×

Transmission of sensitive customer information during electronic-based transactions

  • US 8,595,098 B2
  • Filed: 03/18/2009
  • Issued: 11/26/2013
  • Est. Priority Date: 03/18/2009
  • Status: Active Grant
First Claim
Patent Images

1. A method implemented by a payment gateway for processing electronic transactions comprising the steps of:

  • receiving a first request to initiate an electronic transaction from a merchant server;

    in response to receipt of the first request, generating a token-ID by the payment gateway that is unique to the electronic transaction and transmitting a first message to the merchant server that includes the token-ID, the token-ID uniquely identifying a transaction and at the initial generation of the token-ID is not associated with any particular cardholder;

    after the generating and transmitting of the token-ID, receiving a communication from an electronic device of a cardholder where the communication includes the cardholder'"'"'s credit card account number and the token-ID, said communication received by the payment gateway from the electronic device of the cardholder without said communication being accessible to the merchant server and without said communication being transmitted through the merchant server;

    storing a record that includes the token-ID and the cardholder'"'"'s credit card account number;

    after receipt by the payment gateway of the communication from the electronic device of a cardholder, receiving a second request from the merchant server for payment of a specified amount, where the second request includes the token-ID;

    identifying said record based on the token-ID and determining the associated credit card account number of the cardholder stored with said record to be debited for the requested payment;

    determining if the cardholder'"'"'s credit card account was successfully debited for the requested payment;

    transmitting a second message to the merchant server that specifies if the requested payment transaction was successfully completed;

    whereby improved security for the cardholder'"'"'s credit card account number is achieved since the cardholder'"'"'s credit card account number is never transmitted via the merchant server during an electronic transaction.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×