on said payment card with said CVV for periodic reading by a magnetic card reader during a card-present financial transaction with a merchant; electronically storing a table of cryptographic values associated with said CVV on each user'"'"'s payment card during personalization; electronically sensing a financial transaction being commenced with the payment card; electronically separating a current financial transaction from a next, new financial transaction with a timer disposed in the payment card, and triggered by a user input; electronically presenting a current variable card verification CVV on the user display only during a current financial transaction; electronically presenting a new, next variable card verification CVV on the user display only during a next, new financial transaction; electronically imposing a limit on how frequently a new, next variable card verification CVV can be electronically generated and presented on the user display; electronically selecting a cryptographic value from a table of cryptographic values for inclusion as a dynamic portion of said CVV when a next, new financial transaction is sensed; electronically repeating the use of any cryptographic value from said table of cryptographic values in another financial transaction after being used once; and electronically authorizing said next financial transaction only if said CVV includes a correct cryptographic value in said user account number field. - View Dependent Claims (11)
-
-
12. A secure financial transaction network for payment cards, comprising:
-
an electronic device for associating a card verification value (CVV) with a particular payment card and user; an electronic device for encoding said payment card with said CVV for reading during a financial transaction; an electronic device for storing a table of cryptographic values associated with said CVV on each user'"'"'s payment card during personalization; an electronic device for sensing a next financial transaction being commenced with said payment card; an electronic device for selecting a cryptographic data value from said table of cryptographic values for electronic inclusion in data representing said user account number with said CVV when a next financial transaction is sensed; an electronic device for not repeating the use of any cryptographic value from said table of cryptographic values in another financial transaction after being used once; and an electronic device for authorizing by said issuing bank said next financial transaction only if said CVV includes a correct cryptographic value. - View Dependent Claims (13)
-
-
14. A secure payment card, comprising:
-
a particular payment card produced by a financial transaction network for use in financial transactions with merchants connected to said financial transaction network; a card verification value (CVV) electronically associated by said financial transaction network with the particular payment card and a user, wherein are included data fields for a system number, a bank/product number, a user account number, and a check digit; a magnetic stripe disposed on the particular payment card, and providing for periodic reading by a magnetic card reader during a financial transaction with any of said merchants; an electronic user display disposed on the particular payment card; an electronic table of cryptographic values electronically associated with the CVV on the particular payment card during a personalization of it by said financial transaction network, wherein cryptography was used to generate a set of CVV values for each payment card such that said table values are such that a next valid value cannot be predicted from a valid value already used in a financial transaction; a swipe detector for sensing a card reader contact during a next, new financial transaction being commenced with the particular payment card; and a cryptographic value electronically selectable from the table of cryptographic values by a device within said payment card for inclusion as a dynamic portion of an electronic representation of said user account number with said CVV when a next financial transaction is sensed; wherein, the table of cryptographic values is sufficiently large as to be able to contain a set of said cryptographic values in which each can not be selected again for another financial transaction after its being used once; and wherein, a next, new financial transaction can proceed only if the CVV includes a verifiable cryptographic value.
-
Specification