Integration of payment capability into secure elements of computers
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06Q-020/40
G06F-021/34
G06Q-020/12
G06Q-020/38
G06Q-020/42
H04L-009/32
H04L-029/06
G06F-017/30
H04L-009/14
출원번호
US-0167804
(2016-05-27)
등록번호
US-9589268
(2017-03-07)
발명자
/ 주소
Hammad, Ayman
출원인 / 주소
Visa International Service Association
대리인 / 주소
Kilpatrick Townsend & Stockton LLP
인용정보
피인용 횟수 :
1인용 특허 :
255
초록▼
Methods, secure elements, validation entities, and computer program products for effecting secure communication of payment information to merchants for Internet-based purchases. Payment information for a user's real payment information is installed in a secure element of a computer, the payment info
Methods, secure elements, validation entities, and computer program products for effecting secure communication of payment information to merchants for Internet-based purchases. Payment information for a user's real payment information is installed in a secure element of a computer, the payment information may comprise a pseudo PAN number for the portable consumer device provided by a validation entity. The secure element is shielded from the computer's operating system to thwart hacker attacks. The user accesses the secure element to make a purchase. In response, the secure element contacts the validation entity with the pseudo account number, and in response obtains dynamic payment information that the secure element can used to effect the payment. The dynamic payment information comprises an account number that is different from the pseudo PAN, and which has at least one difference which respect to the user's real payment information.
대표청구항▼
1. A method comprising: receiving, at a computer comprising a secure element, a real account number, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element comprises a processor, a memory coupled to the processor, and an input
1. A method comprising: receiving, at a computer comprising a secure element, a real account number, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element comprises a processor, a memory coupled to the processor, and an input/output controller coupled to the processor, and wherein the memory of the secure element stores a unique identifier identifying the secure element;obtaining the unique identifier identifying the secure element from the memory of the secure element;encrypting, the unique identifier identifying the secure element using an encryption key stored in the secure element, prior to sending the obtained unique identifier to a remote server;sending the real account number, and the encrypted unique identifier identifying the secure element to the remote server;receiving, in response to sending the real account number, and the encrypted unique identifier identifying the secure element to the remote server, a pseudo account number from the remote server, the received pseudo account number being different from the real account number and having the same form as the real account number; andstoring, in the memory of the secure element, the received pseudo account number. 2. The method of claim 1, further comprising: sending, from the secure element of the computer, a representation of the pseudo account number to the remote server; andreceiving, in response, dynamic payment information from the remote server, wherein the received dynamic payment information comprises a dynamic account number that is different from the pseudo account number. 3. The method of claim 2, wherein sending the representation of the pseudo account number comprises sending the representation as a cryptogram based on the pseudo account number. 4. The method of claim 2, wherein the computer is a phone. 5. The method of claim 1 further comprising: sending, by the computer, the pseudo account number to the remote server;receiving, by the computer and from the remote server, dynamic payment information; andproviding, by the computer, the dynamic payment information to a merchant computer to conduct a payment transaction. 6. The method of claim 1 further comprising: sending, from the secure element of the computer, a representation of the pseudo account number to the remote server;receiving, in response, dynamic payment information from the remote server, wherein the received dynamic payment information comprises a dynamic account number that is different from the pseudo account number; andproviding, by the computer, the dynamic payment information to a merchant Website to conduct a purchase transaction. 7. A computer comprising: a secure element comprising a data processor, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element further comprises a memory coupled to the data processor, and an input/output controller coupled to the data processor, and wherein the memory stores a unique identifier identifying the secure element; anda computer program product coupled to the data processor, the computer program product embodied on a tangible non-transitory computer-readable medium comprising code executable the data processor of the secure element to implement a method comprisingreceiving a real account number,obtaining the unique identifier identifying the secure element from the memory of the computer,encrypting the unique identifier identifying the secure element using an encryption key stored in the secure element, prior to sending the obtained unique identifier to a remote server,sending the real account number, and the encrypted unique identifier identifying the secure element to the remote server,receiving, in response to sending the received real account number, and the encrypted unique identifier identifying the secure element to the remote server, a pseudo account number from the remote server, the received pseudo account number being different from the real account number and having the same form as the real account number, andstoring, in the memory of the secure element, the received pseudo account number. 8. The computer of claim 7, wherein the method further comprises: sending, from the secure element, a representation of the pseudo account number to the remote server; andreceiving, in response, dynamic payment information from the remote server, wherein the received dynamic payment information comprises a dynamic account number that is different from the pseudo account number. 9. The computer of claim 8, wherein sending the representation of the pseudo account number comprises sending the representation as a cryptogram based on the pseudo account number and the unique identifier identifying the secure element. 10. A method comprising: receiving, at a remote server, a request from a secure element of a computer to provide a pseudo account number, the request including a unique identifier identifying the secure element, and a real account number, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element further comprises a data processor, a memory coupled to the data processor, and an input/output controller coupled to the data processor, and wherein the memory stores the unique identifier identifying the secure element;applying at least one validation test pertaining to the received request;sending, if the at least one validation test is passed, a pseudo account number to the secure element, wherein the pseudo account number has the same form as the real account number; andstoring the pseudo account number with an indication of at least the received real account number,wherein the unique identifier identifying the secure element is encrypted using an encryption key stored in the secure element, prior to receiving the request. 11. The method of claim 10, further comprising: receiving, at the remote server, a request from the secure element of the computer to provide dynamic payment information, the request including the pseudo account number and the unique identifier identifying the secure element;applying at least one validation test pertaining to the received request; andsending, if the at least one validation test is passed, the dynamic payment information to the secure element. 12. The method of claim 10, wherein the computer is a mobile phone, and wherein the unique identifier is encrypted in the request to provide dynamic payment information. 13. The method of claim 10, further comprising: receiving, at the remote server, a request from the secure element of the computer to provide dynamic payment information, the request including the pseudo account number, the unique identifier identifying the secure element, and an identifier of a merchant;applying at least one validation test pertaining to the received request; andsending, if the at least one validation test is passed, the dynamic payment information and the identifier of the merchant to a payment processing network. 14. The method of claim 10, further comprising: receiving, at the remote server, a request from a payment processing network to provide real payment information corresponding to an instance of dynamic payment information; andproviding the requested real payment information to the payment processing network. 15. The method of claim 10 further comprising: receiving, the pseudo account number, by the remote server from the secure element; andafter receiving the pseudo account number from the secure element, providing, by the remote server, dynamic payment information to the computer. 16. A remote server comprising: a data processor;a networking facility coupled to the processor;a computer-readable medium coupled to the processor; anda computer program product embodied on the computer-readable medium, the computer program product comprising code executable by the data processor to implement a method comprisingreceiving a request from a secure element of a computer to provide a pseudo account number, the request including a unique identifier identifying the secure element, and a real account number, wherein the secure element is immune from being hacked by computer viruses installed on the computer, wherein the secure element further comprises a memory and an input/output controller coupled to the data processor, and wherein the memory stores the unique identifier identifying the secure element,applying at least one validation test pertaining to the received request for a pseudo account number,sending, if the at least one validation test is passed, the pseudo account number to the secure element, wherein the pseudo account number has the same form as the real account number, andstoring the pseudo account number with an indication of at least the received real account number,wherein in the method, the unique identifier identifying the secure element is encrypted using an encryption key stored in the secure element, prior to receiving the request. 17. The remote server of claim 16, wherein the method further comprises: receiving a request from the secure element of the computer to provide dynamic payment information, the request including the pseudo account number and the unique identifier identifying the secure element;applying at least one validation test pertaining to the received request for dynamic payment information; andsending, if the at least one validation test is passed, dynamic payment information to the secure element. 18. The remote server of claim 17, wherein applying at least one validation test pertaining to the received request for the pseudo account number comprises one or more of: comparing the received unique identifier identifying the secure element against a database of valid identifiers to find a match; orcomparing the received unique identifier identifying the secure element against a database of identifiers of secure elements involved in prior fraudulent activity. 19. The remote server of claim 16, wherein applying at least one validation test pertaining to the received request for the pseudo account number comprises: accessing a database to determine a limit on the number of secure elements that has been placed on the received real account number;accessing a database to determine a current number of secure elements that has already been associated to the received real account number; andcomparing the current number to the limit to determine if an additional association of a secure element would exceed the limit. 20. The remote server of claim 16, wherein applying at least one validation test pertaining to the received request for the pseudo account number comprises one or more of the following: comparing the received identifier identifying the secure element against a database of valid identifiers to find a match;comparing the received identifier identifying the secure element against a database of identifiers of secure elements involved in prior fraudulent activity; oraccessing a database to obtain the record for the received pseudo account number, to obtain from the record the identifiers for all of the secure elements that have been previously associated with the received pseudo account number, and to compare the unique identifier identifying the secure element received in the request against each identifier in the accessed record for a match.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (255)
Raj, Thanigaivel Ashwin; Fuentes, Jacob Saul; Tullis, John; Shastry, Vishwanath, Alias management and value transfer claim processing.
Asghari Kamrani,Nader; Asghari Kamrani,Kamran, Direct authentication and authorization system and method for trusted network of financial institutions.
Ziarno Witold A. (4519 S. St. Louis Ave. Chicago IL 60632), Display cursor controlling device for reading card information from an information bearing credit or debit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Franklin D. Chase ; Rosen Daniel ; Benaloh Josh ; Simon Daniel R., Electronic online commerce card with customer generated transaction proxy number for online transactions.
Bierbaum, Christopher J.; Cope, Warren B.; Katzer, Robin D.; Paczkowski, Lyle W., Electronic payment using a proxy account number stored in a secure element.
Stolfo,Salvotore J.; Yemini,Yechiam; Shaykin,Leonard P., Electronic purchase of goods over a communications network including physical delivery while securing private and personal information of the purchasing party.
Goldstein,Seth; Mahajan,Rajesh; Muppirala,Prakash; Quigley,Benjamin L.; Rawat,Jai; Subramanya,Venkatesh; Tran,Vincent, Intelligent method of order completion in an e-commerce environment based on availability of stored billing information.
Hirai Chiaki (Tokyo JPX) Kondo Hidefumi (Yamato JPX), Method and apparatus for completing a partially completed document in accordance with a blank form from data automatical.
Bajikar,Sundeep M.; Girard,Luke E.; Silvester,Kelan C.; McKeen,Francis X., Method and system and authenticating a user of a computer system that has a trusted platform module (TPM).
DeMello, Marco A.; Keely, Leroy B.; Byrum, Frank D.; Yaacovi, Yoram; Hughes, Kathryn E., Method and system for binding enhanced software features to a persona.
Talbert, Vincent W.; Keithly, Thomas H.; Hirschfeld, Daniel A.; Lavelle, Mark L., Method and system for completing a transaction between a customer and a merchant.
Fisher, Douglas; Dominguez, Benedicto H.; Lee, Timothy Mu-Chu, Method and system for performing two factor authentication in mail order and telephone order transactions.
Mutschler ; III Eugene Otto ; Stefaniak Joseph Peter, Method for dynamically embedding objects stored in a web server within HTML for display by a web browser.
Jonathan Shem-Ur IL; Anat Wolfson IL; Shaul Bar-Lev IL; Roni Sivan IL; Ehud Kaahtan IL, Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein.
Fung, Daniel Y.; Evans, Stephen C., Method, system and computer readable medium for web site account and e-commerce management from a central location.
Veteläinen,Altti Pekka Henrik, Methods, system, and computer readable medium for user data entry, at a terminal, for communication to a remote destination.
Khan,Mohammad; Kumar,Pradeep; Vijayshankar,Roshan; Liu,Ming Li; Narayanan,Narendra, Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities.
Bhambri, Vikram; Walsh, Deirdre L.; Sausville, Paul C.; Biyani, Raj; Button, Thomas L.; Nolan, Sean; Warren, Susan; Hempey, Matthew D., Payment information security for multi-merchant purchasing environment for downloadable products.
Baker, David Preston; Marshall, III, Stanley N.; Hussein, Mohamed Reza; Hiller, Matthew Eric; Tung, Chin Pang; Mitchell, Andrew Robert, Secure storage of payment information on client devices.
Smith Robert Neal, Smart card authentication system comprising means for converting user identification and digital signature to pointing device position data and vice versa using lut.
Berardi, Michael J.; Bliman, Michal; Bonalle, David S.; Saunders, Peter D., System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions.
Snapper,Erik J.; Jiggins,Julian P.; Shyam,Bharat; Partovi,Hadi; Berman,Eric R.; Freedman,Steven J.; Allard,James E.; Chang,Frank Z.; Proteau,Stephen P.; Jorgenson,Clint C., System and method for populating forms with previously used data values.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C R; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C. R.; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C. R.; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Hughes Thomas S. (31310 Eagle Haven Cir. ; Ste. 100 Rancho Palos Verdes CA 90274) Molina Gustavo (24292 Rhona Dr. Laguna Niguel CA 92656), System for remote purchase payment transactions and remote bill payments.
Saunders, Peter D.; Leggatt, Lesley; Chuang, I-Hsin; Oh, John J., Systems, methods and computer program products for performing mass transit merchant transactions.
Hoffman Ned (Berkeley CA) Pare ; Jr. David F. (Berkeley CA) Lee Jonathan A. (Berkeley CA), Tokenless identification system for authorization of electronic transactions and electronic transmissions.
von Behren, Rob; Wall, Jonathan; Muehlberg, Alexej; Meyn, Hauke, Wallet application for interacting with a secure element application without a trusted server for authentication.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.