USRE45416EExpiredUtility

Processing an RF transaction using a routing number

68
Assignee: BISHOP FREDPriority: Jul 10, 2001Filed: Jun 15, 2012Granted: Mar 17, 2015
Est. expiryJul 10, 2021(expired)· nominal 20-yr term from priority
G07C 9/28G07C 9/29G06Q 20/327G06Q 20/382G07F 7/1083G06Q 20/14G06Q 20/40G06Q 20/20G06Q 20/10G06Q 20/3278G06Q 20/04G06Q 20/00H04L 2209/56H04L 63/08H04L 2209/805G06Q 20/32G06Q 20/352H04L 9/3226G06Q 20/341
68
PatentIndex Score
2
Cited by
1,624
References
45
Claims

Abstract

A system and method for securing a Radio Frequency (RF) transaction using a RF identification device transaction device is provided. The invention uses the routing number and customer identifying information associated with a transaction account to secure a RF transaction. Specifically, the customer identifying information is included in an encrypted payload that is provided to a merchant point-of-sale device in a unused field of the RF data transmission. The routing number is provided in the ordinary field location of the data transmission typically reserved for the transaction account number. Additionally, the encrypted payload is provided in the unused field of the data transmission. The routing number is used to locate the corresponding encryption key for validating the RF transaction device, the transaction account and/or customer identifying information without the need for the reader to encrypt the customer identifying information before providing a transaction request to an account issuer.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method, comprising:
 creating an encrypted authentication tag using a random number and at least one of a transaction account code, a routing number, or a counter value; and 
 transmitting the encrypted authentication tag and the routing number to a radio frequency identification (RFID) reader using a data transmission format comprising an account code field and an unallocated field, 
 wherein the encrypted authentication tag is transmitted in the unallocated field of the data transmission format. 
 
     
     
       2. The method of  claim 1 , further comprising receiving the random number from the RFID reader. 
     
     
       3. The method of  claim 2 , further comprising transmitting an RFID reader authentication code to the RFID reader and receiving an encrypted RFID reader authentication code from the RFID reader. 
     
     
       4. The method of  claim 3 , further comprising verifying the encrypted RFID reader authentication code for authentication of the RFID reader. 
     
     
       5. The method of  claim 1 , wherein the encrypted authentication tag is created using the routing number. 
     
     
       6. The method of  claim 1 , further comprising incrementing the counter value by at least one of a random amount or a predetermined amount. 
     
     
       7. The method of  claim 1 , wherein the routing number is transmitted in a transaction account field. 
     
     
       8. The method of  claim 7 , wherein the transaction account field is a primary account number (PAN) field as defined by ISO 8583. 
     
     
       9. The method of  claim 7 , further comprising:
 creating a payload data file by encrypting the transaction account code; and 
 transmitting the payload data file to the RFID reader in at least one of character positions 64-79 of a Track 1 format as defined in ISO 7813. 
 
     
     
       10. The method of  claim 1 , wherein the unallocated field includes at least one of character positions 64-79 of a Track 1 format as defined in ISO 7813. 
     
     
       11. The method of  claim 1 , wherein the unallocated field includes at least one of: a field separator (FS) field, an expiry date (ED) field, a service code (SC) field, a PIN verification value (PVV) field, a discretionary data (DD) field, an end sentinel (ES) field, or a longitude redundancy check (LRC) field, of a Track 1 format as defined in ISO 7813. 
     
     
       12. A radio frequency transaction device, comprising:
 a processor configured to create an encrypted authentication tag and a routing number, wherein the processor is configured to create the encrypted authentication tag using at least one of a counter value, the routing number, or a transaction account code; and 
 a communication device configured to transmit the encrypted authentication tag using a data transmission format comprising an account code field and an unallocated field, wherein the encrypted authentication tag is configured to be transmitted in the unallocated field of the data transmission format. 
 
     
     
       13. The radio frequency transaction device of  claim 12 , further comprising a memory configured to store customer identifying information, the counter value, the transaction account code, and an encryption key. 
     
     
       14. The radio frequency transaction device of  claim 13 , wherein the processor is configured to create the encrypted authentication tag using at least one of the customer identifying information, the encryption key, the counter value, the routing number, or the transaction account code. 
     
     
       15. The radio frequency transaction device of  claim 12 , further comprising a memory configured to store a payload data file. 
     
     
       16. The radio frequency transaction device of  claim 15 , wherein the payload data file comprises an encrypted transaction account code. 
     
     
       17. A method, comprising:
 receiving an encrypted account payload data file from a radio frequency (RF) transaction device using a data transmission format comprising an account code field and an unallocated field, wherein the encrypted account payload data file is transmitted in the unallocated field of the data transmission format; 
 receiving a routing number from the RF transaction device in a transaction account field, wherein the transaction account field does not contain a transaction account code; and 
 using the routing number to transmit the encrypted account payload data file to an account provider. 
 
     
     
       18. The method of  claim 17 , further comprising:
 providing a random number to the RF transaction device; and 
 receiving an encrypted authentication tag from the RF transaction device, wherein the encrypted authentication tag is generated using the random number and at least one of the transaction account code, the routing number, or a counter value. 
 
     
     
       19. The method of  claim 18 , further comprising converting at least one of the encrypted authentication tag, the counter value, the random number, or the routing number into a merchant point of sale (POS) recognized format. 
     
     
       20. The method of  claim 19 , wherein the merchant POS recognized format is ISO/IEC 8583 compatible. 
     
     
       21. The method of  claim 18 , further comprising verifying the encrypted authentication tag using an authentication tag decryption key corresponding to an identification code received from the RF transaction device. 
     
     
       22. The method of  claim 17 , further comprising decrypting the encrypted account payload data file using a payload decryption key corresponding to an identification code received from the RF transaction device. 
     
     
       23. The method of  claim 17 , wherein the transaction account field is a primary account number (PAN) field as defined by ISO 8583. 
     
     
       24. The method of  claim 17 , wherein transmitting the encrypted account payload data file to an account provider is performed without having access to the transaction account code. 
     
     
       25. A method, comprising:
 associating radio frequency (RF) transaction device data with a routing number; 
 receiving an encrypted authentication tag from a merchant in accordance with the routing number using a data transmission format comprising an account code field and an unallocated field, wherein the encrypted authentication tag is transmitted in the unallocated field of the data transmission format; 
 verifying the encrypted authentication tag using an authentication tag decryption key corresponding to the RF transaction device data; and 
 decrypting the encrypted authentication tag to process a transaction request. 
 
     
     
       26. The method of  claim 25 , wherein the authentication tag decryption key relates to the routing number. 
     
     
       27. The method of  claim 25 , further comprising:
 decrypting the encrypted authentication tag to read a counter value; and 
 verifying the counter value to facilitate processing the transaction request. 
 
     
     
       28. The method of  claim 27 , further comprising receiving a payload data file from the merchant in accordance with the routing number. 
     
     
       29. A method, comprising:
 associating radio frequency (RF) transaction device data with a routing number; 
 receiving an encrypted authentication tag and a payload data file from a merchant in accordance with the routing number; 
 verifying the encrypted authentication tag using an authentication tag decryption key corresponding to the RF transaction device data; and 
 decrypting the encrypted authentication tag to process a transaction request and to read a counter value; and 
 verifying the counter value to facilitate processing the transaction request, wherein processing the transaction request comprises at least one of: 
 locating a payload decryption key using the routing number; 
 decrypting customer identifying information from the payload data file using the payload decryption key to create decrypted customer identifying information; or 
 providing the decrypted customer identifying information to a merchant point of sale (POS) device for processing. 
 
     
     
       30. A method, comprising:
 creating an encrypted authentication tag using a random number;   creating a payload data file by encrypting a transaction account code; and   transmitting the encrypted authentication tag and the payload data file to a radio frequency identification (RFID) reader using a data transmission format comprising an account code field and an unallocated field,   wherein the encrypted authentication tag and the payload data file is transmitted in the unallocated field of the data transmission format.   
     
     
       31. The method of claim 30, further comprising receiving the random number from the RFID reader. 
     
     
       32. The method of claim 31, further comprising transmitting an RFID reader authentication code to the RFID reader and receiving an encrypted RFID reader authentication code from the RFID reader. 
     
     
       33. The method of claim 32, further comprising verifying the encrypted RFID reader authentication code for authentication of the RFID reader. 
     
     
       34. The method of claim 30, wherein the creating the encrypted authentication tag further uses a routing number. 
     
     
       35. The method of claim 30, further comprising incrementing a counter value by at least one of a random amount or a predetermined amount. 
     
     
       36. The method of claim 30, wherein a routing number is transmitted in a transaction account field. 
     
     
       37. The method of claim 36, wherein the transaction account field is a primary account number (PAN) field as defined by ISO 8583. 
     
     
       38. The method of claim 36, further comprising:
 creating a payload data file by encrypting the transaction account code; and   transmitting the payload data file to the RFID reader in at least one of character positions 64-79 of a Track 1 format as defined in ISO 7813.   
     
     
       39. The method of claim 30, wherein the unallocated field includes at least one of character positions 64-79 of a Track 1 format as defined in ISO 7813. 
     
     
       40. The method of claim 30, wherein the unallocated field includes at least one of:
 a field separator (FS) field, an expiry date (ED) field, a service code (SC) field, a PIN verification value (PVV) field, a discretionary data (DD) field, an end sentinel (ES) field, or a longitude redundancy check (LRC) field, of a Track 1 format as defined in ISO 7813.   
     
     
       41. A radio frequency transaction device, comprising:
 a processor configured to:
 create an encrypted authentication tag using a routing number, and 
 create a payload data file by encrypting a transaction account code; and 
   a communication device configured to transmit the encrypted authentication tag and payload data file using a data transmission format comprising an account code field and an unallocated field,
 wherein the encrypted authentication tag and the payload data file are configured to be transmitted in the unallocated field of the data transmission format. 
   
     
     
       42. The radio frequency transaction device of claim 41, further comprising a memory configured to store customer identifying information, a counter value, a transaction account code, and an encryption key. 
     
     
       43. The radio frequency transaction device of claim 42, wherein the processor is further configured to create the encrypted authentication tag using at least one of the customer identifying information, the encryption key, the counter value, the routing number, or the transaction account code. 
     
     
       44. The radio frequency transaction device of claim 41, further comprising a memory configured to store a payload data file. 
     
     
       45. The radio frequency transaction device of claim 44, wherein the payload data file comprises an encrypted transaction account code.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.