Secure distributed single action payment authorization system
First Claim
Patent Images
1. A method of paying for an item, the method comprising:
- receiving user credentials at a first application installed on a mobile device;
transmitting the user credentials and a device identifier from the first application of the mobile device to a payment management server;
receiving, from the payment management server, an encryption key at the mobile device;
obtaining data at the mobile device to be included in personal payment information;
encrypting the data using the encryption key received from the payment management server to form encrypted personal payment information at the mobile device;
storing the encrypted personal payment information on the mobile device, the encrypted personal payment information associated with the first application and not associated with a second application installed on the mobile device;
discarding, from the mobile device, the encryption key andafter discarding the encryption keyreceiving, at the mobile device, a request to make a payment using the second application;
responsive to determining that there is not personal payment information associated with the second application, transmitting a request for authorization from the mobile device to the payment management server, the request for authorization including the user credentials and the device identifier;
responsive to receiving an indication from the payment management server at the mobile device, accessing, the encrypted personal payment information associated with the first application;
receiving a decryption key from the payment management server at the second application, the decryption key associated with the device identifier at the payment management server;
decrypting, at the mobile device, the encrypted personal payment information using the decryption key associated with the device identifier to expose the personal payment information; and
transmitting the exposed personal payment information from the mobile device to a payment authority associated with the request to make the payment using the second application via a secure connection to the payment authority.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for enabling and performing secured, single action payments from a mobile device are disclosed. One method includes transmitting user credentials from an application installed on a mobile device to a server alongside a device identifier. The method includes receiving data at least partially defining encrypted personal payment information and saving the encrypted personal payment information in a memory of the mobile device in association with the application. At least prior to receiving a user request to make a payment via the application, the mobile device lacks a decryption key capable of decrypting the encrypted personal payment information.
-
Citations
17 Claims
-
1. A method of paying for an item, the method comprising:
-
receiving user credentials at a first application installed on a mobile device; transmitting the user credentials and a device identifier from the first application of the mobile device to a payment management server; receiving, from the payment management server, an encryption key at the mobile device; obtaining data at the mobile device to be included in personal payment information; encrypting the data using the encryption key received from the payment management server to form encrypted personal payment information at the mobile device; storing the encrypted personal payment information on the mobile device, the encrypted personal payment information associated with the first application and not associated with a second application installed on the mobile device; discarding, from the mobile device, the encryption key and after discarding the encryption key receiving, at the mobile device, a request to make a payment using the second application; responsive to determining that there is not personal payment information associated with the second application, transmitting a request for authorization from the mobile device to the payment management server, the request for authorization including the user credentials and the device identifier; responsive to receiving an indication from the payment management server at the mobile device, accessing, the encrypted personal payment information associated with the first application; receiving a decryption key from the payment management server at the second application, the decryption key associated with the device identifier at the payment management server; decrypting, at the mobile device, the encrypted personal payment information using the decryption key associated with the device identifier to expose the personal payment information; and transmitting the exposed personal payment information from the mobile device to a payment authority associated with the request to make the payment using the second application via a secure connection to the payment authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A secure distributed single-action payment system comprising:
-
a mobile device comprising; a programmable circuit configured to execute program instructions stored in memory which, when executed, cause the mobile device to; receive user credentials at a first application installed on the mobile device; transmit the user credentials from the first application of the mobile device to a payment management server alongside a device identifier; receive, from the payment management server, an encryption key; obtain data at the mobile device to be included in personal payment information; encrypt the data using the encryption key received from the payment management server to form encrypted personal payment information; save the encrypted personal payment information in the memory in association with the first application, the encrypted personal payment information including a user identifier and a carrier identifier, wherein the encrypted personal payment information in the memory is not associated with a second application installed on the mobile device; discard the encryption key; and after discarding the encryption key; receive a request to make payment for an item using the second application, the request comprising a single action representing a user selection indicating a desire to make a payment through one or more of a plurality of payment options, the plurality of payment options associated with different billing entity types; receive user credentials at the second application; responsive to receiving the request to make payment for the item using the second application and responsive to determining that there is not personal payment information associated with the second application in memory, transmit a request for authorization to the payment management server, the request for authorization including the user credentials and device identifier; responsive to receiving an indication from the payment management server, access the encrypted personal payment information associated with the first application; receive a decryption key from the payment management server at the second application, the decryption key associated with the device identifier at the payment management server; decrypt the encrypted personal payment information using the decryption key associated with the device identifier to expose personal payment information; in response to the user selection, transmit the personal payment information to a payment authority via a secure connection to the payment authority, wherein the payment authority is associated with the request to make the payment using the second application; and after initiating authorization of payment for the item, discard the exposed personal payment information and the decryption key by the application. - View Dependent Claims (14, 15, 16, 17)
-
Specification