Cloud-based transactions methods and systems
First Claim
Patent Images
1. A method for enhancing security of a communication device when conducting a transaction using the communication device, the method comprising:
- receiving, from a remote computer by the communication device, a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK, wherein the LUK is usable for more than one transaction;
generating, by the communication device, a transaction cryptogram using the LUK;
sending, to an access device by the communication device, a token instead of a real account identifier and the transaction cryptogram to conduct the transaction, wherein the transaction is authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds;
sending, to the remote computer by the communication device, a replenishment request for a second LUK, the replenishment request including transaction log information derived from transaction data that is unique for each of a plurality of transactions conducted using the LUK, the transaction data being stored in a transaction log on the communication device; and
receiving, from the remote computer by the communication device, the second LUK when the transaction log information in the replenishment request matches transaction log information at the remote computer, the second LUK being a different key than the LUK.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and sending a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction. The LUK may be associated with a set of one or more limited-use thresholds that limits usage of the LUK, and the transaction can be authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds.
-
Citations
24 Claims
-
1. A method for enhancing security of a communication device when conducting a transaction using the communication device, the method comprising:
-
receiving, from a remote computer by the communication device, a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK, wherein the LUK is usable for more than one transaction; generating, by the communication device, a transaction cryptogram using the LUK; sending, to an access device by the communication device, a token instead of a real account identifier and the transaction cryptogram to conduct the transaction, wherein the transaction is authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds; sending, to the remote computer by the communication device, a replenishment request for a second LUK, the replenishment request including transaction log information derived from transaction data that is unique for each of a plurality of transactions conducted using the LUK, the transaction data being stored in a transaction log on the communication device; and receiving, from the remote computer by the communication device, the second LUK when the transaction log information in the replenishment request matches transaction log information at the remote computer, the second LUK being a different key than the LUK. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 23, 24)
-
-
12. A communication device comprising:
-
a processor; and a memory coupled to the processor and storing a mobile application that performs operations for enhancing security of the communication device when conducting transactions using the communication device, the operations including; receiving a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK, wherein the LUK is usable for more than one transaction; generating a transaction cryptogram using the LUK; sending a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction, wherein the transaction is authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds; sending a replenishment request for a second LUK, the replenishment request including transaction log information derived from transaction data that is unique for each of a plurality of transactions conducted using the LUK, the transaction data being stored in a transaction log on the communication device; and receiving the second LUK when the transaction log information in the replenishment request matches transaction log information at the remote computer, the second LUK being a different key than the LUK. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification