Over the air update of payment transaction data stored in secure memory
First Claim
1. An apparatus for facilitating payment transactions between a plurality of consumers and a plurality of merchants, comprising:
- a processor;
a memory; and
a set of instructions stored in the memory, which when executed by the processor, cause the processor to;
generate a first pair of encryption keys, the first pair of encryption keys including a first encryption key and a second encryption key;
distribute the first encryption key to a first mobile gateway that processes a first set of payment transactions;
generate a second pair of encryption keys, the second pair of encryption keys including a third encryption key and a fourth encryption key;
distribute the third encryption key to an issuer computer, wherein the issuer computer generates a first device key using the third encryption key and distributes the first device key to a first mobile device, wherein the first mobile device receives the first device key from the issuer computer, wherein the first mobile device conducts a transaction with a device reader, wherein the device reader provides transaction data for the transaction to the issuer computer, wherein the issuer computer generates updated transaction data for the transaction;
generate a first session key for encrypting the updated transaction data using the second encryption key;
generate the first device key using the fourth encryption key;
encrypt the first session key using the first device key to create a first encrypted session key; and
distribute the first encrypted session key to the first mobile device via the first mobile gateway, wherein the first mobile device decrypts the first encrypted session key using the first device key that the first mobile device previously received from the issuer computer, wherein the first mobile gateway encrypts the updated transaction data using the first session key and transmits the encrypted updated transaction data to the first mobile device, wherein the first mobile device decrypts the encrypted updated transaction data using the first session key.
0 Assignments
0 Petitions
Accused Products
Abstract
A system, apparatus, and method for processing payment transactions that are conducted using a mobile device that includes a contactless element, such as an integrated circuit chip. The invention enables the updating, correction or synchronization of transaction data maintained by an Issuer with that stored on the device. This is accomplished by using a wireless (cellular) network as a data communication channel for data provided by an Issuer to the mobile device, and is particularly advantageous in circumstances in which the contactless element is not presently capable of communication with a device reader or point of sale terminal that uses a near field communications mechanism. Data transferred between the mobile device and Issuer may be encrypted and decrypted to provide additional security and protect the data from being accessed by other users or applications. If encryption keys are used for the encryption and decryption processes, they may be distributed by a key distribution server or other suitable entity to a mobile gateway which participates in the data encryption and decryption operations.
407 Citations
20 Claims
-
1. An apparatus for facilitating payment transactions between a plurality of consumers and a plurality of merchants, comprising:
-
a processor; a memory; and a set of instructions stored in the memory, which when executed by the processor, cause the processor to; generate a first pair of encryption keys, the first pair of encryption keys including a first encryption key and a second encryption key; distribute the first encryption key to a first mobile gateway that processes a first set of payment transactions; generate a second pair of encryption keys, the second pair of encryption keys including a third encryption key and a fourth encryption key; distribute the third encryption key to an issuer computer, wherein the issuer computer generates a first device key using the third encryption key and distributes the first device key to a first mobile device, wherein the first mobile device receives the first device key from the issuer computer, wherein the first mobile device conducts a transaction with a device reader, wherein the device reader provides transaction data for the transaction to the issuer computer, wherein the issuer computer generates updated transaction data for the transaction; generate a first session key for encrypting the updated transaction data using the second encryption key; generate the first device key using the fourth encryption key; encrypt the first session key using the first device key to create a first encrypted session key; and distribute the first encrypted session key to the first mobile device via the first mobile gateway, wherein the first mobile device decrypts the first encrypted session key using the first device key that the first mobile device previously received from the issuer computer, wherein the first mobile gateway encrypts the updated transaction data using the first session key and transmits the encrypted updated transaction data to the first mobile device, wherein the first mobile device decrypts the encrypted updated transaction data using the first session key. - View Dependent Claims (2, 3, 4, 5, 11, 12, 13, 14, 15)
-
-
6. A method, comprising:
-
generating, by a computer, a first pair of encryption keys, the first pair of encryption keys including a first encryption key and a second encryption key; distributing, by the computer, the first encryption key to a first mobile gateway, wherein the first mobile gateway process a first set of payment transactions; generating, by the computer, a second pair of encryption keys, the second pair of encryption keys including a third encryption key and a fourth encryption key; distributing, by the computer, the third encryption key to an issuer computer, wherein the issuer computer generates a first device key using the third encryption key and distributes the first device key to a first mobile device, wherein the first mobile device receives the first device key from the issuer computer, wherein the first mobile device is conducts a transaction with a device reader, wherein the device reader provides transaction data for the transaction to the issuer computer, wherein the issuer computer generates updated transaction data for the transaction; generating, by the computer, a first session key for encrypting the updated transaction data using the second encryption key; generating, by the computer, the first device key using the fourth encryption key; encrypting, by the computer, the first session key using the first device key to create a first encrypted session key; and distributing, by the computer, the first encrypted session key to the first mobile device via the first mobile gateway, wherein the first mobile device decrypts the first encrypted session key using the first device key that the first mobile device previously received from the issuer computer, wherein the first mobile gateway encrypts the updated transaction data using the first session key and transmits the encrypted updated transaction data to the first mobile device, wherein the first mobile device decrypts the encrypted updated transaction data using the first session key. - View Dependent Claims (7, 8, 9, 10, 16, 17, 18, 19, 20)
-
Specification