Systems and methods for performing secure financial transactions
First Claim
Patent Images
1. A method for performing a point of sale transaction using a tag incorporated in a bank card, the tag comprising a storage storing a plurality of encryption keys, the method comprising:
- at the tag, receiving a pointer identifying one of the plurality of encryption keys stored in the tag storage;
encrypting tag data using the identified encryption key, the tag data comprising identification data identifying the tag;
sending the encrypted identification data to a point of sale terminal comprising a tag reader;
at the point of sale terminal, receiving transaction information corresponding to a purchase requested by a user;
at a server, receiving the purchase transaction information and the encrypted identification data identifying the tag from the point of sale terminal;
at the server, decrypting the encrypted identification data identifying the tag using a same encryption key as the encryption key identified by the pointer received at the tag;
at the server, associating the identification data identifying the tag with an account number associated with a bank account of the user; and
at the point of sale terminal, receiving an authorization from the server authorizing the transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
An RFID system includes an RFID tag, an RFID reader, and a server. The RFID tag communicates to the server via encrypted information. The information may be encrypted with synchronized encryption keys. In this manner, the reader need not decrypt the information from the RFID tag. The effectiveness of malicious readers is thereby reduced, resulting in improved RFID tag security.
-
Citations
30 Claims
-
1. A method for performing a point of sale transaction using a tag incorporated in a bank card, the tag comprising a storage storing a plurality of encryption keys, the method comprising:
-
at the tag, receiving a pointer identifying one of the plurality of encryption keys stored in the tag storage; encrypting tag data using the identified encryption key, the tag data comprising identification data identifying the tag; sending the encrypted identification data to a point of sale terminal comprising a tag reader; at the point of sale terminal, receiving transaction information corresponding to a purchase requested by a user; at a server, receiving the purchase transaction information and the encrypted identification data identifying the tag from the point of sale terminal; at the server, decrypting the encrypted identification data identifying the tag using a same encryption key as the encryption key identified by the pointer received at the tag; at the server, associating the identification data identifying the tag with an account number associated with a bank account of the user; and at the point of sale terminal, receiving an authorization from the server authorizing the transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification