Transaction messaging
First Claim
1. A method of processing a transaction message, wherein the transaction message conforms to an EMV standard in which the transaction message includes a first data field configured to hold a device identifier, a second data field configured to hold supplementary data, a third data field, and a fourth data field configured to hold data associated with a transaction, the method comprising:
- receiving, by a transaction processing server, the transaction message from a first part of a transaction processing system, the transaction message comprising a temporary transaction device identifier in the first data field, an encrypted transaction device identifier in the second data field, an ephemeral public key PD in the third data field, and transaction data in the fourth data field;
generating, by the transaction processing server, a shared secret S using a private key ds of the transaction processing server and the ephemeral public key PD in the third data field;
decrypting, by the transaction processing server, the encrypted transaction device identifier in the second data field using the shared secret S to generate a transaction device identifier associated with a transaction device;
retrieving, by the transaction processing server, a hashing key K associated with the transaction device using the transaction device identifier;
calculating, by the transaction processing server, a hash value h′
of a concatenation of the transaction device identifier and the transaction data using the hashing key K;
generating, by the transaction processing server, a server generated ephemeral public key P′
D using the hash value h′
;
validating, by the transaction processing server, the transaction data by comparing the server generated ephemeral public key P′
D with the ephemeral public key PD in the third data field; and
processing, by the transaction processing server, the transaction message using the transaction device identifier instead of the temporary transaction device identifier in the first data field.
1 Assignment
0 Petitions
Accused Products
Abstract
There is described a method for transmitting a transaction message from a transaction device having a transaction device identifier. The method involves encrypting, at a transaction device, a transaction device identifier, generating, at the transaction device, a transaction message for a transaction system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, and sending the transaction message to a transaction processing system. The generation of the transaction message comprises providing data in the first data field of the transaction message that does not identify the transaction device and providing the encrypted transaction device identifier in the second data field of the transaction message.
600 Citations
18 Claims
-
1. A method of processing a transaction message, wherein the transaction message conforms to an EMV standard in which the transaction message includes a first data field configured to hold a device identifier, a second data field configured to hold supplementary data, a third data field, and a fourth data field configured to hold data associated with a transaction, the method comprising:
-
receiving, by a transaction processing server, the transaction message from a first part of a transaction processing system, the transaction message comprising a temporary transaction device identifier in the first data field, an encrypted transaction device identifier in the second data field, an ephemeral public key PD in the third data field, and transaction data in the fourth data field; generating, by the transaction processing server, a shared secret S using a private key ds of the transaction processing server and the ephemeral public key PD in the third data field; decrypting, by the transaction processing server, the encrypted transaction device identifier in the second data field using the shared secret S to generate a transaction device identifier associated with a transaction device; retrieving, by the transaction processing server, a hashing key K associated with the transaction device using the transaction device identifier; calculating, by the transaction processing server, a hash value h′
of a concatenation of the transaction device identifier and the transaction data using the hashing key K;generating, by the transaction processing server, a server generated ephemeral public key P′
D using the hash value h′
;validating, by the transaction processing server, the transaction data by comparing the server generated ephemeral public key P′
D with the ephemeral public key PD in the third data field; andprocessing, by the transaction processing server, the transaction message using the transaction device identifier instead of the temporary transaction device identifier in the first data field. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer system for processing a transaction message, wherein the transaction message conforms to an EMV standard in which the transaction message includes a first data field configured to hold a device identifier, a second data field configured to hold supplementary data, a third data field, and a fourth data field configured to hold data associated with a transaction, the computer system comprising:
-
a processor; and a memory storing computer readable code, which when executed by the processor, causes the computer system to perform operations including; receiving the transaction message from a first part of a transaction processing system, the transaction message comprising a temporary transaction device identifier in the first data field, an encrypted transaction device identifier in the second data field, an ephemeral public key PD in the third data field, and transaction data in the fourth data field; generating a shared secret S using a private key ds of the computer system and the ephemeral public key PD in the third data field; decrypting the encrypted transaction device identifier in the second data field using the shared secret S to generate a transaction device identifier associated with a transaction device; retrieving a hashing key K associated with the transaction device using the transaction device identifier; calculating a hash value h′
of a concatenation of the transaction device identifier and the transaction data using the hashing key K;generating a system generated ephemeral public key P′
D using the hash value h′
;validating the transaction data by comparing the system generated ephemeral public key P′
D with the ephemeral public key PD in the third data field; andprocessing the transaction message using the transaction device identifier instead of the temporary transaction device identifier in the first data field. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification