Dynamic card validation value
First Claim
1. A computer-readable medium comprising instructions that, when executed by a processor, cause an electronic computing system including a card processing server to:
- automatically select a dynamic service code such that the dynamic service code is substantially unpredictable based on previously requested dynamically-generated card verification values (CVVs) for a transaction card;
automatically generate a dynamically-generated CVV for the transaction card, wherein the dynamically-generated CVV is based on a card number of the transaction card, an expiry date of the transaction card, and the dynamic service code, and wherein the instructions cause the card processing server to;
concatenate the card number of the transaction card, the expiry date of the transaction card, and the dynamic service code, thereby generating a first value;
pad the first value with zeroes such that the first value includes 128 bits, thereby generating a second value;
split the second value into a first 64-bit block and a second 64-bit block;
encrypt the first 64-bit block with a first encryption key, thereby generating a third value;
perform an “
exclusive or”
operation on the third value and the second 64-bit block, thereby generating a fourth value;
encrypt the fourth value with the first encryption key, thereby generating a fifth value;
decrypt the fifth value with a second encryption key, thereby generating a sixth value;
encrypt the sixth value with the first encryption key, thereby generating a seventh value;
extract all numeric digits in the seventh value, thereby generating an eighth value;
extract all alphabetical digits in the seventh value, thereby generating a ninth value;
convert the ninth value into numeric digits, thereby generating a tenth value;
concatenate the eighth value and the tenth value, thereby generating an eleventh value; and
select a leftmost three digits of the eleventh value as the dynamically-generated CVV;
automatically send, from the card processing server to a cardholder device, a first set of data, the first set of data indicating the dynamically-generated CVV;
in response to receiving a transaction request, automatically determine whether a provided CVV corresponds to the dynamically-generated CVV, the transaction request is a request for an economic transaction, the transaction request specifying the provided CVV and a card number of the transaction card; and
record a charge against an account of a cardholder of the transaction card when it is determined that the provided CVV corresponds to the dynamically-generated CVV.
1 Assignment
0 Petitions
Accused Products
Abstract
As described herein, a card services provider dynamically generates a card verification value (CVV) for a transaction card and sends the dynamically-generated CVV to a cardholder. The card services provider generates the dynamically-generated CVV such that the dynamically-generated CVV is substantially unpredictable based on other dynamically-generated CVVs for the transaction card. The dynamically-generated CVV is only valid for a limited period of time and/or for a limited number of economic transactions. The cardholder uses the dynamically-generated CVV as part of an economic transaction with a merchant. Because the dynamically-generated CVV is only valid for a limited number of economic transactions and/or for a limited period of time, it may be difficult for a thief to repeatedly use the transaction card to make economic transactions.
-
Citations
13 Claims
-
1. A computer-readable medium comprising instructions that, when executed by a processor, cause an electronic computing system including a card processing server to:
-
automatically select a dynamic service code such that the dynamic service code is substantially unpredictable based on previously requested dynamically-generated card verification values (CVVs) for a transaction card; automatically generate a dynamically-generated CVV for the transaction card, wherein the dynamically-generated CVV is based on a card number of the transaction card, an expiry date of the transaction card, and the dynamic service code, and wherein the instructions cause the card processing server to; concatenate the card number of the transaction card, the expiry date of the transaction card, and the dynamic service code, thereby generating a first value; pad the first value with zeroes such that the first value includes 128 bits, thereby generating a second value; split the second value into a first 64-bit block and a second 64-bit block; encrypt the first 64-bit block with a first encryption key, thereby generating a third value; perform an “
exclusive or”
operation on the third value and the second 64-bit block, thereby generating a fourth value;encrypt the fourth value with the first encryption key, thereby generating a fifth value; decrypt the fifth value with a second encryption key, thereby generating a sixth value; encrypt the sixth value with the first encryption key, thereby generating a seventh value; extract all numeric digits in the seventh value, thereby generating an eighth value; extract all alphabetical digits in the seventh value, thereby generating a ninth value; convert the ninth value into numeric digits, thereby generating a tenth value; concatenate the eighth value and the tenth value, thereby generating an eleventh value; and select a leftmost three digits of the eleventh value as the dynamically-generated CVV; automatically send, from the card processing server to a cardholder device, a first set of data, the first set of data indicating the dynamically-generated CVV; in response to receiving a transaction request, automatically determine whether a provided CVV corresponds to the dynamically-generated CVV, the transaction request is a request for an economic transaction, the transaction request specifying the provided CVV and a card number of the transaction card; and record a charge against an account of a cardholder of the transaction card when it is determined that the provided CVV corresponds to the dynamically-generated CVV. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification