Module ID based encryption for financial transactions
First Claim
1. A smart payment card module, comprising:
- a communication module coupled to at least one communication network;
a processing module coupled to the communication module; and
a memory coupled to the processing module;
wherein the processing module, in cooperation with the communication module, is programmed to;
receive and store a first encryption key;
receive first encrypted user payment account information, the first encrypted user payment account information having been generated by encrypting user payment account information using the first encryption key;
store the first encrypted user payment account information;
detect that the smart payment card module has been communicatively coupled to a media device;
identify an ID of the media device;
establish a secure communication path with a remote server using the first encryption key;
communicate the ID of the media device to the remote server;
receive a second encryption key that is based on the ID of the media device;
decrypt the first encrypted user payment account information using the first encryption key to generate the user payment account information;
encrypt a portion of the user payment account information using the second encryption key to generate second encrypted user payment account information; and
store the second encrypted user payment account information.
1 Assignment
0 Petitions
Accused Products
Abstract
A server is operable to receive a media device identifying number (ID) and establish an association between a media device and a payment account and, in one embodiment, supports at least one of payment authorization and payment clearing based at least in part on the media device ID and the payment account. A network and system includes a payment card processor server that is operable to receive a payment authorization request and to determine if an authorized media device generated a purchase selection message and to determine to approve a received payment authorization request based, in part, if the media device was authorized for the purchase selection based upon a received media device ID. The system is further operable to perform a key rotation to protect payment account information.
-
Citations
16 Claims
-
1. A smart payment card module, comprising:
-
a communication module coupled to at least one communication network; a processing module coupled to the communication module; and a memory coupled to the processing module; wherein the processing module, in cooperation with the communication module, is programmed to; receive and store a first encryption key; receive first encrypted user payment account information, the first encrypted user payment account information having been generated by encrypting user payment account information using the first encryption key; store the first encrypted user payment account information; detect that the smart payment card module has been communicatively coupled to a media device; identify an ID of the media device; establish a secure communication path with a remote server using the first encryption key; communicate the ID of the media device to the remote server; receive a second encryption key that is based on the ID of the media device; decrypt the first encrypted user payment account information using the first encryption key to generate the user payment account information; encrypt a portion of the user payment account information using the second encryption key to generate second encrypted user payment account information; and store the second encrypted user payment account information. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for key rotation, comprising, by a smart payment card module:
-
receiving and storing a first encryption key; receiving first encrypted user payment account information, the first encrypted user payment account information having been generated by encrypting user payment account information using the first encryption key; detecting that the smart payment card module has been communicatively coupled to a media device for a first time; identifying an ID of the media device; creating a secure tunnel with a payment card company server using the first encryption key; communicating the ID of the media device to the payment card company server; decrypting the first encrypted user payment account information using the first encryption key to generate the user payment account information; receiving a second encryption key from the payment card company server, the second encryption key being based at least in part on the ID of the media device; encrypting at least a portion of the user payment account information with the second encryption key to generate a second encrypted user payment account information; and storing the second encrypted user payment account information. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
-
Specification