SYSTEM AND METHOD FOR SECURE VERIFICATION OF ELECTRONIC TRANSACTIONS
First Claim
1. A method of processing a personal identification number (PIN), comprising:
- encrypting at an owning institution processor a clear PIN input using an encryption algorithm to generate a first encrypted PIN;
hashing at the owning institution processor the first encrypted PIN using a one-way hash algorithm to generate a first hashed-encrypted PIN; and
storing at a third party processor the first hashed-encrypted PIN.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a system and method for secure verification of electronic transactions, and in particular secure processing of personal identification numbers when third party processors are involved. In an embodiment, a variable length PIN associated with a credit card or debit card is encrypted, then hashed using a one-way hash algorithm before it is passed along to and stored by a third party processor. The encrypted-hashed PIN always remains in an encrypted form while in the hands of the third party processor. At the third party processor, secure cryptographic hardware is used to store the one-way hash algorithm. Encrypted PIN values received for verification are converted and hashed using the one-way hash algorithm, and the resulting hashed-encrypted value is compared against the hashed-encrypted PIN values previously stored at the third party processor. As the PIN has a variable length, and the third party processor has no access to the hash algorithm, the encrypted PIN values are highly resistant to reverse engineering or decryption.
32 Citations
18 Claims
-
1. A method of processing a personal identification number (PIN), comprising:
-
encrypting at an owning institution processor a clear PIN input using an encryption algorithm to generate a first encrypted PIN;
hashing at the owning institution processor the first encrypted PIN using a one-way hash algorithm to generate a first hashed-encrypted PIN; and
storing at a third party processor the first hashed-encrypted PIN. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for processing a personal identification number (PIN), comprising:
-
an encryption algorithm module provided at an owning institution processor and configured to encrypt a clear PIN input and to generate a first encrypted PIN;
a one-way hash algorithm module provided at the owning institution processor and configured to hash the first encrypted PIN and to generate a first hashed-encrypted PIN; and
storage provided at the third party processor for storing the first hashed-encrypted PIN. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer readable medium storing computer code that when loaded into one or more data processors adapts the processors to provide, when executed, a method of processing a personal identification number (PIN), the computer readable medium comprising:
-
code for encrypting at a owning institution processor a clear PIN input using an encryption algorithm to generate a first encrypted PIN;
code for hashing at the owning institution processor the third encrypted PIN using a one-way hash algorithm to generate a first hashed-encrypted PIN; and
code for storing at a third party processor the first hashed-encrypted PIN. - View Dependent Claims (15, 16, 17, 18)
-
Specification