WO2001069556A2 - Method and system for secure payments over a computer network - Google Patents

Method and system for secure payments over a computer network Download PDF

Info

Publication number
WO2001069556A2
WO2001069556A2 PCT/US2001/008209 US0108209W WO0169556A2 WO 2001069556 A2 WO2001069556 A2 WO 2001069556A2 US 0108209 W US0108209 W US 0108209W WO 0169556 A2 WO0169556 A2 WO 0169556A2
Authority
WO
WIPO (PCT)
Prior art keywords
account number
key
transaction
pseudo
digits
Prior art date
Application number
PCT/US2001/008209
Other languages
French (fr)
Other versions
WO2001069556A3 (en
Inventor
Edward J. Hogan
Carl M. Campbell
Original Assignee
Mastercard International Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastercard International Incorporated filed Critical Mastercard International Incorporated
Priority to AU4365801A priority Critical patent/AU4365801A/en
Priority to EP01916663A priority patent/EP1269429A2/en
Priority to AU2001243658A priority patent/AU2001243658B2/en
Priority to CA002403283A priority patent/CA2403283A1/en
Priority to JP2001567553A priority patent/JP2003534585A/en
Publication of WO2001069556A2 publication Critical patent/WO2001069556A2/en
Publication of WO2001069556A3 publication Critical patent/WO2001069556A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/14Payment architectures specially adapted for billing systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/24Credit schemes, i.e. "pay after"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification

Definitions

  • This invention relates to a method and system for conducting secure financial transactions over a communications network and more particularly to a method and system for transmitting payments securely over a computer network, such as the Internet, and for transmitting sensitive information securely over public communication channels.
  • U.S. Patent No. 5,883,810 entitled “Electronic Online Commerce Card With Transaction Proxy Number For Online Transactions” and assigned to Microsoft Corporation, is directed to a system which provides for each transaction a temporary transaction number and associates it with the permanent account number; the transaction number looks like a real credit card number and the customer uses that transaction number and submits it to the merchant as a proxy for the customer account number. In this matter, the customer does not have to transmit over a public network his or her real credit card number.
  • the merchant passes along the transaction number to the issuing institution, which in turn uses the transaction number as an index, accesses the real customer account number and processes the authorization, sending the authorization reply back to the merchant under the transaction number.
  • risk is purportedly minimized not only because the customer only transmits a transaction number but also because the proxy number is good only for a single purchase — theft "would not greatly benefit a thief because it cannot be repeatedly used for other purchases or transactions.”
  • Col. 2 lines 60-61.
  • a "pseudo" account number is assigned to a customer and cryptographically linked to a consumer's payment account number.
  • the payment account number is an account number issued by a financial institution or other organization that a consumer may use to make a payment for goods and/or services.
  • the payment account number may be the account number from a payment card, such as a credit or debit card, or from a payment application, such as an electronic cash application stored on a consumer's computer.
  • the pseudo account number appears to be an actual payment account number to a merchant.
  • the pseudo account number has the same length as a valid payment account number and begins with a valid identification number (e.g., a "5" for MasterCard International Incorporated (“MasterCard”)).
  • the pseudo account number is used by the customer instead of the real account number for all of his or her on-line financial transactions.
  • All transactions based on pseudo account numbers are preferably cryptographically authenticated using a secret key that is unique for each account number.
  • the authentication may be based on the private key of a public-key pair ("public-key authentication"), or based on a secret key other than a private key (“secret-key authentication").
  • public-key authentication a public-key pair
  • secret-key authentication a secret key other than a private key
  • FIG. 1 is a block diagram of the system for obtaining a secure payment application from a provider over the Internet in accordance with the invention
  • FIG 2 A is a block diagram of the system for conducting a secure payment over the Internet using the present invention with secret-key authentication of pseudo account numbers, in accordance with the invention
  • FIG. 2B is a block diagram of the system for conducting a secure payment over the Internet using the present invention with public-key authentication of pseudo account numbers, in accordance with the present invention
  • FIG. 3 A is a block diagram illustrating the process preferably performed to obtain a pseudo account number for a given "real" account number, in accordance with the present invention
  • FIG. 3B is a block diagram illustrating the process preferably performed to convert a pseudo account number back into its corresponding "real" account number
  • FIGS. 4A and 4B illustrate the steps that are performed in accordance with the present invention when a card holder places an order with a merchant on the Internet and the merchant requests an authorization from an acquirer;
  • FIG. 5 is a block diagram illustrating the process of clearing a transaction in accordance with the present invention
  • FIG. 6 is a block diagram illustrating exception processing in accordance with the present invention.
  • FIG 1 illustrates an initial setup whereby a consumer who has, in this instance, a MasterCard financial transaction card decides to obtain a secure payment application from a secure payment application provider, such as MasterCard, over the Internet.
  • a secure payment application provider such as MasterCard
  • a provider such as MasterCard (or an agent of MasterCard) has in its control one or more tamper-resistant security modules 10, which offer physical protection for the information stored inside the modules.
  • These security modules each contain the following secret keys: 1) one or more translation keys that are used to translate between pseudo account numbers and "real" account numbers; 2) if secret-key authentication is used, one or more derivation keys that are used to re-create the card-unique secret cryptographic keys; and 3) if public-key authentication is used, one or more provider "root” private keys.
  • the process then, would preferably proceed as follows:
  • the cardholder contacts MasterCard's web site via the Internet.
  • the cardholder identifies himself/herself to MasterCard by providing, preferably under Secure Socket Layer (SSL) encryption known to those skilled in the art, the card account number, card expiration date, and card verification code or CVC2 from his/her MasterCard card.
  • CVC2 refers to authenticating information that is issued with some payment cards. These cards have the account number printed on the signature panel of the card followed by a three or four digit value. This value is generated by the issuing bank using a secret cryptographic key, and can be verified using this same key.
  • Payment card brands have varying names for the value: MasterCard - Card Verification Code 2 (CVC2); American Express - Four-digit batch code (4DBC); and Visa - Card
  • Verification Value 2 (CVV2). Supplying this value provides evidence that the person participating in a transaction had physical possession of the card at some point in time, because the value is not encoded on the magnetic stripe and thus not included in a normal transaction.
  • MasterCard verifies the CVC2 for the cards of those issuers for which MasterCard is provided (by secure means) the CVC2 keys.
  • MasterCard may confirm the legitimacy of the other card data by obtaining a zero amount authorization from the issuer. MasterCard may obtain this authorization over its BanknetTM communications network.
  • the secure payment application software is made available to the cardholder and may be downloaded over the Internet under SSL encryption.
  • the software includes a secret cryptographic key that is unique to this card. If secret-key authentication is used, the secret key is preferably determinable from the card's "real" account number (i.e., the actual card payment account number issued by the cardholder's issuing bank). If public-key authentication is used, MasterCard provides a certificate that links the real account number with the corresponding public key, which certificate is signed by a MasterCard "root” private key.
  • the software also includes the cardholder's "real" account number, and a "pseudo" account number that MasterCard may relate to the "real" account number.
  • the cardholder may provide a password to MasterCard prior to downloading the secure payment application or may select a password when the secure payment application is being installed on the cardholder's computer. If a password is provided or selected, the cardholder will thereafter be required to enter this password in order to activate the secure payment application.
  • the card-unique secret key may be cryptographically computed from the card's "real" account number using a higher-level secret cryptographic key that is common to many or all account numbers.
  • the higher- level secret cryptographic key preferably resides solely within physically-secure and tamper-resistant hardware devices (referred to as "security modules") that are controlled by MasterCard or by acquirer institutions.
  • security modules physically-secure and tamper-resistant hardware devices
  • the secure payment application includes a card-unique private key (for public-key authentication)
  • the associated certificate is signed using a MasterCard private "root” key that resides only in a relatively few security modules that are controlled directly by MasterCard or by trusted agents to whom MasterCard has delegated this certificate-signing function.
  • the pseudo account number has the same length as the "real" account number, consists solely of decimal digits, and begins with a valid identification number (e.g., a "5" for MasterCard). Therefore, the pseudo account number will appear to be a valid account number to merchants.
  • a valid identification number e.g., a "5" for MasterCard.
  • this indication is provided in the second digit of the pseudo account number, which acts as a special identifier. For example, for MasterCard cards, the second digit of an account number may be made a "9" to indicate a pseudo account number.
  • the 16th digit of the account number which is normally a check digit used to detect manual entry errors, is deleted to make room for the additional second digit.
  • the transaction record may include data indicating that the account number is a pseudo account number.
  • secret-key authentication the following steps may be performed within a security module controlled by MasterCard or one of its agents to obtain a card-unique secret key to be included in the MasterCard secure payment application.
  • the following steps assume the use of the DEA (Data Encryption Algorithm, which is a U.S. Government standard cryptographic algorithm) with a double-length key. They also assume that the MasterCard security module holds a secret high-level key called the Per-Card Key Derivation Key that consists of 16 bytes and is used with many or all card account numbers to cryptographically compute a card-unique secret key, called the Per-Card Key, given the card's 16-digit payment account number.
  • the steps are: 1. Considering the payment account number as 16 binary-coded-decimal digits of 4 bits each, DEA-encrypt these 64 bits using as the encryption key the left-most 8 bytes of the 16-byte Per-Card Key Derivation Key.
  • Step 2 DEA-decrypt the result of Step 1 using as the decryption key the right - most 8 bytes of the 16-byte Per-Card Key Derivation Key.
  • Step 3 Use the result of Step 3 as the left-most 8 bytes of the unique Per-Card Key. 5. DEA-encrypt the result of Step 3 using as the encryption key the leftmost 8 bytes of the 16-byte Per-Card Key Derivation Key.
  • Step 5 DEA-decrypt the result of Step 5 using as the decryption key the rightmost 8 bytes of the 16-byte Per-Card Key Derivation Key.
  • Step 6 DEA-encrypt the result of Step 6 using as the encryption key (again) the left-most 8 bytes of the 16-byte Per-Card Key Derivation Key.
  • Step 7 Use the result of Step 7 as the right-most 8 bytes of the 16-byte unique Per-Card Key, and place this key in the secure payment application in such a way that it will not be disclosed during the normal operation of this application.
  • public-key authentication the following steps may be performed within a security module controlled by MasterCard or one of its agents to provide a card-unique private key and a card-unique certificate for the corresponding public key, which private key and certificate are to be included in the MasterCard secure payment application:
  • a recognized public-key algorithm e.g. RSA, Elliptic Curve
  • a recognized secure hash algorithm e.g. SHA-1
  • hash for example, (1) the just-generated public key for the card in question, (2) the pseudo account number for this card, (3) an appropriate date (to be optionally used to determine certificate expiration) and (4) the identity of the current MasterCard "root” key (in the event that this key should change).
  • Step 2 Using a recognized public key algorithm, and a MasterCard "root” private key, create a digital signature on the result of Step 2 (with appropriate padding). 4. In the per-card secure payment application, place the just-generated private key in such a way that it cannot be disclosed in normal operation. Also place in this secure payment application a digital certificate consisting of (for example) (1) the card-unique public key, (2) the card's pseudo account number, (3) the above-indicated date, (4) the identity of the MasterCard "root” key used to sign the certificate, and (4) the above- described digital signature.
  • Figure 2a is a diagram of a system for conducting a secure payment over the Internet using the present invention with secret-key authentication of pseudo account numbers.
  • an acquirer 12 has in its control one or more tamper-resistant security modules, which offer physical protection for the information stored inside the modules.
  • These security modules each contain one or more secret keys, the translation key or keys, that are used to translate between pseudo account numbers and "real" account numbers.
  • Each of these modules also contain one or more higher-level secret keys, called the derivation key or keys, that are used to re-create the card-unique secret cryptographic keys.
  • the modules may be provided by MasterCard to the acquirer and may function similarly to the security modules currently installed in banks that operate Cirrus automatic teller machines (ATMs).
  • MasterCard provides to the acquirer a security specification and/or software application, which the acquirer may make available to merchants that desire to accept MasterCard cards with pseudo account numbers.
  • ATMs Cirrus automatic teller machines
  • FIG. 2B is a diagram of a system for conducting a secure payment over the Internet using the present invention with public-key authentication of pseudo account numbers.
  • the acquirer 12 has in its control one or more tamper-resistant security modules 10, which offer physical protection for the information stored inside the modules.
  • These security modules each contain one or more secret keys, i.e., the translation key or keys, that are used to translate between pseudo account numbers and "real" account numbers.
  • the modules are provided by MasterCard to the acquirer and may function similarly to the security modules currently installed in banks that operate Cirrus automatic teller machines (ATMs).
  • ATMs Cirrus automatic teller machines
  • MasterCard provides to the acquirer a security specification and/or software application, which the acquirer may make available to merchants that desire to accept MasterCard cards with pseudo account numbers. Although it is preferred for an acquirer to have a security module, it is not required. If a security module is not provided to an acquirer, the acquirer will be required to forward all pseudo account numbers to MasterCard for translation and authentication.
  • Figure 3 illustrates the process that may be performed within a security module to obtain the pseudo account number for a given "real" account number.
  • the process utilizes the DEA with a double-length key.
  • the security module holds a secret high-level key (the Account Number Translation Key) that consists of 16 bytes and is used with many or all card account numbers to obtain the pseudo account number that corresponds to each.
  • the first three digits of the "real" account number occur unchanged in the pseudo account number with the digit "9" inserted between the first and second digits, and that the 16th digit (the check digit) of the "real" account number is ignored.
  • the twelve digits from Digit 4 through Digit 15 of the "real" account number are encrypted and become digits 5 through 16 of the pseudo account number.
  • This encryption is illustrated as function "El" in Fig. 3a.
  • This encryption method may use a methodology known as 'DESX' to maintain high security while minimizing the number of DEA operations that are required. The following defines possible steps to achieve the encryption:
  • Step 5 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through '1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of the Step 5, this time selection only those 4-bit digits with a value greater than binary ' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
  • Step 7 8. Left-justify the 24 bits produced by Step 7 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary '010'.
  • DEA encrypt the result of Step 9 using as the key the right-most 8 bytes of the Account Number Translation Key. 1 1. Exclusive-or the result of Step 10 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
  • Step 11 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through '1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 11 , this time selection only those 4-bit digits with a value greater than binary '1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits. 13. Mod- 10 add each of the 6 binary-coded-decimal digits resulting from
  • Step 12 to the corresponding binary-coded-decimal digit resulting from Step 1.
  • Step 13 Left-justify the 24 bits produced by Step 13 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary 'Oi l '.
  • Step 15 Exclusive-or the result of Step 14 with the left-most 8 bytes (64 bits) of the Account Number Translation Key. 16. DEA encrypt the result of Step 15 using as the key the right-most 8 bytes of the Account Number Translation Key.
  • Step 17 Exclusive-or the result of Step 16 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key. 18.
  • Step 17 Consider the result of Step 17 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 17, this time selection only those 4-bit digits with a value greater than binary ' 1001 '
  • Mod- 10 add each of the 6 binary-coded-decimal digits resulting from Step 18 to the corresponding binary-coded-decimal digit resulting from Step 7.
  • Step 19 Left-justify the 24 bits produced by Step 19 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary ' 100'.
  • Step 21 Exclusive-or the result of Step 20 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
  • Step 21 DEA encrypt the result of Step 21 using as the key the right-most 8 bytes of the Account Number Translation Key.
  • Step 23 Exclusive-or the result of Step 22 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key. 24.
  • Step 23 Consider the result of Step 23 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through '1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 23, this time selection only those 4-bit digits with a value greater than binary ' 1001' (decimal '9'), and subtract binary '1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
  • Mod- 10 add each of the 6 binary-coded-decimal digits resulting from Step 24 to the corresponding binary-coded-decimal digit resulting from
  • Step 26 Left-justify the 24 bits produced by Step 25 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary ' 101 '. 27. Exclusive-or the result of Step 26 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
  • Step 27 DEA encrypt the result of Step 27 using as the key the right-most 8 bytes of the Account Number Translation Key.
  • Step 29 Exclusive-or the result of Step 28 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
  • Step 29 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through '1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 29, this time selection only those 4-bit digits with a value greater than binary ' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal '10') from each. This process produces 6 binary-coded-decimal digits.
  • Mod-10 add each of the 6 binary-coded-decimal digits resulting from Step 30 to the corresponding binary-coded-decimal digit resulting from
  • Step 32 Concatenate left-to right (1) four decimal digits consisting of the leftmost 3 decimal digits of the "real" account number with the digit '9' inserted between the first and second digit, with (2) the 6 decimal digits resulting from Step 25, with (3) the 6 decimal digits resulting from Step 31. Use the resulting 16 decimal digits as the pseudo account number.
  • Figure 3b illustrates the process performed by a security module in the acquirer's facility to convert a pseudo account number (created from a "real" account number using the procedure described in Figure 3a) back into its corresponding "real" account number.
  • the process utilizes the DEA with a double-length key. It is assumed that the security module holds a secret high-level key (the Account Number Translation Key) that consists of 16 bytes and is used with many or all card account numbers to obtain the pseudo account number from "real" account numbers and vice- versa.
  • the Account Number Translation Key the Account Number Translation Key
  • Step 5 Exclusive-or the result of Step 4 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key. 6.
  • Step 5 Consider the result of Step 5 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ' (decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of the Step 5, this time selection only those 4-bit digits with a value greater than binary
  • Step 7 8. Left-justify the 24 bits produced by Step 7 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary ' 100'.
  • Step 11 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 11 , this time selection only those 4-bit digits with a value greater than binary ' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
  • Mod- 10 subtract each of the 6 binary-coded-decimal digits resulting from Step 12 from the corresponding binary-coded-decimal digit resulting from Step 1.
  • Step 13 Left-justify the 24 bits produced by Step 13 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary 'Oi l '.
  • Step 15 DEA encrypt the result of Step 15 using as the key the right-most 8 bytes of the Account Number Translation Key.
  • Step 16 Exclusive-or the result of Step 16 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
  • Step 17 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 17, this time selection only those 4-bit digits with a value greater than binary '1001 ' (decimal '9'), and subtract binary '1010' (decimal '10') from each. This process produces 6 binary-coded-decimal digits.
  • Mod- 10 subtract each of the 6 binary-coded-decimal digits resulting from Step 18 from the corresponding binary-coded-decimal digit resulting from Step 7.
  • 20. Left -justify the 24 bits produced by Step 19 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary '010'.
  • Step 21 Exclusive-or the result of Step 20 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
  • Step 21 DEA encrypt the result of Step 21 using as the key the right-most 8 bytes of the Account Number Translation Key.
  • Step 23 Exclusive-or the result of Step 22 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key. 24.
  • the result of Step 23 is 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 23, this time selection only those 4-bit digits with a value greater than binary ' 1001 '
  • Mod- 10 subtract each of the 6 binary-coded-decimal digits resulting from Step 24 from the corresponding binary-coded-decimal digit resulting from Step 13.
  • Step 26 Left-justify the 24 bits produced by Step 25 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary '001 '.
  • Step 27 Exclusive-or the result of Step 26 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
  • Step 28 DEA encrypt the result of Step 27 using as the key the right-most 8 bytes of the Account Number Translation Key. 29. Exclusive-or the result of Step 28 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
  • Step 29 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 23, this time selection only those 4-bit digits with a value greater than binary ' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
  • Mod- 10 subtract each of the 6 binary-coded-decimal digits resulting from Step 30 from the corresponding binary-coded-decimal digit resulting from Step 19.
  • Step 32 Concatenate, left-to-right, (1) the first four digits of the pseudo account number with the second digit (the '9') discarded (thus providing three digits) with (2) the 6 decimal digits resulting from Step 25 with (3) the 6 decimal digits resulting from Step 31.
  • Compute the 16th (right-most) digit by applying the check-digit-generation algorithm to the 15 decimal digits resulting from the concatenation.
  • the resulting 16 digits are the "real" account number.
  • Figures 4a and 4b illustrate the steps that are performed when the cardholder contacts and places an order with a merchant on the Internet and the merchant requests an interchange authorization from an acquirer. It is assumed that the cardholder has enrolled in the MasterCard secure payment program and has installed the MasterCard secure payment application on his/her computer.
  • the cardholder contacts a merchant on (for example) the Internet and informs the merchant that he/she wishes to make a purchase.
  • the merchant responds by sending to the cardholder a merchant identification number ("MID") that has been given to it by its acquiring bank (which bank ensures that it gives a unique merchant identification number to each of its merchants), along with a transaction sequence number (“TSN”) that is unique to this transaction.
  • MID merchant identification number
  • TSN transaction sequence number
  • the application may display the cardholder's "real” and pseudo account numbers to the cardholder.
  • the Internet merchants however, never see the "real" account number.
  • the application concatenates the merchant identification number and the transaction sequence number (shown in Figs.
  • the merchant identification number and the transaction sequence number are concatenated, and padded to the right with zeros to produce 16 hexadecimal digits.
  • This is DEA encrypted using, as the key, the left 8-bytes of the Per-Card Key.
  • This result is DEA decrypted using, as the key, the right 8 bytes of the Per- Card Key, and this second cryptographic result is DEA encrypted using, as the key, the left 8-bytes of the Per-Card Key.
  • the MAC itself is produced by taking the left-most 4 bytes of this 8-byte final result, discarding the right-most 4 bytes. Or: 2.
  • the cardholder when the cardholder uses public-key authentication, the cardholder creates a digital signature on the concatenated result of the merchant identification number and the transaction sequence number further concatenated with the transaction amount agreed to by the cardholder (all with appropriate padding) using the card-unique private key placed in the application by MasterCard (or its agent).
  • the MasterCard secure payment application then sends to the merchant, using SSL encryption, the following data:
  • the secure payment application may also send data in the transaction record indicating that the account number transmitted is a pseudo account number.
  • the merchant using the MasterCard-application software, verifies that the merchant identification number and the transaction sequence number are the correct numbers for this transaction. If the transaction uses public-key authentication (Fig. 4b), the merchant, using the MasterCard-application software:
  • the merchant verifies that the pseudo account number starts with a "5".
  • the merchant may also verify that the second digit is a "9" for a MasterCard pseudo account number.
  • the merchant may approve the transaction without authorization if that is its practice or it may pass the pseudo account number and card expiration date to the acquiring bank. If secret-key authentication is used (see Fig. 4a), the merchant additionally passes to the acquiring bank the merchant identification number, transaction sequence number, and MAC. The transaction amount passed from the cardholder to the merchant may be different from the transaction amount passed from the merchant to the acquirer. Therefore, the latter amount is referred to as "authorization amount" in Figs. 4a and 4b.
  • the acquirer receiving the authorization request from the merchant recognizes that it contains a pseudo account number (by the '9' as the second digit, and/or by the inclusion of the fields not found in a conventional authorization request) and sends to its MasterCard-provided security module the pseudo account number. If secret-key authentication is performed, the acquirer additionally sends to the security module (a) the merchant identification number, (b) the transaction sequence number, and (c) the MAC produced by the cardholder's secure application.
  • the security module Upon receipt of this data, the security module cryptographically processes the pseudo account number to produce the "real" account number as described above with reference to Fig. 3b. (The translation is shown in Figs. 4a and 4b as using function "Dl".)
  • the security module additionally performs the following steps:
  • the acquirer may process the resulting transaction internally in its own facility if it is a provider of such processing services, or it may pass the transaction on to MasterCard over Banknet communication lines for MasterCard to send to the issuer in a conventional mode.
  • the response received by the acquirer from the issuer is identical in all respects to conventional processing, and provides an approval or rejection based on the "real" account number.
  • the acquirer If the acquirer passes the account number to the merchant as part of its response, it must first convert the "real" account number back into a pseudo account number using the appropriate cryptographic key stored in the security module, and using the previously-discussed process.
  • Figure 5 illustrates the process of clearing a transaction.
  • the merchant sends all the transactions to the acquirer at the end of the day or periodically during the day.
  • Each of these transactions includes all of the conventional MasterCard transaction details, except that they may contain a pseudo account number rather than a "real" account number.
  • the acquirer takes all of the pseudo account numbers from these transactions and processes them through the MasterCard-provided security module, thus converting pseudo account numbers to "real" account numbers.
  • the acquirer then processes the transactions internally or routes them to MasterCard International for clearing to the issuer in a conventional manner.
  • Figure 6 illustrates how charge-backs, retrieval requests, etc., are processed in the MasterCard interchange.
  • the figure shows that both the acquirer and the issuer have security modules 10.
  • the issuer need not have a security module unless it will take cardholder inquiries over the Internet and unless the cardholder's computer communicates with the issuer by outputting a pseudo account number rather than a "real" account number. In this situation the issuer needs a security module in order to be able to convert the pseudo account number to the "real" account number.
  • the issuer does not need a security module if the cardholder communicates with the issuer through postal mail.
  • the acquirer may have a security module in order to be able to process a transaction as a second presentment or retrieval request fulfillment from a merchant, where the merchant can only reference the transaction with a pseudo account number. Therefore the MasterCard-provided security module at the acquiring bank's facility needs the capability to translate from "real" account numbers to pseudo account numbers as well as from pseudo account numbers to "real" account numbers.
  • the transactions that go through MasterCard will be routed through Banknet with the "real" account number and not the pseudo account number. If secret-key authentication is used, it may be necessary for the acquirer to confirm that the transaction sequence number is unique for the merchant in question. If public-key authentication is used, it may be necessary for the merchant to produce the card's digital certificate, its signature, the cardholder-agreed transaction amount, the merchant identification number and the transaction sequence number, so that it can demonstrate that it actually verified the certificate and signature.
  • the present invention provides enhanced security for the use of payment account numbers over the Internet.
  • the present invention if one or more pseudo account numbers were to be stolen from a merchant, the stolen pseudo account numbers could not be used to conduct fraudulent transactions because transactions based on pseudo account numbers are preferably cryptographically authenticated using a secret key that is unique for each account number. This secret key is located only within the cardholder's secure payment application.
  • a pseudo account number can not be used to make conventional MasterCard transactions (at point-of-sale terminals, for example) because the pseudo account number does not disclose the "real" account number.

Abstract

A method of conducting a financial transaction by a purchaser over a communications network is provided where the purchaser does not transmit his or her 'real' payment card information over the network but instead secure payment application software is provided which allows for the transmission of a pseudo account number that is cryptographically processed for purposes of responding to an authorization request based on the real account number.

Description

METHOD AND SYSTEM FOR SECURE PAYMENTS OVER A COMPUTER NETWORK
SPECIFICATION
BACKGROUND OF INVENTION This invention relates to a method and system for conducting secure financial transactions over a communications network and more particularly to a method and system for transmitting payments securely over a computer network, such as the Internet, and for transmitting sensitive information securely over public communication channels.
As is self-evident, on-line commerce has experienced tremendous growth over the last few years but even with that growth consumers are still troubled and concerned about using personal financial information and transmitting such information, such as credit card numbers and personal identification numbers, over public communications networks, such as the Internet. As a result, over the last few years, companies have struggled to find a way — the best way — to ensure the security of payments made over a computer network and to decrease the risk of theft or misuse of financial information.
For example, U.S. Patent No. 5,883,810 entitled "Electronic Online Commerce Card With Transaction Proxy Number For Online Transactions" and assigned to Microsoft Corporation, is directed to a system which provides for each transaction a temporary transaction number and associates it with the permanent account number; the transaction number looks like a real credit card number and the customer uses that transaction number and submits it to the merchant as a proxy for the customer account number. In this matter, the customer does not have to transmit over a public network his or her real credit card number.
In the '810 patent, the merchant passes along the transaction number to the issuing institution, which in turn uses the transaction number as an index, accesses the real customer account number and processes the authorization, sending the authorization reply back to the merchant under the transaction number. As a result, risk is purportedly minimized not only because the customer only transmits a transaction number but also because the proxy number is good only for a single purchase — theft "would not greatly benefit a thief because it cannot be repeatedly used for other purchases or transactions." Col. 2, lines 60-61.
There is still a need to improve upon the prior art systems and in particular there is a need for a method and system for conducting a secure financial transaction over the Internet which avoids requiring the creation and transmission of a unique repeatedly generated transaction number to replace the transmission of the permanent account number for each conducted transaction.
SUMMARY OF THE INVENTION According to the present invention, a "pseudo" account number is assigned to a customer and cryptographically linked to a consumer's payment account number. The payment account number is an account number issued by a financial institution or other organization that a consumer may use to make a payment for goods and/or services. For example, the payment account number may be the account number from a payment card, such as a credit or debit card, or from a payment application, such as an electronic cash application stored on a consumer's computer. The pseudo account number appears to be an actual payment account number to a merchant. That is, the pseudo account number has the same length as a valid payment account number and begins with a valid identification number (e.g., a "5" for MasterCard International Incorporated ("MasterCard")). The pseudo account number is used by the customer instead of the real account number for all of his or her on-line financial transactions.
All transactions based on pseudo account numbers are preferably cryptographically authenticated using a secret key that is unique for each account number. The authentication may be based on the private key of a public-key pair ("public-key authentication"), or based on a secret key other than a private key ("secret-key authentication"). Thus, if unauthorized persons were to ascertain any pseudo account numbers, they would be unable to make fraudulent transactions using them.
BRIEF DESCRIPTION OF THE DRAWINGS Further objects, features and advantages of the invention will become apparent from the following detailed description taken in conjunction with the accompanying figures showing a preferred embodiment of the invention, on which:
FIG. 1 is a block diagram of the system for obtaining a secure payment application from a provider over the Internet in accordance with the invention;
FIG 2 A is a block diagram of the system for conducting a secure payment over the Internet using the present invention with secret-key authentication of pseudo account numbers, in accordance with the invention;
FIG. 2B is a block diagram of the system for conducting a secure payment over the Internet using the present invention with public-key authentication of pseudo account numbers, in accordance with the present invention;
FIG. 3 A is a block diagram illustrating the process preferably performed to obtain a pseudo account number for a given "real" account number, in accordance with the present invention;
FIG. 3B is a block diagram illustrating the process preferably performed to convert a pseudo account number back into its corresponding "real" account number;
FIGS. 4A and 4B illustrate the steps that are performed in accordance with the present invention when a card holder places an order with a merchant on the Internet and the merchant requests an authorization from an acquirer;
FIG. 5 is a block diagram illustrating the process of clearing a transaction in accordance with the present invention; FIG. 6 is a block diagram illustrating exception processing in accordance with the present invention.
Throughout the figures, the same reference numerals and characters, unless otherwise stated, are used to denote like features, elements, components or portions of the illustrated embodiment. Moreover, while the subject invention will now be described in detail with reference to the figures, it is done so in connection with a preferred embodiment. It is intended that changes and modifications can be made to the described embodiment without departing from the true scope and spirit of the subject invention as defined by the appended claims.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
Figure 1 illustrates an initial setup whereby a consumer who has, in this instance, a MasterCard financial transaction card decides to obtain a secure payment application from a secure payment application provider, such as MasterCard, over the Internet. The reader should understand that although there is repeated reference in the specification and Figures to MasterCard this is by way of example only.
As shown in Fig. 1 , a provider, such as MasterCard (or an agent of MasterCard) has in its control one or more tamper-resistant security modules 10, which offer physical protection for the information stored inside the modules. These security modules each contain the following secret keys: 1) one or more translation keys that are used to translate between pseudo account numbers and "real" account numbers; 2) if secret-key authentication is used, one or more derivation keys that are used to re-create the card-unique secret cryptographic keys; and 3) if public-key authentication is used, one or more provider "root" private keys. The process, then, would preferably proceed as follows:
The cardholder contacts MasterCard's web site via the Internet. The cardholder identifies himself/herself to MasterCard by providing, preferably under Secure Socket Layer (SSL) encryption known to those skilled in the art, the card account number, card expiration date, and card verification code or CVC2 from his/her MasterCard card. CVC2 refers to authenticating information that is issued with some payment cards. These cards have the account number printed on the signature panel of the card followed by a three or four digit value. This value is generated by the issuing bank using a secret cryptographic key, and can be verified using this same key. Payment card brands have varying names for the value: MasterCard - Card Verification Code 2 (CVC2); American Express - Four-digit batch code (4DBC); and Visa - Card
Verification Value 2 (CVV2). Supplying this value provides evidence that the person participating in a transaction had physical possession of the card at some point in time, because the value is not encoded on the magnetic stripe and thus not included in a normal transaction.
MasterCard verifies the CVC2 for the cards of those issuers for which MasterCard is provided (by secure means) the CVC2 keys. MasterCard may confirm the legitimacy of the other card data by obtaining a zero amount authorization from the issuer. MasterCard may obtain this authorization over its Banknet™ communications network.
After MasterCard has confirmed the legitimacy of the cardholder-provided card data, the secure payment application software is made available to the cardholder and may be downloaded over the Internet under SSL encryption. The software includes a secret cryptographic key that is unique to this card. If secret-key authentication is used, the secret key is preferably determinable from the card's "real" account number (i.e., the actual card payment account number issued by the cardholder's issuing bank). If public-key authentication is used, MasterCard provides a certificate that links the real account number with the corresponding public key, which certificate is signed by a MasterCard "root" private key. The software also includes the cardholder's "real" account number, and a "pseudo" account number that MasterCard may relate to the "real" account number.
The cardholder may provide a password to MasterCard prior to downloading the secure payment application or may select a password when the secure payment application is being installed on the cardholder's computer. If a password is provided or selected, the cardholder will thereafter be required to enter this password in order to activate the secure payment application.
If secret-key authentication is used, the card-unique secret key may be cryptographically computed from the card's "real" account number using a higher-level secret cryptographic key that is common to many or all account numbers. The higher- level secret cryptographic key preferably resides solely within physically-secure and tamper-resistant hardware devices (referred to as "security modules") that are controlled by MasterCard or by acquirer institutions. If the secure payment application includes a card-unique private key (for public-key authentication), the associated certificate is signed using a MasterCard private "root" key that resides only in a relatively few security modules that are controlled directly by MasterCard or by trusted agents to whom MasterCard has delegated this certificate-signing function.
The pseudo account number has the same length as the "real" account number, consists solely of decimal digits, and begins with a valid identification number (e.g., a "5" for MasterCard). Therefore, the pseudo account number will appear to be a valid account number to merchants. In order for an acquirer or MasterCard to be able to differentiate between a "real" account number and a pseudo account number, there must be an indication in the account number or in the transaction record of the type of account number being used. In one embodiment of the present invention, this indication is provided in the second digit of the pseudo account number, which acts as a special identifier. For example, for MasterCard cards, the second digit of an account number may be made a "9" to indicate a pseudo account number. In this case, the 16th digit of the account number, which is normally a check digit used to detect manual entry errors, is deleted to make room for the additional second digit. In some cases, it may be possible that the transaction record may include data indicating that the account number is a pseudo account number.
MasterCard may periodically update the secure payment application.
If secret-key authentication is used, the following steps may be performed within a security module controlled by MasterCard or one of its agents to obtain a card-unique secret key to be included in the MasterCard secure payment application. The following steps assume the use of the DEA (Data Encryption Algorithm, which is a U.S. Government standard cryptographic algorithm) with a double-length key. They also assume that the MasterCard security module holds a secret high-level key called the Per-Card Key Derivation Key that consists of 16 bytes and is used with many or all card account numbers to cryptographically compute a card-unique secret key, called the Per-Card Key, given the card's 16-digit payment account number. The steps are: 1. Considering the payment account number as 16 binary-coded-decimal digits of 4 bits each, DEA-encrypt these 64 bits using as the encryption key the left-most 8 bytes of the 16-byte Per-Card Key Derivation Key.
2. DEA-decrypt the result of Step 1 using as the decryption key the right - most 8 bytes of the 16-byte Per-Card Key Derivation Key.
3. DEA-encrypt the result of Step 2 using as the encryption key (again) the left-most 8 bytes of the 16-byte Per-Card Key Derivation Key.
4. Use the result of Step 3 as the left-most 8 bytes of the unique Per-Card Key. 5. DEA-encrypt the result of Step 3 using as the encryption key the leftmost 8 bytes of the 16-byte Per-Card Key Derivation Key.
6. DEA-decrypt the result of Step 5 using as the decryption key the rightmost 8 bytes of the 16-byte Per-Card Key Derivation Key.
7. DEA-encrypt the result of Step 6 using as the encryption key (again) the left-most 8 bytes of the 16-byte Per-Card Key Derivation Key.
8. Use the result of Step 7 as the right-most 8 bytes of the 16-byte unique Per-Card Key, and place this key in the secure payment application in such a way that it will not be disclosed during the normal operation of this application. • If public-key authentication is used, the following steps may be performed within a security module controlled by MasterCard or one of its agents to provide a card-unique private key and a card-unique certificate for the corresponding public key, which private key and certificate are to be included in the MasterCard secure payment application:
1. For a recognized public-key algorithm (e.g. RSA, Elliptic Curve), compute a unique private key and the corresponding public key using established security procedures. 2. Using a recognized secure hash algorithm (e.g. SHA-1), hash, for example, (1) the just-generated public key for the card in question, (2) the pseudo account number for this card, (3) an appropriate date (to be optionally used to determine certificate expiration) and (4) the identity of the current MasterCard "root" key (in the event that this key should change).
3. Using a recognized public key algorithm, and a MasterCard "root" private key, create a digital signature on the result of Step 2 (with appropriate padding). 4. In the per-card secure payment application, place the just-generated private key in such a way that it cannot be disclosed in normal operation. Also place in this secure payment application a digital certificate consisting of (for example) (1) the card-unique public key, (2) the card's pseudo account number, (3) the above-indicated date, (4) the identity of the MasterCard "root" key used to sign the certificate, and (4) the above- described digital signature.
Figure 2a is a diagram of a system for conducting a secure payment over the Internet using the present invention with secret-key authentication of pseudo account numbers.
As shown in Fig. 2a, an acquirer 12 has in its control one or more tamper-resistant security modules, which offer physical protection for the information stored inside the modules. These security modules each contain one or more secret keys, the translation key or keys, that are used to translate between pseudo account numbers and "real" account numbers. Each of these modules also contain one or more higher-level secret keys, called the derivation key or keys, that are used to re-create the card-unique secret cryptographic keys.
The modules may be provided by MasterCard to the acquirer and may function similarly to the security modules currently installed in banks that operate Cirrus automatic teller machines (ATMs). MasterCard provides to the acquirer a security specification and/or software application, which the acquirer may make available to merchants that desire to accept MasterCard cards with pseudo account numbers. Although it is preferred for an acquirer to have a security module, it is not required. If a security module is not provided to an acquirer, the acquirer will be required to forward all pseudo account numbers to MasterCard for translation and authentication.
Figure 2B is a diagram of a system for conducting a secure payment over the Internet using the present invention with public-key authentication of pseudo account numbers. As shown in Fig. 2b, the only significant difference with Figure 2a is that a public-key pair is utilized. Like before, the acquirer 12 has in its control one or more tamper-resistant security modules 10, which offer physical protection for the information stored inside the modules. These security modules each contain one or more secret keys, i.e., the translation key or keys, that are used to translate between pseudo account numbers and "real" account numbers. Like above, the modules are provided by MasterCard to the acquirer and may function similarly to the security modules currently installed in banks that operate Cirrus automatic teller machines (ATMs). MasterCard provides to the acquirer a security specification and/or software application, which the acquirer may make available to merchants that desire to accept MasterCard cards with pseudo account numbers. Although it is preferred for an acquirer to have a security module, it is not required. If a security module is not provided to an acquirer, the acquirer will be required to forward all pseudo account numbers to MasterCard for translation and authentication.
Figure 3 illustrates the process that may be performed within a security module to obtain the pseudo account number for a given "real" account number. The process utilizes the DEA with a double-length key. It is assumed that the security module holds a secret high-level key (the Account Number Translation Key) that consists of 16 bytes and is used with many or all card account numbers to obtain the pseudo account number that corresponds to each. It is assumed that the first three digits of the "real" account number occur unchanged in the pseudo account number with the digit "9" inserted between the first and second digits, and that the 16th digit (the check digit) of the "real" account number is ignored. The twelve digits from Digit 4 through Digit 15 of the "real" account number are encrypted and become digits 5 through 16 of the pseudo account number. This encryption is illustrated as function "El" in Fig. 3a. This encryption method may use a methodology known as 'DESX' to maintain high security while minimizing the number of DEA operations that are required. The following defines possible steps to achieve the encryption:
1. Select the 6 digits from positions 4 through 9 of the "real" account number (the 6 left-most of the 12 account-number digits to be encrypted). Represent each digit as a 4-bit binary-coded decimal value. 2. Left-justify the 24 bits produced by Step 1 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary '001 '.
3. Exclusive-or the result of Step 2 with the left-most 8 bytes (64 bits) of the Account Number Translation Key. 4. DEA encrypt the result of Step 3 using as the key the right-most 8 bytes of the Account Number Translation Key.
5. Exclusive-or the result of Step 4 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
6. Consider the result of Step 5 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through '1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of the Step 5, this time selection only those 4-bit digits with a value greater than binary ' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
7. Select the 6 digits from positions 10 through 15 of the "real" account number (the 6 right-most of the 12 account-number digits to be encrypted). Represent each digit as a 4-bit binary-coded decimal value. Mod- 10 add each of these 6 binary-coded-decimal digits to the corresponding binary-coded-decimal digit resulting from Step 6.
8. Left-justify the 24 bits produced by Step 7 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary '010'.
9. Exclusive-or the result of Step 8 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
10. DEA encrypt the result of Step 9 using as the key the right-most 8 bytes of the Account Number Translation Key. 1 1. Exclusive-or the result of Step 10 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
12. Consider the result of Step 11 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through '1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 11 , this time selection only those 4-bit digits with a value greater than binary '1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits. 13. Mod- 10 add each of the 6 binary-coded-decimal digits resulting from
Step 12 to the corresponding binary-coded-decimal digit resulting from Step 1.
14. Left-justify the 24 bits produced by Step 13 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary 'Oi l '.
15. Exclusive-or the result of Step 14 with the left-most 8 bytes (64 bits) of the Account Number Translation Key. 16. DEA encrypt the result of Step 15 using as the key the right-most 8 bytes of the Account Number Translation Key.
17. Exclusive-or the result of Step 16 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key. 18. Consider the result of Step 17 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 17, this time selection only those 4-bit digits with a value greater than binary ' 1001 '
(decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
19. Mod- 10 add each of the 6 binary-coded-decimal digits resulting from Step 18 to the corresponding binary-coded-decimal digit resulting from Step 7.
20. Left-justify the 24 bits produced by Step 19 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary ' 100'.
21. Exclusive-or the result of Step 20 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
22. DEA encrypt the result of Step 21 using as the key the right-most 8 bytes of the Account Number Translation Key.
23. Exclusive-or the result of Step 22 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key. 24. Consider the result of Step 23 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through '1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 23, this time selection only those 4-bit digits with a value greater than binary ' 1001' (decimal '9'), and subtract binary '1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
25. Mod- 10 add each of the 6 binary-coded-decimal digits resulting from Step 24 to the corresponding binary-coded-decimal digit resulting from
Step 13.
26. Left-justify the 24 bits produced by Step 25 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary ' 101 '. 27. Exclusive-or the result of Step 26 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
28. DEA encrypt the result of Step 27 using as the key the right-most 8 bytes of the Account Number Translation Key.
29. Exclusive-or the result of Step 28 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
30. Consider the result of Step 29 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through '1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 29, this time selection only those 4-bit digits with a value greater than binary ' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal '10') from each. This process produces 6 binary-coded-decimal digits.
31. Mod-10 add each of the 6 binary-coded-decimal digits resulting from Step 30 to the corresponding binary-coded-decimal digit resulting from
Step 19.
32. Concatenate left-to right (1) four decimal digits consisting of the leftmost 3 decimal digits of the "real" account number with the digit '9' inserted between the first and second digit, with (2) the 6 decimal digits resulting from Step 25, with (3) the 6 decimal digits resulting from Step 31. Use the resulting 16 decimal digits as the pseudo account number.
Figure 3b illustrates the process performed by a security module in the acquirer's facility to convert a pseudo account number (created from a "real" account number using the procedure described in Figure 3a) back into its corresponding "real" account number. The process utilizes the DEA with a double-length key. It is assumed that the security module holds a secret high-level key (the Account Number Translation Key) that consists of 16 bytes and is used with many or all card account numbers to obtain the pseudo account number from "real" account numbers and vice- versa. It is assumed that the first three digits of the "real" account number occur unchanged in the pseudo account number with the digit "9" inserted between the first and second digits, and that 16th digit (the check digit) of the "real" account number is not included in the pseudo account number. Therefore to convert from a pseudo account number to a "real" account number it is necessary to decrypt Digit 5 through Digit 16 of the pseudo account number to provide Digit 4 through Digit 15 of the "real" account number. The decryption is illustrated as function "Dl" in Fig. 3b. Digit 1 through Digit 3 of the "real" account number are obtained from Digit 1 through Digit 4 of the pseudo account number by discarding the second digit (always a '9'). Finally, the 16th digit of the "real" account number must be computed from the other 15 digits by applying an appropriate check-digit-generation algorithm. The translation process is as follows:
1. Select the 6 digits from positions 5 through 10 of the pseudo account number (the 6 left-most of the 12 pseudo account-number digits to be decrypted). Represent each digit as a 4-bit binary-coded decimal value. 2. Left-justify the 24 bits produced by Step 1 in a 64-bit field, where the
37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary '101 '.
3. Exclusive-or the result of Step 2 with the left-most 8 bytes (64 bits) of the Account Number Translation Key. 4. DEA encrypt the result of Step 3 using as the key the right-most 8 bytes of the Account Number Translation Key.
5. Exclusive-or the result of Step 4 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key. 6. Consider the result of Step 5 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ' (decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of the Step 5, this time selection only those 4-bit digits with a value greater than binary
' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
7. Select the 6 digits from positions 1 1 through 16 of the pseudo account number (the 6 right-most of the 12 account-number digits to be decrypted). Represent each digit as a 4-bit binary-coded decimal value.
From each of these 6 binary-coded-decimal digits, subtract the corresponding binary-coded-decimal digit resulting from Step 6.
8. Left-justify the 24 bits produced by Step 7 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary ' 100'.
9. Exclusive-or the result of Step 8 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
10. DEA encrypt the result of Step 9 using as the key the right-most 8 bytes of the Account Number Translation Key. 11. Exclusive-or the result of Step 10 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
12. Consider the result of Step 11 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 11 , this time selection only those 4-bit digits with a value greater than binary ' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
13. Mod- 10 subtract each of the 6 binary-coded-decimal digits resulting from Step 12 from the corresponding binary-coded-decimal digit resulting from Step 1.
14. Left-justify the 24 bits produced by Step 13 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary 'Oi l '.
15. Exclusive-or the result of Step 14 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
16. DEA encrypt the result of Step 15 using as the key the right-most 8 bytes of the Account Number Translation Key.
17. Exclusive-or the result of Step 16 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
18. Consider the result of Step 17 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 17, this time selection only those 4-bit digits with a value greater than binary '1001 ' (decimal '9'), and subtract binary '1010' (decimal '10') from each. This process produces 6 binary-coded-decimal digits.
19. Mod- 10 subtract each of the 6 binary-coded-decimal digits resulting from Step 18 from the corresponding binary-coded-decimal digit resulting from Step 7. 20. Left -justify the 24 bits produced by Step 19 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary '010'.
21. Exclusive-or the result of Step 20 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
22. DEA encrypt the result of Step 21 using as the key the right-most 8 bytes of the Account Number Translation Key.
23. Exclusive-or the result of Step 22 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key. 24. Consider the result of Step 23 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 23, this time selection only those 4-bit digits with a value greater than binary ' 1001 '
(decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
25. Mod- 10 subtract each of the 6 binary-coded-decimal digits resulting from Step 24 from the corresponding binary-coded-decimal digit resulting from Step 13.
26. Left-justify the 24 bits produced by Step 25 in a 64-bit field, where the 37 bits to the immediate right of these bits are all set to binary zero, and the three right-most bits of the 64-bits are set to binary '001 '.
27. Exclusive-or the result of Step 26 with the left-most 8 bytes (64 bits) of the Account Number Translation Key.
28. DEA encrypt the result of Step 27 using as the key the right-most 8 bytes of the Account Number Translation Key. 29. Exclusive-or the result of Step 28 with (again) the left-most 8 bytes (64 bits) of the Account Number Translation Key.
30. Consider the result of Step 29 as 16 hexadecimal digits. Starting with the left-most digit, select those digits with the value of '9' or less until 6 such digits (from the binary set '0000' through ' 1001 ', decimal 0 through 9) have been selected. If fewer then 6 such digits were found, select the remaining digits by re-scanning the result of Step 23, this time selection only those 4-bit digits with a value greater than binary ' 1001 ' (decimal '9'), and subtract binary ' 1010' (decimal ' 10') from each. This process produces 6 binary-coded-decimal digits.
31. Mod- 10 subtract each of the 6 binary-coded-decimal digits resulting from Step 30 from the corresponding binary-coded-decimal digit resulting from Step 19.
32. Concatenate, left-to-right, (1) the first four digits of the pseudo account number with the second digit (the '9') discarded (thus providing three digits) with (2) the 6 decimal digits resulting from Step 25 with (3) the 6 decimal digits resulting from Step 31. Compute the 16th (right-most) digit by applying the check-digit-generation algorithm to the 15 decimal digits resulting from the concatenation. The resulting 16 digits are the "real" account number.
Figures 4a and 4b illustrate the steps that are performed when the cardholder contacts and places an order with a merchant on the Internet and the merchant requests an interchange authorization from an acquirer. It is assumed that the cardholder has enrolled in the MasterCard secure payment program and has installed the MasterCard secure payment application on his/her computer.
The cardholder contacts a merchant on (for example) the Internet and informs the merchant that he/she wishes to make a purchase. The merchant responds by sending to the cardholder a merchant identification number ("MID") that has been given to it by its acquiring bank (which bank ensures that it gives a unique merchant identification number to each of its merchants), along with a transaction sequence number ("TSN") that is unique to this transaction. (This response is presumably generated within merchant software that the merchant obtained, for example, (1) from its acquiring bank, and that the acquiring bank had obtained from MasterCard, or (2) from the MasterCard Web site, or (3) from its software vendor, and that this vendor had obtained from MasterCard.) It is assumed that these are decimal numbers and that neither exceeds 8 digits. The cardholder executes the MasterCard secure payment application software (if it is not already executing) and enters his/her password.
The application may display the cardholder's "real" and pseudo account numbers to the cardholder. The Internet merchants, however, never see the "real" account number. The application concatenates the merchant identification number and the transaction sequence number (shown in Figs.
4a and 4b as function "C"), then either: 1. With reference to Fig. 4a, when the cardholder uses secret-key authentication, the cardholder generates a Message Authentication Code ("MAC") on the concatenated result, using the unique Per-Card Key placed by MasterCard in the secure payment application (shown in Fig.
4a as function "E2"). As an example of the generation of the MAC, the merchant identification number and the transaction sequence number, represented as binary-coded-decimal, are concatenated, and padded to the right with zeros to produce 16 hexadecimal digits. This is DEA encrypted using, as the key, the left 8-bytes of the Per-Card Key. This result is DEA decrypted using, as the key, the right 8 bytes of the Per- Card Key, and this second cryptographic result is DEA encrypted using, as the key, the left 8-bytes of the Per-Card Key. Finally the MAC itself is produced by taking the left-most 4 bytes of this 8-byte final result, discarding the right-most 4 bytes. Or: 2. With reference to Fig. 4b, when the cardholder uses public-key authentication, the cardholder creates a digital signature on the concatenated result of the merchant identification number and the transaction sequence number further concatenated with the transaction amount agreed to by the cardholder (all with appropriate padding) using the card-unique private key placed in the application by MasterCard (or its agent).
The MasterCard secure payment application then sends to the merchant, using SSL encryption, the following data:
1. the cardholder's pseudo account number alone (secret-key authentication) or the card-unique digital certificate (public-key authentication) that includes the card's pseudo account number;
2. the cardholder's card expiration date;
3. the merchant identification number and transaction sequence number as received from the merchant; 4. the MAC (secret-key authentication) or the digital signature (public-key authentication) generated by the secure payment application;
5. the transaction amount agreed to by the cardholder.
In some cases, the secure payment application may also send data in the transaction record indicating that the account number transmitted is a pseudo account number.
The merchant, using the MasterCard-application software, verifies that the merchant identification number and the transaction sequence number are the correct numbers for this transaction. If the transaction uses public-key authentication (Fig. 4b), the merchant, using the MasterCard-application software:
1. Selects the MasterCard "root" public key indicated by the "root" key identifier in the card's digital certificate (which public keys are included in the MasterCard application software).
2. Uses this "root" public key to authenticate the card's digital certificate.
3. Uses the card's public key to authenticate the appropriate transaction data.
4. Either (a) rejects the transaction if either authentication process fails, or (b) logs all of the data related to the certificate and the transaction signature (so that the merchant can subsequently demonstrate that it successfully verified the certificate and signature).
The merchant verifies that the pseudo account number starts with a "5". The merchant may also verify that the second digit is a "9" for a MasterCard pseudo account number.
The merchant may approve the transaction without authorization if that is its practice or it may pass the pseudo account number and card expiration date to the acquiring bank. If secret-key authentication is used (see Fig. 4a), the merchant additionally passes to the acquiring bank the merchant identification number, transaction sequence number, and MAC. The transaction amount passed from the cardholder to the merchant may be different from the transaction amount passed from the merchant to the acquirer. Therefore, the latter amount is referred to as "authorization amount" in Figs. 4a and 4b.
The acquirer receiving the authorization request from the merchant recognizes that it contains a pseudo account number (by the '9' as the second digit, and/or by the inclusion of the fields not found in a conventional authorization request) and sends to its MasterCard-provided security module the pseudo account number. If secret-key authentication is performed, the acquirer additionally sends to the security module (a) the merchant identification number, (b) the transaction sequence number, and (c) the MAC produced by the cardholder's secure application.
Upon receipt of this data, the security module cryptographically processes the pseudo account number to produce the "real" account number as described above with reference to Fig. 3b. (The translation is shown in Figs. 4a and 4b as using function "Dl".)
If secret-key authentication is required (see Fig. 4a), the security module additionally performs the following steps:
1. Generates the Per-Card Key, unique to the card of this transaction, using the "real" account number and the Per-Card Key Derivation Key as defined previously. (The generation of the Per-Card Key is shown in
Fig. 4a as using function "E3".)
2. Uses this just-derived key to create a MAC on the merchant identification number and the transaction sequence number, as defined previously. 3. Compares this generated MAC with the MAC given to it with the transaction data, and rejects the transaction if the two versions of the MAC are not identical.
4. If the two versions of the MAC are identical, outputs the "real" account number. . Once the acquirer has obtained the "real" account number from the security module, it combines this with the expiration date from the transaction data. The acquirer may process the resulting transaction internally in its own facility if it is a provider of such processing services, or it may pass the transaction on to MasterCard over Banknet communication lines for MasterCard to send to the issuer in a conventional mode.
The response received by the acquirer from the issuer is identical in all respects to conventional processing, and provides an approval or rejection based on the "real" account number.
If the acquirer passes the account number to the merchant as part of its response, it must first convert the "real" account number back into a pseudo account number using the appropriate cryptographic key stored in the security module, and using the previously-discussed process.
Figure 5 illustrates the process of clearing a transaction. The merchant sends all the transactions to the acquirer at the end of the day or periodically during the day. Each of these transactions includes all of the conventional MasterCard transaction details, except that they may contain a pseudo account number rather than a "real" account number. The acquirer takes all of the pseudo account numbers from these transactions and processes them through the MasterCard-provided security module, thus converting pseudo account numbers to "real" account numbers. The acquirer then processes the transactions internally or routes them to MasterCard International for clearing to the issuer in a conventional manner.
Figure 6 illustrates how charge-backs, retrieval requests, etc., are processed in the MasterCard interchange. The figure shows that both the acquirer and the issuer have security modules 10. However, the issuer need not have a security module unless it will take cardholder inquiries over the Internet and unless the cardholder's computer communicates with the issuer by outputting a pseudo account number rather than a "real" account number. In this situation the issuer needs a security module in order to be able to convert the pseudo account number to the "real" account number. The issuer does not need a security module if the cardholder communicates with the issuer through postal mail. The acquirer may have a security module in order to be able to process a transaction as a second presentment or retrieval request fulfillment from a merchant, where the merchant can only reference the transaction with a pseudo account number. Therefore the MasterCard-provided security module at the acquiring bank's facility needs the capability to translate from "real" account numbers to pseudo account numbers as well as from pseudo account numbers to "real" account numbers.
The transactions that go through MasterCard will be routed through Banknet with the "real" account number and not the pseudo account number. If secret-key authentication is used, it may be necessary for the acquirer to confirm that the transaction sequence number is unique for the merchant in question. If public-key authentication is used, it may be necessary for the merchant to produce the card's digital certificate, its signature, the cardholder-agreed transaction amount, the merchant identification number and the transaction sequence number, so that it can demonstrate that it actually verified the certificate and signature.
When public-key authentication is used, the above discussion considers a one-level key hierarchy in which MasterCard itself directly signs the certificate for every card. However a multi-level hierarchy is also possible. For example, MasterCard might sign a certificate for each of its issuers, and the issuer would in turn sign the certificates for the cards it issued. This would be an example of a two-level hierarchy.
Advantageously, the present invention provides enhanced security for the use of payment account numbers over the Internet. With the present invention, if one or more pseudo account numbers were to be stolen from a merchant, the stolen pseudo account numbers could not be used to conduct fraudulent transactions because transactions based on pseudo account numbers are preferably cryptographically authenticated using a secret key that is unique for each account number. This secret key is located only within the cardholder's secure payment application. Furthermore, a pseudo account number can not be used to make conventional MasterCard transactions (at point-of-sale terminals, for example) because the pseudo account number does not disclose the "real" account number.
The foregoing merely illustrates the principles of the invention. It will thus be appreciated that those skilled in the art will be able to devise numerous systems and methods which, although not explicitly shown or described herein, embody the principles of the invention and thus within the spirit and scope of the invention.

Claims

CLAIMS 1. A method of conducting a transaction by a purchaser over a communications network, comprising:
(a) assigning to said purchaser a first payment account number having a status which changes over time;
(b) providing a second payment account number associated with said first payment account number, said second payment account number not being a transaction number and having an encryption key assigned thereto;
(c) requesting authorization for payment of said transaction with said second payment account number and not said first payment account number;
(d) identifying said purchaser's first payment account number in response to said authorization request; and
(e) responding to said authorization request based upon said status of said first payment account number at the time of the transaction.
2. The method of claim 1, wherein said authorization request includes a cryptographic code based on said encryption key, and wherein said response to said authorization request is further based on said cryptographic code.
3. The method of claim 2, wherem said status is a function of the credit balance available for use by said purchaser, which credit balance changes over time as a result of the purchases made by the purchaser.
4. A method of conducting a transaction by a purchaser over a communications network, comprising:
(a) assigning to said purchaser a first payment account number having a status which changes over time; (b) providing said purchaser with a secure payment application which includes a cryptographic key that is unique to said account number and a pseudo account number having the same length as and associated with said first payment account number; (c) providing said purchaser with merchant data based on the transaction;
(d) generating a message authentication code as a function of at least said merchant data and said cryptographic key; (e) providing said merchant said pseudo account number and said message authentication code and not said first payment account number;
(f) verifying that said merchant data is the correct data for the transaction;
(g) requesting an authorization for payment of said transaction, said authorization request not including said first payment account number but including said pseudo account number;
(h) recognizing said pseudo account number and cryptographically processing said pseudo account number to produce said first payment account number; and (i) responding to said authorization request based on the status of said first payment account number, and passing said response back without transmission of said first payment account number.
5. The method of claim 4 wherein said pseudo account number is indicated to be different from said first payment account number by a special identifier within the pseudo account number.
6. The method of claim 4 wherein said pseudo account number is indicated to be such by data within a transaction record.
7. The method of claim 4 wherein said cryptographic key is a secret key.
8. The method of claim 4 wherein said cryptographic key is a private key and said secure payment application further includes a card-unique certificate for the corresponding public key and said message authentication code comprises a digital signature generated by said secure payment application.
9. The method of claim 4 wherein said pseudo account number is obtained by encrypting the associated first payment account number utilizing DESX methodology.
10. The method of claim 4 wherein said pseudo account number is converted back into its associated first payment account number utilizing DEA with a double-length key.
PCT/US2001/008209 2000-03-15 2001-03-15 Method and system for secure payments over a computer network WO2001069556A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
AU4365801A AU4365801A (en) 2000-03-15 2001-03-15 Method and system for secure payments over a computer network
EP01916663A EP1269429A2 (en) 2000-03-15 2001-03-15 Method and system for secure payments over a computer network
AU2001243658A AU2001243658B2 (en) 2000-03-15 2001-03-15 Method and system for secure payments over a computer network
CA002403283A CA2403283A1 (en) 2000-03-15 2001-03-15 Method and system for secure payments over a computer network
JP2001567553A JP2003534585A (en) 2000-03-15 2001-03-15 Secure payment method and system over computer network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US18965000P 2000-03-15 2000-03-15
US60/189,650 2000-03-15

Publications (2)

Publication Number Publication Date
WO2001069556A2 true WO2001069556A2 (en) 2001-09-20
WO2001069556A3 WO2001069556A3 (en) 2001-12-13

Family

ID=22698221

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/008209 WO2001069556A2 (en) 2000-03-15 2001-03-15 Method and system for secure payments over a computer network

Country Status (7)

Country Link
US (1) US9672515B2 (en)
EP (1) EP1269429A2 (en)
JP (1) JP2003534585A (en)
AU (2) AU2001243658B2 (en)
CA (1) CA2403283A1 (en)
WO (1) WO2001069556A2 (en)
ZA (1) ZA200207410B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001099071A3 (en) * 2000-06-22 2002-05-30 Mastercard International Inc An improved method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US6915279B2 (en) 2001-03-09 2005-07-05 Mastercard International Incorporated System and method for conducting secure payment transactions
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
GB2434241A (en) * 2006-11-23 2007-07-18 Richard Mervyn Gardner Payment card system with main and temporary card accounts
US7379919B2 (en) 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US7708198B2 (en) 1998-05-29 2010-05-04 E-Micro Corporation Wallet consolidator to facilitate a transaction
WO2010040341A3 (en) * 2008-10-08 2010-06-03 Ralf Sommer Data processing device having certifiable encryption
GB2493138A (en) * 2011-07-15 2013-01-30 Flick Mobile Ltd A system for secure payment transactions
US8650103B2 (en) 2001-10-17 2014-02-11 Ebay, Inc. Verification of a person identifier received online
US9672515B2 (en) 2000-03-15 2017-06-06 Mastercard International Incorporated Method and system for secure payments over a computer network
US9818100B2 (en) 2002-07-15 2017-11-14 Citicorp Credit Services, Inc. (Usa) Method and system for a multi-purpose transactional platform
US10074081B1 (en) 2009-08-14 2018-09-11 Citicorp Credit Services, Inc. (Usa) Methods and systems for use of a prepaid payment device
US10515427B1 (en) 2009-08-14 2019-12-24 Citicorp Credit Services, Inc. (Usa) Methods and systems for use of a prepaid payment device for a healthcare service or product

Families Citing this family (196)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7357312B2 (en) * 1998-05-29 2008-04-15 Gangi Frank J System for associating identification and personal data for multiple magnetic stripe cards or other sources to facilitate a transaction and related methods
EP1049056A3 (en) 1999-04-26 2001-06-13 CheckFree Corporation Electronic bill presentment and/or payment clearinghouse
AUPQ439299A0 (en) * 1999-12-01 1999-12-23 Silverbrook Research Pty Ltd Interface system
US7792298B2 (en) * 1999-06-30 2010-09-07 Silverbrook Research Pty Ltd Method of using a mobile device to authenticate a printed token and output an image associated with the token
US20050212830A1 (en) * 1999-09-17 2005-09-29 Silverbrook Research Pty Ltd Method of accessing a connection address using a mobile device with a sensing means
US7366696B1 (en) * 1999-10-08 2008-04-29 Checkfree Corporation Electronic billing with flexible biller controlled electronic bill presentment
US6805288B2 (en) 2000-05-15 2004-10-19 Larry Routhenstein Method for generating customer secure card numbers subject to use restrictions by an electronic card
WO2002041565A1 (en) * 2000-11-16 2002-05-23 Richard Dean Brown Method, system and devices for authenticating transactions using verification codes
US7292999B2 (en) * 2001-03-15 2007-11-06 American Express Travel Related Services Company, Inc. Online card present transaction
US20090008441A1 (en) * 2001-07-10 2009-01-08 Xatra Fund Mx, Llc Tracking rf transaction activity using a transaction device identifier
US7054842B2 (en) * 2001-10-03 2006-05-30 First Data Corporation Stored value cards and methods for their issuance
US7805376B2 (en) * 2002-06-14 2010-09-28 American Express Travel Related Services Company, Inc. Methods and apparatus for facilitating a transaction
US7577585B2 (en) * 2001-12-07 2009-08-18 American Express Travel Related Services Company, Inc. Method and system for completing transactions involving partial shipments
US6901387B2 (en) 2001-12-07 2005-05-31 General Electric Capital Financial Electronic purchasing method and apparatus for performing the same
US8190530B2 (en) 2002-01-30 2012-05-29 Visa U.S.A. Inc. Method and system for providing multiple services via a point-of-sale portal architecture
US9710804B2 (en) * 2012-10-07 2017-07-18 Andrew H B Zhou Virtual payment cards issued by banks for mobile and wearable devices
US9704151B2 (en) * 2002-10-01 2017-07-11 Andrew H B Zhou Systems and methods for mobile application, wearable application, transactional messaging, calling, digital multimedia capture and payment transactions
US7729996B2 (en) 2002-11-01 2010-06-01 Checkfree Corporation Reuse of an EBP account through alternate authentication
US8073773B2 (en) 2002-11-01 2011-12-06 Checkfree Corporation Technique for identifying probable billers of a consumer
US20040139011A1 (en) * 2002-11-01 2004-07-15 Kozee Casey W. Technique for identifying probable payees of a consumer
US7740168B2 (en) 2003-08-18 2010-06-22 Visa U.S.A. Inc. Method and system for generating a dynamic verification value
US7761374B2 (en) * 2003-08-18 2010-07-20 Visa International Service Association Method and system for generating a dynamic verification value
AU2004201058B1 (en) * 2004-03-15 2004-09-09 Lockstep Consulting Pty Ltd Means and method of issuing Anonymous Public Key Certificates for indexing electronic record systems
US7413112B2 (en) * 2004-03-16 2008-08-19 American Express Travel Related Services Company, Inc. Method and system for manual authorization
US20140019352A1 (en) 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
US7917395B2 (en) 2004-09-28 2011-03-29 The Western Union Company Wireless network access prepayment systems and methods
US7641109B2 (en) * 2005-05-18 2010-01-05 The Western Union Company Money transfer cards, systems and methods
US8152054B2 (en) 2004-10-19 2012-04-10 The Western Union Company Money transfer systems and methods
US20070288313A1 (en) * 2006-06-09 2007-12-13 Mark Brodson E-Coupon System and Method
US10248951B2 (en) 2004-12-01 2019-04-02 Metavante Corporation E-coupon settlement and clearing process
US7693277B2 (en) 2005-01-07 2010-04-06 First Data Corporation Generating digital signatures using ephemeral cryptographic key
US7869593B2 (en) * 2005-01-07 2011-01-11 First Data Corporation Software for providing based on shared knowledge public keys having same private key
US7936869B2 (en) 2005-01-07 2011-05-03 First Data Corporation Verifying digital signature based on shared knowledge
US20060153367A1 (en) * 2005-01-07 2006-07-13 Beeson Curtis L Digital signature system based on shared knowledge
US20070262138A1 (en) * 2005-04-01 2007-11-15 Jean Somers Dynamic encryption of payment card numbers in electronic payment transactions
US7451481B2 (en) * 2005-04-29 2008-11-11 Merchant Link, Llc Database system and method for encryption and protection of confidential information
US7284921B2 (en) * 2005-05-09 2007-10-23 Silverbrook Research Pty Ltd Mobile device with first and second optical pathways
US20070214091A1 (en) * 2005-05-18 2007-09-13 The Western Union Company Electronic payment instrument system and method
US7392940B2 (en) 2005-05-18 2008-07-01 The Western Union Company In-lane money transfer systems and methods
US8672220B2 (en) * 2005-09-30 2014-03-18 The Western Union Company Money transfer system and method
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
WO2007038743A2 (en) * 2005-09-28 2007-04-05 Visa International Service Association Device, system and method for reducing an interaction time for a contactless transaction
US20070170247A1 (en) * 2006-01-20 2007-07-26 Maury Samuel Friedman Payment card authentication system and method
US7818264B2 (en) * 2006-06-19 2010-10-19 Visa U.S.A. Inc. Track data encryption
US9065643B2 (en) 2006-04-05 2015-06-23 Visa U.S.A. Inc. System and method for account identifier obfuscation
WO2008039942A1 (en) * 2006-09-27 2008-04-03 Electronic Commerce Protection Corporation Mechanism for fraud-resistant consumer transactions
US7606766B2 (en) * 2006-12-21 2009-10-20 American Express Travel Related Services Company, Inc. Computer system and computer-implemented method for selecting invoice settlement options
US8818904B2 (en) * 2007-01-17 2014-08-26 The Western Union Company Generation systems and methods for transaction identifiers having biometric keys associated therewith
US7933835B2 (en) * 2007-01-17 2011-04-26 The Western Union Company Secure money transfer systems and methods using biometric keys associated therewith
US8504473B2 (en) 2007-03-28 2013-08-06 The Western Union Company Money transfer system and messaging system
US20080306876A1 (en) * 2007-06-05 2008-12-11 Horvath Kris M Verifying dynamic transaction security code in payment card system
US7835988B2 (en) 2007-06-05 2010-11-16 Mastercard International, Inc. Methods and apparatus for preventing fraud in payment processing transactions
US8121956B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Cardless challenge systems and methods
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
US20090248583A1 (en) * 2008-03-31 2009-10-01 Jasmeet Chhabra Device, system, and method for secure online transactions
US7885878B2 (en) * 2008-05-28 2011-02-08 First Data Corporation Systems and methods of payment account activation
US20090307140A1 (en) * 2008-06-06 2009-12-10 Upendra Mardikar Mobile device over-the-air (ota) registration and point-of-sale (pos) payment
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
WO2010053899A2 (en) 2008-11-06 2010-05-14 Visa International Service Association Online challenge-response
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US10846683B2 (en) 2009-05-15 2020-11-24 Visa International Service Association Integration of verification tokens with mobile communication devices
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US8602293B2 (en) 2009-05-15 2013-12-10 Visa International Service Association Integration of verification tokens with portable computing devices
US7891560B2 (en) * 2009-05-15 2011-02-22 Visa International Service Assocation Verification of portable consumer devices
US9038886B2 (en) * 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US10140598B2 (en) 2009-05-20 2018-11-27 Visa International Service Association Device including encrypted data for expiration date and verification value creation
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
CN102713922B (en) 2010-01-12 2015-11-25 维萨国际服务协会 For the method whenever confirmed to checking token
US9424413B2 (en) 2010-02-24 2016-08-23 Visa International Service Association Integration of payment capability into secure elements of computers
US10255601B2 (en) 2010-02-25 2019-04-09 Visa International Service Association Multifactor authentication using a directory server
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
US8346671B2 (en) 2010-04-01 2013-01-01 Merchant Link, Llc System and method for point-to-point encryption with adjunct terminal
US9342832B2 (en) 2010-08-12 2016-05-17 Visa International Service Association Securing external systems with account token substitution
WO2012030124A2 (en) * 2010-08-30 2012-03-08 Hong Keong Pyo Method for selling contents using api and online community
US20120072346A1 (en) * 2010-09-16 2012-03-22 Yomir Sp System and method for securing and authenticating purchase transactions
US10176477B2 (en) 2010-11-16 2019-01-08 Mastercard International Incorporated Methods and systems for universal payment account translation
US8762284B2 (en) * 2010-12-16 2014-06-24 Democracyontheweb, Llc Systems and methods for facilitating secure transactions
CN109118199A (en) 2011-02-16 2019-01-01 维萨国际服务协会 Snap mobile payment device, method and system
US10586227B2 (en) 2011-02-16 2020-03-10 Visa International Service Association Snap mobile payment apparatuses, methods and systems
SG193510A1 (en) 2011-02-22 2013-10-30 Visa Int Service Ass Universal electronic payment apparatuses, methods and systems
WO2012116221A1 (en) 2011-02-23 2012-08-30 Mastercard International, Inc. Demand deposit account payment system
GB201105774D0 (en) 2011-04-05 2011-05-18 Visa Europe Ltd Payment system
WO2012142045A2 (en) 2011-04-11 2012-10-18 Visa International Service Association Multiple tokenization for authentication
US8943574B2 (en) * 2011-05-27 2015-01-27 Vantiv, Llc Tokenizing sensitive data
WO2013006725A2 (en) 2011-07-05 2013-01-10 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9582598B2 (en) 2011-07-05 2017-02-28 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
WO2013019567A2 (en) 2011-07-29 2013-02-07 Visa International Service Association Passing payment tokens through an hop/sop
US9710807B2 (en) 2011-08-18 2017-07-18 Visa International Service Association Third-party value added wallet features and interfaces apparatuses, methods and systems
US10825001B2 (en) 2011-08-18 2020-11-03 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US9165294B2 (en) 2011-08-24 2015-10-20 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
US8862767B2 (en) 2011-09-02 2014-10-14 Ebay Inc. Secure elements broker (SEB) for application communication channel selector optimization
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
US20130159178A1 (en) * 2011-12-14 2013-06-20 Firethorn Mobile, Inc. System and Method For Loading A Virtual Token Managed By A Mobile Wallet System
WO2013096606A1 (en) 2011-12-21 2013-06-27 Mastercard International Incorporated Methods and systems for providing a payment account with adaptive interchange
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
RU2631983C2 (en) 2012-01-05 2017-09-29 Виза Интернэшнл Сервис Ассосиэйшн Data protection with translation
WO2013113004A1 (en) 2012-01-26 2013-08-01 Visa International Service Association System and method of providing tokenization as a service
AU2013214801B2 (en) 2012-02-02 2018-06-21 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
US11593800B2 (en) 2012-03-07 2023-02-28 Early Warning Services, Llc System and method for transferring funds
US10535064B2 (en) 2012-03-19 2020-01-14 Paynet Payments Network, Llc Systems and methods for real-time account access
CA2867697C (en) * 2012-03-19 2022-03-29 Paynet Payments Network, Llc Systems and methods for real-time account access
WO2013166501A1 (en) 2012-05-04 2013-11-07 Visa International Service Association System and method for local data conversion
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US9547769B2 (en) 2012-07-03 2017-01-17 Visa International Service Association Data protection hub
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
WO2014043278A1 (en) 2012-09-11 2014-03-20 Visa International Service Association Cloud-based virtual wallet nfc apparatuses, methods and systems
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US10304047B2 (en) 2012-12-07 2019-05-28 Visa International Service Association Token generating component
US8972296B2 (en) * 2012-12-31 2015-03-03 Ebay Inc. Dongle facilitated wireless consumer payments
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US10740731B2 (en) 2013-01-02 2020-08-11 Visa International Service Association Third party settlement
US11055710B2 (en) 2013-05-02 2021-07-06 Visa International Service Association Systems and methods for verifying and processing transactions using virtual currency
SG11201509386UA (en) 2013-05-15 2015-12-30 Visa Int Service Ass Mobile tokenization hub
US10878422B2 (en) 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
CN113469670B (en) 2013-07-24 2024-04-05 维萨国际服务协会 System and method for ensuring data transfer risk using tokens
AU2014294613B2 (en) 2013-07-26 2017-03-16 Visa International Service Association Provisioning payment credentials to a consumer
SG11201600909QA (en) 2013-08-08 2016-03-30 Visa Int Service Ass Methods and systems for provisioning mobile devices with payment credentials
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
EP3937108A1 (en) 2013-10-11 2022-01-12 Visa International Service Association Network token system
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
SG10201900029SA (en) 2013-11-19 2019-02-27 Visa Int Service Ass Automated account provisioning
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
AU2014368949A1 (en) 2013-12-19 2016-06-09 Visa International Service Association Cloud-based transactions methods and systems
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
US10902417B2 (en) * 2014-04-29 2021-01-26 Mastercard International Incorporated Systems and methods of processing payment transactions using one-time tokens
CA2946150A1 (en) 2014-05-01 2015-11-05 Visa International Service Association Data verification using access device
EP3140798A4 (en) 2014-05-05 2017-12-20 Visa International Service Association System and method for token domain control
CN106465112A (en) 2014-05-21 2017-02-22 维萨国际服务协会 Offline authentication
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
ES2732564T3 (en) 2014-09-26 2019-11-25 Visa Int Service Ass Remote server encrypted data provisioning system and procedures
US11257074B2 (en) 2014-09-29 2022-02-22 Visa International Service Association Transaction risk based token
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
GB201419016D0 (en) 2014-10-24 2014-12-10 Visa Europe Ltd Transaction Messaging
US10325261B2 (en) 2014-11-25 2019-06-18 Visa International Service Association Systems communications with non-sensitive identifiers
US11620643B2 (en) 2014-11-26 2023-04-04 Visa International Service Association Tokenization request via access device
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
AU2015361023B2 (en) 2014-12-12 2019-08-29 Visa International Service Association Provisioning platform for machine-to-machine devices
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US11250391B2 (en) 2015-01-30 2022-02-15 Visa International Service Association Token check offline
WO2016126729A1 (en) 2015-02-03 2016-08-11 Visa International Service Association Validation identity tokens for transactions
US10977657B2 (en) 2015-02-09 2021-04-13 Visa International Service Association Token processing utilizing multiple authorizations
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US11301840B1 (en) * 2015-03-30 2022-04-12 Block, Inc. Systems and methods for provisioning point of sale terminals
EP3281164B1 (en) 2015-04-10 2019-06-05 Visa International Service Association Browser integration with cryptogram
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
US10552834B2 (en) 2015-04-30 2020-02-04 Visa International Service Association Tokenization capable authentication framework
US10476831B2 (en) * 2015-07-08 2019-11-12 Campus Crusade For Christ, Inc. System and methods for providing a notification upon the occurrence of a trigger event associated with playing media content over a network
US11386410B2 (en) * 2015-07-21 2022-07-12 Early Warning Services, Llc Secure transactions with offline device
CN114529300A (en) 2015-10-15 2022-05-24 维萨国际服务协会 Instant token issuing system
CN108370319B (en) 2015-12-04 2021-08-17 维萨国际服务协会 Method and computer for token verification
CA3009659C (en) 2016-01-07 2022-12-13 Visa International Service Association Systems and methods for device push provisioning
EP3411846A4 (en) 2016-02-01 2018-12-12 Visa International Service Association Systems and methods for code display and use
US11501288B2 (en) 2016-02-09 2022-11-15 Visa International Service Association Resource provider account token provisioning and processing
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
AU2016403734B2 (en) 2016-04-19 2022-11-17 Visa International Service Association Systems and methods for performing push transactions
US11250424B2 (en) 2016-05-19 2022-02-15 Visa International Service Association Systems and methods for creating subtokens using primary tokens
EP3466017B1 (en) 2016-06-03 2021-05-19 Visa International Service Association Subtoken management system for connected devices
US11068899B2 (en) 2016-06-17 2021-07-20 Visa International Service Association Token aggregation for multi-party transactions
AU2017281938A1 (en) 2016-06-24 2018-10-25 Visa International Service Association Unique token authentication cryptogram
AU2017295842A1 (en) 2016-07-11 2018-11-01 Visa International Service Association Encryption key exchange process using access device
CN109478287B (en) 2016-07-19 2023-08-15 维萨国际服务协会 Method for distributing tokens and managing token relationships
US10509779B2 (en) 2016-09-14 2019-12-17 Visa International Service Association Self-cleaning token vault
CN117009946A (en) 2016-11-28 2023-11-07 维萨国际服务协会 Access identifier supplied to application program
US10915899B2 (en) 2017-03-17 2021-02-09 Visa International Service Association Replacing token on a multi-token user device
US10902418B2 (en) 2017-05-02 2021-01-26 Visa International Service Association System and method using interaction token
US11494765B2 (en) 2017-05-11 2022-11-08 Visa International Service Association Secure remote transaction system using mobile devices
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system
WO2019049040A1 (en) * 2017-09-09 2019-03-14 Swarna Kumari Adari System and method for financial transactions using binary coded decimal (bcd) bank card
US10630470B2 (en) 2017-09-29 2020-04-21 Micro Focus Llc Zone based key version encoding
SG11202008451RA (en) 2018-03-07 2020-09-29 Visa Int Service Ass Secure remote token release with online authentication
CN108764904B (en) * 2018-05-25 2021-10-08 广东盈峰普惠互联小额贷款股份有限公司 Double-key anti-theft method in distributed account system
US11256789B2 (en) 2018-06-18 2022-02-22 Visa International Service Association Recurring token transactions
CN112740207A (en) 2018-08-22 2021-04-30 维萨国际服务协会 Method and system for token provisioning and processing
EP3881258A4 (en) 2018-11-14 2022-01-12 Visa International Service Association Cloud token provisioning of multiple tokens
US10846677B2 (en) 2019-01-11 2020-11-24 Merchant Link, Llc System and method for secure detokenization
WO2020236135A1 (en) 2019-05-17 2020-11-26 Visa International Service Association Virtual access credential interaction system and method

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5883810A (en) 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions

Family Cites Families (163)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3665161A (en) 1969-10-20 1972-05-23 Day Albert J Card readout system
US4314352A (en) 1972-04-12 1982-02-02 Docutel Corporation Banking machine
US3845277A (en) 1972-09-01 1974-10-29 Mosler Safe Co Off-line cash dispenser and banking system
US4253017A (en) 1978-05-31 1981-02-24 Whitehead Edwin N Magnetically coded identification card
US4016405A (en) 1975-06-09 1977-04-05 Diebold, Incorporated Card validation, method and system
US4123747A (en) * 1977-05-20 1978-10-31 International Business Machines Corporation Identity verification method and apparatus
US4234932A (en) 1978-09-05 1980-11-18 Honeywell Information Systems Inc. Security system for remote cash dispensers
JPS5710869A (en) 1980-06-24 1982-01-20 Omron Tateisi Electronics Co Fault processing method of automatic transaction processing equipment
US4390968A (en) 1980-12-30 1983-06-28 Honeywell Information Systems Inc. Automated bank transaction security system
US4578530A (en) 1981-06-26 1986-03-25 Visa U.S.A., Inc. End-to-end encryption system and method of operation
US4458142A (en) 1981-10-07 1984-07-03 Hecon Corporation Programmed electronic keycorder unit
US4926480A (en) 1983-08-22 1990-05-15 David Chaum Card-computer moderated systems
GB2146814A (en) 1983-09-17 1985-04-24 Ibm Electronic fund transfer systems
EP0247623A3 (en) 1984-03-19 1989-09-20 Omron Tateisi Electronics Co. Ic card transaction system
US5168520A (en) 1984-11-30 1992-12-01 Security Dynamics Technologies, Inc. Method and apparatus for personal identification
US5367572A (en) 1984-11-30 1994-11-22 Weiss Kenneth P Method and apparatus for personal identification
EP0246823A3 (en) 1986-05-22 1989-10-04 Racal-Guardata Limited Data communication systems and methods
JPS63231692A (en) 1987-03-20 1988-09-27 Mitsubishi Electric Corp Secret code writer
JPS63253493A (en) 1987-04-09 1988-10-20 Mitsubishi Electric Corp Information recording system
GB9105851D0 (en) 1991-03-20 1991-05-08 Security Systems Consortium Th Securing financial transactions
US5577209A (en) 1991-07-11 1996-11-19 Itt Corporation Apparatus and method for providing multi-level security for communication among computers and terminals on a network
US5440108A (en) 1991-10-11 1995-08-08 Verifone, Inc. System and method for dispensing and revalung cash cards
US5557518A (en) 1994-04-28 1996-09-17 Citibank, N.A. Trusted agents for open electronic commerce
US5453601A (en) 1991-11-15 1995-09-26 Citibank, N.A. Electronic-monetary system
US5428210A (en) 1992-01-10 1995-06-27 National Bancard Corporation Data card terminal with embossed character reader and signature capture
FR2686172B1 (en) 1992-01-14 1996-09-06 Gemplus Card Int PLUG - IN CARD FOR A MICROCOMPUTER FORMING A CARD READER WITH FLUSHED CONTACTS.
AU5538494A (en) 1992-10-30 1994-05-24 Microbilt Corporation Multi-reader transaction terminal
US5350906A (en) 1992-11-25 1994-09-27 Brody Bill E Currency transfer system and method using fixed limit cards
US5317636A (en) 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
US5371797A (en) 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
US5373558A (en) 1993-05-25 1994-12-13 Chaum; David Desinated-confirmer signature systems
US5538442A (en) 1993-10-04 1996-07-23 Murata Mfg. Co., Ltd. Communication card
JP3367675B2 (en) 1993-12-16 2003-01-14 オープン マーケット インコーポレイテッド Open network sales system and method for real-time approval of transaction transactions
US5530232A (en) 1993-12-22 1996-06-25 Datamark Services, Inc. Multi-application data card
US5578808A (en) 1993-12-22 1996-11-26 Datamark Services, Inc. Data card that can be used for transactions involving separate card issuers
US5434919A (en) 1994-01-11 1995-07-18 Chaum; David Compact endorsement signature systems
US5623552A (en) 1994-01-21 1997-04-22 Cardguard International, Inc. Self-authenticating identification card with fingerprint identification
US5434398A (en) 1994-02-22 1995-07-18 Haim Labenski Magnetic smartcard
AUPM616994A0 (en) 1994-06-09 1994-07-07 Reilly, Chris Security system for eft using magnetic strip cards
GB9416595D0 (en) 1994-08-17 1994-10-12 British Telecomm User authentication in a communications network
DE69533328T2 (en) 1994-08-30 2005-02-10 Kokusai Denshin Denwa Co., Ltd. VERIFICATION DEVICE
US5715314A (en) 1994-10-24 1998-02-03 Open Market, Inc. Network sales system
US5590197A (en) * 1995-04-04 1996-12-31 V-One Corporation Electronic payment system and method
US5678010A (en) 1995-06-07 1997-10-14 Compuserve Incorporated Automated routing of messages over a network
US5790677A (en) 1995-06-29 1998-08-04 Microsoft Corporation System and method for secure electronic commerce transactions
JPH0950465A (en) 1995-08-04 1997-02-18 Hitachi Ltd Electronic shopping method, electronic shopping system and document authentication method
US5671280A (en) 1995-08-30 1997-09-23 Citibank, N.A. System and method for commercial payments using trusted agents
US5663553A (en) 1995-09-27 1997-09-02 Intel Corporation Mass storage device adapter for smart cards
NL1001863C2 (en) 1995-12-08 1997-06-10 Nederland Ptt Method for securely writing down an electronic payment method, as well as payment method for implementing the method.
US5761306A (en) 1996-02-22 1998-06-02 Visa International Service Association Key replacement in a public key cryptosystem
US5850442A (en) 1996-03-26 1998-12-15 Entegrity Solutions Corporation Secure world wide electronic commerce over an open network
US6044360A (en) 1996-04-16 2000-03-28 Picciallo; Michael J. Third party credit card
US5834756A (en) 1996-06-03 1998-11-10 Motorola, Inc. Magnetically communicative card
US6072870A (en) 1996-06-17 2000-06-06 Verifone Inc. System, method and article of manufacture for a gateway payment architecture utilizing a multichannel, extensible, flexible architecture
US6324525B1 (en) 1996-06-17 2001-11-27 Hewlett-Packard Company Settlement of aggregated electronic transactions over a network
US5878337A (en) 1996-08-08 1999-03-02 Joao; Raymond Anthony Transaction security apparatus and method
EP0831433A1 (en) 1996-09-24 1998-03-25 Koninklijke KPN N.V. Method of making recoverable smart card transactions, a method of recovering such a transaction, as well as a smart card allowing recoverable transactions
US5913203A (en) * 1996-10-03 1999-06-15 Jaesent Inc. System and method for pseudo cash transactions
US5953710A (en) * 1996-10-09 1999-09-14 Fleming; Stephen S. Children's credit or debit card system
US6021943A (en) 1996-10-09 2000-02-08 Chastain; Robert H. Process for executing payment transactions
EP0851396A1 (en) 1996-12-23 1998-07-01 Koninklijke KPN N.V. System for increasing a value of an electronic payment card
US5864830A (en) 1997-02-13 1999-01-26 Armetta; David Data processing method of configuring and monitoring a satellite spending card linked to a host credit card
CA2288824A1 (en) 1997-03-24 1998-10-01 Marc B. Kekicheff A system and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card
IL120672A (en) 1997-04-15 2000-06-29 Nush Marketing Man And Consult System for transaction over communication network
US6012636A (en) 1997-04-22 2000-01-11 Smith; Frank E. Multiple card data system having first and second memory elements including magnetic strip and fingerprints scanning means
US6105012A (en) 1997-04-22 2000-08-15 Sun Microsystems, Inc. Security system and method for financial institution server and client web browser
US6111953A (en) 1997-05-21 2000-08-29 Walker Digital, Llc Method and apparatus for authenticating a document
AU8276398A (en) 1997-07-03 1999-01-25 Citicorp Development Center, Inc. System and method for transferring value to a magnetic stripe on a transaction card
US6078888A (en) 1997-07-16 2000-06-20 Gilbarco Inc. Cryptography security for remote dispenser transactions
JPH1139401A (en) 1997-07-16 1999-02-12 Nippon Shinpan Kk Credit card system and method for using credit card through network
AU8596098A (en) * 1997-07-25 1999-02-16 Main Street Marketing Automated credit card payment system
US5903878A (en) 1997-08-20 1999-05-11 Talati; Kirit K. Method and apparatus for electronic commerce
US6003014A (en) * 1997-08-22 1999-12-14 Visa International Service Association Method and apparatus for acquiring access using a smart card
US6163771A (en) * 1997-08-28 2000-12-19 Walker Digital, Llc Method and device for generating a single-use financial account number
US5914472A (en) 1997-09-23 1999-06-22 At&T Corp Credit card spending authorization control system
US6000832A (en) * 1997-09-24 1999-12-14 Microsoft Corporation Electronic online commerce card with customer generated transaction proxy number for online transactions
AU755458B2 (en) 1997-10-14 2002-12-12 Visa International Service Association Personalization of smart cards
US5991750A (en) 1997-10-24 1999-11-23 Ge Capital System and method for pre-authorization of individual account transactions
EP0921487A3 (en) 1997-12-08 2000-07-26 Nippon Telegraph and Telephone Corporation Method and system for billing on the internet
DE69826318T2 (en) 1997-12-19 2005-10-13 Visa International Service Association, Foster City CARD ACTIVATION AT THE DISTRIBUTION AGENCY
US6263446B1 (en) 1997-12-23 2001-07-17 Arcot Systems, Inc. Method and apparatus for secure distribution of authentication credentials to roaming users
JPH11203323A (en) 1998-01-09 1999-07-30 Hitachi Ltd Method for managing electronic commercial transaction information and computer readable recording medium for recording information management client program
US6098053A (en) 1998-01-28 2000-08-01 Citibank, N.A. System and method for performing an electronic financial transaction
US6636833B1 (en) * 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
US6422462B1 (en) 1998-03-30 2002-07-23 Morris E. Cohen Apparatus and methods for improved credit cards and credit card transactions
EP1082710A1 (en) 1998-06-05 2001-03-14 Landis & Gyr Communications S.A. Preloaded ic-card and method for authenticating the same
US6484182B1 (en) 1998-06-12 2002-11-19 International Business Machines Corporation Method and apparatus for publishing part datasheets
JP2000036013A (en) 1998-07-17 2000-02-02 Olympus Optical Co Ltd Card-type information recording medium set, information reproducing device and information reproducing system
KR100358426B1 (en) 1998-08-18 2003-01-29 한국전자통신연구원 Electronic Cash Transaction Method
US6343279B1 (en) 1998-08-26 2002-01-29 American Management Systems, Inc. System integrating credit card transactions into a financial management system
KR100331863B1 (en) 1998-11-03 2002-05-09 서평원 Apparatus and Method of Cryptographing Data in the Network
US6473740B2 (en) 1998-11-29 2002-10-29 Qpass, Inc. Electronic commerce using a transaction network
US6339766B1 (en) 1998-12-02 2002-01-15 Transactionsecure Electronic payment system employing limited-use account number
US6173269B1 (en) 1998-12-16 2001-01-09 Zowi.Com, Inc Method and apparatus for executing electronic commercial transactions with minors
US6327578B1 (en) * 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
US6324526B1 (en) 1999-01-15 2001-11-27 D'agostino John System and method for performing secure credit card purchases
EP1028401A3 (en) 1999-02-12 2003-06-25 Citibank, N.A. Method and system for performing a bankcard transaction
US7565308B1 (en) * 1999-03-25 2009-07-21 Bollay Denison W Method of executing an electronic commerce sale from an affiliate web site
US6227447B1 (en) 1999-05-10 2001-05-08 First Usa Bank, Na Cardless payment system
US20010051902A1 (en) 1999-06-28 2001-12-13 Messner Marc A. Method for performing secure internet transactions
AU6053700A (en) 1999-06-28 2001-01-31 Starpay.Com, Inc. Apparatus and method for performing secure network transactions
US6370514B1 (en) 1999-08-02 2002-04-09 Marc A. Messner Method for marketing and redeeming vouchers for use in online purchases
US7171694B1 (en) 1999-07-21 2007-01-30 E-Payments Method for performing a transaction over a network
US7239226B2 (en) 2001-07-10 2007-07-03 American Express Travel Related Services Company, Inc. System and method for payment using radio frequency identification in contact and contactless transactions
US7889052B2 (en) 2001-07-10 2011-02-15 Xatra Fund Mx, Llc Authorizing payment subsequent to RF transactions
US6213403B1 (en) 1999-09-10 2001-04-10 Itt Manufacturing Enterprises, Inc. IC card with fingerprint sensor
US7319986B2 (en) 1999-09-28 2008-01-15 Bank Of America Corporation Dynamic payment cards and related management systems and associated methods
US7742967B1 (en) 1999-10-01 2010-06-22 Cardinalcommerce Corporation Secure and efficient payment processing system
US6394343B1 (en) 1999-10-14 2002-05-28 Jon N. Berg System for card to card transfer of monetary values
US6332134B1 (en) 1999-11-01 2001-12-18 Chuck Foster Financial transaction system
US6847953B2 (en) 2000-02-04 2005-01-25 Kuo James Shaw-Han Process and method for secure online transactions with calculated risk and against fraud
AU2001239945A1 (en) * 2000-02-29 2001-09-12 E-Scoring, Inc. Systems and methods enabling anonymous credit transactions
US7140036B2 (en) 2000-03-06 2006-11-21 Cardinalcommerce Corporation Centralized identity authentication for electronic communication networks
US20010047281A1 (en) 2000-03-06 2001-11-29 Keresman Michael A. Secure on-line authentication system for processing prescription drug fulfillment
AU2001243473A1 (en) 2000-03-07 2001-09-17 American Express Travel Related Services Company, Inc. System for facilitating a transaction
CA2403283A1 (en) 2000-03-15 2001-09-20 Edward J. Hogan Method and system for secure payments over a computer network
FR2806858B1 (en) 2000-03-22 2002-05-03 France Telecom CRYPTOGRAPHIC PROTECTION AGAINST FRAUD
EP1272988B1 (en) 2000-04-11 2011-09-28 Mastercard International, Inc. An improved method and system for conducting secure payments over a computer network
US20100228668A1 (en) * 2000-04-11 2010-09-09 Hogan Edward J Method and System for Conducting a Transaction Using a Proximity Device and an Identifier
US7379919B2 (en) * 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US20100223186A1 (en) * 2000-04-11 2010-09-02 Hogan Edward J Method and System for Conducting Secure Payments
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US6990470B2 (en) 2000-04-11 2006-01-24 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
CA2305249A1 (en) 2000-04-14 2001-10-14 Branko Sarcanin Virtual safe
US20010047335A1 (en) 2000-04-28 2001-11-29 Martin Arndt Secure payment method and apparatus
AU2000275203A1 (en) 2000-04-28 2001-11-12 Swisscom Mobile Ag Method for securing communications between a terminal and an additional user equipment
US6592044B1 (en) 2000-05-15 2003-07-15 Jacob Y. Wong Anonymous electronic card for generating personal coupons useful in commercial and security transactions
US20010056409A1 (en) * 2000-05-15 2001-12-27 Bellovin Steven Michael Offline one time credit card numbers for secure e-commerce
US6609654B1 (en) 2000-05-15 2003-08-26 Privasys, Inc. Method for allowing a user to customize use of a payment card that generates a different payment card number for multiple transactions
US6755341B1 (en) 2000-05-15 2004-06-29 Jacob Y. Wong Method for storing data in payment card transaction
US6805288B2 (en) 2000-05-15 2004-10-19 Larry Routhenstein Method for generating customer secure card numbers subject to use restrictions by an electronic card
US20020016749A1 (en) * 2000-05-26 2002-02-07 Borecki Dennis C. Methods and systems for network based electronic purchasing system
US6961858B2 (en) 2000-06-16 2005-11-01 Entriq, Inc. Method and system to secure content for distribution via a network
US7107462B2 (en) 2000-06-16 2006-09-12 Irdeto Access B.V. Method and system to store and distribute encryption keys
US7058611B2 (en) 2000-07-10 2006-06-06 Mastercard International Incorporated Method and system for conducting secure electronic commerce transactions with authorization request data loop-back
US20020023023A1 (en) * 2000-07-28 2002-02-21 Borecki Dennis C. Methods and systems for network based electronic purchasing and shipping system
US7624039B2 (en) 2000-07-28 2009-11-24 Cardinalcommerce Corporation Affinity shopping portal
US6598031B1 (en) 2000-07-31 2003-07-22 Edi Secure Lllp Apparatus and method for routing encrypted transaction card identifying data through a public telephone network
DE10038287A1 (en) 2000-08-05 2002-02-21 Itt Mfg Enterprises Inc Plug-in card for electronic devices
AU2000267747A1 (en) 2000-08-14 2002-02-25 Starpay.Com, Inc. Apparatus and method for performing secure network transactions
US7392388B2 (en) * 2000-09-07 2008-06-24 Swivel Secure Limited Systems and methods for identity verification for secure transactions
US7043635B1 (en) * 2000-09-15 2006-05-09 Swivel Secure Limited Embedded synchronous random disposable code identification method and system
JP2002117353A (en) 2000-10-12 2002-04-19 Nippon Shinpan Co Ltd Method and system for payment
US20020073045A1 (en) * 2000-10-23 2002-06-13 Rubin Aviel D. Off-line generation of limited-use credit card numbers
US20020073042A1 (en) 2000-12-07 2002-06-13 Maritzen L. Michael Method and apparatus for secure wireless interoperability and communication between access devices
US20020083010A1 (en) 2000-12-11 2002-06-27 Namsuk Kim Electronic identification system
US7150045B2 (en) 2000-12-14 2006-12-12 Widevine Technologies, Inc. Method and apparatus for protection of electronic media
US6931382B2 (en) 2001-01-24 2005-08-16 Cdck Corporation Payment instrument authorization technique
US6915279B2 (en) 2001-03-09 2005-07-05 Mastercard International Incorporated System and method for conducting secure payment transactions
US7292999B2 (en) * 2001-03-15 2007-11-06 American Express Travel Related Services Company, Inc. Online card present transaction
US20030208406A1 (en) 2001-03-28 2003-11-06 Okamoto Steve Atsushi Method and apparatus for processing one or more value bearing instruments
US7225156B2 (en) * 2001-07-11 2007-05-29 Fisher Douglas C Persistent dynamic payment service
KR100422250B1 (en) * 2001-08-21 2004-03-11 삼성전자주식회사 Portable Computer
US6811082B2 (en) 2001-09-18 2004-11-02 Jacob Y. Wong Advanced magnetic stripe bridge (AMSB)
US6607127B2 (en) 2001-09-18 2003-08-19 Jacob Y. Wong Magnetic stripe bridge
US7080049B2 (en) 2001-09-21 2006-07-18 Paymentone Corporation Method and system for processing a transaction
US7195154B2 (en) 2001-09-21 2007-03-27 Privasys, Inc. Method for generating customer secure card numbers
US6908030B2 (en) * 2001-10-31 2005-06-21 Arcot Systems, Inc. One-time credit card number generator and single round-trip authentication
US7020635B2 (en) 2001-11-21 2006-03-28 Line 6, Inc System and method of secure electronic commerce transactions including tracking and recording the distribution and usage of assets
US6901387B2 (en) 2001-12-07 2005-05-31 General Electric Capital Financial Electronic purchasing method and apparatus for performing the same
US7090128B2 (en) 2003-09-08 2006-08-15 Systems And Software Enterprises, Inc. Mobile electronic newsstand
US7711586B2 (en) 2005-02-24 2010-05-04 Rearden Corporation Method and system for unused ticket management
US7587502B2 (en) 2005-05-13 2009-09-08 Yahoo! Inc. Enabling rent/buy redirection in invitation to an online service

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5883810A (en) 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8225995B1 (en) 1998-05-29 2012-07-24 Frank Joseph Gangi Retail point-of-transaction system, program products, and related methods to provide a customized set of identification data to facilitate a transaction using electronic coupons
US7828208B2 (en) 1998-05-29 2010-11-09 E-Micro Corporation Retail point-of-transaction system, program products, and related methods to provide a customized set of identification data to facilitate a transaction using electronic coupons
US7712658B2 (en) 1998-05-29 2010-05-11 E-Micro Corporation Wallet consolidator and related methods of processing a transaction using a wallet consolidator
US7708198B2 (en) 1998-05-29 2010-05-04 E-Micro Corporation Wallet consolidator to facilitate a transaction
US9672515B2 (en) 2000-03-15 2017-06-06 Mastercard International Incorporated Method and system for secure payments over a computer network
US7379919B2 (en) 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
AU2001270012B8 (en) * 2000-06-22 2006-11-16 Mastercard International Incorporated An improved method and system for conducting secure payments over a computer network without a pseudo or proxy account number
WO2001099071A3 (en) * 2000-06-22 2002-05-30 Mastercard International Inc An improved method and system for conducting secure payments over a computer network without a pseudo or proxy account number
AU2001270012B2 (en) * 2000-06-22 2006-09-28 Mastercard International Incorporated An improved method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US6915279B2 (en) 2001-03-09 2005-07-05 Mastercard International Incorporated System and method for conducting secure payment transactions
US8650103B2 (en) 2001-10-17 2014-02-11 Ebay, Inc. Verification of a person identifier received online
US9818100B2 (en) 2002-07-15 2017-11-14 Citicorp Credit Services, Inc. (Usa) Method and system for a multi-purpose transactional platform
GB2434241A (en) * 2006-11-23 2007-07-18 Richard Mervyn Gardner Payment card system with main and temporary card accounts
GB2434241B (en) * 2006-11-23 2007-12-05 Richard Mervyn Gardner Advance remote payment authority for real and virtual world transactions
WO2010040341A3 (en) * 2008-10-08 2010-06-03 Ralf Sommer Data processing device having certifiable encryption
US10074081B1 (en) 2009-08-14 2018-09-11 Citicorp Credit Services, Inc. (Usa) Methods and systems for use of a prepaid payment device
US10515427B1 (en) 2009-08-14 2019-12-24 Citicorp Credit Services, Inc. (Usa) Methods and systems for use of a prepaid payment device for a healthcare service or product
US11367155B1 (en) 2009-08-14 2022-06-21 Citicorp Credit Services, Inc. (Usa) Methods and systems for use of a prepaid payment device for a healthcare service or product
GB2493138A (en) * 2011-07-15 2013-01-30 Flick Mobile Ltd A system for secure payment transactions

Also Published As

Publication number Publication date
EP1269429A2 (en) 2003-01-02
US20020007320A1 (en) 2002-01-17
ZA200207410B (en) 2004-02-23
AU2001243658B2 (en) 2005-12-15
WO2001069556A3 (en) 2001-12-13
US9672515B2 (en) 2017-06-06
JP2003534585A (en) 2003-11-18
AU4365801A (en) 2001-09-24
CA2403283A1 (en) 2001-09-20

Similar Documents

Publication Publication Date Title
AU2001243658B2 (en) Method and system for secure payments over a computer network
AU2001243658A1 (en) Method and system for secure payments over a computer network
US7379919B2 (en) Method and system for conducting secure payments over a computer network
US7983987B2 (en) System and method for conducting secure payment transaction
US7330836B2 (en) Method and system for secure authenticated payment on a computer network
US6990470B2 (en) Method and system for conducting secure payments over a computer network
US6247129B1 (en) Secure electronic commerce employing integrated circuit cards
US20100228668A1 (en) Method and System for Conducting a Transaction Using a Proximity Device and an Identifier
WO1998052316A1 (en) Initial secret key establishment including facilities for verification of identity
CA2406375C (en) An improved method and system for conducting secure payments over a computer network
AU2001257019A1 (en) An improved method and system for conducting secure payments over a computer network
AU781671B2 (en) An improved method and system for conducting secure payments over a computer network
JP3497936B2 (en) Personal authentication method
AU2001270012B2 (en) An improved method and system for conducting secure payments over a computer network without a pseudo or proxy account number
AU2007216920B2 (en) An improved method and system for conducting secure payments over a computer network
AU2012201255B2 (en) An improved method and system for conducting secure payments over a computer network
EP1921579A2 (en) An improved method and system for conducting secure payments over a computer network
ZA200208248B (en) An improved method and system for conducting secure payments over a computer network.
WO2002041565A1 (en) Method, system and devices for authenticating transactions using verification codes

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2403283

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2002/07410

Country of ref document: ZA

Ref document number: 200207410

Country of ref document: ZA

ENP Entry into the national phase

Ref document number: 2001 567553

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2001243658

Country of ref document: AU

REEP Request for entry into the european phase

Ref document number: 2001916663

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2001916663

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2001916663

Country of ref document: EP

WWG Wipo information: grant in national office

Ref document number: 2001243658

Country of ref document: AU