Secure single-use transaction numbers

US 7,822,666 B1
Filed: 10/31/2007
Issued: 10/26/2010
Est. Priority Date: 10/29/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method, comprising:

distributing a transaction number generator to a first user;

generating, at the transaction number generator, a plurality of single-use transaction numbers including a first single-use transaction number, wherein each single-use transaction number includes a routing number, an account number, and a one-time password, wherein the routing number and account number remain constant for each single-use transaction number in the plurality of single-use transaction numbers, wherein generating includes generating each one\-time password in the transaction number generator distributed to the first user so such that it is difficult to predict subsequent one-time passwords; and

paying for a transaction, wherein paying includes transmitting the first single-use transaction number generated by the transaction number generator from the transaction number generator over a network to a transaction number validator; and

validating, at the transaction number validator, the first single-use transaction number, wherein validating includes receiving the first single-use transaction number transmitted from the transaction number generator via the network, generating in the transaction number validator an expected one-time password and comparing the one-time password of the received first single-use transaction number with the expected one-time password, wherein the expected one-time password reflects the one-time password expected by the transaction number validator to be part of the first single-use transaction number;

wherein each single-use transaction number is formatted at the transaction number generator such that its respective routing number can be used to route the single-use transaction number to the transaction number validator and wherein generating the one-time password in the transaction number generator distributed to the first user includes receiving at the transaction number generator a first personal identification number (PIN) and slowing down generation of the one-time password if the first personal identification number received is different than expected.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods for producing and applications for single-use transaction numbers. The transaction numbers are single-use in that the numbers are only valid for a single transaction. The transaction numbers can be generated just prior to being used, minimizing the amount of time during which they can be lost or stolen. The transaction numbers can be generated using encryption technology such as dynamic password technology. The encryption technology makes it very difficult if not impossible to predict what the next transaction number generated will be. The transaction numbers are unique to the user and can be validated or authenticated by an issuing institution that maintains an ability to generate the same transaction numbers issued to the user.

74 Citations

View as Search Results

17 Claims

1. A computer-implemented method, comprising:
- distributing a transaction number generator to a first user;
  
  generating, at the transaction number generator, a plurality of single-use transaction numbers including a first single-use transaction number, wherein each single-use transaction number includes a routing number, an account number, and a one-time password, wherein the routing number and account number remain constant for each single-use transaction number in the plurality of single-use transaction numbers, wherein generating includes generating each one\-time password in the transaction number generator distributed to the first user so such that it is difficult to predict subsequent one-time passwords; and
  
  paying for a transaction, wherein paying includes transmitting the first single-use transaction number generated by the transaction number generator from the transaction number generator over a network to a transaction number validator; and
  
  validating, at the transaction number validator, the first single-use transaction number, wherein validating includes receiving the first single-use transaction number transmitted from the transaction number generator via the network, generating in the transaction number validator an expected one-time password and comparing the one-time password of the received first single-use transaction number with the expected one-time password, wherein the expected one-time password reflects the one-time password expected by the transaction number validator to be part of the first single-use transaction number;
  
  wherein each single-use transaction number is formatted at the transaction number generator such that its respective routing number can be used to route the single-use transaction number to the transaction number validator and wherein generating the one-time password in the transaction number generator distributed to the first user includes receiving at the transaction number generator a first personal identification number (PIN) and slowing down generation of the one-time password if the first personal identification number received is different than expected.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 13, 14, 15, 16, 17)
- - 2. The method according to claim 1, wherein generating a plurality of single-use transaction numbers includes utilizing encryption technology to generate the one-time password.
  - 3. The method according to claim 2, wherein utilizing includes encrypting a usage count.
  - 4. The method according to claim 1, wherein generating a plurality of single-use transaction numbers includes utilizing dynamic password technology to generate the one-time password.
  - 5. The method according to claim 1, wherein generating a plurality of single-use transaction numbers includes generating the one-time password as a function of a user activation.
  - 6. The method according to claim 1, wherein generating a plurality of single-use transaction numbers includes generating the one-time password as a function of a factor selected from the group of factors including a personal identification number (PIN) and an amount.
  - 7. The method according to claim 1, wherein generating a plurality of single-use transaction numbers includes displaying the first single-use transaction number for use by a user.
  - 8. The method according to claim 1, wherein the network comprises a wireless network.
  - 13. The method according to claim 1, wherein generating a plurality of single-use transaction numbers includes interleaving bits of the routing number with bits of the one-time password.
  - 14. The method according to claim 1, wherein the transaction number generator is configured to generate a unique sequence of transaction numbers associated with the first user, wherein the unique sequence of transaction numbers is different from a sequence of transaction numbers associated with a second user.
  - 15. The method according to claim 14, wherein the transaction number validator is configured to maintain and use an expected sequence of transaction numbers, wherein the expected sequence of transaction numbers is the same as the unique sequence of transaction numbers associated with the first user.
  - 16. The method according to claim 15, wherein the transaction number validator is configured to compare the first single-use transaction number with each transaction number in the expected sequence of transaction numbers to validate the first single-use transaction number, wherein the first single-use transaction number is invalidated only if the first single-use transaction number does not match any one of the expected sequence of transaction numbers.
  - 17. The method according to claim 15, wherein the transaction number validator is configured to put a time limit on one or more earlier-generated transaction numbers and to remove the earlier-generated transaction numbers from the expected sequence of transaction numbers if the earlier-generated transaction numbers have not been validated until the time limit expires.

9. A computer-readable medium including instructions stored therein that, when executed by a computer, cause the computer to perform:
- distributing a transaction number generator to a first user;
  
  generating, at the transaction number generator, a plurality of single-use transaction numbers including a first single-use transaction number, wherein generating includes combining a routing number, an account number, and a one-time password to form each single-use transaction number, wherein the routing number and account number remain constant for each single-use transaction number in the plurality of single-use transaction numbers, wherein generating includes generating each one-time password in the transaction number generator distributed to the first user such that it is difficult to predict subsequent one-time passwords;
  
  paying for a transaction, wherein paying includes transmitting the first single-use transaction number generated by the transaction number generator from the transaction number generator over a network to a transaction number validator; and
  
  validating, at transaction number validator, the first single-use transaction number, wherein validating includes receiving the first single-use transaction number transmitted from the transaction number generator via the network, generating in the transaction number validator an expected one-time password and comparing the one-time password of the received first single-use transaction number with the expected one-time password, wherein the expected one-time password reflects the one-time password expected by the transaction number validator to be part of the first single-use transaction number;
  
  wherein each single-use transaction number is formatted at the transaction number generator such that its respective routing number can be used to route the single-use transaction number to the transaction number validator and wherein generating the one-time password in the transaction number generator distributed to the first user includes receiving at the transaction number generator a first personal identification number (PIN) and slowing down generation of the one-time password if the first personal identification number received is different than expected.
- View Dependent Claims (10, 11, 12)
- - 10. The medium according to claim 9, wherein the instructions that, when executed by the computer, cause the computer to perform generating the one-time password as a function of a user activation.
  - 11. The medium according to claim 9, wherein the instructions that, when executed by the computer, cause the computer to further perform displaying the first single-use transaction numbers for use by a user.
  - 12. The medium according to claim 9, wherein the network comprises a wireless network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Bursch, Todd
Primary Examiner(s)
Badii; Behrang

Application Number

US11/932,753
Time in Patent Office

1,091 Days
Field of Search

705/45, 705/39, 705/44, 705/71, 705/75, 705/76, 705/37, 705/38, 705/35, 380/280, 380/45, 380/247, 235/380, 340/5.61
US Class Current

705/35
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 20/02   involving a neutral party, ...

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/385   using an alias or single-us...

G06Q 20/401   Transaction verification

G06Q 40/00   Finance; Insurance; Tax str...

G06Q 40/02   Banking, e.g. interest calc...

Secure single-use transaction numbers

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

74 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Secure single-use transaction numbers

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

74 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links