Secure remote payment transaction processing using a secure element
First Claim
1. A method of processing a remote transaction initiated by a mobile device, the method comprising:
- receiving, by a mobile payment application on a secure memory of the mobile device, transaction data and a transaction processor certificate from a transaction processor application stored on the mobile device outside of the secure memory;
determining, by the mobile payment application, that the transaction processor application is authentic;
extracting, by the mobile payment application, a transaction processor public key from the transaction processor certificate;
determining, by the mobile payment application, payment credentials stored in the secure memory;
encrypting, by the mobile payment application, the payment credentials using the extracted transaction processor public key;
based on a determination that the transaction processor application is authentic, transmitting by the mobile payment application, the encrypted payment credentials to the transaction processor application; and
transmitting, by the transaction processor application, the encrypted payment credentials to a transaction processor server computer in communication with the mobile device,wherein the encrypted payment credentials are used to process a payment transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device. The method comprises receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device. The method further comprises validating that the transaction processor application is authentic and in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application. The transaction processor application further initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.
-
Citations
16 Claims
-
1. A method of processing a remote transaction initiated by a mobile device, the method comprising:
-
receiving, by a mobile payment application on a secure memory of the mobile device, transaction data and a transaction processor certificate from a transaction processor application stored on the mobile device outside of the secure memory; determining, by the mobile payment application, that the transaction processor application is authentic; extracting, by the mobile payment application, a transaction processor public key from the transaction processor certificate; determining, by the mobile payment application, payment credentials stored in the secure memory; encrypting, by the mobile payment application, the payment credentials using the extracted transaction processor public key; based on a determination that the transaction processor application is authentic, transmitting by the mobile payment application, the encrypted payment credentials to the transaction processor application; and transmitting, by the transaction processor application, the encrypted payment credentials to a transaction processor server computer in communication with the mobile device, wherein the encrypted payment credentials are used to process a payment transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 14, 15, 16)
-
-
10. A mobile device comprising:
-
a processor; a computer-readable medium coupled to the processor, the computer-readable medium comprising a transaction processor application; a secure processor; and a secure computer-readable medium coupled to the secure processor, the secure computer-readable medium comprising code, executable by the secure processor, for performing a method of processing a remote transaction, the method comprising the steps of; receiving transaction data and a transaction processor certificate from the transaction processor application on the mobile device; determining that the transaction processor application is authentic; extracting, by the mobile payment application, a transaction processor public key from the transaction processor certificate; determining, by the mobile payment application, payment credentials stored in the secure memory; encrypting, by the mobile payment application, the payment credentials using the extracted transaction processor public key; based on a determination that the transaction processor application is authentic, transmitting the encrypted payment credentials to the transaction processor application; and transmitting the encrypted payment credentials to a transaction processor server computer in communication with the mobile device, wherein the encrypted payment credentials are used to process a payment transaction. - View Dependent Claims (11, 12, 13)
-
Specification