System and methods for using limit-use encrypted code to transfer values securely among users
Abstract
A system and method for facilitating a secured value transfer. A first user and the system obtain a pair of encryption and decryption apparatuses. The first user creates a request including his unique identifier and a value to be transferred. The first user encrypts the request using the encryption apparatus and sends it to the second user. The second user sends to the system the request and the second user's unique identifier. The system uses the decryption apparatus to decrypt the request. The system checks the usage of the request against a threshold limit. After a successful usage check, the system then transfers the value from the first user to the second user. The system may comprise (a) a plurality of system server for exchanging data with users' personal computing devices, registering users, and conducting transactions, and (b) data storages storing user accounts and other persistent data.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method of facilitating secured value transfer among users using limit-use code, comprising:
creating, by a first device of a provider, an encryption apparatus and a decryption apparatus that is capable of decrypting data encrypted by the encryption apparatus; transmitting, by the first device of the provider, a first unique identifier of the provider and the decryption apparatus to a server; storing by the server, the decryption apparatus in association with the first unique identifier of the provider; creating, by the first device of the provider, a request containing at least a reference to value to be transferred to a recipient; encrypting, by the provider device, the request using the encryption apparatus; attaching, by the provider device, the first unique identifier of the provider to the encrypted request; transmitting the encrypted request and the attached first unique identifier of the provider to a second device of the recipient; transmitting, by the second device of the recipient to the server, the encrypted request and the attached first unique identifier of the provider along with a second unique identifier of the recipient; retrieving, by the server the decryption apparatus associated with the first unique identifier of the provider; decrypting, the encrypted request using the decryption apparatus associated with the first unique identifier of the provider; determining, by the server, that the request satisfies a usage limit; validating, by the server, the request based at least in part on the determination that the request satisfies the usage limit; transferring, by the server, the value from the provider to the recipient using the reference included in the request.
2 . The method of claim 1 , further comprising:
wherein creating, by the first device of the provider, a request containing at least a reference to value to be transferred to a recipient, further comprises enclosing in the request data whereby the request can be uniquely identified by at least a portion of content of the request; before determining, by the server, that the request satisfies a usage limit checking, using at least the portion of the content of the request as a reference to retrieve a usage record of the request; creating a usage record of the request, if a usage record of the request has not been created; wherein determining, by the server, that the request satisfies a usage limit comprises determining, by the server, that the usage record of the request does not exceed a usage limit; and, updating the usage record of the request.
3 . The method of claim 1 , further comprising:
wherein creating, by a first device of a provider, an encryption apparatus and a decryption apparatus that is capable of decrypting data encrypted by the encryption apparatus, comprises generating, by the first device of the provider, a pair of encryption and decryption keys based on a cryptography algorithm; wherein transmitting, by the first device of the provider, a first unique identifier of the provider and the decryption apparatus to a server, comprises transmitting, by the first device of the provider, a first unique identifier of the provider and the decryption key to a server; wherein storing by the server, the decryption apparatus in association with the first unique identifier of the provider, comprises storing by the server, the decryption key in association with the first unique identifier of the provider; wherein encrypting, by the provider device, the request using the encryption apparatus, comprises encrypting, by the provider device, the request using the cryptography algorithm and the encryption key; wherein retrieving, by the server the decryption apparatus associated with the first unique identifier of the provider, comprises retrieving, by the server the decryption key associated with the first unique identifier of the provider; wherein decrypting, the encrypted request using the decryption apparatus associated with the first unique identifier of the provider, comprises decrypting, the encrypted request using the cryptography algorithm and the decryption key associated with the first unique identifier of the provider.
4 . The method of claim 3 , wherein the encryption algorithm is a symmetric algorithm, and the encryption key and decryption key are a same.
5 . The method of claim 1 , further comprising:
prior to creating a request by the provider, registering, by the provider a Personal Identification Number (PIN) with the server; requesting, by the second device of the recipient, the PIN from the provider; receiving, by the second device of the recipient, the PIN from the provider; sending, by the second device of the recipient, the PIN to the server, and wherein determining, by the server, that the request satisfies a usage limit, further comprises determining whether the PIN received from the second device of the recipient matches the PIN registered by the provider with the server.
6 . The method of claim 1 , wherein the usage limit is defined as the expiration date of a request, the method further comprising,
wherein determining by the server that the request satisfies a usage limit, comprises determining by the server that the time of the request is no later than the expiration date of the request.
7 . The method of claim 1 , further comprises,
wherein creating, by the first device of the provider, a request containing at least a reference to value to be transferred to a recipient, further comprises enclosing in the request a limit limiting value to be transferred to the recipient, and; wherein determining, by the server, that the request satisfies a usage limit, further comprises determining, by the server, that the request satisfies the limit enclosed in the request.
8 . The method of claim 7 , further comprising:
wherein transmitting, by the second device of the recipient to the server, the encrypted request received from the first device of the provider and a second unique identifier of the recipient, further comprises transmitting, by the second device of the recipient to the server, a reference to value to be requested by the recipient; and, wherein determining, by the server, that the request satisfies the limit enclosed in the request, comprises determining that the value requested by the recipient does not exceed the limit enclosed in the request.
9 . The method of claim 1 , further comprising:
prior to determining, by the server, that the request satisfies a usage limit, registering a set of rules, by the provider or the recipient, with the server, wherein a rule of the set of rules limits value to be transferred; and wherein determining, by the server, that the request satisfies a usage limit, further comprises determining, by the server, whether the request satisfies the set of rules.
10 . The method of claim 1 , wherein the value to be transferred is a data record.
11 . The method of claim 10 , further comprising:
validating, by a third user, a data record; registering, by the third user with the server, the validated record; sending to the provider device, the reference to the validated record; wherein creating, by the first device of the provider, a request containing at least a reference to value to be transferred to a recipient, comprises creating, by the first device of the provider, a request containing at least the reference to the validated record; and wherein transferring, by the server, the value from the provider to the recipient using the reference included in the request, comprises transferring the validated record to the recipient.
12 . The method of claim 1 , wherein transmitting the encrypted request and the attached first unique identifier of the provider to a second device of the recipient comprises,
encoding, by the first device of the provider, the encrypted request and the attached first unique identifier of the provider in a graphic code; scanning and decoding, by the second device of the recipient, the graphic code.
13 . The method of claim 12 , further comprising displaying the graphic code on the first device of the provider.
14 . The method of claim 12 , further comprising printing the graphic code on a medium visible to the second device of the recipient.
15 . The method of claim 1 , wherein the server also serves as a communication gateway between the first device of the provider and the second device of the recipient.
16 . The method of claim 1 , wherein transmitting the encrypted request and the attached first unique identifier of the provider to a second device of a recipient comprises is carried out in electrical, electromagnetic, or optional signals carrying information on a plurality of wired or wireless network.
17 . The method of claim 1 , wherein the transmission of the encrypted request to the recipient device is carried out in accordance with Near Field Communication protocol using provider and recipient devices capable of conducting Near Field Communication.
18 . The method of claim 1 , further comprising:
registering by a recipient with the server a coupon that presets value to be transferred; presenting the coupon to the provider; wherein creating, by the first device of the provider, a request containing at least a reference to value to be transferred to a recipient, comprises creating, by the first device of the provider, a request containing at least a reference to the coupon; wherein determining, by the server, that the request satisfies a usage limit, comprises retrieving the coupon using the reference to the coupon contained in the request, and determining, by the server, that the value presetted by the coupon satisfies a usage limit.
19 . The method of claim 1 , further comprising:
computing, by the provider device, a digest of a plain text to be attached to the encrypted request; when creating a request by the provider device, enclosing in the request the digest; after encrypting the request by the provider device, attaching the plain text to the encrypted request; and wherein validating, by the server, the request based at least in part on the determination that the request satisfies the usage limit after decrypting the encrypted request by the server, further comprises verifying, by the server, the digest in the request by computing a second digest of the plain text attached to the encrypted request, and comparing the second digest with the digest in the request.
20 . The method of claim 19 , further comprising accessing, by the recipient, the plain text attached to the request.
21 . The method of claim 20 , wherein the plain text specifies terms for the value transfer and the recipient decides whether to proceed with the value transfer at least in part based on the plain text accessed by the recipient.
22 . The method of claim 1 , further comprising:
after transferring by the server the value from the provider to the recipient using the reference included in the request, creating by the server a plurality of tickets and marking the provider as the owner of these tickets.
23 . The method of claim 1 , further comprising:
retrieving from the server the references of tickets under the provider's possession; wherein creating, by the first device of the provider, a request containing at least a reference to value to be transferred to a recipient, comprises creating, by the first device of the provider, a reference to a ticket that the provider selects to transfer; and, wherein transferring, by the server, the value from the provider to the recipient using the reference included in the request, comprises transferring, by the server, the ownership of the ticket from the provider to the recipient.
24 . The method of claim 1 , further comprising:
retrieving from the server the references of tickets under the provider's possession and that have not been redeemed; wherein creating, by the first device of the provider, a request containing at least a reference to value to be transferred to a recipient, comprises creating, by the first device of the provider, a request containing a reference to a ticket that the provider selects to transfer; and, wherein transferring, by the server, the value from the provider to the recipient using the reference included in the request, comprises marking, by the server, the ticket as redeemed.
25 . A system for facilitating secured value transfer among users using limit-use code, comprising,
a first device of a provider comprising,
means for creating an encryption apparatus and a decryption apparatus based on a cryptography technique;
storage means for storing the encryption apparatus;
means for sending the decryption apparatus with the first unique identifier of the provider to a system server;
means for creating a request containing at least a reference to value to be transferred to a recipient;
means for using the encryption apparatus to encrypt the request;
means for sending the encrypted request and the first unique identifier of the provider to a second device of the recipient;
a second device of the recipient comprising,
means for receiving the encrypted request and the first unique identifier of the provider from the first device of the provider;
means for sending the encrypted request and the first unique identifier of the provider along with a second unique identifier of the recipient to the system server;
the system server comprising,
means for users to register accounts, wherein each account is associated with a unique user identifier;
means for receiving the decryption apparatus and the first unique identifier of the provider from the first device of the provider;
storage means for storing the decryption apparatus in association with the first unique identifier of the provider and retrieving the decryption apparatus using the first unique identifier of the provider;
means for receiving the encrypted request, the first unique identifier of the provider, and the second unique identifier of the recipient from the second device of the recipient;
means for using the decryption apparatus to decrypt the encrypted request;
means for determining that the request satisfies a usage limit;
means for transferring value referenced in the request from the provider to the recipient.
26 . A system of claim 25 , wherein the system server is configured to operate in a cluster of inter-connected computing devices or operate concurrently on a same computer hardware.
27 . A system of claim 25 , further comprising a financial server that comprises means for interacting with financial institutions to execute value-transfer transactions.
28 . A system of claim 25 , further comprising a communication media whereby the first device of the provider can transmit data to the second device of the recipient device.
29 . A system of claim 25 , further comprising,
a medium that is capable of displaying a graphic code; wherein the first device of the provider further comprises means for encoding data in a graphic code and means for having the graphic code displayed or printed on the medium; and, wherein the second device of the recipient further comprises means for scanning the graphic code displayed on the medium and decoding the graphic code.
30 . A system of claim 25 , further comprising,
wherein the first device of the provider further comprising,
wherein means for sending the encrypted request and the first unique identifier of the provider to a second device of the recipient, comprises means for sending the encrypted request and the first unique identifier of the provider to a second device of the recipient using Near-Field Communication protocol;
wherein the second device of the recipient further comprising,
wherein means for receiving the encrypted request and the first unique identifier of the provider from the first device of the provider, comprises means for receiving the encrypted request and the first unique identifier of the provider from the first device of the provider using Near-Field Communication protocol.
31 . A system of claim 25 , wherein decryption apparatus and encryption apparatus are implemented in software program or hardware logic, in accordance to a symmetric or an asymmetric cryptography algorithm.
32 . A system of claim 25 , further comprising,
wherein the first device of the provider further comprises,
an implementation of a cryptographic algorithm that can generate a pair of encryption and decryption keys, and that can use the encryption key to encrypt a request;
wherein means for sending the decryption apparatus with the first unique identifier of the provider to a system server, comprises means for sending the decryption key with the first unique identifier of the provider to a system server
wherein the system server further comprises,
wherein means for receiving the decryption apparatus and the first unique identifier of the provider from the first device of the provider, comprises means for receiving the decryption key and the first unique identifier of the provider from the first device of the provider;
wherein storage means for storing the decryption apparatus in association with the first unique identifier of the provider and retrieving the decryption apparatus using the first unique identifier of the provider, comprises storage means for storing the decryption key in association with the first unique identifier of the provider and retrieving the decryption key using the first unique identifier of the provider; and, an implementation of the cryptographic algorithm that can use the decryption key to decrypt the encrypted request.
33 . A system of claim 25 , wherein the second device of the recipient further comprises, means for displaying a message that requests the provider to enter a PIN; and, an input device whereby the provider can enter a PIN.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.