Integration of payment capability into secure elements of computers
First Claim
1. A method comprising:
- receiving, at a secure element of a computer, a real account number and at least one of an expiration date, a card verification value, or a billing ZIP code of user-specific payment information, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element comprises a processor, a memory coupled to the processor, and an input/output controller coupled to the processor, and wherein the memory stores a unique identifier identifying the secure element;
obtaining the unique identifier identifying the secure element from the memory of the secure element;
sending the received real account number, the received at least one of the expiration date, the card verification value, or the billing ZIP code, and the obtained unique identifier identifying the secure element to a validation entity server;
receiving, in response to sending the received real account number, the received at least one of the expiration date, the card verification value, or the billing ZIP code, and the obtained unique identifier identifying the secure element to the validation entity server, a pseudo account number from the validation entity server, the received pseudo account number being different from the real account number of the user-specific payment information and having the same form as the real account number; and
storing, in the memory of the secure element, the received pseudo account number, wherein the method further comprises;
encrypting, the unique identifier identifying the secure element using an encryption key stored in the secure element, prior to sending the obtained unique identifier to the validation entity server.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, secure elements, validation entities, and computer program products for effecting secure communication of payment information to merchants for Internet-based purchases. Payment information for a user'"'"'s real payment information is installed in a secure element of a computer, the payment information may comprise a pseudo PAN number for the portable consumer device provided by a validation entity. The secure element is shielded from the computer'"'"'s operating system to thwart hacker attacks. The user accesses the secure element to make a purchase. In response, the secure element contacts the validation entity with the pseudo account number, and in response obtains dynamic payment information that the secure element can used to effect the payment. The dynamic payment information comprises an account number that is different from the pseudo PAN, and which has at least one difference which respect to the user'"'"'s real payment information.
-
Citations
23 Claims
-
1. A method comprising:
-
receiving, at a secure element of a computer, a real account number and at least one of an expiration date, a card verification value, or a billing ZIP code of user-specific payment information, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element comprises a processor, a memory coupled to the processor, and an input/output controller coupled to the processor, and wherein the memory stores a unique identifier identifying the secure element; obtaining the unique identifier identifying the secure element from the memory of the secure element; sending the received real account number, the received at least one of the expiration date, the card verification value, or the billing ZIP code, and the obtained unique identifier identifying the secure element to a validation entity server; receiving, in response to sending the received real account number, the received at least one of the expiration date, the card verification value, or the billing ZIP code, and the obtained unique identifier identifying the secure element to the validation entity server, a pseudo account number from the validation entity server, the received pseudo account number being different from the real account number of the user-specific payment information and having the same form as the real account number; and storing, in the memory of the secure element, the received pseudo account number, wherein the method further comprises; encrypting, the unique identifier identifying the secure element using an encryption key stored in the secure element, prior to sending the obtained unique identifier to the validation entity server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer comprising:
-
a secure element comprising a data processor, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element further comprises a memory coupled to the data processor, and an input/output controller coupled to the data processor, and wherein the memory stores a unique identifier identifying the secure element; and a computer program product coupled to the data processor, the computer program product embodied on a tangible non-transitory computer-readable medium comprising code executable the data processor of the secure element to implement a method comprising directing, by the data processor to receive a real account number and at least one of an expiration date, a card verification value, or a billing ZIP code of user-specific payment information, directing the data processor to obtain the unique identifier identifying the secure element from the memory of the secure element, directing the data processor to send the received real account number, the received at least one of the expiration date, the card verification value, or the billing ZIP code, and the obtained unique identifier identifying the secure element to a validation entity server, directing the data processor to receive, in response to sending the received real account number, the received at least one of the expiration date, the card verification value, or the billing ZIP code, and the obtained unique identifier identifying the secure element to the validation entity server, a pseudo account number from the validation entity server, the received pseudo account number being different from the real account number of the user-specific payment information and having the same form as the real account number, and directing the data processor to store, in the memory of the secure element, the received pseudo account number, and wherein the method further comprises directing the data processor to encrypt, the unique identifier identifying the secure element using an encryption key stored in the secure element, prior to sending the obtained unique identifier to the validation entity server. - View Dependent Claims (10, 11)
-
-
12. A method comprising:
-
receiving, at a validation entity server, a request from a secure element of a computer to provide a pseudo account number, the request including a unique identifier identifying the secure element, and a real account number and at least one of an expiration date, a card verification value, or a billing ZIP code of an instance of user-specific payment information, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element further comprises a data processor, a memory coupled to the data processor, and an input/output controller coupled to the data processor, and wherein the memory stores the unique identifier identifying the secure element; applying at least one validation test pertaining to the received request; sending, if the at least one validation test is passed, a pseudo account number to the secure element, wherein the pseudo account number has the same form as the real account number; and storing the pseudo account number with an indication of at least the received real account number, wherein the unique identifier identifying the secure element is encrypted using an encryption key stored in the secure element, prior to receiving the request. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A validation entity server comprising:
-
a data processor; a networking facility coupled to the processor; a computer-readable medium coupled to the processor; and a computer program product embodied on the computer-readable medium, the computer program product comprising code executable by the data processor to implement a method comprising directing the data processor to receive a request from a secure element of a computer to provide a pseudo account number, the request including a unique identifier identifying the secure element, and a real account number and at least one of an expiration date, a card verification value, or a billing ZIP code of an instance of user-specific payment information, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element further comprises a memory and an input/output controller coupled to the data processor, and wherein the memory stores the unique identifier identifying the secure element, directing the data processor to apply at least one validation test pertaining to the received request for a pseudo account number, directing the data processor to send, if the at least one validation test is passed, the pseudo account number to the secure element, wherein the pseudo account number has the same form as the real account number, and directing the data processor to store the pseudo account number with an indication of at least the received real account number, wherein in the method, the unique identifier identifying the secure element is encrypted using an encryption key stored in the secure element, prior to receiving the request. - View Dependent Claims (19, 20, 21, 22, 23)
-
Specification