Secure payment card transactions
First Claim
1. A method of adding security to a point-of-sale (POS) terminal which communicates over a network with a POS server, the POS terminal including a POS terminal application installed thereon and a payment card reader, the POS terminal application configured to communicate with the POS server over a non-secure channel to process payment card transactions, the method comprising:
- installing a POS security layer on the POS terminal, the POS security layer configured to at least;
(a) intercept payment data received from the payment card reader when a user initiates a payment card transaction, the payment data comprising actual card data;
(b) pass false card data to the POS terminal application for use in place of the actual card data, such that the false card data is transmitted over the non-secure channel to the POS server in place of the actual card data; and
(c) transmit the actual card data to the POS server over a secure channel;
such that the actual card data is inhibited from being transmitted over a non-secure channel.
4 Assignments
0 Petitions
Accused Products
Abstract
Payment card transactions at a point of sale (POS) are secured in certain embodiments by intercepting, with a POS security layer installed on a POS terminal, payment data from the POS terminal, transmitting the payment data from the POS security layer to a server security application installed on a POS server, and providing false payment data from the POS security layer to a POS terminal application installed on the POS terminal. The false payment data in various embodiments is processed as if it were the payment data, such that the POS terminal transmits an authorization request to the POS server using the false payment data. In addition, the authorization request may be transmitted from the POS server to a payment gateway.
-
Citations
40 Claims
-
1. A method of adding security to a point-of-sale (POS) terminal which communicates over a network with a POS server, the POS terminal including a POS terminal application installed thereon and a payment card reader, the POS terminal application configured to communicate with the POS server over a non-secure channel to process payment card transactions, the method comprising:
-
installing a POS security layer on the POS terminal, the POS security layer configured to at least; (a) intercept payment data received from the payment card reader when a user initiates a payment card transaction, the payment data comprising actual card data; (b) pass false card data to the POS terminal application for use in place of the actual card data, such that the false card data is transmitted over the non-secure channel to the POS server in place of the actual card data; and (c) transmit the actual card data to the POS server over a secure channel; such that the actual card data is inhibited from being transmitted over a non-secure channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-readable medium having stored thereon a point-of-sale (POS) security layer that is configured to be installed on a POS terminal that runs a POS terminal application and that communicates with a POS server over a network, the POS security layer comprising executable instructions that cause the POS terminal to at least:
-
intercept actual payment data received from a card entry device when a user initiates a payment card transaction, such that the actual payment data is not made available to the POS terminal application; pass false payment data to the POS terminal application for use in place of the actual payment data, such that the POS terminal application transmits the false payment data to the POS server in place of the actual payment data; and transmit the actual payment data to the POS server. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method of securing payment transactions at a point of sale (POS), the method comprising:
-
intercepting payment data on a POS terminal, the payment data comprising actual payment data from a payment medium; and providing false payment data to the POS terminal, the false payment data configured to be processed as if it were the actual payment data, such that the POS terminal transmits an authorization request using the false payment data in place of the actual payment data; wherein the false payment data is configured to be stored in a transaction database as log data and wherein no complete actual payment data is stored at the POS terminal. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method of providing false payment data for use in place of actual payment data at a point of sale (POS) to inhibit the transmission of actual payment data over a non-secure channel, the method comprising:
-
capturing payment data on a POS terminal, the payment data comprising actual card data from a payment card; generating false card data configured to be processed as if it were the actual card data, the false card data configured such that a Luhn modulus 10 test performed on the false card data determines that the false card data comprises an invalid payment card number; and providing the false card data to the POS terminal, such that the POS terminal transmits an authorization request to the POS server using the false card data in place of the actual card data. - View Dependent Claims (40)
-
Specification