Pin block replacement

US 9,123,042 B2
Filed: 08/16/2007
Issued: 09/01/2015
Est. Priority Date: 10/17/2006
Status: Active Grant

First Claim

Patent Images

1. A method for processing a token-based transaction, wherein a token having token data that comprises account data, and an original PIN used to authenticate the token, are used to fulfill the token-based transaction, the method for processing comprising:

receiving, using a computer system, transaction data for the token-based transaction at a processing device, the transaction data comprising encrypted account information and an encrypted first PIN block, wherein the processing device comprises the computer system;

the processing device;

obtaining an unencrypted account data for the token by decrypting the encrypted account information using a first key;

obtaining a decrypted first PIN block by decrypting the encrypted first PIN block using a second key, wherein the decrypted first PIN block comprises a combination of the encrypted account information and the original PIN;

obtaining the original PIN by applying the encrypted account information to the decrypted first PIN block;

creating a second PIN block containing a combination of the original PIN and the unencrypted account data by combining the unencrypted account data with the original PIN; and

routing, based on the account data, the second PIN block and the unencrypted account data to a PIN verification system.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for performing token transactions are provided. In one embodiment, the invention provides for processing token transactions, including receiving an encrypted password for a debit card transaction, wherein the password was secured using encrypted debit-card information, decrypting the password using encrypted debit-card information for the debit card, recreating the password using actual debit-card information for the debit card, and forwarding the recreated password for subsequent transaction processing. The invention is suitable for implementation with other types of tokens in addition to debit-card tokens as well. The invention can be implemented in a scenario where the password includes a PIN block that is created by combining a clear or encrypted PIN for the token with token information.

169 Citations

17 Claims

1. A method for processing a token-based transaction, wherein a token having token data that comprises account data, and an original PIN used to authenticate the token, are used to fulfill the token-based transaction, the method for processing comprising:
- receiving, using a computer system, transaction data for the token-based transaction at a processing device, the transaction data comprising encrypted account information and an encrypted first PIN block, wherein the processing device comprises the computer system;
  
  the processing device;
  
  obtaining an unencrypted account data for the token by decrypting the encrypted account information using a first key;
  
  obtaining a decrypted first PIN block by decrypting the encrypted first PIN block using a second key, wherein the decrypted first PIN block comprises a combination of the encrypted account information and the original PIN;
  
  obtaining the original PIN by applying the encrypted account information to the decrypted first PIN block;
  
  creating a second PIN block containing a combination of the original PIN and the unencrypted account data by combining the unencrypted account data with the original PIN; and
  
  routing, based on the account data, the second PIN block and the unencrypted account data to a PIN verification system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the encrypted account information comprises encrypted account data that is in the same format as the account data.
  - 3. The method of claim 1, wherein the encrypted account information comprises a combination of a portion of original account data with encrypted account data, wherein the combination is in the same format as the account data.
  - 4. The method of claim 1, wherein the decrypted first PIN block is created by exclusive OR-ing the PIN with the encrypted account information.
  - 5. The method of claim 1, further comprising the step of encrypting the decrypted first PIN block using an encryption algorithm before sending the first PIN block to the processing device.
  - 6. The method of claim 1, wherein the steps of receiving, decrypting, applying, combining and routing are performed at a processing device communicatively coupled between a point-of-sale terminal and a transaction processing network.
  - 7. The method of claim 1, wherein the token is a magnetic stripe card, and the account data comprises a personal account number associated with the magnetic stripe card.

8. A computer-based apparatus comprising:
- means for receiving transaction data for a token-based transaction, the transaction data comprising encrypted account information and an encrypted first PIN block;
  
  means for obtaining an unencrypted account data for the token by decrypting the encrypted account information using a first key;
  
  means for obtaining a decrypted first PIN block by decrypting the encrypted first PIN block using a second key, wherein the decrypted first PIN block comprises a combination of encrypted account information and a PIN;
  
  means for obtaining the PIN by applying the encrypted account information to the decrypted first PIN block;
  
  means for creating a second PIN block containing a combination of the PIN and the unencrypted account data by combining the unencrypted account data with the PIN; and
  
  means for routing, based on the unencrypted account data, the second PIN block and the unencrypted account data to a PIN verification system.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The computer-based apparatus of claim 8, wherein the encrypted account information comprises encrypted account data that is in the same format as the unencrypted account data.
  - 10. The computer-based apparatus of claim 8, wherein the encrypted account information comprises a combination of a portion of original account data with encrypted account data, wherein the combination is in the same format as the unencrypted account data.
  - 11. The computer-based apparatus of claim 8, wherein the decrypted first PIN block is created by exclusive OR-ing the PIN with the encrypted account information.
  - 12. The computer-based apparatus of claim 8, wherein the steps of receiving, decrypting, applying, combining and routing are performed at a processing device communicatively coupled between a point-of-sale terminal and a transaction processing network.
  - 13. The computer-based apparatus of claim 8, wherein the token is a magnetic stripe card, and the unencrypted account data comprises a personal account number associated with the magnetic stripe card.

14. A token transaction system for processing a token-based transaction, wherein a token having token data that comprises account data, and a PIN used to authenticate the token, are used to fulfill the token-based transaction, comprising:
- a processor;
  
  a memory coupled to the processor and having instructions stored thereon that, when executed by the processor, causes the processor to perform the steps of;
  
  receiving transaction data for the token based transaction, the transaction data comprising encrypted account information and an encrypted first PIN block,obtaining an unencrypted account data for the token by decrypting the encrypted account information using a first key,obtaining a decrypted first PIN block by decrypting the encrypted first PIN block using a second key, wherein the decrypted first PIN block comprises a combination of the encrypted account information and the PIN;
  
  obtaining the PIN by applying the encrypted account information to the decrypted first PIN block,creating a second PIN block containing a combination of the PIN and the unencrypted account data by combining the unencrypted account data with the PIN; and
  
  routing, based on the account data, the second PIN block and the unencrypted account data to a PIN verification system.
- View Dependent Claims (15, 16, 17)
- - 15. The token transaction system of claim 14, wherein the account data is in clear-text.
  - 16. The token transaction system of claim 14, further comprising a plurality of token readers configured to read token data and to encrypt some or all of the token data to generate the encrypted token data.
  - 17. The token transaction system of claim 14, wherein the token transaction system is a gateway configured to route data between a token reader and a transaction processing network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verifone, Inc. (Verifone Systems, Inc.)
Original Assignee
Verifone, Inc. (Verifone Systems, Inc.)
Inventors
von Mueller, Clay, Yale, Scott R., Catinella, Paul
Primary Examiner(s)
AGWUMEZIE, CHINEDU CHARLES

Application Number

US11/839,698
Publication Number

US 20080189214A1
Time in Patent Office

2,938 Days
Field of Search

705/59, 705/72
US Class Current

1/1
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/367   involving electronic purses...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/4012   Verifying personal identifi...

G07F 7/088   the card reader being part ...

Pin block replacement

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

169 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Pin block replacement

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

169 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links