Method and system for generating a dynamic verification value
First Claim
1. A method comprising a plurality of steps, each being performed by hardware executing software, wherein the steps include:
- generating a verification value in response to a transaction involving a mobile electronic device, wherein the verification value is generated by;
creating a base record comprising;
digits for an application transaction counter overlaying the left most digits of a primary account number corresponding to an account upon which the transaction is being conducted, wherein the application transaction counter is incremented for each said transaction; and
concatenated to the right most digits of the primary account number;
a card security code for the primary account number; and
an expiration date for the primary account number;
bisecting the base record into a first field and a second field;
encrypting the first field using a first encryption key;
performing an exclusive-OR (XOR) operation on the encrypted first field and the second field to produce a first result;
encrypting the first result using a second encryption key to produce a second result;
decrypting the second result using a decryption key to produce a third result;
encrypting the third result using a third encryption key to produce a fourth result;
sequentially extracting each value between 0 and 9 from the most-significant digit to the least-significant digit of the fourth result to produce a fifth result;
sequentially extracting and subtracting hexadecimal A from each value between hexadecimal A and hexadecimal F from the most-significant digit to the least-significant digit of the fourth result to produce the sixth result;
concatenating the fifth result and the sixth result to produce a seventh result; and
selecting one or more values from the seventh result as the verification value; and
sending the verification value for delivery to the service provider with data in a magnetic stripe data format so that the service provider can verify the verification value.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for dynamically generating a verification value for a transaction and for utilizing such value to verify the authenticity of the payment service application. The dynamically created verification value may be generated on a payment device, such as an integrated circuit credit card or smart card, embedded into the payment data, and transmitted to a point of sale terminal. Alternatively, payment data is sent by a payment device to a point of sale terminal, which generates a verification value and embeds it into the payment data. The embedded verification value is used by a service provider to verify the authenticity of the transaction. The methods and systems may be used in a contactless (wireless) environment or a non-wireless environment.
-
Citations
16 Claims
-
1. A method comprising a plurality of steps, each being performed by hardware executing software, wherein the steps include:
-
generating a verification value in response to a transaction involving a mobile electronic device, wherein the verification value is generated by; creating a base record comprising; digits for an application transaction counter overlaying the left most digits of a primary account number corresponding to an account upon which the transaction is being conducted, wherein the application transaction counter is incremented for each said transaction; and concatenated to the right most digits of the primary account number; a card security code for the primary account number; and an expiration date for the primary account number; bisecting the base record into a first field and a second field; encrypting the first field using a first encryption key; performing an exclusive-OR (XOR) operation on the encrypted first field and the second field to produce a first result; encrypting the first result using a second encryption key to produce a second result; decrypting the second result using a decryption key to produce a third result; encrypting the third result using a third encryption key to produce a fourth result; sequentially extracting each value between 0 and 9 from the most-significant digit to the least-significant digit of the fourth result to produce a fifth result; sequentially extracting and subtracting hexadecimal A from each value between hexadecimal A and hexadecimal F from the most-significant digit to the least-significant digit of the fourth result to produce the sixth result; concatenating the fifth result and the sixth result to produce a seventh result; and selecting one or more values from the seventh result as the verification value; and sending the verification value for delivery to the service provider with data in a magnetic stripe data format so that the service provider can verify the verification value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising a plurality of steps each being performed by hardware executing software, wherein the steps include:
-
generating, at a point of sale terminal, unique transaction data for a transaction being processed by the point of sale terminal; sending, from the point of sale terminal in a wireless communication, the unique transaction data for the transaction; receiving, at a mobile electronic device, the unique transaction data for the transaction; creating, at the mobile electronic device, a base record comprising; digits for an application transaction counter overlaying the left most digits of a primary account number corresponding to an account upon which the transaction is being conducted, wherein the application transaction counter is incremented for each said transaction; and concatenated to the right most digits of the primary account number; a card security code for the primary account number; and an expiration date for the primary account number; splitting, at the mobile electronic device, the base record into a first field and a second field; encrypting, at the mobile electronic device, the first field using a first encryption key; performing, at the mobile electronic device, an exclusive-OR (XOR) operation on the encrypted first field and the second field to produce a first result; encrypting, at the mobile electronic device, the first result using a second encryption key to produce a second result; decrypting, at the mobile electronic device, the second result using a decryption key to produce a third result; encrypting, at the mobile electronic device, the third result using a third encryption key to produce a fourth result; sequentially extracting, at the mobile electronic device, each value between 0 and 9 from the most-significant digit to the least-significant digit of the fourth result to produce a fifth result; sequentially extracting and subtracting, at the mobile electronic device, hexadecimal A from each value between hexadecimal A and hexadecimal F from the most-significant digit to the least-significant digit of the fourth result to produce the sixth result; concatenating, at the mobile electronic device, the fifth result and the sixth result to produce a seventh result; and selecting, at the mobile electronic device, one or more values from the seventh result as a verification value; sending, from the mobile electronic device, data in a magnetic stripe data format that includes the verification value; and receiving, at the point of sale terminal in a wireless communication, the data in a magnetic stripe data format and transmitting, from the point of sale terminal, the verification value for delivery to the service provider so that the service provider can verify the verification value. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification