US2014067690A1PendingUtilityA1
Ensuring secure electronic transactions with a cluster of service facilities
Est. expiryOct 6, 2025(expired)· nominal 20-yr term from priority
G06F 21/606G06Q 20/3674G06Q 20/10G06Q 20/327G06Q 20/02G06Q 20/12G06Q 20/047G06Q 20/382H04L 63/0838H04L 63/0428G06Q 30/06G06Q 20/4014G06Q 20/367H04L 63/08G06Q 20/322G06Q 20/3223G06Q 20/325H04L 63/06G16H 10/60G06Q 2220/00G06Q 20/42G06Q 20/045G06Q 20/3821G06Q 20/40G06Q 20/145G06Q 20/385G06Q 20/38215G06Q 20/3829G06Q 20/3226G06Q 20/3227G16Z 99/00
64
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Ensuring secure electronic transactions between clusters of service facilities and at least one electronic transaction facility provided at a user device involves enrolling and registering the electronic transaction facility with a main service facility via software delivered from the main service facility to the user device, establishing security credentials for the clusters of service facilities with the main service facility, and configuring the electronic transaction facility with transaction credentials of at least one service facility in the clusters of service facilities when a user opts to avail a service from the service facility.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method of establishing security and authentication credentials for secure communication between a cluster of service facilities and an electronic transaction facility provided at a user device, the method comprising:
enrolling an electronic transaction facility for a user device with a main service facility by transmitting electronic transaction facility software to a user device, the electronic transaction facility software having public security credentials of the main service facility, and the main service facility acting as a primary server for that electronic transaction facility; receiving, at the main service facility, at least one of security and authentication keys having been generated by the electronic transaction facility software; registering the electronic transaction facility with the main service facility by certifying the received security and authentication keys; installing security certificates of a cluster of service facility servers as trusted SSL/HTTPS credentials at the main service facility; and updating an electronic transaction facility with at least one of security and authentication credentials of a service facility in the cluster, different to the main service facility, when a user opts to avail a service from that further service facility, so as to enable secure communication between the electronic transaction facility and that further service facility.
2 . The method according to claim 1 , wherein when a user opts to avail a service from a further service facility, the main service facility forwards security credentials of the electronic transaction facility to that further service facility to enable secure communication between the electronic transaction facility and that further service facility.
3 . The method according to claim 2 , wherein the cluster of service facilities includes at least one server for a card-issuer service and at least one server for a transaction-acquirer service.
4 . The method according to claim 1 , wherein when a user opts to avail a service from the further service facility, the further service facility issues a one-time activation code to the user, and when the user contacts the service facility for the first time, the one-time-activation code is verified by the service facility for authentication.
5 . The method according to claim 4 , wherein the further service facility then certifies a unique set of credentials for the electronic transaction facility.
6 . The method according to any of the claim 1 , wherein the method further comprises establishing security and authentication credentials for secure communication between a main service facility and a cluster of electronic transaction facilities provided at a user device.
7 . The method of claim 6 , wherein establishing security and authentication credentials for secure communication with the cluster of electronic transaction facilities comprises, for each transaction facility;
issuing a one-time-activation code to a user, and storing securely the one-time activation code at the main service facility for subsequent verification; receiving, at the main service facility, the one-time-activation code, having been encrypted by the electronic transaction facility software using public security credentials of the main service facility; and verifying the one-time-activation code, and sending latest encryption and signing keys to the device for secure communication between the main service facility and an electronic transaction facility of the cluster.
8 . The method according to claim 7 wherein, after verifying the one-time-activation code, and sending latest encryption and signing keys to the device, the main service facility receives a certification request from the electronic transaction facility comprising an encryption key-pair and a signing key-pair; and in response to receiving an acknowledgment of completion of registration from the electronic transaction facility of the cluster, the main service facility activates an account of the electronic transaction facility.
9 . The method according to claim 8 , wherein the further service facility sends a one-time activation code directly to the electronic transaction facility, receives a registration request comprising the one-time-activation code and a serviceid, both having been encrypted by the electronic transaction facility software using the public security credentials of the further service facility, and upon receipt of acknowledgement of registration the further service facility activates the electronic transaction facility's account/services.
10 . The method according to claim 8 , wherein the cluster of service facilities includes at least one server for a card-issuer service and at least one server for a transaction-acquirer service.
11 . A main service facility configured to establish security and authentication credentials for secure communication between a cluster of service facilities and an electronic transaction facility provided at a user device, the main service facility configured to:
enroll an electronic transaction facility for a user device for activating an account with the main service facility by transmitting electronic transaction facility software to a user device, the electronic transaction facility software having public security credentials of the main service facility, and the main service facility acting as a primary server for that electronic transaction facility; receive at least one of security and authentication keys having been generated by the electronic transaction facility software; register the electronic transaction facility with the main service facility by certifying the received at least one of security and authentication keys; install security certificates of a cluster of service facility servers as trusted SSL/HTTPS credentials at the main service facility; and update an electronic transaction facility with at least one of security and authentication credentials of a service facility in the cluster, different to the main service facility, when a user opts to avail a service from that further service facility, so as to enable secure communication between the electronic transaction facility and that further service facility.
12 . The main service facility according to claim 11 , wherein when a user opts to avail a service from a further service facility, the main service facility is configured to forward security credentials of the electronic transaction facility to that further service facility to enable secure communication between the electronic transaction facility and that further service facility.
13 . A secure transaction platform comprising:
a main service facility configured to establish security and authentication credentials for secure communication between a cluster of service facilities and an electronic transaction facility provided at a user device, the main service facility configured to:
enroll an electronic transaction facility for a user device for activating an account with the main service facility by transmitting electronic transaction facility software to a user device, the electronic transaction facility software having public security credentials of the main service facility, and the main service facility acting as a primary server for that electronic transaction facility;
receive at least one of security and authentication keys having been generated by the electronic transaction facility software;
register the electronic transaction facility with the main service facility by certifying the received at least one of security and authentication keys;
install security certificates of a cluster of service facility servers as trusted SSL/HTTPS credentials at the main service facility; and
update an electronic transaction facility with at least one of security and authentication credentials of a service facility in the cluster, different to the main service facility, when a user opts to avail a service from that further service facility, so as to enable secure communication between the electronic transaction facility and that further service facility; and
at least one cluster of service facilities.
14 . The platform according to claim 13 , wherein the cluster of service facilities includes at least one server for a card-issuer service and at least one server for a transaction-acquirer service, and optionally wherein the platform additionally comprises at least one cluster of electronic transaction facilities provided at a user device, each enrolled with the main service facility to securely opt to avail a service from a further service facility of the cluster of service facilities.
15 . The platform according to claim 13 , wherein when a user opts to avail a service from the further service facility, the further service facility is configured to issue a one-time activation code to the user, such that when the user contacts the service facility for the first time, the further service provider is configured to verify the one-time activation code for authentication.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.