Secure storage of payment information on client devices

US 8,606,720 B1
Filed: 07/03/2012
Issued: 12/10/2013
Est. Priority Date: 11/13/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for secure storage of payment instrument verification information on a client device, comprising:

receiving, by a computer from a client device, a first request to register a payment instrument, the first request comprising at least a payment instrument account number and a verification code corresponding to the payment instrument account number and a user identifier associated with an electronic account record stored on a payment instrument server;

storing, by the computer, the payment instrument account number with the electronic account record associated with the user identifier received in the first request;

encrypting, by the computer, the verification code to generate an encrypted verification code using one or more encryption keys;

communicating, by the computer to the client device, the encrypted verification code and executable instructions, the executable instructions when executed by a processor on the client device directing storage of the encrypted verification code in a local storage data structure on the client device;

deleting, by the computer, the verification code and the encrypted verification code from the computer after communication of the encrypted verification code to the client device;

receiving, by the computer, a second request for payment information from a merchant server, the second request comprising at least the user identifier; and

retrieving, by the computer, the encrypted verification code from storage in the local data structure on the client device associated with the user identifier in response to receiving the second request from the merchant server.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An online electronic wallet system and method provide secure storage and transmission of payment instrument information for use in completing online purchases initiated from a client device. A payment instrument'"'"'s verification code is stored in an encrypted form in local storage on a client device and retrieved and re-encrypted along with other payment instrument information stored on the system using a merchant-specific key. An API library is used to integrate the online electronic wallet system with a registered merchant'"'"'s purchase flow, including the ability to ensure receipt of an electronic receipt prior to communicating payment instrument information to a merchant server.

Citations

22 Claims

1. A computer-implemented method for secure storage of payment instrument verification information on a client device, comprising:
- receiving, by a computer from a client device, a first request to register a payment instrument, the first request comprising at least a payment instrument account number and a verification code corresponding to the payment instrument account number and a user identifier associated with an electronic account record stored on a payment instrument server;
  
  storing, by the computer, the payment instrument account number with the electronic account record associated with the user identifier received in the first request;
  
  encrypting, by the computer, the verification code to generate an encrypted verification code using one or more encryption keys;
  
  communicating, by the computer to the client device, the encrypted verification code and executable instructions, the executable instructions when executed by a processor on the client device directing storage of the encrypted verification code in a local storage data structure on the client device;
  
  deleting, by the computer, the verification code and the encrypted verification code from the computer after communication of the encrypted verification code to the client device;
  
  receiving, by the computer, a second request for payment information from a merchant server, the second request comprising at least the user identifier; and
  
  retrieving, by the computer, the encrypted verification code from storage in the local data structure on the client device associated with the user identifier in response to receiving the second request from the merchant server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 22)
- - 2. The method of claim 1, wherein the computer encrypts the verification code using an encryption key maintained by the computer and not shared with the client device.
  - 3. The method of claim 1, wherein the payment instrument is a credit card and the verification code is a card verification value (“
    - CVV”
      
      ).
  - 4. The method of claim 1, and wherein the first request comprises a request to associate the payment instrument with an account maintained by the computer.
  - 5. The method of claim 1, wherein the verification code is encrypted with a first key, and wherein the computer encrypts the first key with a second key and stores the encrypted first key for later decryption of the encrypted verification code.
  - 6. The method of claim 5, wherein the first key is an AES-256 session key, and wherein the second key is a RSA key.
  - 7. The method of claim 1, wherein the local storage data structure on the client device is HTML 5 local storage.
  - 22. The method of claim 1, further comprising communicating, by the computer, the payment instrument account number stored by the computer and the verification code retrieved from the client device to the merchant server.

8. A computer program product, comprising:
- a non-transitory computer-readable medium having computer-readable program code embodied therein that when executed by a computer processor cause the computer processor to;
  
  receive, from a client device, a first request to register a payment instrument, the first request comprising at least a payment instrument account number, a verification code, and a user identifier associated with an electronic account record stored on a payment instrument server;
  
  store the payment instrument account number with the electronic account record associated with the user identifier received in the first request;
  
  encrypt the verification code with a private encryption key to generate an encrypted verification code;
  
  communicate, to the client device, the encrypted verification code and executable instructions, the executable instructions when executed by a processor on the client device directing storage of the encrypted verification code in a local storage data structure on the client device;
  
  delete the verification code and the encrypted verification code from the computer'"'"'s memory after communication to the client device;
  
  receive a second request for payment information from a merchant server, the second request comprising at least the user identifier; and
  
  retrieve the encrypted verification code from storage in the local data structure on the client device associated with the user identifier in response to receiving the second request from the merchant server.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product of claim 8, wherein the computer readable program code encrypts the verification code using an encryption key not shared with the client device.
  - 10. The computer program product of claim 8, wherein the payment instrument is a credit card and the verification code is a CVV.
  - 11. The computer program product of claim 8, wherein the first request comprises a request to associate the payment instrument with an account maintained by the computer.
  - 12. The computer program product of claim 8, wherein the verification code is encrypted with a first key, and the first key is encrypted with a second key.
  - 13. The computer program product of claim 8, wherein the first key is an AES-256 session key, and the second key is a RSA key.
  - 14. The computer program product of claim 8, wherein the local storage data structure is HTML 5 local storage.

15. A system for the secure storage of payment instrument verification information on a client device, the system comprising:
- a storage device;
  
  a network device; and
  
  a processor communicatively coupled to the storage and the network device, the processor executing application code instructions that are stored in the storage device and that cause the system to;
  
  receive a first request to register a payment instrument from a client device, the first request comprising at least a payment instrument account number, a verification code corresponding to the payment instrument account number, and a user identifier, the user identifier being associated with an online electronic account record stored in the storage device;
  
  store the payment instrument account number in the online electronic account record stored in the storage device and identified by the user identifier;
  
  encrypt the verification code using one or more encryption keys to generate an encrypted verification code;
  
  communicate the encrypted verification code and executable instructions to the client device, the executable instructions when executed by a processor on the client device storing the encrypted verification code in a local storage data structure on the client device;
  
  delete the verification code and the encrypted verification code from the system after communicating the encrypted verification code to the client device;
  
  receive a second request for payment information from a merchant server, the second request comprising at least the user identifier; and
  
  retrieve the encrypted verification code from storage in the local data structure on the client device associated with the user identifier in response to receiving the second request from the merchant server.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The system of claim 15, the system encrypting the verification code with an encryption key maintained on the system and not shared with the client device.
  - 17. The system of claim 15, wherein the payment instrument is a credit card and the verification code is a card verification value (“
    - CVV”
      
      ).
  - 18. The system of claim 15, the first request comprising a request to associate the payment instrument with an account maintained by the system.
  - 19. The system of claim 15, the system encrypting the verification code with a first key and storing the first key for later decryption of the encrypted verification code, the first key further encrypted by the system with a second key.
  - 20. The system of claim 19, wherein the first key is an AES-256 session key, and the second key is a RSA key.
  - 21. The system of claim 15, wherein the local data storage data structure on the client device is HTML 5 local storage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Mitchell, Andrew Robert, Baker, David Preston, Marshall, Stanley N. III, Hussein, Mohamed Reza, Hiller, Matthew Eric, Tung, Chin Pang
Primary Examiner(s)
Coppola, Jacob C.

Application Number

US13/541,469
Time in Patent Office

525 Days
Field of Search

705/76
US Class Current

705/76
CPC Class Codes

G06Q 20/00   Payment architectures, sche...

G06Q 20/0457   the tickets being sent elec...

G06Q 20/12   specially adapted for elect...

G06Q 20/227   characterised in that multi...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/36   using electronic wallets or...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/4018   using the card verification...

G06Q 2220/10   Usage protection of distrib...

G06Q 30/0635   Processing of requisition o...

H04L 67/60   Scheduling or organising th...

Secure storage of payment information on client devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secure storage of payment information on client devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links