System and method for point-to-point encryption with adjunct terminal

US 8,346,671 B2
Filed: 04/01/2010
Issued: 01/01/2013
Est. Priority Date: 04/01/2010
Status: Active Grant

First Claim

Patent Images

1. A system for point-to-point encryption comprising:

a card reader systemfor reading unencrypted card data stored on a magnetic stripe of a card andfor encrypting the card data using a network key,the card reader system being contained in a first housing;

a point of sale device coupled to the card reader system,the point of sale device being contained in a second housing separate from the first housing,the point of sale device having a user interface for obtaining a transaction amount;

a transaction request system coupled to the card reader system for transmitting the transaction amount and the encrypted card data to an authorization gateway,wherein the unencrypted card data is prevented from being processed by the point of sale device; and

an authorization gateway that comprises;

a token generation systemfor receiving an unencrypted token request and the encrypted card data andfor decrypting the encrypted card data; and

a transaction authorization systemfor transmitting the decrypted card data to a card-issuing bank with an authorization request andfor receiving an authorization response;

wherein the token generation system generates a token based on the authorization response,wherein the card reader system comprises a token request system for compiling the encrypted card data into a token request for transmission to the authorization gateway,wherein the token request is unencrypted.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for point-to-point encryption is provided. A card reader system reads unencrypted card data stored on a magnetic stripe of a card and encrypts the card data, the card reader system being contained in a first housing. A point of sale device coupled to the card reader system and contained in a second housing separate from the first housing has a user interface for obtaining a transaction amount. A transaction request system transmits the transaction amount and the encrypted card data to an authorization gateway, wherein the unencrypted card data is prevented from being processed by the point of sale device.

30 Citations

View as Search Results

16 Claims

1. A system for point-to-point encryption comprising:
- a card reader systemfor reading unencrypted card data stored on a magnetic stripe of a card andfor encrypting the card data using a network key,the card reader system being contained in a first housing;
  
  a point of sale device coupled to the card reader system,the point of sale device being contained in a second housing separate from the first housing,the point of sale device having a user interface for obtaining a transaction amount;
  
  a transaction request system coupled to the card reader system for transmitting the transaction amount and the encrypted card data to an authorization gateway,wherein the unencrypted card data is prevented from being processed by the point of sale device; and
  
  an authorization gateway that comprises;
  
  a token generation systemfor receiving an unencrypted token request and the encrypted card data andfor decrypting the encrypted card data; and
  
  a transaction authorization systemfor transmitting the decrypted card data to a card-issuing bank with an authorization request andfor receiving an authorization response;
  
  wherein the token generation system generates a token based on the authorization response,wherein the card reader system comprises a token request system for compiling the encrypted card data into a token request for transmission to the authorization gateway,wherein the token request is unencrypted.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1 wherein the point of sale device comprises a token handling system for receiving the token from the authorization gateway, associating the token with transaction data and storing the token and the associated transaction data in a local memory.
  - 3. The system of claim 1 wherein the point of sale device comprises a transaction permission system for receiving the token from the authorization gateway, associating the token with transaction data and transmitting the token and the associated transaction data to the authorization gateway.
  - 4. The system of claim 1 wherein the point of sale device is only coupled to the card reader system through the authorization gateway.
  - 5. The system of claim 1 wherein the point of sale device is only coupled to the card reader system through a data port of the point of sale device.
  - 6. The system of claim 1 wherein the card reader system is coupled to the authorization gateway, and data from the point of sale device is only transmitted to the authorization gateway by passing through the card reader system.
  - 7. The system of claim 1 wherein the transaction request system is for transmitting the transaction amount and the encrypted card data to an authorization gateway without decrypting the encrypted card data.
  - 8. The system of claim 1 wherein the transaction request system is for encrypting the transaction amount and the encrypted card data for transmission to an authorization gateway without decrypting the encrypted card data.

9. A method for point-to-point encryption comprising:
- reading unencrypted card data stored on a magnetic stripe of a card at a card reader system contained in a first housing;
  
  encrypting the card data at the card reader system using a network key;
  
  obtaining a transaction amount from a point of sale device contained in a second housing separate from the first housing;
  
  transmitting the transaction amount and the encrypted card data to an authorization gateway without decrypting the encrypted card data prior to transmission;
  
  preventing the unencrypted card data from being processed by the point of sale device;
  
  compiling the encrypted card data into a token request with unencrypted token request data for transmission to the authorization gateway at the card reader system;
  
  receiving the token request and the encrypted card data at the authorization gateway;
  
  decrypting the encrypted card data;
  
  transmitting the decrypted card data to a card-issuing bank with an authorization request;
  
  receiving an authorization response; and
  
  generating a token based on the authorization response.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9 comprising:
    - receiving the token from the authorization gateway;
      
      associating the token with transaction data; and
      
      storing the token and the associated transaction data in a local memory.
  - 11. The method of claim 9 comprising:
    - receiving the token from the authorization gateway;
      
      associating the token with transaction data; and
      
      transmitting the token and the associated transaction data to the authorization gateway.
  - 12. The method of claim 9 comprising coupling the point of sale device to the authorization gateway only through the card reader system.
  - 13. The method of claim 9 comprising coupling the point of sale device to the card reader system only through a data port of the point of sale device.
  - 14. The method of claim 9 wherein data from the point of sale device is only transmitted to the authorization gateway by passing through the card reader system.

15. A method for point-to-point encryption comprising:
- reading unencrypted card data stored on a magnetic stripe of a card at a card reader system;
  
  encrypting the card data at the card reader system using a network key;
  
  obtaining a transaction amount from a point of sale device;
  
  transmitting the transaction amount and the encrypted card data to an authorization gateway without decrypting the encrypted card data;
  
  compiling the encrypted card data into a token request with unencrypted token request data for transmission to the authorization gateway at the card reader system;
  
  receiving the token request and the encrypted card data at the authorization gateway;
  
  decrypting the encrypted card data;
  
  transmitting the decrypted card data to a card-issuing bank with an authorization request;
  
  receiving an authorization response; and
  
  generating a token based on the authorization response.
- View Dependent Claims (16)
- - 16. The method of claim 15 comprising compiling the encrypted card data into the token request for transmission to the authorization gateway at the card reader system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Merchant-Link LLC (Shift4 Payments, Inc.)
Original Assignee
Merchant-Link LLC (Shift4 Payments, Inc.)
Inventors
Zloth, Susan, Lane, Daniel, Smyth, Benjamin
Primary Examiner(s)
Reagan, James A
Assistant Examiner(s)
CHEUNG, CALVIN K

Application Number

US12/752,806
Publication Number

US 20110246372A1
Time in Patent Office

1,006 Days
Field of Search

705/64, 705/67, 705/75, 705/14.38, 902/2, 902/22, 902/25, 902/27, 902/40
US Class Current

705/75
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/204   comprising interface for re...

G06Q 20/3567   Software being in the reader

G06Q 20/3823   combining multiple encrypti...

G06Q 20/401   Transaction verification

G07F 7/082   Features insuring the integ...

G07F 7/1016   Devices or methods for secu...

G07F 7/1091   Use of an encrypted form of...

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

System and method for point-to-point encryption with adjunct terminal

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for point-to-point encryption with adjunct terminal

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links