Module ID based encryption for financial transactions

US 7,983,994 B2
Filed: 10/08/2008
Issued: 07/19/2011
Est. Priority Date: 11/29/2007
Status: Active Grant

First Claim

Patent Images

1. A smart payment card module, comprising:

a communication module coupled to at least one communication network;

a processing module coupled to the communication module; and

a memory coupled to the processing module;

wherein the processing module, in cooperation with the communication module, is programmed to;

receive and store a first encryption key;

receive first encrypted user payment account information, the first encrypted user payment account information having been generated by encrypting user payment account information using the first encryption key;

store the first encrypted user payment account information;

detect that the smart payment card module has been communicatively coupled to a media device;

identify an ID of the media device;

establish a secure communication path with a remote server using the first encryption key;

communicate the ID of the media device to the remote server;

receive a second encryption key that is based on the ID of the media device;

decrypt the first encrypted user payment account information using the first encryption key to generate the user payment account information;

encrypt a portion of the user payment account information using the second encryption key to generate second encrypted user payment account information; and

store the second encrypted user payment account information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A server is operable to receive a media device identifying number (ID) and establish an association between a media device and a payment account and, in one embodiment, supports at least one of payment authorization and payment clearing based at least in part on the media device ID and the payment account. A network and system includes a payment card processor server that is operable to receive a payment authorization request and to determine if an authorized media device generated a purchase selection message and to determine to approve a received payment authorization request based, in part, if the media device was authorized for the purchase selection based upon a received media device ID. The system is further operable to perform a key rotation to protect payment account information.

Citations

16 Claims

1. A smart payment card module, comprising:
- a communication module coupled to at least one communication network;
  
  a processing module coupled to the communication module; and
  
  a memory coupled to the processing module;
  
  wherein the processing module, in cooperation with the communication module, is programmed to;
  
  receive and store a first encryption key;
  
  receive first encrypted user payment account information, the first encrypted user payment account information having been generated by encrypting user payment account information using the first encryption key;
  
  store the first encrypted user payment account information;
  
  detect that the smart payment card module has been communicatively coupled to a media device;
  
  identify an ID of the media device;
  
  establish a secure communication path with a remote server using the first encryption key;
  
  communicate the ID of the media device to the remote server;
  
  receive a second encryption key that is based on the ID of the media device;
  
  decrypt the first encrypted user payment account information using the first encryption key to generate the user payment account information;
  
  encrypt a portion of the user payment account information using the second encryption key to generate second encrypted user payment account information; and
  
  store the second encrypted user payment account information.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The smart payment card module of claim 1 wherein the processing module is further programmed to generate a message including the second encrypted user payment account information for transmission to a payment card company server.
  - 3. The smart payment card module of claim 1 wherein the processing module is further programmed to receive a third encryption key and provide the third encryption key to the media device for establishing a secure tunnel for transmitting a purchase selection message.
  - 4. The smart payment card module of claim 1 wherein the second encryption key is based on both the ID of the media device and at least a portion of the user payment account information.
  - 5. The smart payment card module of claim 1 wherein the processing module is further programmed to initiate a key rotation to establish the second encryption key if:
    - the smart payment card module has determined that it has been communicatively coupled to the media device and that it has been communicatively coupled to any media device only once;
      
      orthe smart payment card module receives, through an encrypted communication, a control command from the remote server to establish a new encryption key based upon the ID of the media device.
  - 6. The smart payment card module of claim 1 wherein the user payment account information includes credit card track 2 type of payment account information encrypted using the second encryption key.

7. A method for key rotation, comprising, by a smart payment card module:
- receiving and storing a first encryption key;
  
  receiving first encrypted user payment account information, the first encrypted user payment account information having been generated by encrypting user payment account information using the first encryption key;
  
  detecting that the smart payment card module has been communicatively coupled to a media device for a first time;
  
  identifying an ID of the media device;
  
  creating a secure tunnel with a payment card company server using the first encryption key;
  
  communicating the ID of the media device to the payment card company server;
  
  decrypting the first encrypted user payment account information using the first encryption key to generate the user payment account information;
  
  receiving a second encryption key from the payment card company server, the second encryption key being based at least in part on the ID of the media device;
  
  encrypting at least a portion of the user payment account information with the second encryption key to generate a second encrypted user payment account information; and
  
  storing the second encrypted user payment account information.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 8. The method of claim 7 wherein the second encryption key is based on both the ID of the media device and at least a portion of the user payment account information.
  - 9. The method of claim 7 wherein the second encryption key is used for encrypting a specified portion of the user payment account information.
  - 10. The method of claim 7 further including:
    - receiving a third encryption key for;
      
      encrypting non-track 2 type of user payment account information in purchase selection messages;
      
      orencrypting the encrypted user payment account information using the third encryption key.
  - 11. The method of claim 10 wherein the third encryption key is communicated to the media device.
  - 12. The method of claim 7 further including communicating messages to the media device for transmission to a payment card company server to establish the second encryption key.
  - 13. The method of claim 7 wherein the user payment account information is encrypted with the first encryption key prior to storing and prior to initiating the key rotation to establish the second encryption key.
  - 14. The method of claim 7 further including initiating the key rotation process to establish the second encryption key based on the media device ID when:
    - the smart payment card module has determined that it has been communicatively coupled to a media device and that it has been communicatively coupled to any media device only once;
      
      orthe smart payment card module receives, through an encrypted communication, a control command from the payment card company server to initiate generation of a new encryption key based upon the media device ID.
  - 15. The method of claim 13 further including decrypting the user payment account information using the first encryption key prior to storing the user payment account information.
  - 16. The method of claim 9 further including encrypting credit card track 2 type of data with the second encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Hurry, Simon J.
Primary Examiner(s)
Fischer; Andrew J.
Assistant Examiner(s)
Johns; Christopher C.

Application Number

US12/247,225
Publication Number

US 20090144202A1
Time in Patent Office

1,014 Days
Field of Search

705/72, 705/73
US Class Current

705/72
CPC Class Codes

G06Q 20/085   involving remote charge det...

G06Q 20/12   specially adapted for elect...

G06Q 20/14   specially adapted for billi...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3829   involving key management

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4012   Verifying personal identifi...

G06Q 20/4014   Identity check for transact...

G06Q 20/4037   Remote solvency checks

G06Q 20/409   Device specific authenticat...

G06Q 30/0601   Electronic shopping [e-shop...

G07F 7/08   by coded identity card or c...

H04N 21/2542   for selling goods, e.g. TV ...

H04N 21/2543   Billing , e.g. for subscrip...

H04N 21/4182   for identification purposes...

H04N 21/42684   Client identification by a ...

H04N 21/47815   Electronic shopping payment...

Module ID based encryption for financial transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Module ID based encryption for financial transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links