Purchase transaction system with encrypted payment card data
First Claim
1. A computer-implemented method for securing payment card data in a system having at least one point of sale terminal and at least one payment card transaction processing gateway, the method comprising:
- deriving, by a key server, an intermediate key from a master key;
sending, by the key server, the intermediate key to the at least one payment card transaction processing gateway;
deriving, by the key server, a first terminal key from the intermediate key;
sending, by the key server, the first terminal key to the at least one point of sale terminal;
obtaining, by the at least one point of sale terminal, payment card data associated with a payment card of a user during a purchase transaction;
encrypting, by the at least one point of sale terminal, the payment card data using an encryption algorithm that takes as inputs a first part of the payment card data, a tweak formed from a second part of the payment card data, and the first terminal key;
transmitting, by the at least point of sale terminal, the encrypted payment card data and the tweak, to the at least one payment card transaction processing gateway;
deriving, by the at least one payment card transaction processing gateway, a second terminal key from the intermediate key; and
decrypting, by the at least one payment card transaction processing gateway, the encrypted payment card data using the second terminal key and the tweak.
12 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for securing payment card information. A user may present a payment card such as a credit card to point-of-sale equipment. The point-of-sale equipment may encrypt the payment card information. An encryption algorithm may be used that takes as inputs a first part of the payment card information, a tweak formed by a second part of the payment card information, and an encryption key. The encrypted payment card information may be conveyed to a gateway over a communications network. The gateway may identify which encryption algorithm was used in encrypting the payment card information and may re-encrypt the payment card information using a format preserving encryption algorithm. A network-based service may be used to remotely perform functions for the gateway.
50 Citations
8 Claims
-
1. A computer-implemented method for securing payment card data in a system having at least one point of sale terminal and at least one payment card transaction processing gateway, the method comprising:
-
deriving, by a key server, an intermediate key from a master key; sending, by the key server, the intermediate key to the at least one payment card transaction processing gateway; deriving, by the key server, a first terminal key from the intermediate key; sending, by the key server, the first terminal key to the at least one point of sale terminal; obtaining, by the at least one point of sale terminal, payment card data associated with a payment card of a user during a purchase transaction; encrypting, by the at least one point of sale terminal, the payment card data using an encryption algorithm that takes as inputs a first part of the payment card data, a tweak formed from a second part of the payment card data, and the first terminal key; transmitting, by the at least point of sale terminal, the encrypted payment card data and the tweak, to the at least one payment card transaction processing gateway; deriving, by the at least one payment card transaction processing gateway, a second terminal key from the intermediate key; and decrypting, by the at least one payment card transaction processing gateway, the encrypted payment card data using the second terminal key and the tweak. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification