Apparatuses, Methods and Systems for Computer-Based Secure Transactions
Abstract
The systems, methods and apparatuses described herein provide a computing environment for completing a secure transaction. An apparatus according to the present disclosure may comprise a screen, a first switching device coupled to the screen, an input device, a second switching device coupled to the input device, a non-secure processor, a secure processor and a credit card reader operatively coupled to the secure processor. The non-secure processor may generate a message containing a purchase transaction request. The secure processor may receive the message, assume control of the screen and input device while the apparatus is operating in a secure mode, establish a secure connection with a server, receive payment information to be submitted to the server, digitally sign certain transaction information and submit the digitally signed certain transaction information to the server to complete the secure transaction.
Claims
exact text as granted — not AI-modified1 - 28 . (canceled)
29 . A computer-implemented method comprising:
receiving, by a secure processor of a consumer device, a secure transaction request from a non-secure processor of the consumer device; instructing, by the secure processor, one or more non-secure components of the consumer device to operationally connect to the secure processor, and to operationally disconnect from the non-secure processor; generating, by the secure processor, a transaction information message comprising one or more values associated with a transaction; sending, by the secure processor, the transaction information message to a merchant server indicated in the secure transaction request; and receiving, by the secure processor, from the merchant server a transaction completion message when a first value in the transaction information message satisfies a merchant-expected value according to the merchant server and a second value in a copy of the transaction information message satisfies a bank-expected value according to a bank device.
30 . The method of claim 29 , wherein the transaction information message comprises a plurality of values, and wherein at least one value of the plurality of values is selected from a group comprising: an amount of the transaction, a currency, a hash of a merchant identifier, and transaction details.
31 . The method of claim 30 , wherein the merchant server transmits the copy of the transaction information message to the bank device when the first value of the at least one value in the transaction information message satisfies the merchant-expected value.
32 . The method of claim 29 , wherein the bank device determines whether an account identified in the transaction information message has sufficient funds.
33 . The method of claim 29 , further comprising:
generating, by the secure processor, a digital signature for the transaction information message using an encryption key that identifies the consumer device; and digitally signing, by the secure processor, the transaction information message using the digital signature.
34 . The method of claim 33 , wherein the merchant server determines whether the digital signature of the transaction information message received from the consumer device satisfies a merchant-expected signature.
35 . The method of claim 33 , wherein the bank device determines whether a second digital signature of the copy of the transaction information message received from the merchant server satisfies a bank-expected signature.
36 . The method of claim 35 , wherein digitally signing the transaction information message further comprises:
transmitting, by the secure processor, a request to a credit card reader to digitally sign the transaction information message according to the bank-expected signature; and receiving, by the secure processor, the transaction information message having the digital signature from the credit card reader.
37 . The method of claim 29 , further comprising establishing, by the secure processor, a secure connection with the merchant server according to an encryption algorithm, wherein data packets communicated via the secure connection are encrypted according to the encryption algorithm.
38 . The method of claim 29 , further comprising:
authenticating, by the secure processor, a merchant certificate received from the merchant server; displaying, by the secure processor, via a screen of the consumer device at least a subset of information from the merchant certificate on a predetermined area of the screen; and display, by the secure processor, via the screen transaction details received from the merchant server.
39 . The method of claim 29 , further comprising:
executing, by the non-secure processor, a browser application having a user interface that communicates user inputs to the merchant server; and receiving, by a non-secure processor, via the user interface a user input that instructs the non-secure processor to generate the secure transaction request.
40 . A computing device comprising:
a non-secure processor configured to generate a message containing a secure transaction request; a secure processor configured to:
receive the secure transaction request from the non-secure processor;
instruct one or more non-secure components of the computing device to operationally connect to the secure processor, and to operationally disconnect from the non-secure processor;
generate a transaction information message comprising one or more values associated with a transaction;
send the transaction information message to a merchant server indicated in the secure transaction request; and
receive from the merchant server a transaction completion message when a first value in the transaction information message satisfies a merchant-expected value according to the merchant server and a second value in a copy of the transaction information message satisfies a bank-expected value according to a bank device.
41 . The computing device of claim 40 , wherein the transaction information message comprises a plurality of values, and wherein at least one value of the plurality of values is selected from a group comprising: an amount of the transaction, a currency, a hash of a merchant identifier, and transaction details.
42 . The computing device of claim 41 , wherein the merchant server transmits the copy of the transaction information message to the bank device when the first value of the at least one value in the message satisfies the merchant-expected value.
43 . The computing device of claim 40 , wherein the bank device determines whether an account identified in the transaction information message has sufficient funds.
44 . The computing device of claim 40 , wherein the secure processor is further configured to:
generate a digital signature for the transaction information message using an encryption key that identifies the computing device; and digitally sign the transaction information message using the digital signature.
45 . The computing device of claim 44 , wherein the merchant server determines whether the digital signature of the transaction information message received from the computing device satisfies a merchant-expected signature.
46 . The computing device of claim 44 , wherein the bank device determines whether a second digital signature of the copy of the transaction information message received from the merchant server satisfies a bank-expected signature.
47 . The computing device of claim 46 , further comprising a credit card reader coupled to the computing device, wherein the secure processor is further configured to:
transmit a request to a credit card reader to digitally sign the transaction information message according to the bank-expected signature; and receive the transaction information message having the digital signature from the credit card reader.
48 . The computing device of claim 40 , wherein the secure processor is further configured to establish a secure connection with the merchant server according to an encryption algorithm, wherein data packets communicated via the secure connection are encrypted according to the encryption algorithm.
49 . The computing device of claim 40 , further comprising a screen, wherein the secure processor is further configured to:
authenticate a merchant certificate received from the merchant server; display via the screen at least a subset of information from the merchant certificate on a predetermined area of the screen; and display via the screen transaction details received from the merchant server.
50 . The computing device of claim 40 , wherein the non-secure processor is further configured to:
execute a browser application having a user interface that communicates user inputs to the merchant server; and receive via the user interface a user input that instructs the non-secure processor to generate the secure transaction request.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.