×

Method and system for securing data fields

  • US 9,070,129 B2
  • Filed: 09/02/2008
  • Issued: 06/30/2015
  • Est. Priority Date: 09/04/2007
  • Status: Active Grant
First Claim
Patent Images

1. In a payment processing system for a plurality of transactions each characterized by a merchant and an account holder engaging in the transaction upon an account that an issuer issues to the account holder, wherein a transaction handler both processes the transaction for the merchant and processes other said transactions for other merchants, each said merchant submitting the corresponding said transaction to a corresponding acquirer for processing by the transaction handler who requests the issuer of the corresponding said account to obtain payment for the corresponding said transaction from the corresponding said account and for which the issuer forwards the payment to the transaction handler who forwards the payment to the acquirer to pay the merchant for the corresponding said transaction, a method comprising:

  • retrieving one said account at a Point of Service terminal (POS) of one said merchant to conduct one said transaction with the account holder associated with the one said account, wherein the one said transaction includes transaction data of one or more fields at least one of which is a sensitive data field having a plurality of characters of a predetermined character set, the plurality of characters comprising an account number;

    generating, by the Point of Service terminal, a generated pad, wherein the generated pad is an arbitrary set of characters that is used to encrypt and decrypt the account number;

    for each said character in each sensitive data field on a character by character basis;

    forming, by the Point of Service terminal, a combined character from the character of the sensitive data field, taken alone, and a character of the generated pad;

    forming, by the Point of Service terminal, a replacement character by performing a modulus operation on the combined character; and

    storing, by the Point of Service terminal, the replacement character in the position of a corresponding character in the sensitive data field;

    forming, by the Point of Service terminal, a transmission for delivery to a corresponding acquirer computer of said acquirer and containing the transaction data with the at least one said sensitive data field; and

    transmitting, by the Point of Service terminal, the transmission to the acquirer computer and then to a transaction handler computer of the transaction handler.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×