Method for generating customer secure card numbers
Abstract
A method for providing secure transactions generates a Secure Card Number (“SCN”) for a first entity that is transferred with a first entity identifier to a second entity and then to a money source that verifies that the transaction is valid by use of the first entity identifier and the SCN. The SCN includes a Transaction Information Block (“TIB”), a Counter Block, and an encrypted Personal Identification Number (“PIN”) Block. The SCN is transferred to the money source in an account number or a non-account data field. The money source can use the TIB to determine whether the SCN should be used once or multiple times or to identify one of several physical devices, all of which are issued to the first entity, used to generate the SCN. The money source validates the SCN by duplicating the encryption process used to create an encrypted PIN Block and comparing the result to the encrypted PIN Block received with the transaction. A Triple Data Encryption Standard algorithm encrypts a PIN Block generated from a PIN, a Sequence Insertion Number (“SIN”) and a known starting value. The SIN can be a combination of three seed values and a random value generated by a Pseudo Random Number Generator (“PRNG”) initialized with the seed values. A Counter value is associated with the Counter Block and the seed values.
Claims
exact text as granted — not AI-modified1 . An apparatus for conducting secure transactions between a first entity and at least one additional entity, comprising:
a memory; a processor coupled to the memory; a secret key embodied in the memory; an application embodied in the memory, the application including instructions, which, when executed by the processor, cause the processor to:
maintain a counter;
calculate a dynamic digital signature based on the secret key and the counter;
and
transmit at least a portion of the dynamic digital signature in a non-account data field of track image data formatted as a standard payment card magnetic stripe track, over a payment network.
2 . The apparatus of claim 1 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: transmit at least a portion of the counter block with the dynamic digital signature.
3 . The apparatus of claim 1 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: transmit a TIB, in a portion of a non-account data field of track image data formatted as a standard payment card magnetic stripe track, over the payment network.
4 . The apparatus of claim 1 , wherein:
the TIB encodes information indicating whether a transaction requires validation of an associated cryptogram.
5 . The apparatus of claim 1 , wherein:
the TIB encodes information indicating a transaction mode.
6 . The apparatus of claim 5 , wherein:
the transaction mode is selected from the group including mail order, telephone, internet and brick-and-mortar.
7 . The apparatus of claim 1 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: transmit a PIN, in a portion of track image data formatted as a standard payment card magnetic stripe track, over the payment network.
8 . The apparatus of claim 1 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: receive a PIN entered by a user at the apparatus.
9 . The apparatus of claim 1 , wherein:
the apparatus is to be used with equipment supplied by the additional entity, and the equipment supplied by the additional entity is to receive a PIN from a user concurrently with transmission over the payment network.
10 . The apparatus of claim 9 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: transmit a PIN, in a portion of track image data formatted as a standard payment card magnetic stripe track over the payment network.
11 . The apparatus of claim 1 , wherein:
the non-account data field is at least one of a discretionary data field, a date data field, a cardholder name data field, a country code data field and a service code data field.
12 . An electronic card for conducting secure transactions between a first entity and at least one additional entity, comprising:
a memory; a processor coupled to the memory; a predetermined key value embodied in the memory; an application embodied in the memory, the application including instructions, which, when executed by the processor, cause the processor to:
maintain a counter;
calculate a dynamic digital signature based on the predetermined key value and the counter;
and
transmit at least a portion of the dynamic digital signature in a non-account data field of a track image data structure over a payment network.
13 . The electronic card of claim 12 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: transmit at least a portion of the counter block with the dynamic digital signature.
14 . The electronic card of claim 12 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: transmit a PIN in the track image data structure over the payment network.
15 . The electronic card of claim 12 , wherein:
the apparatus is to be used with equipment supplied by the additional entity, and the equipment supplied by the additional entity is to receive a PIN from a user concurrently with transmission over the payment network.
16 . The electronic card of claim 15 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: transmit a PIN in the track image data structure over the payment network.
17 . The electronic card of claim 12 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: receive a PIN entered by a user at the apparatus.
18 . The electronic card of claim 12 , wherein:
the application in the apparatus also includes instructions, which, when executed by the processor, cause the processor to: transmit a restriction and status identifier in the track image data structure over the payment network.
19 . The electronic card of claim 12 , wherein:
the restriction and status identifier encodes information indicating whether a transaction requires validation of an associated cryptogram
20 . The electronic card of claim 12 , wherein:
the restriction and status identifier encodes information indicating a transaction mode.
21 . The electronic card of claim 20 , wherein:
the transaction mode is selected from the group including mail order, telephone, internet and brick-and-mortar.
22 . A method of conducting a secure transaction between a first entity and a second entity with an electronic card, comprising:
maintaining a counter embodied in the card; calculating a dynamic digital signature in the card based on a predetermined key value and the counter; and transmitting at least a portion of the dynamic digital signature in a non-account data field of a track image data structure over a payment network.
23 . The method of claim 22 , further comprising:
transmitting a PIN embodied in the card in the track image data structure over the payment network.
24 . The method of claim 22 , further comprising:
transmitting at least a portion of the counter block with the dynamic digital signature.
25 . The method of claim 22 , further comprising:
transmitting a restriction and status identifier embodied in the card in the track image data structure over the payment network.
26 . The method of claim 22 , wherein:
the card is to be used with equipment supplied by the second entity; and further comprising: receiving a PIN at the equipment from a user concurrently with transmission over the payment network.
27 . The method of claim 22 , wherein:
the non-account data field is at least one of a discretionary data field, a date data field, a cardholder name data field, a country code data field and a service code data field.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.