Terminal data encryption

US 8,494,968 B2
Filed: 06/18/2007
Issued: 07/23/2013
Est. Priority Date: 06/19/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

generating at an access device an initial key, wherein the step of generating the initial key is based on a first interaction between the access device and a first portable consumer device, and wherein the access device includes a point of sale device;

sending the initial key to a key storage location, wherein the initial key is sent by the access device;

altering the initial key with a public key to form an altered key, wherein the initial key is altered by the access device;

sending the altered key from the access device to a server computer along with an identifier for the access device; and

altering, with the initial key that is stored at the key storage location, transaction data associated with a plurality of financial transactions that are conducted using the access device,wherein the altered key has a form capable of being changed to the initial key at the server computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is disclosed. The method includes generating an initial key after interacting with an access device, storing the initial key at a key storage location, altering the initial key with a public key to form an altered key, and sending the altered key to a server computer along with an identifier for the access device. The altered key is changed to the initial key at the server computer and is stored with the identifier in a database in operative communication with the server computer. The initial keys that are stored at the key storage location and in the database are used to alter and restore transaction data associated with multiple financial transactions that are conducted using the access device.

126 Citations

23 Claims

1. A method comprising:
- generating at an access device an initial key, wherein the step of generating the initial key is based on a first interaction between the access device and a first portable consumer device, and wherein the access device includes a point of sale device;
  
  sending the initial key to a key storage location, wherein the initial key is sent by the access device;
  
  altering the initial key with a public key to form an altered key, wherein the initial key is altered by the access device;
  
  sending the altered key from the access device to a server computer along with an identifier for the access device; and
  
  altering, with the initial key that is stored at the key storage location, transaction data associated with a plurality of financial transactions that are conducted using the access device,wherein the altered key has a form capable of being changed to the initial key at the server computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1 wherein the initial key is a symmetric key and wherein the key storage location is in the access device.
  - 3. The method of claim 1 further comprising:
    - altering the identifier to form an altered identifier; and
      
      sending the altered identifier to the server computer,wherein sending the altered key and the altered identifier data to a server computer is part of a special initialization transaction that is different from a transaction associated with a purchase.
  - 4. The method of claim 1 wherein the first interaction comprises using the first portable consumer device to interact with the access device in a financial transaction, and wherein altering comprises encrypting.
  - 5. The method of claim 4 wherein the encrypting comprises performing an encryption process, the access device being capable of performing the encryption process.
  - 6. The method of claim 5 wherein the encryption process comprises elliptical curve cryptography.
  - 7. The method of claim 1 wherein a host computer is coupled to the access device.
  - 8. The method of claim 7 wherein the public key is stored in the host computer.
  - 9. The method of claim 7 wherein the host computer generates the initial key.
  - 10. The method of claim 7 wherein the host computer performs the altering.
  - 11. The method of claim 1, wherein the altering of the transaction data associated with the plurality of financial transactions comprises:
    - receiving, with the access device, single transaction data associated with one of the plurality of financial transactions, the single transaction data including a plurality of track data elements read from a second portable consumer device;
      
      altering, with the access device, a first track data element of the plurality of track data elements to form an altered track data element at least in part by encrypting the first track data element with the initial key;
      
      altering, with the access device, the single transaction data to form altered transaction data at least in part by placing the altered track data element in a second track data element of the single transaction data such that the first track data element of the transaction data is blank; and
      
      providing, with the access device, the altered transaction data such that the altered transaction data passes through at least one intermediate location before arriving at its destination.
  - 12. The method of claim 11 wherein the second track data element further includes a fast Fourier transform of the plurality of track data elements read from the second portable consumer device.

13. A non-transitory computer readable medium having thereon computer-executable instructions that, when executed by one or more computers, cause the one or more computers to collectively, at least:
- generate at an access device an initial key, wherein the step of generating the initial key occurs after the access device interacts with a first portable consumer device, and wherein the access device includes a point of sale device;
  
  send the initial key to a key storage location, wherein the initial key is sent by the access device;
  
  alter the initial key with a public key to form an altered key, wherein the initial key is altered by the access device; and
  
  send the altered key from the access device to a server computer along with an identifier for the access device; and
  
  alter, with the initial key that is stored at the key storage location, transaction data associated with multiple financial transactions that are conducted using the access device and that occur after the access device interacts with the first portable consumer device,wherein the multiple financial transactions include at least one interaction between the access device and at least one portable consumer device that is different from the first portable consumer device.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 14. The computer readable medium of claim 13 wherein the computer-executable instructions further cause the one or more computers to store the altered key in the key storage location.
  - 15. The computer readable medium of claim 13 wherein the first portable consumer device is a payment card, and wherein the access device comprises a point of sale device.
  - 16. An access device comprising the computer readable medium of claim 15.
  - 17. The access device of claim 16 wherein the access device is a point of sale terminal.
  - 18. The computer readable medium of claim 13 wherein the database includes a lookup table which stores the initial key and the identifier.
  - 19. The computer readable medium of claim 13 wherein the code for altering comprises code for encrypting.
  - 20. The computer readable medium of claim 19 wherein the code for encrypting comprises code for performing an encryption process, the access device being capable of performing the encryption process.
  - 21. The computer readable medium of claim 20 wherein the encryption process comprises elliptical curve cryptography.
  - 22. The computer readable medium of claim 13 wherein the computer-executable instructions further cause the one or more computers to, at least:
    - alter the identifier to form an altered identifier; and
      
      send the altered identifier to the server computer,wherein sending the altered key and the altered identifier data to a server computer is part of a special initialization transaction that is different from a transaction associated with a purchase.
  - 23. The computer readable medium of claim 13 wherein the initial key is a symmetric key, wherein the key storage location is in the access device, and wherein the generating of the initial key, the altering of the initial key, and the sending of the altered key are conducted when the access device first communicates with the server computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Hammad, Ayman, Faith, Patrick
Primary Examiner(s)
KUCAB, JAMIE R

Application Number

US11/764,351
Publication Number

US 20080103982A1
Time in Patent Office

2,227 Days
Field of Search

None
US Class Current

705/71
CPC Class Codes

G06Q 20/085   involving remote charge det...

G06Q 20/105   involving programming of a ...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/204   comprising interface for re...

G06Q 20/367   involving electronic purses...

G06Q 20/3672   initialising or reloading t...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 2220/00   Business processing using c...

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/00   Finance; Insurance; Tax str...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3271   using challenge-response

Terminal data encryption

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

126 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Terminal data encryption

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

126 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links