CN104094302B - 用转换进行数据保护 - Google Patents

用转换进行数据保护 Download PDF

Info

Publication number
CN104094302B
CN104094302B CN201380008011.8A CN201380008011A CN104094302B CN 104094302 B CN104094302 B CN 104094302B CN 201380008011 A CN201380008011 A CN 201380008011A CN 104094302 B CN104094302 B CN 104094302B
Authority
CN
China
Prior art keywords
encrypted
key
pan
request message
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201380008011.8A
Other languages
English (en)
Other versions
CN104094302A (zh
Inventor
G·鲍威尔
J·F·希茨
P·泰特
K·R·瓦格纳
K·P·考甘蒂
M·珀尔
H·罗德里格斯
S·兹洛斯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Visa International Service Association
Original Assignee
Visa International Service Association
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Visa International Service Association filed Critical Visa International Service Association
Priority to CN201811415212.0A priority Critical patent/CN109508983A/zh
Publication of CN104094302A publication Critical patent/CN104094302A/zh
Application granted granted Critical
Publication of CN104094302B publication Critical patent/CN104094302B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1091Use of an encrypted form of the PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • General Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Storage Device Security (AREA)

Abstract

公开了用加密来保护与交易相关联的数据的系统和方法。在访问设备处,可用从该访问设备的初始密钥导出的第一密钥加密与支付账户相关联的PIN,并且可用从该初始密钥导出的第二密钥加密与该支付账户相关联的敏感数据。在与主机服务器相关联的安全模块处,可解密授权请求消息的经加密的敏感数据。与该主机服务器相关联的该安全模块可使用与支付处理网络相关联的区域加密密钥来重新加密该敏感数据。包括该经重新加密的敏感数据的经转换的授权请求消息可被商户服务器传输到该支付处理网络。

Description

用转换进行数据保护
相关申请的交叉引用
本申请涉及2012年1月5日提交的美国临时申请号61/583,550(代理人案号:79900-819288),其全部内容通过引用以全部目的结合于此。本申请还涉及2012年3月6日提交的美国临时申请号61/607,546(代理人案号:79900-829470),其全部内容通过引用以全部目的结合于此。本申请还涉及2012年9月21日提交的美国临时申请号61/704,428(代理人案号:79900-851259),其全部内容通过引用以全部目的结合于此。
发明背景
可通过多项措施诸如数据加密在具有基于硬件的安全控件的设备内保护金融账户数据不受未授权访问影响。然而,现有的安全措施诸如加密个人标识号(PIN)可使得敏感数据诸如主账号(PAN)曝光。现有的用于保护敏感数据的解决方案可要求应用不同于那些用于加密PIN数据的密钥管理方案,增加了为金融数据提供安全的商户的负担。
商户可通过将所有交易路由到用于支付处理的单个目的地来保护金融账户数据。然而,当路由对交易的授权请求时,商户可能够在多个可用的支付处理网络之间选择支付处理网络。上述可能需要提供基于授权请求消息的路由目的地对授权请求消息中的信息进行解密并且对信息进行重新加密。某些支付处理网络可缺少对敏感数据的加密解决方案。商户可希望使用由第一支付处理网络提供的加密措施同时继续能够将授权请求路由到可替代的支付处理网络。
在此描述的实施例解决了这些和其他问题。
发明简要概述
多种技术提供当在包括多个支付处理网络选项的环境中路由对交易的授权请求时保护敏感数据。
在一个实施例中,描述了一种方法。该方法包括由访问设备加密个人标识号(PIN)。PIN加密使用基于初始密钥的第一加密密钥变体。该访问设备使用基于该初始密钥的第二加密密钥变体对敏感数据进行加密。包括经加密的PIN和经加密的敏感数据的授权请求消息被传输到主机服务器。
在另一个示例中,一种方法包括在主机服务器接收授权请求消息。通信地连接到主机服务器的安全模块解密该经加密敏感数据。该安全模块使用与该第一支付处理网络相关联的第一敏感数据区域加密密钥重新加密该经解密敏感数据。包括该经重新加密的敏感数据的第一经转换授权请求消息可由主机服务器传输到该第一支付处理网络。在另一个实施例中,在该主机服务器接收的该授权请求消息包括PIN。该安全模块解密该经加密的PIN并且用与该第一支付处理网络相关联的第一PIN区域加密密钥重新加密该经解密的PIN。该第一经转换授权请求消息包括该经重新加密的PIN。在附加实施例中,该安全模块被配置成用于将第二经转换授权请求消息传输到第二支付处理网络。第二PIN区域加密密钥用于为该第二经转换授权请求消息重新加密PIN并且第二敏感数据区域加密密钥用于为该第二授权请求消息重新加密敏感数据。
本技术的另一个实施例涉及一种系统。该系统包括处理器以及耦合到该处理器的计算机可读介质。该计算机可读介质包括代码,该代码可由该处理器执行以实现包括由访问设备加密个人标识号(PIN)的方法。PIN加密使用基于初始密钥的第一加密密钥变体。该访问设备使用基于该初始密钥的第二加密密钥变体对敏感数据进行加密。包括经加密PIN和经加密敏感数据的授权请求消息被传输到主机服务器。
本技术的另一个实施例涉及一种系统。该系统包括处理器以及耦合到该处理器的计算机可读介质。该计算机可读介质包括代码,该代码可由该处理器执行以实现包括在主机服务器接收授权请求消息的方法。该授权请求消息包括经加密的敏感数据。通信地连接到主机服务器的安全模块解密该经加密敏感数据。该安全模块使用与该第一支付处理网络相关联的第一敏感数据区域加密密钥重新加密该经解密敏感数据。包括该经重新加密的敏感数据的第一经转换授权请求消息可由主机服务器传输到该第一支付处理网络。
在另一个实施例中,一种方法包括接收与个人账户标识符(PAI)相关联的数据。访问设备可加密该PAI。该经加密的PAI可具有与PAI相同的格式。该经加密的PAI被写入授权请求消息的字段。该授权请求消息的该字段是被指定为接收PAI的字段。将授权请求消息数据元素用作信号以便标识在该授权请求消息中存在该经加密的PAI。该访问设备传输该授权请求消息。
以下更详细描述这些以及其他实施例。
附图简要说明
图1示出可在其中实现本技术的实施例的示例性系统。
图2示出在访问设备和商户主机加密PIN和敏感数据的说明性流程图。
图3是在主机转换敏感数据的说明性流程图。
图4是在主机转换PIN和敏感数据的说明性流程图。
图5是表格,示出支付设备的轨迹I的结构和内容的说明性规范。
图6是表格,示出支付设备的轨迹II的结构和内容的说明性规范。
图7是流程图,示出根据实施例的格式保留加密的实现方式。
图8是流程图,示出解释数据从而确定是否已经应用格式保留加密。
图9描绘计算机系统的说明性高级框图。
发明详细描述
在此公开的实施例涉及用于保护授权请求消息中的金融数据的技术。可参照以下提供的说明理解用于描述此处的实施例的术语。
“授权请求消息”可以是对交易进行授权的请求。授权请求消息可被发送给支付账户的发布者以便请求授权用该支付账户进行的交易。商户可生成授权请求消息。授权请求消息可经由捕获器被传输给发布者。
授权请求消息可具有定义格式以便促进金融网络内的点之间的请求和响应。例如,授权请求消息可以是标准交换消息,诸如符合国际标准化组织(ISO)8583的消息,其是用于交换电子交易的系统的标准。ISO8583消息可包括消息类型指示符、指示该消息内存在的数据元素的一个或多个位图、以及该消息的数据元素。包括在授权请求消息内的数据可包括从支付设备获得的数据以及与交易、支付账户持有人、以及商户相关的其他数据。例如,授权请求消息可包括个人标识号(PIN)、以及敏感数据,诸如主账号(PAN)、持卡人姓名、以及自由选择数据。附加地,授权请求消息可包括支付设备有效期、货币代码、交易量、商户交易戳、接受者城市、接受者国籍/国家、银行代码、终端标识、网络标识等等。可使用加密来保护授权请求消息,以便防止数据受损。
授权请求消息可包括支付账户标识符。授权请求消息可与便携式消费者设备相关联,诸如信用卡或借记卡。例如,支付账户标识符可以是主账号(PAN)。PAN可以是唯一支付卡号,诸如与信用卡相关联的信用卡账号或者与借记卡相关联的借记账号。PAN可识别发布者以及持卡人账户。当在此使用术语PAN时,将理解到可使用任何支付账户标识符。
个人标识号(PIN)可以是在用户和系统之间共享的并且用于为系统对用户进行认证的数字密码。PIN模块可以是用于封装PIN的经加密数据模块。PIN模块可由PIN、PIN长度、以及PAN的子集组成。
也被称为“自由选择数据”的发布者自由选择数据(IDD)可以是驻留在支付设备的磁条或芯片内的轨迹1和/或轨迹2中的数据或者以其他方式与支付账户相关联的数据。IDD的长度可变并且可包含消费者和/或卡验证数据,诸如PIN偏移值、PIN验证值(PVV)、卡验证值(CVV)等等。IDD还可包括由卡品牌和/或发布者定义的其他数据,诸如在忠诚计划、舰队数据(fleet data)等等中使用的信息。
“捕获器”通常是与具体的商户具有商业关系的商业实体(例如,商业银行)。例如,捕获器可向商户银行账户存入资金并且从发布者收回这些资金。
“发布者”通常是向账户拥有人发布支付设备并且为支付账户提供行政管理功能的商业实体(例如,银行或信用联盟)。某些实体可执行发布者和捕获器功能。支付账户可以是可在交易中使用的任何账户,诸如信用、借记或预付账户。
“支付设备”可以是指用于发起交易的设备,诸如便携式消费者设备或便携式通信设备。支付设备可与访问设备诸如销售点设备对接以便发起交易。通常,便携式消费者设备是手持式的并且紧凑的,从而使得其可适配到消费者的钱包或口袋中(例如,口袋大小的)。便携式消费者设备的具体示例包括支付卡,诸如智能卡、借记设备(例如,借记卡)、信用设备(例如,信用卡)、或储值设备(例如,储值卡或“预付”卡)。也称为“移动设备”的便携式通信设备可以是例如蜂窝或无线电话(例如,智能电话)、个人数字助理(PDA)、便携式计算机(例如,平板计算机或膝上计算机)、寻呼机、或由支付账户持有人携带的其他便携式设备。
“访问设备”可以是指从支付设备接收信息以便发起交易的设备。例如,访问设备可以是被配置成用于读取编码在卡格式的便携式消费者设备的磁条或芯片中的账户数据的销售点设备。访问设备的其他示例包括蜂窝电话、PDA、个人计算机、服务器计算机、平板计算机、手持式专用阅读器、机顶盒、电子收银机、自动柜员机(ATM)、虚拟收银机、公用电话亭、安全系统、访问系统等等。访问设备可使用诸如射频(RF)和磁条阅读器类的装置来与支付设备交互。访问设备可以是位于商户的物理位置的设备或可以是虚拟销售点,诸如是电子商务(eCommerce)交易的一部分的网站。在eCommerce交易中,账户拥有者可向便携式通信设备、个人计算机、或能够与商户计算机进行通信的其他设备输入支付账户数据。在其他无卡交易中,诸如邮件订单或电话订单交易中,可向用作访问设备的商户计算机输入信息。在另一个示例中,通信可使用无线通信机制(诸如近场通信(NFC)、RF、红外、光学通信等等)在便携式通信设备的非接触式元件和访问设备(诸如商户设备阅读器或销售点终端)之间发生。
“支付处理网络”可包括接收授权请求消息的系统。支付处理网络可从授权请求消息获得信息以便用于确定是否批准与授权请求消息相关联的交易。支付处理网络可向商户发送表明是否批准交易的授权响应消息。在某些实施例中,支付处理网络可执行结算过程,该过程可涉及将交易发布给与用于交易的支付设备相关联的账户以及计算支付设备的每个用户的净借记或信用情况。支付处理网络可由捕获器和/或发布者操作。
“主机”可以是负责执行商户交易处理、路由决定和/或捕获的一个或多个系统,诸如服务器。主机可驻留在商户、网关、处理器或其他实体处。在某些实施例中,主机可与商户直接交换(MDEX)、增值转销商(VAR)、或其他连接模型相关联。当在此使用术语“商户主机服务器”时,将认识到可使用任何服务器,诸如支付处理器服务器。
“防篡改”安全模块(TRSM)是结合物理保护以防止损害设备所包含的密码安全参数的设备。TRSM可用于不同的保护等级。防篡改的TRSM可采用物理措施诸如硬箱(hardenedcasing)以使得入侵设备变得困难。篡改证明TRSM可具有硬件特征以向后续查看者证明入侵尝试,诸如将在入侵设备期间被破坏的密封圈。篡改响应TRSM可被配置成用于检测入侵尝试以及破坏敏感信息,诸如密码安全参数,如果发生了入侵尝试。
“硬件安全模块”(HSM)是具有安全密码处理器的TRSM,该安全密码处理器可管理数字密钥、加速密码过程和/或为访问服务器应用的关键密钥提供强认证。HSM可提供来自未授权访问的敏感信息的逻辑和物理保护。HSM可以是插入卡或外部安全设备的形式的物理设备。HSM可通信地耦合到主机。
支付卡行业数据安全标准(PCI DSS)是可应用于涉及交易处理的实体的一组要求。要求的目的是维护金融数据的安全。
每交易唯一导出密钥(DUKPT)是可为每次交易导出唯一交易密钥的密钥管理方案。DUKPT使用通常仅初始化TRSM的那一方和由TRSM加密的消息的接收方已知的基础导出密钥(BDK)。通常用从BDK导出的初始密钥注入TRSM。可从初始密钥导出交易密钥。如果导出密钥受损,未来的和过去的交易数据保持受到保护,因为不能轻易地从导出密钥确定接下来的或之前的密钥。DUKPT可用于加密与电子商务交易相关联的数据,诸如PIN和/或敏感数据。
例如,PIN填充可包括用唯一初始密钥和密钥序列号注入的TRSM。PIN填充可为每次交易生成唯一密钥。由PIN生成的授权请求消息可包括经加密PIN分组和密钥序列号。授权请求消息可被从PIN填充传输到具有其自身TRSM的商户主机服务器。商户主机服务器TRSM可使用密钥序列号(KSN)来恢复在生成唯一初始PIN填充密钥时使用的基础导出密钥(BDK)。TRSM可使用BDK和KSN来解密经加密数据。
三重数据加密算法(TDEA)(也称为“三重数据加密标准”、“3DES”、“三重DES”、以及“TDES”)是将数据加密标准(DES)密码算法应用到正在被加密的每个数据块三次的分组密码。
“区域加密密钥”(ZEK)可指示用于加密两个特定点(例如,主机和支付处理网络之间)之间的数据的一个或多个密钥。单独的ZEK可用于PIN和敏感数据。在优选实施例中,ZEK仅用于多方之间的敏感数据加密并且优选地与PIN、MAC或其他特定加密密钥不同。
“服务器”可包括一个或多个计算机。服务器的多个计算机可经由网络连接(诸如有线、无线、和/或互联网网络连接)通信地耦合。服务器的计算机中的一个或多个可存储数据库。
PIN和敏感数据的加密和区域转换
当支付设备用于交易时,可为交易生成授权请求消息。授权请求消息可包括个人标识号(PIN)以及敏感数据,诸如主账号(PAN)、持卡人姓名、持卡人地址、发布者自由选择数据、或其他敏感数据。敏感数据可以是用支付设备存储的数据,诸如存储在支付设备的磁条中或芯片中。可替代地,存储数据可以是由用户提供给访问设备的数据,诸如由用户在电子商务或其他无卡交易中提供的持卡人地址信息。PIN和敏感数据可由从支付设备接收信息的访问设备加密。可基于注入到访问设备中的初始密钥使用加密密钥变体加密PIN和敏感数据。
图1示出本技术的实施例可在其中实现的示例性系统100。系统100包括一个或多个服务器计算机、数据处理子系统以及网络,该网络可用于为交易发起授权请求消息并且将授权请求消息路由到能够批准交易的实体。当仅示出每个组件中的一个时,应当理解的是本技术的实施例可包括每个组件的多于一个。附加地,本技术的某些实施例可包括少于图1中示出的全部组件的组件。而且,图1中的组件可使用任何合适的通信协议经由任何合适的通信介质(包括互联网)通信。
在典型的交易中,支付设备102与访问设备104对接以便发起交易。访问设备104可包括访问设备防篡改安全模块(TRSM)106。访问设备TRSM 106可物理地和/或通信地耦合到访问设备104(或可以是其组成组件)。当支付设备102与访问设备104对接时,访问信息可接收与支付设备104相关联的信息,包括敏感数据。在某些实施例中,访问设备104从存储账户信息的设备(诸如便携式通信设备)接收敏感数据和/或PIN。
在说明性示例中,支付设备102可以是信用卡而且访问设备104可以是存储在TRSM中的PIN填充。PIN填充可具有用于接收指示PIN密码的数字输入的用户接口以及用于从支付设备的磁条获得轨迹数据的磁条阅读器。
在其他实施例中,支付设备信息可以是由访问设备104接收的用户输入。可从支付设备102或从由访问设备106接收的用户输入接收PIN数据。
当访问设备104接收到数据诸如PIN和支付设备信息时,TRSM 106可加密数据。在某些情况中,可能需要在加密PIN之前获得PAN。可从自支付设备102接收的信息确定敏感数据诸如PIN、持卡人姓名、持卡人地址、以及自由选择数据。可从由访问设备104从支付设备102获得的轨迹数据解析敏感数据。在某些实施例中,访问设备106通过基于PIN、PIN长度、以及PAN的子集生成PIN分组来加密PIN。访问设备104可经加密敏感数据,包括PAN、持卡人姓名、持卡人地址、自由选择数据、以及任何有待处理为敏感数据的其他信息中的一项或多项。
访问设备TRSM 106可存储用于加密数据的初始密钥。对于每次交易,可从初始密钥导出一个或多个交易密钥。可能需要将不同的交易密钥应用于PIN和敏感数据,以便与规定相符,诸如PCI DSS。可使用从初始密钥导出的第一交易密钥加密PIN而且可使用从初始密钥导出的第二交易密钥加密敏感数据。以此方式,可使用相同的密钥管理方案(诸如DUKPT)和相同的加密算法(诸如TDEA)加密PIN和敏感数据。
包括经加密PIN数据和经加密敏感数据的授权请求消息可由访问设备104生成并且传输到商户主机服务器108。授权请求消息可包括用于各种类型的数据的指定字段。当向授权请求消息中的数据应用加密时,加密密钥可改变与经加密数据相关联的字段的参数(诸如数据类型、数据长度等等)。由于参数已改变,可将经加密数据放入新的字段中。例如,授权请求消息可包括大小被确定为容纳PAN的字段。当应用加密时,PAN和其他敏感数据可被放入授权请求消息的一个或多个可替代字段中。可向授权请求消息添加字段以便发信号表明经加密PAN位于经加密PAN字段中。敏感数据诸如PAN、持卡人姓名、以及自由选择数据可在访问设备104被加密并被放入授权请求消息的字段内的单独元素内,诸如ISO格式的授权请求消息的字段53。
在某些实施例中,向授权请求消息中的敏感数据应用格式保留加密。例如,当使用格式保留加密时,可用经加密值替换PAN的数位子集,同时PNA的具体数位保持不变。在优选实施例中,PAN的前六个数位和最后四个数位保持不变而中间的数位用经加密值替换。以此方式,授权请求消息可由未被配置成用于处理具有用于存储经加密数据的可替代字段的授权请求消息的支付处理网络处理。为了发信号表明授权请求消息的PAN字段中存在经加密数据,经更改的有效期可被包括在授权请求消息的有效期字段内。例如,授权请求消息可包括与用于交易的支付设备相关联的有效期之后40年的有效期。
商户主机服务器108可包括商户主机TRSM 110。商户主机TRSM 110可通信地和/或物理地耦合到商户主机服务器108或可以是其组成组件。在某些实施例中,商户主机TRSM110可远离商户主机服务器108的处所。为了将交易路由到多个支付处理网络,商户可能需要具有商户主机TRSM 110以便转换授权请求消息中的经加密数据。例如,可能需要在商户主机TRSM 110转换密钥以便符合限制与访问设备TRSM 106相关联的密钥暴露的PCI DSS标准。当商户主机服务器108被配置成用于将授权请求消息路由到多个支付处理网络112-116时,商户主机服务器108可将经加密数据转换成与具体的支付处理网络相关联的区域加密密钥(ZEK)。商户主机服务器108可确定如何基于包含在授权请求消息内的信息路由授权请求消息。例如,包含根据格式保留加密方法加密的PAN的PAN字段的前六个数位可由商户主机服务器108用来确定如何路由授权请求消息。
由商户主机TRSM 110进行转换可包括解密从访问设备104接收的授权请求消息内的PIN和敏感数据并且使用一个或多个区域加密密钥(ZEK)重新加密PIN和敏感数据。ZEK可与具体的支付处理网络相关联。ZEK通常是支付处理网络和商户主机服务器108之间的共享密钥。可能需要将不同的ZEK应用到PIN和敏感数据,例如以便符合PCI DSS。转换可由商户主机TRSM 110执行,从而使得经解密的PIN和敏感数据永不暴露给商户主机服务器108。商户主机服务器108可将包括已转换PIN和敏感数据的授权请求消息传输到授权请求消息将被路由到其上的支付处理网络112-116中的一个。
在某些实施例中,商户主机服务器108可将授权请求消息路由到未被配置成用于处理经加密数据的支付处理网络。在这种实施例中,经加密敏感数据可被解密并且包括经解密敏感数据的授权请求消息可被从商户主机服务器108传输到支付处理网络。
接收授权请求消息的支付处理网络可解密PAN或其他敏感数据并且还可验证PIN。支付处理网络可确定是否授权交易。在某些情况下,授权请求消息可被传输到可确定是否授权交易的发布者服务器。指示是否授权交易的授权响应消息可被从接收授权请求消息的发布者和/或支付处理网络路由回商户主机服务器108。授权响应可由访问设备104显示、打印在收条上、或者以其他方式被传送到支付账户持有人。
将理解的是与支付处理网络或其他实体相关联的以及与TRSM相关联的服务器可代替商户主机服务器108和商户主机TRSM 110。
结清和结算过程通常由每个支付处理网络在固定的时间执行。该固定的时间可在网络之间不同。结清过程是交换捕获器和发布者之间的金融细节以便促进既往支付账户持有人的账户以及对消费者的结算情况进行对账。
在TRSM内,可使用DUKPT和TDES加密和/或解密数据。将认识到可应用其他密钥管理系统(诸如主/会话和固定密钥)和/或其他加密算法(诸如RSA、DEA、ECIES、AES、或其他加密算法)。
图2示出在访问设备和商户主机加密PIN和敏感数据的说明性流程图。在操作202,持卡人可在访问设备104展现支付设备102。在操作204,访问设备104可从支付设备102读取数据,诸如存储在支付设备的磁条内的轨迹数据。从支付设备102读取的数据可包括敏感数据,诸如PAN、持卡人姓名、以及自由选择数据。在操作206,访问设备104可接收PIN,诸如在访问设备104的用户接口接收的PIN。
在操作208,访问设备104可使用第一密钥加密PIN。第一密钥可以是从注入到访问设备104的密钥导出的第一交易特定密钥。在操作210,访问设备104可使用第二密钥加密敏感数据。敏感数据可包括PAN、持卡人姓名、自由选择数据、持卡人地址、以及由访问设备104接收的任何其他敏感数据中的一项或多项。第二密钥可以是从注入到访问设备104的密钥导出的第二交易特定密钥。在操作212,访问设备104可生成包括经加密PIN和经加密敏感数据的授权请求消息并且将授权请求消息传输到主机服务器,诸如商户主机服务器108。
在某些实施例中,主机设备可从访问设备接收包括经加密敏感数据的授权请求消息。授权请求可或可不包括经加密PIN。例如,访问设备可从信用卡或其他支付设备接收用于不要求PIN号码的交易的敏感数据。在这些实施例中,主机设备可转换敏感数据。
图3是在主机转换敏感数据的说明性流程图。在操作302,主机诸如商户主机服务器108从访问设备104接收包括经加密敏感数据的授权请求消息。主机可从授权请求消息解析敏感数据。在操作304,主机可使用从基础导出密钥导出的信息解密敏感数据。为了转换敏感数据,主机可使用从与访问设备104相关联的基础导出密钥导出的信息解密敏感数据,如操作304所指示的,并且使用区域加密密钥重新加密敏感数据,如操作306所指示的。在操作308,主机可将授权请求消息传输到支付处理网络。
在某些实施例中,主机可接收包括经加密PIN和经加密敏感数据的授权请求消息。主机可转换PIN和敏感数据。
图4是在主机转换PIN和敏感数据的说明性流程图。在操作402,主机诸如商户主机服务器108从访问设备104接收包括经加密PIN和经加密敏感数据的授权请求消息。解密PIN可能需要经解密敏感数据诸如经解密PAN。主机可从授权请求消息解析敏感数据。在操作404,主机可使用从基础导出密钥导出的信息解密敏感数据。主机可从授权请求消息解析PIN。在操作406,主机可使用从基础导出密钥导出的信息并且在某些情况下还使用已解密PAN解密PIN。为了转换PIN,主机可使用区域加密密钥重新加密PIN,如操作408所指示的。在某些实施例中,使用区域加密密钥和已解密PAN重新加密PIN。为了转换敏感数据,主机可使用区域加密密钥重新加密敏感数据,如操作410所指示的。
在某些实施例中,单独的区域加密密钥可用于加密PIN和敏感数据。例如,PIN特定的区域加密密钥可用于或被生成用于加密PIN号码,并且敏感数据特定区域加密密钥可用于或被生成用于加密敏感数据。而且,每个支付处理网络112-116可使用特定于具体的支付处理网络的一个或多个区域加密密钥。因此,当授权请求消息将被路由到第一支付处理网络112时,第一PIN特定的区域加密密钥和第一敏感数据特定的区域加密密钥可用于转换,而且当授权请求消息将被路由到第二支付处理网络114时,第二PIN特定的区域加密密钥和第二敏感数据特定的区域加密密钥可用于转换。
商户主机服务器108可确定支付处理网络112-116中的哪一个支付处理网络将接收授权请求消息。在操作412,商户主机服务器108可将包含经转换(经重新加密)PIN和经转换(经重新加密)敏感数据的授权请求消息传输到所确定的支付处理网络。
在某些实施例中,商户主机服务器108包括用于允许由商户或支付处理网络限定的特定卡范围的“白名单”支持,以便不受保护。当在访问设备104加密敏感数据时,敏感数据的一部分可被维持在明文中以便在访问设备104使用。例如,自由选择数据字段或支付设备102的磁条上的轨迹数据的其他字段中的某些或全部数据可在授权请求消息中保持未加密。使用自由选择数据字段中的用于忠诚计划、舰艇计划等等的数据的商户可要求该数据对于数据收集或其他目的保持不加密。
在某些实施例中,自由选择数据字段中的持卡人姓名和/或数据在加密之前可用于访问设备。例如,如果访问设备或另一个商户设备所执行的应用使用这个敏感数据(例如,在通信地连接到PIN设备的收银机显示持卡人姓名),敏感数据可在加密之前暴露于商户设备。
如以上所讨论的,支付设备内的芯片或磁条可具有保持数据的一个或多个轨迹(通常是三条轨迹,称为“轨迹I”、“轨迹II”、“轨迹III”)。可根据标准化结构将数据格式化。图5和图6是示出用于支付设备轨迹数据的说明性规范的表格。将认识到具有图5和图6中所描述的结构的轨迹数据可被与便携式媒体设备或用于电子商务或其他无卡交易的其他设备上的支付账户相关联地存储。
图5是表格,示出支付设备的轨迹I的结构和内容的说明性规范。用基于ASCII的7比特方案编码轨迹1。轨迹1字段可包括开始哨符(诸如“%”),指示格式化轨迹数据在其开始的位置。
格式代码(诸如“B”,指示金融机构)通常是轨迹1内的下一个字符。
主账号(PAN)可包括六数位发布者标识号(IIN)、可变长度(最大12个数位)、单独的账号可校验数位。可用分隔符字符(诸如插入符号(^))指示与PAN相关联的数据的结尾。
姓名字段可包括单个阿尔法字符(作为姓氏)以及姓氏分隔符。空格字符可被要求将姓名字段而不是姓氏的逻辑元素分隔开。可在姓名字段的最后一个逻辑元素之后编码终止姓名字段的分隔符。如果仅编码姓氏,姓氏之后可以是字段分隔符(FS),诸如“^”。在某些实施例中,姓名字段包括姓氏、其后是姓氏分隔符(例如,“/”字符)、其后是名或大写首字母、其后是空格、其后是中间名或大写首字母。姓名可附加地在中间名或大写首字母之后包括句号,其后是头衔。姓名通常用分隔符(字符“^”)结束。例如,姓名John C.Smith()可被编码为“SMITH/JOHN C”。
轨迹I的有效期字段可具有格式YYMM,其中‘YY’表示年份的最后两个数位并且‘MM’是月份的数字表示。
服务代码可以是具有由单独的数位表示的三个子字段的数字字段。通常,服务代码用于指示发布者对磁条交易的接受标准以及支持如磁条或浮雕所标识的等效应用的相关集成电路是否存在于卡上。服务代码的每个子字段可由其位置(位置1、2和3)表示并且可独立地操作,允许判断其单独的功能。
发布者自由选择数据可遵循服务代码。轨迹的结束由结束哨符指示,诸如问号字符(“?”)。在结束哨符之后,可包括纵向冗余校验字符(LRC)。
图6是表格,示出支付设备的轨迹II的结构和内容的说明性规范。轨迹II中的字符编码基于以ASCII为基础的5比特方案。轨迹II可包含与轨迹I中所包含的那些字段相似的字段,如上所述,但是可缺少持卡人姓名字段。
在某些实施例中,PIN数据可被存储在支付设备的轨迹III上并可从其读取。
具有混淆的加密
在对与支付设备102相关联的数据字段执行加密后,经加密信息可被存储在授权请求消息的一个或多个替代字段中并且混淆数据可被存储在授权请求消息的原始字段中。例如,可从与支付设备102相关联的PAN、持卡人姓名、以及自由选择数据字段读取数据。混淆数据可被写入为PAN、持卡人姓名、和自由选择数据指定的授权请求消息的字段中并且PAN、持卡人姓名、和自由选择数据的经加密版本可被写入授权请求消息的一个或多个替代字段中。
在说明性示例中,对于符合ISO标准的授权请求消息而言,替代字段诸如ISO字段53可被限定为接收经加密数据和相关联的加密属性。ISO字段53的新定义可符合在ISO标准中定义的“复合”字段类型。新字段53可接收经加密PIN分组数据和经加密敏感数据。当向授权请求消息应用区域加密时,可向字段53应用区域加密。
当混淆数据被写入授权请求消息的PAN字段时,所保持的PAN字段中的PAN的某些数位可被保持而可混淆PAN的其他数位。例如,PAN的数位子集(“中间六个”数位)可被混淆,而其他数位(诸如PAN的前六个和最后四个数位)保持为明文。可通过例如用数字9替换PAN的数位7-11并且用被计算以便确保PAN的最后一个数位是有效校验数位的数字替换PAN的数位12来执行混淆。因为PAN的剩余数位诸如前六个数位和最后四个数位未被混淆,剩余数位可被用于诸如路由和接收方确定功能。以此方式,被设计成用于处理包含在PAN字段中的数据的系统可正常地起作用,尽管通过混淆中间的六个数位来保护PAN。存储在经加密PAN字段中的经加密PAN可被解密,允许将经解密(原始)PAN写入PAN字段中。
格式保留的加密
可能令人希望的是在不更改授权请求消息的格式的情况下加密包含在授权请求消息内的数据。例如,某些系统可能未被设计成用于处理具有附加经加密PAN字段的授权请求消息。可向来自与支付设备102相关联的轨迹数据的轨迹1和轨迹2的敏感数据诸如PAN、持卡人姓名以及自由选择数据应用格式保留加密。
PAN可被加密,从而使得所得经加密PAN具有与原始PAN相同的大小。以此方式,经加密PAN可被写入授权请求消息的原始PAN字段中,并且不要求授权请求消息的替代字段接收经加密PAN。当向PAN应用格式保留加密时,PAN的某些数位可保持未加密。例如,PAN的前六个和最后四个数位可保持未加密,以便允许路由和与包含在这些数位内的数据相关的其他功能。
格式保留加密的作用不同于包含有效校验数位的PAN。用于确定有效校验数位的算法可以如ISO标准中所定义的那样。通常是PAN的最后一个数位的校验位可以是从可用于确定PAN的所有数位是否被正确地接收的消息内的其他数位计算的数位。校验位可用于检测传输错误。在某些实施例中,计算PAN的数位7-12(“中间六个”数位)的最后一个数位,从而使得未经加密PAN的原始最后一个数位仍然是用格式保留加密进行加密的PAN的有效校验数位。当PAN不包含有效校验数位时,可用格式保留加密算法加密所有中间数位。
在加密之前,敏感数据可被转换为10基字母表。在已经应用了格式保留加密后,10基字母表中的所得经加密字符可被转换为原始代码集合和原始敏感数据的格式。经转换的加密结果可用于替换授权请求消息内的敏感数据诸如PAN、持卡人姓名、自由选择数据等等的原始字段。
通常,从已经向其应用格式保留加密的字段中的数据来看,数据已经被加密将是不明显的。可在授权请求消息的现有数据字段中使用信号以便表明授权请求消息的字段包含经加密数据。为了实现该信号,可用授权请求消息的不包含经加密数据的字段的已修改版本的新内容盖写该字段。例如,授权请求消息的有效期字段中的有效期可被经更改的有效期替换。在一个实施例中,通过向有效期或有效期的一部分添加数字来获得经更改的有效期。例如,数字诸如40可被添加到有效期的年份部分。如果授权请求消息的有效期字段包含有效期“01/13”,表明有效期是2013年1月,数字40可被添加到年份部分13并且所得经更改的有效期“01/53”可被写入有效期字段。如果2013年发生了交易,读取授权请求消息的有效期部分的设备可能够确定有效期是经更改的有效期,因为支付设备通常被发布有低于从发布该卡的日期起20年(例如,1-10年)的有效期。以此为基础,可确定超过当前日期二十年的有效期是经更改的有效期。
在某些实施例中,PAN的最后一个数位可不包含有效校验数位。例如,PAN的最后一个数位可不具有ISO/IEC标准7812-1所规定的校验位。当PAN的最后一个数位不是有效校验数位时,在经更改的有效期被写入授权请求消息的有效期字段之前,数字20可被添加到有效期的月份。
在某些实施例中,有效期字段可从访问设备104所接收的信息消失。例如,卡读取或密钥输入可具有错误或者以其他方式缺少有效期。在经更改的有效期被写入授权请求消息的有效期字段之前,数字40可被添加到在格式保留加密过程中创建的有效期的月份。
以下,描述用于格式保留加密的示例性算法。格式保留加密算法可像格式被保留的流式密码那样运行。例如,格式保留加密可类似于来自国际标准与技术研究所(NIST)标准P800-38A的计数器模式(CTR),被概括为模n加法而不是模2加法。
在格式保留算法中,A可以是具有n个不同的字符的字母表,其中n是大于1的自然数。A*可被标记为具有来自A的元素的字符串集合,包括空字符串。在本说明书中,假设字母表A是集合{0,…,n-1}。如果不是这种情况,需要转换,基于字母表A中的不同字符的数量。该转换可在加密之前发生并且在解密之后再次发生,从而使得加密和解密将永远针对某些大于1的正整数n的形式{0,…,n-1}的字母表有效。
格式保留算法可使用SP800-38A中定义的具有分组大小b个比特的分组密钥CIPH(AES或TDEA)的计数器模式(CTR)以及CIPH的加密密钥K、以及一系列计数器分组(在SP800-38A中被称为计数器)T1、T2、…,以便产生一系列输出分组,每个计数器模块一个输出分组。每个输出分组由k个n基数位组成,其中k是必须从区间选择的可配置参数。出于以下解释的原因,每个计数器分组是b-7个比特,而不是SP800-38A中的b个比特。还在以下描述如何产生输出分组的机制。
为了加密长度为L的明文P,其中1≤L,生成尽可能多的输出分组(但是不需要更多),从而使得输出分组中的n基数位的总数量是至少L,即,我们计算唯一整数p和r,从而使得并且0≤r<k,从而使得L=pk-r,并且生成输出分组G1、…、Gp。然后,向来自输出分组G1‖G2‖…‖Gp的级联的第i个n基数位添加每个明文n基数位P[i],从而形成密文的第i个数位:
C[i]=(P[i]+(G1‖…‖Gp)[i])mod n。
由于k可能不除以L,可忽略最后一个输出分组Gp的某些数位。不使用Gr的最后r个n基数位。
为了解密长度为L的密文C,其中1≤L,生成尽可能多的输出分组(但是不需要更多),从而使得输出分组中的n基数位的总数量超过L,这是用与加密相同的方式完成的。然后,从输出分组G1‖…‖Gp的级联的第i个n基数位减去每个密文n基数位C[i],从而形成明文的第i个数位:
C[i]=(P[i]+(G1‖…‖Gp)[i])mod n。
为了进行格式保留加密,至于计数器模式自身,该计数器分组序列必需具有以下特性:该序列中的每个分组不同于另一个分组。这种条件不限于单次加密:跨在给定密钥K下加密的所有报文,所有计数器必须不同。SP800-38A描述了用于生成计数器的方法。
给定具有模块长度b的分组密文CIPH,CIPH的密钥K、b-7比特计数器T、自然数n>1,其是将被加密的明文的基数,以及具有的整数k,以如下方式产生由k个n基数位组成的输出分组:
7比特计数器S被初始化为0。然后,向S‖T应用CIPHK从而产生具有b个比特的分组B。B被解释为区间{0,…,2b-1}中的整数,并且如果则接受,否则S增量并且CIPHK被再次应用到S‖T等等,直到B被接受或S等于127。如果S=127,提高错误,否则B被转换为n基并且是k数位n基输出分组,可能具有多个前导零。假设CIPHK是伪随机置换,每次迭代中B被接受的可能性至少是0.5,并且提高错误的可能性最多是2-128。以下伪代码描述了这种算法:
在此,假设S0、S1、...、S127枚举了128种不同的7比特组合,假设“AsInteger”取b个比特B[1]、...、B[b]的字符串并且将其转换为整数并且假设“Convert”将B转换为k个n基数位,具有多个前导零,如果必要的话:
L的最大值(即,可被加密的最长的明文的比特长度)是2b/2
被解释为整数的B的上边界被选择为nk的最大可能整数倍数,其使得可统一地从其提取k数位n基数字,假设B的分布是均匀的。
图7是流程图,示出根据实施例的格式保留加密的实现方式。参照图7描述的操作可由例如访问设备或主机执行。在操作702,读取PAN。PAN可由访问设备104从支付设备102读取。可替代地,PAN可从授权请求消息的PAN字段读取。
在操作704,加密PAN的至少一部分,从而使得经加密PAN的长度等于原始PAN的长度。PAN可由访问设备104或商户主机服务器108加密。在操作706,已加密PAN可被写入授权请求的PAN字段。在操作708,可从授权请求消息的有效期字段(或从支付设备)读取有效期。在操作710,经更改的有效期可被写入授权请求消息。可通过例如向原始有效期的年份部分添加数字来更改有效期。添加到原始有效期的数字可以是5-99之间的数字,诸如10和50之间的数字,例如40。将认识到可使用可替代算法,诸如从原始有效期减去某个数字。
图8是示出解释数据以便确定是否已经应用格式保留加密的流程图。参照图8描述的操作可由例如商户主机服务器108、支付处理网络112-116、发布者、捕获器等等执行。在操作800,接收授权请求消息。例如,可从商户主机服务器108或支付处理网络授权请求消息。在决定菱形802,可确定从授权请求消息读取的有效期字段的有效期的年份部分是否小于距当前日期的具体年份数字,例如,距当前日期20年。如果有效年份小于距当前日期20年,在授权请求消息中不存在对格式保留加密的信号,如804所指示的。如果有效期多于距当前日期20年,可从PAN字段读取PAN的未经加密数据,如操作806所指示的。未经加密PAN数据可用于路由(例如,由商户主机服务器108)、欺诈检测、授权确定、或其他目的。
计算机系统
图9是可用于实现上述任何实体或组件(例如,访问设备、主机、支付处理网络、捕获器处理器等等)的计算机系统的说明性高级框图。图9中所示的子系统经由系统总线902互连。附加子系统诸如打印机904、键盘906、固定磁盘908、以及监视器耦合到显示器适配器912。耦合到I/O控制器914的外围设备和输入/输出(I/O)设备可通过本领域已知的任何数量的手段(诸如串行端口916)连接到计算机系统。例如,串行端口916或外部接口918可用于将计算机装置连接到广域网,诸如互联网、鼠标输入设备、或扫描仪。经由系统总线902的互连允许处理器920与每个子系统通信并且控制来自系统存储器922或固定磁盘908的指令的执行以及子系统之间的信息交换。系统存储器922和/或固定磁盘908可实现计算机可读介质。
如所述,本发明服务可涉及实现一个或多个功能、过程、操作或方法步骤。在某些实施例中,这些功能、过程、操作或方法步骤可被实现为由适当地编程的计算设备、微处理器、数据处理器等等执行指令集或软件代码的结果。该指令集或软件代码可被存储在由计算机设备、微处理器等等访问的存储器中或其他形式的数据存储元件中。在其他实施例中,这些功能、过程、操作或方法步骤可由固件或专用处理器、集成电路等等实现。
应当理解的是能够使用模块或集成方式的计算机软件以控制逻辑的形式实现如上所述的本发明。基于在此提供的公开和教导,本领域普通技术人员可知道并认识到用于使用硬件以及硬件和软件的组合实现本发明的其他方式和/或方法。
在本申请中所述的任何软件组件或功能可被实现为将被处理器使用任何适当的计算机语言(诸如例如使用例如常规或面向对象的技术的Java、C++或Perl)执行的软件代码。软件代码可被存储为计算机可读介质上的一系列指令或命令,诸如随机存取存储器(RAM)、只读存储器(ROM)、磁介质诸如硬盘驱动器或软盘、或光介质诸如CD-ROM。任何这种计算机可读介质可驻留在单个计算装置上或内,并且可存在于系统或网络的不同计算装置上或内。
尽管已经描述了并且在附图中示出了某些实施例,应当理解的是这种实施例仅仅示出而非限制宽泛的发明,并且本发明不应被限制为所示出和描述的特定的构造和安排,因为当学习本公开时,本领域普通技术人员将认识到各种其他修改。
对“一种”或“该”的引述旨在指代“一个或多个”,除非相反明确地指明。

Claims (31)

1.一种用于数据保护的方法,包括:
由访问设备接收个人标识号PIN和敏感数据,所述访问设备具有用从基础导出密钥导出的初始密钥编程的安全模块,所述基础导出密钥与密钥序列号相关联;
由所述访问设备使用从所述初始密钥导出的第一加密密钥对所述PIN进行加密;
由所述访问设备使用从相同的初始密钥导出的第二加密密钥对包括主账号PAN的所述敏感数据进行加密,所述第二加密密钥与所述第一加密密钥不同;以及
向主机服务器传输所述密钥序列号以及包括经加密的PIN和经加密的敏感数据的授权请求消息,
其中,所述主机服务器通过使用所述密钥序列号检取所述基础导出密钥、从所述基础导出密钥导出解密密钥、以及使用所述解密密钥来解密所述经加密的PIN和所述经加密的敏感数据,来处理交易。
2.如权利要求1所述的方法,其中,所述初始密钥是由每交易唯一导出密钥DUKPT密钥管理方案生成的。
3.如权利要求1所述的方法,其中,所述PIN和所述敏感数据中的至少一个是使用三重DES加密算法TDEA进行加密的。
4.如权利要求1所述的方法,其中,所述敏感数据还包括持卡人姓名、持卡人地址、以及自由选择数据中的至少一项。
5.如权利要求1所述的方法,其中,当自由选择数据被包括在经加密的敏感数据中时,自由选择数据的子集保持不加密。
6.如权利要求1所述的方法,其中,加密的PAN被写入所述授权请求消息的PAN字段中,其中,经加密的PAN具有与不加密的PAN相同的格式。
7.如权利要求6所述的方法,其中,不加密的PAN的数位子集在不加密的PAN中保持不加密。
8.如权利要求6所述的方法,其中,所述授权请求消息的有效期字段被经更改的有效期盖写,以便表明所述授权请求消息的所述PAN字段包含加密的PAN。
9.如权利要求1所述的方法,其中,所述访问设备是销售点终端。
10.如权利要求1所述的方法,其中,所述访问设备接收与电子商务交易相关联的信息。
11.一种用于数据保护的方法,包括:
由主机服务器接收授权请求消息,其中,所述授权请求消息包括密钥序列号、经加密的个人标识号PIN、和包括经加密的主账号PAN在内的经加密的敏感数据,其中,使用从初始密钥导出的第一加密密钥对所述PAN进行加密,并且使用从相同的初始密钥导出的第二加密密钥对所述敏感数据进行加密,所述第二加密密钥与所述第一加密密钥不同;
由所述主机服务器使用所述密钥序列号来检取基础导出密钥;
由所述主机服务器从所述基础导出密钥导出解密密钥;
由所述主机服务器来解密经加密的敏感数据;
由所述主机服务器重新加密经解密的敏感数据,其中,敏感数据重新加密使用与第一支付处理网络相关联的第一敏感数据区域加密密钥;以及
由所述主机服务器将第一经转换的授权请求消息传输到所述第一支付处理网络,其中,所述第一经转换的授权请求消息包括经重新加密的敏感数据。
12.如权利要求11所述的方法,进一步包括:
由所述主机服务器解密所述经加密的PIN;以及
由所述主机服务器重新加密经解密的PIN,其中,PIN重新加密使用与所述第一支付处理网络相关联的第一PIN区域加密密钥;以及
其中,所述第一经转换的授权请求消息包括经重新加密的PIN。
13.如权利要求12所述的方法,其中,所述主机服务器被配置成向第二支付处理网络传输第二经转换的授权请求消息,其中,第二PIN区域加密密钥被用于为所述第二经转换的授权请求消息重新加密PIN,并且第二敏感数据区域加密密钥被用于为所述第二经转换的授权请求消息重新加密敏感数据。
14.如权利要求11所述的方法,其中,经加密的PIN是使用基于初始密钥的第一加密密钥变体加密的,并且经加密的敏感数据是使用基于所述初始密钥的第二加密密钥变体加密的。
15.如权利要求14所述的方法,其中,所述初始密钥是由每交易唯一导出密钥DUKPT密钥管理方案生成的。
16.如权利要求11所述的方法,其中,所述主机服务器包括防篡改安全模块。
17.如权利要求11所述的方法,其中,所述主机服务器包括硬件安全模块。
18.如权利要求11所述的方法,其中,所述敏感数据还包括持卡人姓名、持卡人地址、以及自由选择数据中的至少一项。
19.一种用于数据保护的计算机系统,包括:
处理器;以及
耦合到所述处理器的计算机可读介质,其中,所述计算机可读介质包括可由所述处理器执行以便实现如权利要求1-10中任一项所述的方法的代码。
20.如权利要求19所述的系统,其中,所述处理器是安全密码处理器。
21.如权利要求19所述的系统,其中,所述系统包括防篡改安全模块。
22.一种用于数据保护的计算机系统,包括:
处理器;以及
耦合到所述处理器的计算机可读介质,其中,所述计算机可读介质包括可由所述处理器执行以便实现如权利要求11-18中任一项所述的方法的代码。
23.如权利要求22所述的系统,其中,所述处理器是安全密码处理器。
24.如权利要求22所述的系统,其中,所述系统包括防篡改安全模块。
25.如权利要求22所述的系统,其中,所述系统包括硬件安全模块。
26.一种用于数据保护的方法,包括:
接收与个人标识号PIN和主账号PAN相关联的数据;
由访问设备使用从初始密钥导出的第一加密密钥对所述PIN进行加密,所述访问设备具有用从基础导出密钥导出的初始密钥编程的安全模块,所述基础导出密钥与密钥序列号相关联;
由所述访问设备使用从相同的初始密钥导出的第二加密密钥对所述PAN进行加密,所述第二加密密钥与所述第一加密密钥不同,其中,经加密的PAN具有与所述PAN相同的格式;
将经加密的PAN写入授权请求消息的字段,其中,所述字段被指定为接收PAN;
将授权请求消息数据元素用作信号以便标识在所述授权请求消息中存在经加密的PAN;以及
传输包括所述密钥序列号、经加密的PIN和经加密的PAN的所述授权请求消息。
27.如权利要求26所述的方法,其中,所述授权请求消息中的经加密的PAN的数位的子集是所述PAN的未经加密的数位。
28.如权利要求27所述的方法,其中,经加密的PAN的前六个数位与未经加密的PAN的前六个数位相同,并且其中,经加密的PAN的后四个数位与未经加密的PAN的后六个数位相同。
29.如权利要求27所述的方法,进一步包括为经加密的PAN的指定数位计算一值,从而使得未经加密的PAN的最后一个数位与经加密的PAN的最后一个数位相同,并且其中,经加密的PAN的最后一个数位是经加密的PAN的有效校验数位。
30.如权利要求29所述的方法,其中,所述指定数位是经加密的PAN的第十二个数位。
31.如权利要求26所述的方法,其中,所述授权请求消息包括有效期,并且其中,当所述授权请求消息的PAN字段包含经加密的PAN时,所述授权请求消息的有效期字段被经更改的有效期盖写。
CN201380008011.8A 2012-01-05 2013-01-07 用转换进行数据保护 Active CN104094302B (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811415212.0A CN109508983A (zh) 2012-01-05 2013-01-07 用转换进行数据保护

Applications Claiming Priority (7)

Application Number Priority Date Filing Date Title
US201261583550P 2012-01-05 2012-01-05
US61/583,550 2012-01-05
US201261607546P 2012-03-06 2012-03-06
US61/607,546 2012-03-06
US201261704428P 2012-09-21 2012-09-21
US61/704,428 2012-09-21
PCT/US2013/020580 WO2013103991A1 (en) 2012-01-05 2013-01-07 Data protection with translation

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN201811415212.0A Division CN109508983A (zh) 2012-01-05 2013-01-07 用转换进行数据保护

Publications (2)

Publication Number Publication Date
CN104094302A CN104094302A (zh) 2014-10-08
CN104094302B true CN104094302B (zh) 2018-12-14

Family

ID=48745484

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201811415212.0A Withdrawn CN109508983A (zh) 2012-01-05 2013-01-07 用转换进行数据保护
CN201380008011.8A Active CN104094302B (zh) 2012-01-05 2013-01-07 用转换进行数据保护

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201811415212.0A Withdrawn CN109508983A (zh) 2012-01-05 2013-01-07 用转换进行数据保护

Country Status (6)

Country Link
US (3) US10147089B2 (zh)
EP (2) EP3770839A1 (zh)
CN (2) CN109508983A (zh)
RU (2) RU2017131424A (zh)
SG (1) SG11201403861XA (zh)
WO (1) WO2013103991A1 (zh)

Families Citing this family (149)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140019352A1 (en) 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
US10579920B2 (en) * 2007-12-24 2020-03-03 Dynamics Inc. Systems and methods for programmable payment cards and devices with loyalty-based payment applications
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US10846683B2 (en) 2009-05-15 2020-11-24 Visa International Service Association Integration of verification tokens with mobile communication devices
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US10140598B2 (en) 2009-05-20 2018-11-27 Visa International Service Association Device including encrypted data for expiration date and verification value creation
US8528067B2 (en) 2010-01-12 2013-09-03 Visa International Service Association Anytime validation for verification tokens
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
CN103201758A (zh) * 2010-11-10 2013-07-10 斯玛特哈伯私人有限公司 经由未受保全公共电信基础设施执行金融交易的方法及装置
WO2012112822A2 (en) 2011-02-16 2012-08-23 Visa International Service Association Snap mobile payment apparatuses, methods and systems
US10586227B2 (en) 2011-02-16 2020-03-10 Visa International Service Association Snap mobile payment apparatuses, methods and systems
SG193510A1 (en) 2011-02-22 2013-10-30 Visa Int Service Ass Universal electronic payment apparatuses, methods and systems
WO2012122049A2 (en) 2011-03-04 2012-09-13 Visa International Service Association Integration of payment capability into secure elements of computers
US9280765B2 (en) 2011-04-11 2016-03-08 Visa International Service Association Multiple tokenization for authentication
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US9582598B2 (en) 2011-07-05 2017-02-28 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US9710807B2 (en) 2011-08-18 2017-07-18 Visa International Service Association Third-party value added wallet features and interfaces apparatuses, methods and systems
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US10825001B2 (en) 2011-08-18 2020-11-03 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
SG11201403861XA (en) 2012-01-05 2014-08-28 Visa Int Service Ass Data protection with translation
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
WO2013113004A1 (en) 2012-01-26 2013-08-01 Visa International Service Association System and method of providing tokenization as a service
AU2013214801B2 (en) 2012-02-02 2018-06-21 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
WO2013166501A1 (en) 2012-05-04 2013-11-07 Visa International Service Association System and method for local data conversion
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
WO2014008403A1 (en) 2012-07-03 2014-01-09 Visa International Service Association Data protection hub
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
AU2013315510B2 (en) 2012-09-11 2019-08-22 Visa International Service Association Cloud-based Virtual Wallet NFC Apparatuses, methods and systems
US9390412B2 (en) 2012-10-16 2016-07-12 Visa International Service Association Dynamic point of sale system integrated with reader device
WO2014066559A1 (en) 2012-10-23 2014-05-01 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US10304047B2 (en) 2012-12-07 2019-05-28 Visa International Service Association Token generating component
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US10740731B2 (en) 2013-01-02 2020-08-11 Visa International Service Association Third party settlement
US11055710B2 (en) 2013-05-02 2021-07-06 Visa International Service Association Systems and methods for verifying and processing transactions using virtual currency
EP2997532A4 (en) 2013-05-15 2016-05-11 Visa Int Service Ass MOBILE TOKENIZATION HUB
US10878422B2 (en) 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
CA2919199C (en) 2013-07-24 2020-06-16 Visa International Service Association Systems and methods for communicating risk using token assurance data
AU2014294613B2 (en) 2013-07-26 2017-03-16 Visa International Service Association Provisioning payment credentials to a consumer
US10510073B2 (en) 2013-08-08 2019-12-17 Visa International Service Association Methods and systems for provisioning mobile devices with payment credentials
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
US11748746B2 (en) 2013-09-30 2023-09-05 Apple Inc. Multi-path communication of electronic device secure element data for online payments
US10878414B2 (en) * 2013-09-30 2020-12-29 Apple Inc. Multi-path communication of electronic device secure element data for online payments
EP3937108A1 (en) 2013-10-11 2022-01-12 Visa International Service Association Network token system
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
CA2931093A1 (en) 2013-12-19 2015-06-25 Visa International Service Association Cloud-based transactions methods and systems
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
DK3518570T3 (da) * 2014-03-19 2021-01-18 Bluefin Payment Sys Llc Systemer og fremgangsmåder til fremstilling af fingeraftryk til krypteringsindretninger
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
WO2015167425A1 (en) * 2014-04-28 2015-11-05 Hewlett-Packard Development Company, L.P. Virtual point of sale
WO2015168334A1 (en) 2014-05-01 2015-11-05 Visa International Service Association Data verification using access device
WO2015171625A1 (en) 2014-05-05 2015-11-12 Visa International Service Association System and method for token domain control
US10070310B2 (en) 2014-05-08 2018-09-04 Visa International Service Association Method and system for provisioning access data to mobile device
US10959093B2 (en) 2014-05-08 2021-03-23 Visa International Service Association Method and system for provisioning access data to mobile device
CN106465112A (zh) 2014-05-21 2017-02-22 维萨国际服务协会 离线认证
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US9584492B2 (en) * 2014-06-23 2017-02-28 Vmware, Inc. Cryptographic proxy service
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US20160027006A1 (en) * 2014-07-23 2016-01-28 Diebold Self-Service Systems, Division Of Diebold, Incorporated Encrypting pin receiver
US10326803B1 (en) * 2014-07-30 2019-06-18 The University Of Tulsa System, method and apparatus for network security monitoring, information sharing, and collective intelligence
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
RU2019124722A (ru) 2014-09-26 2019-10-01 Виза Интернэшнл Сервис Ассосиэйшн Система и способы предоставления зашифрованных данных удаленного сервера
US11257074B2 (en) 2014-09-29 2022-02-22 Visa International Service Association Transaction risk based token
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
GB201419016D0 (en) 2014-10-24 2014-12-10 Visa Europe Ltd Transaction Messaging
RU2708945C2 (ru) 2014-11-26 2019-12-12 Виза Интернэшнл Сервис Ассосиэйшн Запрос на преобразование в маркер посредством устройства доступа
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
CA2967437A1 (en) 2014-12-12 2016-06-16 Visa International Service Association Provisioning platform for machine-to-machine devices
KR102323805B1 (ko) * 2014-12-24 2021-11-10 십일번가 주식회사 웹 기반 인증 결제 장치, 웹 기반 인증 결제 방법, 웹 기반 인증 결제 시스템 및 컴퓨터 프로그램이 기록된 기록매체
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US11250391B2 (en) 2015-01-30 2022-02-15 Visa International Service Association Token check offline
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US10333921B2 (en) 2015-04-10 2019-06-25 Visa International Service Association Browser integration with Cryptogram
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
US10552834B2 (en) 2015-04-30 2020-02-04 Visa International Service Association Tokenization capable authentication framework
US20160335650A1 (en) 2015-05-15 2016-11-17 Mastercard International Incorporated Systems and methods for generating aggregated merchant analytics for a sector location
EP3308321B1 (en) * 2015-06-09 2021-08-04 Datex Inc. Peripheral bus security interface and method
CN105046489A (zh) * 2015-06-26 2015-11-11 深圳国微技术有限公司 一种移动支付方法、装置及系统
US11308485B2 (en) * 2016-07-15 2022-04-19 Paypal, Inc. Processing a transaction using electronic tokens
US9825946B2 (en) * 2015-08-27 2017-11-21 Mastercard International Incorporated Method and system for enhanced validation of cryptograms in cloud-based systems
CN108352029A (zh) * 2015-09-08 2018-07-31 万事达卡国际股份有限公司 使用在线交易的起始位置生成聚合商业分析
RU2018117661A (ru) 2015-10-15 2019-11-18 Виза Интернэшнл Сервис Ассосиэйшн Система мгновенной выдачи маркеров
EP3910908B1 (en) 2015-12-04 2024-04-17 Visa International Service Association Unique code for token verification
CA3009659C (en) 2016-01-07 2022-12-13 Visa International Service Association Systems and methods for device push provisioning
SG11201804419UA (en) * 2016-01-11 2018-06-28 Visa Int Service Ass Fast format-preserving encryption for variable length data
EP3411846A4 (en) 2016-02-01 2018-12-12 Visa International Service Association Systems and methods for code display and use
US11501288B2 (en) 2016-02-09 2022-11-15 Visa International Service Association Resource provider account token provisioning and processing
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
AU2016403734B2 (en) 2016-04-19 2022-11-17 Visa International Service Association Systems and methods for performing push transactions
US11250424B2 (en) 2016-05-19 2022-02-15 Visa International Service Association Systems and methods for creating subtokens using primary tokens
EP3466017B1 (en) 2016-06-03 2021-05-19 Visa International Service Association Subtoken management system for connected devices
US11068899B2 (en) 2016-06-17 2021-07-20 Visa International Service Association Token aggregation for multi-party transactions
CA3021357A1 (en) 2016-06-24 2017-12-28 Visa International Service Association Unique token authentication cryptogram
WO2018013431A2 (en) 2016-07-11 2018-01-18 Visa International Service Association Encryption key exchange process using access device
CN116739570A (zh) 2016-07-19 2023-09-12 维萨国际服务协会 分发令牌和管理令牌关系的方法
US10509779B2 (en) 2016-09-14 2019-12-17 Visa International Service Association Self-cleaning token vault
US10616223B2 (en) 2016-10-28 2020-04-07 Visa International Service Association System for data set translation of accounts
CN117009946A (zh) 2016-11-28 2023-11-07 维萨国际服务协会 供应到应用程序的访问标识符
US10915899B2 (en) 2017-03-17 2021-02-09 Visa International Service Association Replacing token on a multi-token user device
US10902418B2 (en) 2017-05-02 2021-01-26 Visa International Service Association System and method using interaction token
US11494765B2 (en) 2017-05-11 2022-11-08 Visa International Service Association Secure remote transaction system using mobile devices
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system
US11587073B1 (en) * 2017-12-15 2023-02-21 Worldpay, Llc Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting
US11921615B2 (en) * 2017-12-21 2024-03-05 Mastercard International Corporation Computer-implemented methods, computer-readable media and electronic devices for processing test electronic transactions
US11356257B2 (en) 2018-03-07 2022-06-07 Visa International Service Association Secure remote token release with online authentication
US11256789B2 (en) 2018-06-18 2022-02-22 Visa International Service Association Recurring token transactions
US20190385164A1 (en) * 2018-06-18 2019-12-19 First Data Corporation Instant digital issuance
US11887080B2 (en) 2018-06-18 2024-01-30 First Data Corporation Instant digital issuance
EP3837651A1 (en) * 2018-08-17 2021-06-23 Visa International Service Association Techniques for securely communicating sensitive data
SG11202101587SA (en) 2018-08-22 2021-03-30 Visa Int Service Ass Method and system for token provisioning and processing
US11551208B2 (en) 2018-10-04 2023-01-10 Verifone, Inc. Systems and methods for point-to-point encryption compliance
WO2020076854A2 (en) 2018-10-08 2020-04-16 Visa International Service Association Techniques for token proximity transactions
WO2020102484A1 (en) 2018-11-14 2020-05-22 Visa International Service Association Cloud token provisioning of multiple tokens
CN115660680A (zh) * 2019-01-09 2023-01-31 维萨国际服务协会 用于网络绑定代理重新加密和pin转换的方法、系统和计算机程序产品
US11748744B2 (en) 2019-04-03 2023-09-05 First Data Corporation Source independent consistent tokenization
US11144673B2 (en) 2019-04-04 2021-10-12 Bank Of America Corporation Centralized system for sensitive data conversion
SG11202108626QA (en) 2019-05-17 2021-09-29 Visa Int Service Ass Virtual access credential interaction system and method
RU2726144C1 (ru) * 2019-11-25 2020-07-09 Валерий Алексеевич Степанов Устройство криптографической защиты информации, передаваемой по сетям связи
US10657754B1 (en) * 2019-12-23 2020-05-19 Capital One Services, Llc Contactless card and personal identification system
US11995194B1 (en) 2020-03-06 2024-05-28 Wells Fargo Bank, N.A. Self-contained encrypted data and decryption application for third party data storage and data dissemination
US11223470B1 (en) 2020-03-06 2022-01-11 Wells Fargo Bank, N.A. Post-quantum cryptography side chain
EP4136575A4 (en) * 2020-04-16 2023-06-14 Visa International Service Association COMPUTER SYSTEM, METHOD AND PRODUCT-PROGRAM FOR SCRAMBLING SENSITIVE DATA
EP4016424A1 (en) * 2020-12-18 2022-06-22 Sita Information Networking Computing USA, Inc. Payment processing system and method therefor
CA3200218A1 (en) 2020-12-18 2022-06-23 Sita Information Networking Computing Usa, Inc. Payment processing system and method therefor
CN112583592A (zh) * 2020-12-29 2021-03-30 湖南万慧通科技有限公司 一种加密系统的工作方法
US20230089724A1 (en) * 2021-09-17 2023-03-23 Micro Focus Llc Method and Apparatus for Protecting Numbers and Strings Using Format-Preserving Encryption with Automatic Precision
US20230102292A1 (en) * 2021-09-29 2023-03-30 Moesif, Inc. Secure management of application programming interface (api) request information
US12021847B2 (en) * 2022-05-03 2024-06-25 Capital One Services, Llc Secure data exchange using format-preserving encryption
WO2023229571A1 (en) * 2022-05-23 2023-11-30 Visa International Service Association Secure and privacy preserving message routing system

Family Cites Families (477)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4423287A (en) 1981-06-26 1983-12-27 Visa U.S.A., Inc. End-to-end encryption system and method of operation
US5228084A (en) * 1991-02-28 1993-07-13 Gilbarco, Inc. Security apparatus and system for retail environments
US5613012A (en) 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
US6366682B1 (en) * 1994-11-28 2002-04-02 Indivos Corporation Tokenless electronic transaction system
US5671279A (en) 1995-11-13 1997-09-23 Netscape Communications Corporation Electronic commerce using a secure courier system
US5781438A (en) 1995-12-19 1998-07-14 Pitney Bowes Inc. Token generation process in an open metering system
US6044360A (en) 1996-04-16 2000-03-28 Picciallo; Michael J. Third party credit card
US5987140A (en) 1996-04-26 1999-11-16 Verifone, Inc. System, method and article of manufacture for secure network electronic payment and credit collection
US5745576A (en) 1996-05-17 1998-04-28 Visa International Service Association Method and apparatus for initialization of cryptographic terminal
US6253027B1 (en) 1996-06-17 2001-06-26 Hewlett-Packard Company System, method and article of manufacture for exchanging software and configuration data over a multichannel, extensible, flexible architecture
US5987132A (en) 1996-06-17 1999-11-16 Verifone, Inc. System, method and article of manufacture for conditionally accepting a payment method utilizing an extensible, flexible architecture
US6373950B1 (en) 1996-06-17 2002-04-16 Hewlett-Packard Company System, method and article of manufacture for transmitting messages within messages utilizing an extensible, flexible architecture
US5850446A (en) 1996-06-17 1998-12-15 Verifone, Inc. System, method and article of manufacture for virtual point of sale processing utilizing an extensible, flexible architecture
AU3492697A (en) 1996-06-17 1998-01-07 Verifone, Inc. A system, method and article of manufacture for a virtual point of sale processing utilizing a multichannel, extensible, flexible architecture
US6119105A (en) 1996-06-17 2000-09-12 Verifone, Inc. System, method and article of manufacture for initiation of software distribution from a point of certificate creation utilizing an extensible, flexible architecture
WO1998005011A2 (en) 1996-07-31 1998-02-05 Verifone, Inc. A system, method and article of manufacture for secure, stored value transactions over an open communication network utilizing an extensible, flexible architecture
US5978840A (en) 1996-09-26 1999-11-02 Verifone, Inc. System, method and article of manufacture for a payment gateway system architecture for processing encrypted payment transactions utilizing a multichannel, extensible, flexible architecture
US5931917A (en) 1996-09-26 1999-08-03 Verifone, Inc. System, method and article of manufacture for a gateway system architecture with system administration information accessible from a browser
US5913203A (en) 1996-10-03 1999-06-15 Jaesent Inc. System and method for pseudo cash transactions
US5953710A (en) 1996-10-09 1999-09-14 Fleming; Stephen S. Children's credit or debit card system
GB9624127D0 (en) 1996-11-20 1997-01-08 British Telecomm Transaction system
US8225089B2 (en) 1996-12-04 2012-07-17 Otomaku Properties Ltd., L.L.C. Electronic transaction systems utilizing a PEAD and a private key
US5917913A (en) 1996-12-04 1999-06-29 Wang; Ynjiun Paul Portable electronic authorization devices and methods therefor
US6175922B1 (en) 1996-12-04 2001-01-16 Esign, Inc. Electronic transaction systems and methods therefor
US6061665A (en) 1997-06-06 2000-05-09 Verifone, Inc. System, method and article of manufacture for dynamic negotiation of a network payment framework
US5949044A (en) 1997-06-13 1999-09-07 Walker Asset Management Limited Partnership Method and apparatus for funds and credit line transfers
US6163771A (en) 1997-08-28 2000-12-19 Walker Digital, Llc Method and device for generating a single-use financial account number
US7177835B1 (en) 1997-08-28 2007-02-13 Walker Digital, Llc Method and device for generating a single-use financial account number
US6128391A (en) 1997-09-22 2000-10-03 Visa International Service Association Method and apparatus for asymetric key management in a cryptographic system
US5883810A (en) 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions
US6000832A (en) 1997-09-24 1999-12-14 Microsoft Corporation Electronic online commerce card with customer generated transaction proxy number for online transactions
US6014635A (en) 1997-12-08 2000-01-11 Shc Direct, Inc. System and method for providing a discount credit transaction network
US6098053A (en) 1998-01-28 2000-08-01 Citibank, N.A. System and method for performing an electronic financial transaction
US6385596B1 (en) 1998-02-06 2002-05-07 Liquid Audio, Inc. Secure online music distribution system
US6980670B1 (en) 1998-02-09 2005-12-27 Indivos Corporation Biometric tokenless electronic rewards system and method
US6636833B1 (en) 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
US6422462B1 (en) 1998-03-30 2002-07-23 Morris E. Cohen Apparatus and methods for improved credit cards and credit card transactions
US7107246B2 (en) 1998-04-27 2006-09-12 Esignx Corporation Methods of exchanging secure messages
US6850916B1 (en) 1998-04-27 2005-02-01 Esignx Corporation Portable electronic charge and authorization devices and methods therefor
IL125826A (en) 1998-08-17 2001-05-20 Ur Jonathan Shem Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein
US6947908B1 (en) 1998-08-27 2005-09-20 Citibank, N.A. System and use for correspondent banking
WO2000022559A1 (en) 1998-08-27 2000-04-20 Citibank, N.A. System and use for correspondent banking
US8799153B2 (en) 1998-08-31 2014-08-05 Mastercard International Incorporated Systems and methods for appending supplemental payment data to a transaction message
US6327578B1 (en) 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
US7571139B1 (en) 1999-02-19 2009-08-04 Giordano Joseph A System and method for processing financial transactions
KR20010110740A (ko) * 1999-04-13 2001-12-13 추후제출 개인간, 개인과 사업체간, 사업체와 개인간 그리고사업체간 금융 거래 시스템
US6227447B1 (en) 1999-05-10 2001-05-08 First Usa Bank, Na Cardless payment system
US7194437B1 (en) 1999-05-14 2007-03-20 Amazon.Com, Inc. Computer-based funds transfer system
AU6061300A (en) 1999-06-30 2001-01-31 Ac Properties B.V. A system, method and article of manufacture for an electronic software distribution, post-download payment scheme with encryption capabilities
US7908216B1 (en) 1999-07-22 2011-03-15 Visa International Service Association Internet payment, authentication and loading system using virtual smart card
WO2001008066A1 (en) 1999-07-26 2001-02-01 Iprivacy Llc Electronic purchase of goods over a communication network including physical delivery while securing private and personal information
US8046305B1 (en) 1999-09-24 2011-10-25 Elavon, Inc. Gateway to transaction processing network
US6748367B1 (en) 1999-09-24 2004-06-08 Joonho John Lee Method and system for effecting financial transactions over a public network without submission of sensitive information
US8195565B2 (en) 1999-11-05 2012-06-05 Lead Core Fund, L.L.C. Systems and methods for point of interaction based policy routing of transactions
AU1598101A (en) 1999-11-10 2001-06-06 Serge M. Krasnyansky On-line payment system
AU2202001A (en) 1999-12-17 2001-06-25 Chantilley Corporation Limited Secure transaction systems
US7426750B2 (en) 2000-02-18 2008-09-16 Verimatrix, Inc. Network-based content distribution system
AU2001239945A1 (en) 2000-02-29 2001-09-12 E-Scoring, Inc. Systems and methods enabling anonymous credit transactions
TW550477B (en) 2000-03-01 2003-09-01 Passgate Corp Method, system and computer readable medium for Web site account and e-commerce management from a central location
US7865414B2 (en) 2000-03-01 2011-01-04 Passgate Corporation Method, system and computer readable medium for web site account and e-commerce management from a central location
WO2001067355A2 (en) 2000-03-07 2001-09-13 American Express Travel Related Services Company, Inc. System for facilitating a transaction
WO2001069556A2 (en) 2000-03-15 2001-09-20 Mastercard International Incorporated Method and system for secure payments over a computer network
WO2001075744A1 (en) 2000-04-03 2001-10-11 Incogno Corporation Method of and system for effecting anonymous credit card purchases over the internet
US7376629B1 (en) 2000-04-03 2008-05-20 Incogno Corporation Method of and system for effecting anonymous credit card purchases over the internet
US20100228668A1 (en) 2000-04-11 2010-09-09 Hogan Edward J Method and System for Conducting a Transaction Using a Proximity Device and an Identifier
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US20100223186A1 (en) 2000-04-11 2010-09-02 Hogan Edward J Method and System for Conducting Secure Payments
US6990470B2 (en) 2000-04-11 2006-01-24 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US7379919B2 (en) 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US8046256B2 (en) 2000-04-14 2011-10-25 American Express Travel Related Services Company, Inc. System and method for using loyalty rewards as currency
US20070129955A1 (en) 2000-04-14 2007-06-07 American Express Travel Related Services Company, Inc. System and method for issuing and using a loyalty point advance
CA2305249A1 (en) 2000-04-14 2001-10-14 Branko Sarcanin Virtual safe
US20040182921A1 (en) * 2000-05-09 2004-09-23 Dickson Timothy E. Card reader module with account encryption
US6592044B1 (en) 2000-05-15 2003-07-15 Jacob Y. Wong Anonymous electronic card for generating personal coupons useful in commercial and security transactions
US20020016749A1 (en) 2000-05-26 2002-02-07 Borecki Dennis C. Methods and systems for network based electronic purchasing system
US7237255B2 (en) 2000-06-16 2007-06-26 Entriq Inc. Method and system to dynamically present a payment gateway for content distributed via a network
US6891953B1 (en) 2000-06-27 2005-05-10 Microsoft Corporation Method and system for binding enhanced software features to a persona
US6938019B1 (en) 2000-08-29 2005-08-30 Uzo Chijioke Chukwuemeka Method and apparatus for making secure electronic payments
US20020029193A1 (en) 2000-09-01 2002-03-07 Infospace, Inc. Method and system for facilitating the transfer of funds utilizing a telephonic identifier
US7233920B1 (en) 2000-09-07 2007-06-19 Paymentech, L.P. System and apparatus for credit transaction data transmission
US20020073045A1 (en) 2000-10-23 2002-06-13 Rubin Aviel D. Off-line generation of limited-use credit card numbers
US7996288B1 (en) 2000-11-15 2011-08-09 Iprivacy, Llc Method and system for processing recurrent consumer transactions
US7562041B2 (en) 2001-01-09 2009-07-14 International Business Machines Corporation Method and apparatus for facilitating business processes
US6931382B2 (en) 2001-01-24 2005-08-16 Cdck Corporation Payment instrument authorization technique
US20020123972A1 (en) 2001-02-02 2002-09-05 Hodgson Robert B. Apparatus for and method of secure ATM debit card and credit card payment transactions via the internet
GB2372616A (en) 2001-02-23 2002-08-28 Hewlett Packard Co Transaction method and apparatus using two part tokens
US7292999B2 (en) 2001-03-15 2007-11-06 American Express Travel Related Services Company, Inc. Online card present transaction
US7237117B2 (en) 2001-03-16 2007-06-26 Kenneth P. Weiss Universal secure registry
EP1381987A4 (en) 2001-03-26 2010-09-22 3M Future Ltd TRANSACTION AUTHORIZATION SYSTEM
US20020147913A1 (en) 2001-04-09 2002-10-10 Lun Yip William Wai Tamper-proof mobile commerce system
US7136840B2 (en) 2001-04-20 2006-11-14 Intertrust Technologies Corp. Systems and methods for conducting transactions and communications using a trusted third party
US7650314B1 (en) 2001-05-25 2010-01-19 American Express Travel Related Services Company, Inc. System and method for securing a recurrent billing transaction
US8060448B2 (en) 2001-05-30 2011-11-15 Jones Thomas C Late binding tokens
JP4363800B2 (ja) 2001-06-11 2009-11-11 ソニー株式会社 電子商取引支援装置,電子商取引支援方法およびコンピュータプログラム
US7805378B2 (en) 2001-07-10 2010-09-28 American Express Travel Related Servicex Company, Inc. System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions
US20060237528A1 (en) 2001-07-10 2006-10-26 Fred Bishop Systems and methods for non-traditional payment
US6990471B1 (en) * 2001-08-02 2006-01-24 Oracle International Corp. Method and apparatus for secure electronic commerce
US8737954B2 (en) 2001-08-21 2014-05-27 Bookit Oy Ajanvarauspalvelu Managing recurring payments from mobile terminals
US7444676B1 (en) 2001-08-29 2008-10-28 Nader Asghari-Kamrani Direct authentication and authorization system and method for trusted network of financial institutions
US7103576B2 (en) 2001-09-21 2006-09-05 First Usa Bank, Na System for providing cardless payment
US7195154B2 (en) 2001-09-21 2007-03-27 Privasys, Inc. Method for generating customer secure card numbers
US6901387B2 (en) 2001-12-07 2005-05-31 General Electric Capital Financial Electronic purchasing method and apparatus for performing the same
US7805376B2 (en) 2002-06-14 2010-09-28 American Express Travel Related Services Company, Inc. Methods and apparatus for facilitating a transaction
US7472825B2 (en) * 2002-01-11 2009-01-06 Hand Held Products, Inc. Transaction terminal
US8190530B2 (en) 2002-01-30 2012-05-29 Visa U.S.A. Inc. Method and system for providing multiple services via a point-of-sale portal architecture
US7382637B1 (en) * 2002-02-01 2008-06-03 Netlogic Microsystems, Inc. Block-writable content addressable memory device
US7904360B2 (en) 2002-02-04 2011-03-08 Alexander William EVANS System and method for verification, authentication, and notification of a transaction
US9916581B2 (en) * 2002-02-05 2018-03-13 Square, Inc. Back end of payment system associated with financial transactions using card readers coupled to mobile devices
US7890393B2 (en) 2002-02-07 2011-02-15 Ebay, Inc. Method and system for completing a transaction between a customer and a merchant
AUPS087602A0 (en) 2002-03-04 2002-03-28 Ong, Yong Kin (Michael) Electronic fund transfer system
KR20030074853A (ko) * 2002-03-14 2003-09-22 주식회사 하렉스인포텍 휴대단말기를 이용한 상거래에서의 금융/id카드본인인증방법 및 그 장치
WO2003083619A2 (en) 2002-03-29 2003-10-09 Bank One, Delaware, N.A. System and process for performing purchase transaction using tokens
US20040210498A1 (en) 2002-03-29 2004-10-21 Bank One, National Association Method and system for performing purchase and other transactions using tokens with multiple chips
GB2387253B (en) 2002-04-03 2004-02-18 Swivel Technologies Ltd System and method for secure credit and debit card transactions
US20030191709A1 (en) 2002-04-03 2003-10-09 Stephen Elston Distributed payment and loyalty processing for retail and vending
US7707120B2 (en) 2002-04-17 2010-04-27 Visa International Service Association Mobile account authentication service
US7979348B2 (en) 2002-04-23 2011-07-12 Clearing House Payments Co Llc Payment identification code and payment system using the same
JP2004005643A (ja) 2002-05-30 2004-01-08 Internatl Business Mach Corp <Ibm> 定義されたパーティにより検証可能な匿名支払方法
US8412623B2 (en) 2002-07-15 2013-04-02 Citicorp Credit Services, Inc. Method and system for a multi-purpose transactional platform
US7209561B1 (en) 2002-07-19 2007-04-24 Cybersource Corporation System and method for generating encryption seed values
US20040127256A1 (en) 2002-07-30 2004-07-01 Scott Goldthwaite Mobile device equipped with a contactless smart card reader/writer
US7606560B2 (en) 2002-08-08 2009-10-20 Fujitsu Limited Authentication services using mobile device
US7801826B2 (en) 2002-08-08 2010-09-21 Fujitsu Limited Framework and system for purchasing of goods and services
US7353382B2 (en) 2002-08-08 2008-04-01 Fujitsu Limited Security framework and protocol for universal pervasive transactions
US6805287B2 (en) 2002-09-12 2004-10-19 American Express Travel Related Services Company, Inc. System and method for converting a stored value card to a credit card
US7548621B1 (en) * 2002-09-26 2009-06-16 Ncr Corporation System and method for securing a base derivation key for use in injection of derived unique key per transaction devices
EP1579298A4 (en) 2002-11-05 2006-08-09 Aaron Whiteman TELE-PURCHASING SYSTEM AND TECHNIQUE
US7107445B2 (en) * 2002-11-20 2006-09-12 International Business Machines Corporation Method and apparatus for secure processing of sensitive data
GB2396472A (en) 2002-12-18 2004-06-23 Ncr Int Inc System for cash withdrawal
US7827101B2 (en) 2003-01-10 2010-11-02 First Data Corporation Payment system clearing for transactions
TW200412524A (en) 2003-01-15 2004-07-16 Lee Fung Chi A small amount paying/receiving system
WO2004091170A2 (en) 2003-03-31 2004-10-21 Visa U.S.A. Inc. Method and system for secure authentication
US8082210B2 (en) 2003-04-29 2011-12-20 The Western Union Company Authentication for online money transfers
GB0318000D0 (en) 2003-07-31 2003-09-03 Ncr Int Inc Mobile applications
US7740168B2 (en) * 2003-08-18 2010-06-22 Visa U.S.A. Inc. Method and system for generating a dynamic verification value
US20050199709A1 (en) 2003-10-10 2005-09-15 James Linlor Secure money transfer between hand-held devices
US20050080730A1 (en) 2003-10-14 2005-04-14 First Data Corporation System and method for secure account transactions
US7567936B1 (en) 2003-10-14 2009-07-28 Paradox Technical Solutions Llc Method and apparatus for handling pseudo identities
US20050108178A1 (en) 2003-11-17 2005-05-19 Richard York Order risk determination
US7543739B2 (en) 2003-12-17 2009-06-09 Qsecure, Inc. Automated payment card fraud detection and location
CN1914895B (zh) 2004-01-20 2018-03-09 黄金富 利用电话进行安全金钱支付带锁银行电脑帐务系统和方法
US7580898B2 (en) 2004-03-15 2009-08-25 Qsecure, Inc. Financial transactions with dynamic personal account numbers
US7584153B2 (en) 2004-03-15 2009-09-01 Qsecure, Inc. Financial transactions with dynamic card verification values
GB0407369D0 (en) 2004-03-31 2004-05-05 British Telecomm Trust tokens
US20140019352A1 (en) 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
US20050269402A1 (en) 2004-06-03 2005-12-08 Tyfone, Inc. System and method for securing financial transactions
WO2005119608A1 (en) 2004-06-03 2005-12-15 Tyfone, Inc. System and method for securing financial transactions
US8412837B1 (en) 2004-07-08 2013-04-02 James A. Roskind Data privacy
US7264154B2 (en) 2004-07-12 2007-09-04 Harris David N System and method for securing a credit account
US7746846B2 (en) 2004-07-15 2010-06-29 Broadcom Corporation Method and system for a gigabit Ethernet IP telephone chip with integrated security module
US7287692B1 (en) 2004-07-28 2007-10-30 Cisco Technology, Inc. System and method for securing transactions in a contact center environment
US7506812B2 (en) * 2004-09-07 2009-03-24 Semtek Innovative Solutions Corporation Transparently securing data for transmission on financial networks
GB0420409D0 (en) 2004-09-14 2004-10-20 Waterleaf Ltd Online commercial transaction system and method of operation thereof
US7051929B2 (en) 2004-10-18 2006-05-30 Gongling Li Secure credit card having daily changed security number
US7548889B2 (en) 2005-01-24 2009-06-16 Microsoft Corporation Payment information security for multi-merchant purchasing environment for downloadable products
US20120089835A1 (en) * 2005-03-16 2012-04-12 Dt Labs, Llc System and Method for Automatic Authentication of an Item
US7849020B2 (en) 2005-04-19 2010-12-07 Microsoft Corporation Method and apparatus for network transactions
US20060235795A1 (en) 2005-04-19 2006-10-19 Microsoft Corporation Secure network commercial transactions
MX2007012648A (es) 2005-04-19 2007-12-13 Microsoft Corp Transacciones comerciales de red.
US20080035738A1 (en) 2005-05-09 2008-02-14 Mullen Jeffrey D Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US7793851B2 (en) 2005-05-09 2010-09-14 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
WO2006135779A2 (en) 2005-06-10 2006-12-21 American Express Travel Related Services Company, Inc. System and method for mass transit merchant payment
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US8205791B2 (en) 2005-10-11 2012-06-26 National Payment Card Association Payment system and methods
US8352376B2 (en) 2005-10-11 2013-01-08 Amazon Technologies, Inc. System and method for authorization of transactions
US7853995B2 (en) 2005-11-18 2010-12-14 Microsoft Corporation Short-lived certificate authority service
EP1955471A4 (en) 2005-12-01 2009-03-11 Firestar Software Inc SYSTEM AND METHOD FOR EXCHANGING INFORMATION BETWEEN EXCHANGE APPLICATIONS
US20070136193A1 (en) 2005-12-13 2007-06-14 Bellsouth Intellectual Property Corporation Methods, transactional cards, and systems using account identifers customized by the account holder
US8275312B2 (en) 2005-12-31 2012-09-25 Blaze Mobile, Inc. Induction triggered transactions using an external NFC device
US8352323B2 (en) 2007-11-30 2013-01-08 Blaze Mobile, Inc. Conducting an online payment transaction using an NFC enabled mobile communication device
US20070170247A1 (en) 2006-01-20 2007-07-26 Maury Samuel Friedman Payment card authentication system and method
WO2007085090A1 (en) 2006-01-30 2007-08-02 Cpni Inc. A system and method for authorizing a funds transfer or payment using a phone number
US8001055B2 (en) 2006-02-21 2011-08-16 Weiss Kenneth P Method, system and apparatus for secure access, payment and identification
US8234220B2 (en) 2007-02-21 2012-07-31 Weiss Kenneth P Universal secure registry
AU2007284296A1 (en) 2006-02-22 2008-02-21 Hypercom Corporation Secure electronic transaction system
US8453925B2 (en) 2006-03-02 2013-06-04 Visa International Service Association Method and system for performing two factor authentication in mail order and telephone order transactions
US8225385B2 (en) 2006-03-23 2012-07-17 Microsoft Corporation Multiple security token transactions
US7818264B2 (en) 2006-06-19 2010-10-19 Visa U.S.A. Inc. Track data encryption
US9065643B2 (en) * 2006-04-05 2015-06-23 Visa U.S.A. Inc. System and method for account identifier obfuscation
US20070245414A1 (en) 2006-04-14 2007-10-18 Microsoft Corporation Proxy Authentication and Indirect Certificate Chaining
US20070288377A1 (en) 2006-04-26 2007-12-13 Yosef Shaked System and method for authenticating a customer's identity and completing a secure credit card transaction without the use of a credit card number
US20070291995A1 (en) 2006-06-09 2007-12-20 Rivera Paul G System, Method, and Apparatus for Preventing Identity Fraud Associated With Payment and Identity Cards
US20080015988A1 (en) 2006-06-28 2008-01-17 Gary Brown Proxy card authorization system
US10019708B2 (en) 2006-08-25 2018-07-10 Amazon Technologies, Inc. Utilizing phrase tokens in transactions
US7469151B2 (en) 2006-09-01 2008-12-23 Vivotech, Inc. Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities
US20080228646A1 (en) 2006-10-04 2008-09-18 Myers James R Method and system for managing a non-changing payment card account number
US9123042B2 (en) 2006-10-17 2015-09-01 Verifone, Inc. Pin block replacement
US8769275B2 (en) * 2006-10-17 2014-07-01 Verifone, Inc. Batch settlement transactions system and method
US8769279B2 (en) * 2006-10-17 2014-07-01 Verifone, Inc. System and method for variable length encryption
AT506775A2 (de) 2006-11-16 2009-11-15 Net 1 Ueps Technologies Inc Gesicherte finanzielle transaktionen
US7848980B2 (en) 2006-12-26 2010-12-07 Visa U.S.A. Inc. Mobile payment system and method using alias
US20090006262A1 (en) 2006-12-30 2009-01-01 Brown Kerry D Financial transaction payment processor
CN101647220A (zh) * 2007-02-02 2010-02-10 塞姆泰克创新解决方案公司 Pin块替换
US7841539B2 (en) 2007-02-15 2010-11-30 Alfred Hewton Smart card with random temporary account number generation
US20080201264A1 (en) 2007-02-17 2008-08-21 Brown Kerry D Payment card financial transaction authenticator
US9846866B2 (en) * 2007-02-22 2017-12-19 First Data Corporation Processing of financial transactions using debit networks
US20080243702A1 (en) 2007-03-30 2008-10-02 Ricoh Company, Ltd. Tokens Usable in Value-Based Transactions
US7896238B2 (en) 2007-04-03 2011-03-01 Intellectual Ventures Holding 32 Llc Secured transaction using color coded account identifiers
US7938318B2 (en) 2007-04-03 2011-05-10 Intellectual Ventures Holding 32 Llc System and method for controlling secured transaction using directionally coded account identifiers
EP3575951A1 (en) 2007-04-17 2019-12-04 Visa USA, Inc. Method and system for authenticating a party to a transaction
US7959076B1 (en) 2007-04-26 2011-06-14 United Services Automobile Association (Usaa) Secure card
US7784685B1 (en) 2007-04-26 2010-08-31 United Services Automobile Association (Usaa) Secure card
US8109436B1 (en) 2007-04-26 2012-02-07 United Services Automobile Association (Usaa) Secure card
EP2156397B1 (en) 2007-05-17 2019-06-26 Shift4 Corporation Secure payment card transactions
US7770789B2 (en) 2007-05-17 2010-08-10 Shift4 Corporation Secure payment card transactions
US7841523B2 (en) 2007-05-17 2010-11-30 Shift4 Corporation Secure payment card transactions
US7891563B2 (en) 2007-05-17 2011-02-22 Shift4 Corporation Secure payment card transactions
EP1998279A1 (en) 2007-05-29 2008-12-03 First Data Corporation Secure payment transaction in multi-host environment
US7971261B2 (en) 2007-06-12 2011-06-28 Microsoft Corporation Domain management for digital media
US8121942B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Systems and methods for secure and transparent cardless transactions
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
JP2009015548A (ja) 2007-07-04 2009-01-22 Omron Corp 運転支援装置および方法、並びに、プログラム
US8326758B2 (en) 2007-08-06 2012-12-04 Enpulz, L.L.C. Proxy card representing many monetary sources from a plurality of vendors
WO2009018683A1 (fr) 2007-08-08 2009-02-12 Kamfu Wong Méthode et système de paiement à certification par carte à puce doté d'un écran et d'un clavier, utilisant un code chiffré dynamique à usage unique
US8494959B2 (en) 2007-08-17 2013-07-23 Emc Corporation Payment card with dynamic account number
US20090055323A1 (en) * 2007-08-22 2009-02-26 Total System Services, Inc. System and method for providing custom personal identification numbers at point of sale
US7849014B2 (en) 2007-08-29 2010-12-07 American Express Travel Related Services Company, Inc. System and method for facilitating a financial transaction with a dynamically generated identifier
US9070129B2 (en) 2007-09-04 2015-06-30 Visa U.S.A. Inc. Method and system for securing data fields
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
US9747598B2 (en) 2007-10-02 2017-08-29 Iii Holdings 1, Llc Dynamic security code push
US8095113B2 (en) 2007-10-17 2012-01-10 First Data Corporation Onetime passwords for smart chip cards
US20090106160A1 (en) 2007-10-19 2009-04-23 First Data Corporation Authorizations for mobile contactless payment transactions
CN101425894B (zh) 2007-10-30 2012-03-21 阿里巴巴集团控股有限公司 一种业务实现系统及方法
US20090154696A1 (en) 2007-11-05 2009-06-18 Gilbarco Inc. System and Method for Secure Keypad Protocol Emulation in a Fuel Dispenser Environment
US8249985B2 (en) 2007-11-29 2012-08-21 Bank Of America Corporation Sub-account mechanism
US20090157555A1 (en) 2007-12-12 2009-06-18 American Express Travel Related Services Company, Bill payment system and method
US8145569B2 (en) 2007-12-13 2012-03-27 Google Inc. Multiple party on-line transactions
US8117129B2 (en) 2007-12-21 2012-02-14 American Express Travel Related Services Company, Inc. Systems, methods and computer program products for performing mass transit merchant transactions
US10579920B2 (en) 2007-12-24 2020-03-03 Dynamics Inc. Systems and methods for programmable payment cards and devices with loyalty-based payment applications
US8224702B2 (en) 2007-12-28 2012-07-17 Ebay, Inc. Systems and methods for facilitating financial transactions over a network
WO2009089099A1 (en) 2008-01-04 2009-07-16 M2 International Ltd. Dynamic card verification value
FR2926938B1 (fr) 2008-01-28 2010-03-19 Paycool Dev Procede d'authentification et de signature d'un utilisateur aupres d'un service applicatif, utilisant un telephone mobile comme second facteur en complement et independamment d'un premier facteur
US8255971B1 (en) 2008-03-03 2012-08-28 Jpmorgan Chase Bank, N.A. Authentication system and method
US8578176B2 (en) 2008-03-26 2013-11-05 Protegrity Corporation Method and apparatus for tokenization of sensitive sets of characters
US20090248583A1 (en) 2008-03-31 2009-10-01 Jasmeet Chhabra Device, system, and method for secure online transactions
US20090327131A1 (en) 2008-04-29 2009-12-31 American Express Travel Related Services Company, Inc. Dynamic account authentication using a mobile device
US20090276347A1 (en) 2008-05-01 2009-11-05 Kargman James B Method and apparatus for use of a temporary financial transaction number or code
US9715709B2 (en) 2008-05-09 2017-07-25 Visa International Services Association Communication device including multi-part alias identifier
US8651374B2 (en) 2008-06-02 2014-02-18 Sears Brands, L.L.C. System and method for payment card industry enterprise account number elimination
US20090307140A1 (en) 2008-06-06 2009-12-10 Upendra Mardikar Mobile device over-the-air (ota) registration and point-of-sale (pos) payment
US20100057621A1 (en) 2008-06-30 2010-03-04 Faith Patrick L Payment processing system secure healthcare data trafficking
US9269010B2 (en) 2008-07-14 2016-02-23 Jumio Inc. Mobile phone payment system using integrated camera credit card reader
US8090650B2 (en) 2008-07-24 2012-01-03 At&T Intellectual Property I, L.P. Secure payment service and system for interactive voice response (IVR) systems
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9053474B2 (en) 2008-08-04 2015-06-09 At&T Mobility Ii Llc Systems and methods for handling point-of-sale transactions using a mobile device
US8281991B2 (en) 2008-08-07 2012-10-09 Visa U.S.A. Inc. Transaction secured in an untrusted environment
US20100049658A1 (en) 2008-08-22 2010-02-25 Javier Sanchez Secure electronic transaction system
US8403211B2 (en) 2008-09-04 2013-03-26 Metabank System, program product and methods for retail activation and reload associated with partial authorization transactions
US8965811B2 (en) 2008-10-04 2015-02-24 Mastercard International Incorporated Methods and systems for using physical payment cards in secure E-commerce transactions
US20100094755A1 (en) 2008-10-09 2010-04-15 Nelnet Business Solutions, Inc. Providing payment data tokens for online transactions utilizing hosted inline frames
US20100106644A1 (en) 2008-10-23 2010-04-29 Diversinet Corp. System and Method for Authorizing Transactions Via Mobile Devices
US8126449B2 (en) 2008-11-13 2012-02-28 American Express Travel Related Services Company, Inc. Servicing attributes on a mobile device
US8196813B2 (en) 2008-12-03 2012-06-12 Ebay Inc. System and method to allow access to a value holding account
US8838503B2 (en) 2008-12-08 2014-09-16 Ebay Inc. Unified identity verification
US20100161494A1 (en) 2008-12-24 2010-06-24 Intuit Inc. Technique for performing financial transactions over a network
US8060449B1 (en) 2009-01-05 2011-11-15 Sprint Communications Company L.P. Partially delegated over-the-air provisioning of a secure element
US20100179909A1 (en) * 2009-01-14 2010-07-15 Jubin Dana User defined udk
US10354321B2 (en) 2009-01-22 2019-07-16 First Data Corporation Processing transactions with an extended application ID and dynamic cryptograms
US10037524B2 (en) 2009-01-22 2018-07-31 First Data Corporation Dynamic primary account number (PAN) and unique key per card
US8606638B2 (en) 2009-03-02 2013-12-10 First Data Corporation Systems, methods and apparatus for facilitating transactions using a mobile device
US20100235284A1 (en) 2009-03-13 2010-09-16 Gidah, Inc. Method and systems for generating and using tokens in a transaction handling system
US8595098B2 (en) 2009-03-18 2013-11-26 Network Merchants, Inc. Transmission of sensitive customer information during electronic-based transactions
US8567670B2 (en) 2009-03-27 2013-10-29 Intersections Inc. Dynamic card verification values and credit transactions
US8584251B2 (en) 2009-04-07 2013-11-12 Princeton Payment Solutions Token-based payment processing system
US20100258620A1 (en) 2009-04-10 2010-10-14 Denise Torreyson Methods and systems for linking multiple accounts
US9572025B2 (en) 2009-04-16 2017-02-14 Telefonaktiebolaget Lm Ericsson (Publ) Method, server, computer program and computer program product for communicating with secure element
WO2010126509A2 (en) 2009-04-30 2010-11-04 Donald Michael Cardina Systems and methods for randomized mobile payment
US8725122B2 (en) 2009-05-13 2014-05-13 First Data Corporation Systems and methods for providing trusted service management services
US9704159B2 (en) 2009-05-15 2017-07-11 Entit Software Llc Purchase transaction system with encrypted transaction information
US10140598B2 (en) 2009-05-20 2018-11-27 Visa International Service Association Device including encrypted data for expiration date and verification value creation
US20100306076A1 (en) 2009-05-29 2010-12-02 Ebay Inc. Trusted Integrity Manager (TIM)
EP2438580A2 (en) * 2009-06-02 2012-04-11 Voltage Security, Inc. Purchase transaction system with encrypted payment card data
US10748146B2 (en) * 2009-06-16 2020-08-18 Heartland Payment Systems, Llc Tamper-resistant secure methods, systems and apparatuses for credit and debit transactions
TWI402775B (zh) 2009-07-16 2013-07-21 Mxtran Inc 金融交易系統、自動櫃員機、與操作自動櫃員機的方法
US8504475B2 (en) 2009-08-10 2013-08-06 Visa International Service Association Systems and methods for enrolling users in a payment service
US8818882B2 (en) 2009-08-24 2014-08-26 Visa International Service Association Alias identity and reputation validation engine
US20110083018A1 (en) 2009-10-06 2011-04-07 Validity Sensors, Inc. Secure User Authentication
WO2011047034A2 (en) 2009-10-13 2011-04-21 Square, Inc. Systems and methods for decoding card swipe signals
US8447699B2 (en) 2009-10-13 2013-05-21 Qualcomm Incorporated Global secure service provider directory
BR112012008846A2 (pt) 2009-10-16 2019-09-24 Visa Int Service Ass método e sistema anti-fraude por indução
US20110238580A1 (en) * 2009-10-23 2011-09-29 Apriva, Llc System and device for consolidating sim, personal token, and associated applications for secure transmission of sensitive data
US20110246317A1 (en) 2009-10-23 2011-10-06 Apriva, Llc System and device for facilitating a transaction through use of a proxy account code
US8296568B2 (en) 2009-10-27 2012-10-23 Google Inc. Systems and methods for authenticating an electronic transaction
US8433116B2 (en) 2009-11-03 2013-04-30 Mela Sciences, Inc. Showing skin lesion information
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
US8595812B2 (en) 2009-12-18 2013-11-26 Sabre Inc. Tokenized data security
US9324066B2 (en) 2009-12-21 2016-04-26 Verizon Patent And Licensing Inc. Method and system for providing virtual credit card services
US8788429B2 (en) 2009-12-30 2014-07-22 First Data Corporation Secure transaction management
CN109118241A (zh) 2010-01-19 2019-01-01 维萨国际服务协会 远程可变认证处理
AU2011207551C1 (en) 2010-01-19 2015-05-14 Visa International Service Association Token based transaction authentication
US8615468B2 (en) 2010-01-27 2013-12-24 Ca, Inc. System and method for generating a dynamic card value
US9501773B2 (en) 2010-02-02 2016-11-22 Xia Dai Secured transaction system
WO2011106716A1 (en) 2010-02-25 2011-09-01 Secureauth Corporation Security device provisioning
US8458487B1 (en) 2010-03-03 2013-06-04 Liaison Technologies, Inc. System and methods for format preserving tokenization of sensitive information
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
CN102947846A (zh) 2010-03-07 2013-02-27 吉尔巴科公司 燃料分配器支付系统和方法
US8887308B2 (en) 2010-03-21 2014-11-11 William Grecia Digital cloud access (PDMAS part III)
US8533860B1 (en) 2010-03-21 2013-09-10 William Grecia Personalized digital media access system—PDMAS part II
US8402555B2 (en) 2010-03-21 2013-03-19 William Grecia Personalized digital media access system (PDMAS)
US20110238573A1 (en) 2010-03-25 2011-09-29 Computer Associates Think, Inc. Cardless atm transaction method and system
US8666823B2 (en) * 2010-04-05 2014-03-04 Voltage Security, Inc. System for structured encryption of payment card track data
US8380177B2 (en) 2010-04-09 2013-02-19 Paydiant, Inc. Mobile phone payment processing methods and systems
US8336088B2 (en) 2010-04-19 2012-12-18 Visa International Service Association Alias management and value transfer claim processing
US20120030047A1 (en) 2010-06-04 2012-02-02 Jacob Fuentes Payment tokenization apparatuses, methods and systems
US8442914B2 (en) 2010-07-06 2013-05-14 Mastercard International Incorporated Virtual wallet account with automatic-loading
US8571939B2 (en) 2010-07-07 2013-10-29 Toshiba Global Commerce Solutions Holdings Corporation Two phase payment link and authorization for mobile devices
US8453226B2 (en) 2010-07-16 2013-05-28 Visa International Service Association Token validation for advanced authorization
WO2012012445A2 (en) 2010-07-19 2012-01-26 Universal Commerce, Inc. Mobile system and method for payments and non-financial transactions
US20120028609A1 (en) 2010-07-27 2012-02-02 John Hruska Secure financial transaction system using a registered mobile device
US9342832B2 (en) 2010-08-12 2016-05-17 Visa International Service Association Securing external systems with account token substitution
CN101938520B (zh) 2010-09-07 2015-01-28 中兴通讯股份有限公司 一种基于移动终端签名的远程支付系统及方法
US20120066078A1 (en) 2010-09-10 2012-03-15 Bank Of America Corporation Overage service using overage passcode
US8737623B2 (en) * 2010-09-13 2014-05-27 Magtek, Inc. Systems and methods for remotely loading encryption keys in a card reader systems
US8898086B2 (en) 2010-09-27 2014-11-25 Fidelity National Information Services Systems and methods for transmitting financial account information
US20120095852A1 (en) 2010-10-15 2012-04-19 John Bauer Method and system for electronic wallet access
US9558481B2 (en) 2010-09-28 2017-01-31 Barclays Bank Plc Secure account provisioning
US20120095865A1 (en) 2010-10-15 2012-04-19 Ezpayy, Inc. System And Method For Mobile Electronic Purchasing
US10176477B2 (en) 2010-11-16 2019-01-08 Mastercard International Incorporated Methods and systems for universal payment account translation
US8577336B2 (en) 2010-11-18 2013-11-05 Mobilesphere Holdings LLC System and method for transaction authentication using a mobile communication device
WO2012073014A1 (en) 2010-11-29 2012-06-07 Mobay Technologies Limited A system for verifying electronic transactions
US9141945B2 (en) 2010-12-02 2015-09-22 Appmobi Iplc, Inc. Secure distributed single action payment system
US20120143769A1 (en) 2010-12-02 2012-06-07 Microsoft Corporation Commerce card
US8762284B2 (en) 2010-12-16 2014-06-24 Democracyontheweb, Llc Systems and methods for facilitating secure transactions
US8807440B1 (en) 2010-12-17 2014-08-19 Google Inc. Routing secure element payment requests to an alternate application
US20120158580A1 (en) 2010-12-20 2012-06-21 Antonio Claudiu Eram System, Method and Apparatus for Mobile Payments Enablement and Order Fulfillment
US9262760B2 (en) 2010-12-22 2016-02-16 Gilbarco Inc. Fuel dispensing payment system for secure evaluation of cardholder data
US20120173431A1 (en) 2010-12-30 2012-07-05 First Data Corporation Systems and methods for using a token as a payment in a transaction
US20120185386A1 (en) 2011-01-18 2012-07-19 Bank Of America Authentication tool
WO2012098555A1 (en) 2011-01-20 2012-07-26 Google Inc. Direct carrier billing
US8725644B2 (en) 2011-01-28 2014-05-13 The Active Network, Inc. Secure online transaction processing
US20120203666A1 (en) 2011-02-09 2012-08-09 Tycoon Unlimited, Inc. Contactless wireless transaction processing system
US20120203664A1 (en) 2011-02-09 2012-08-09 Tycoon Unlimited, Inc. Contactless wireless transaction processing system
WO2012116221A1 (en) 2011-02-23 2012-08-30 Mastercard International, Inc. Demand deposit account payment system
AU2012223415B2 (en) 2011-02-28 2017-05-18 Visa International Service Association Secure anonymous transaction apparatuses, methods and systems
WO2012122049A2 (en) 2011-03-04 2012-09-13 Visa International Service Association Integration of payment capability into secure elements of computers
US20120233004A1 (en) 2011-03-11 2012-09-13 James Bercaw System for mobile electronic commerce
US20120231844A1 (en) 2011-03-11 2012-09-13 Apriva, Llc System and device for facilitating a transaction by consolidating sim, personal token, and associated applications for electronic wallet transactions
US20120246071A1 (en) 2011-03-21 2012-09-27 Nikhil Jain System and method for presentment of nonconfidential transaction token identifier
US9883387B2 (en) 2011-03-24 2018-01-30 Visa International Service Association Authentication using application authentication element
US9280765B2 (en) 2011-04-11 2016-03-08 Visa International Service Association Multiple tokenization for authentication
WO2012142370A2 (en) 2011-04-15 2012-10-18 Shift4 Corporation Method and system for enabling merchants to share tokens
US9256874B2 (en) 2011-04-15 2016-02-09 Shift4 Corporation Method and system for enabling merchants to share tokens
US8688589B2 (en) 2011-04-15 2014-04-01 Shift4 Corporation Method and system for utilizing authorization factor pools
US9818111B2 (en) 2011-04-15 2017-11-14 Shift4 Corporation Merchant-based token sharing
US20120271770A1 (en) 2011-04-20 2012-10-25 Visa International Service Association Managing electronic tokens in a transaction processing system
WO2012151590A2 (en) 2011-05-05 2012-11-08 Transaction Network Services, Inc. Systems and methods for enabling mobile payments
US20130204793A1 (en) 2011-05-17 2013-08-08 Kevin S. Kerridge Smart communication device secured electronic payment system
US8752127B2 (en) 2011-05-26 2014-06-10 First Data Corporation Systems and methods for identifying devices by a trusted service manager
US8943574B2 (en) 2011-05-27 2015-01-27 Vantiv, Llc Tokenizing sensitive data
US10395256B2 (en) 2011-06-02 2019-08-27 Visa International Service Association Reputation management in a transaction processing system
US8577803B2 (en) 2011-06-03 2013-11-05 Visa International Service Association Virtual wallet card selection apparatuses, methods and systems
US8538845B2 (en) 2011-06-03 2013-09-17 Mozido, Llc Monetary transaction system
US10318932B2 (en) 2011-06-07 2019-06-11 Entit Software Llc Payment card processing system with structure preserving encryption
WO2013101297A1 (en) 2011-06-07 2013-07-04 Visa International Service Association Payment privacy tokenization apparatuses, methods and systems
WO2012167941A1 (en) 2011-06-09 2012-12-13 Gemalto Sa Method to validate a transaction between a user and a service provider
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9639828B2 (en) 2011-07-15 2017-05-02 Visa International Service Association Method and system for hosted order page/silent order post plus fraud detection
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US20130054337A1 (en) 2011-08-22 2013-02-28 American Express Travel Related Services Company, Inc. Methods and systems for contactless payments for online ecommerce checkout
WO2013028901A2 (en) 2011-08-23 2013-02-28 Visa International Service Association Authentication process for value transfer machine
WO2013028910A2 (en) 2011-08-23 2013-02-28 Visa International Service Association Mobile funding method and system
US10032171B2 (en) 2011-08-30 2018-07-24 Simplytapp, Inc. Systems and methods for secure application-based participation in an interrogation by mobile device
US20130339253A1 (en) 2011-08-31 2013-12-19 Dan Moshe Sincai Mobile Device Based Financial Transaction System
US8171525B1 (en) 2011-09-15 2012-05-01 Google Inc. Enabling users to select between secure service providers using a central trusted service manager
US8838982B2 (en) 2011-09-21 2014-09-16 Visa International Service Association Systems and methods to secure user identification
US8453223B2 (en) 2011-09-23 2013-05-28 Jerome Svigals Method, device and system for secure transactions
US20140310113A1 (en) 2011-10-01 2014-10-16 Uttam Sengupta Cloud based credit card emulation
CN104106276B (zh) 2011-10-12 2019-03-19 万事达移动交易方案公司 多层安全移动交易使能平台
US9229964B2 (en) 2011-10-27 2016-01-05 Visa International Business Machines Corporation Database cloning and migration for quality assurance
US9830596B2 (en) 2011-11-01 2017-11-28 Stripe, Inc. Method for conducting a transaction between a merchant site and a customer's electronic device without exposing payment information to a server-side application of the merchant site
CA2854277C (en) 2011-11-01 2016-06-07 Jvl Ventures, Llc Systems, methods, and computer program products for managing secure elements
US8606720B1 (en) 2011-11-13 2013-12-10 Google Inc. Secure storage of payment information on client devices
US20130124364A1 (en) 2011-11-13 2013-05-16 Millind Mittal System and method of electronic payment using payee provided transaction identification codes
US9348896B2 (en) 2011-12-05 2016-05-24 Visa International Service Association Dynamic network analytics system
US8555079B2 (en) 2011-12-06 2013-10-08 Wwpass Corporation Token management
US8972719B2 (en) 2011-12-06 2015-03-03 Wwpass Corporation Passcode restoration
US8656180B2 (en) 2011-12-06 2014-02-18 Wwpass Corporation Token activation
US20130159178A1 (en) 2011-12-14 2013-06-20 Firethorn Mobile, Inc. System and Method For Loading A Virtual Token Managed By A Mobile Wallet System
US20130159184A1 (en) 2011-12-15 2013-06-20 Visa International Service Association System and method of using load network to associate product or service with a consumer token
US20140040139A1 (en) 2011-12-19 2014-02-06 Sequent Software, Inc. System and method for dynamic temporary payment authorization in a portable communication device
US9053481B2 (en) 2011-12-21 2015-06-09 Mastercard International Incorporated Methods and systems for providing a payment account with adaptive interchange
US9077769B2 (en) 2011-12-29 2015-07-07 Blackberry Limited Communications system providing enhanced trusted service manager (TSM) verification features and related methods
US20130254117A1 (en) 2011-12-30 2013-09-26 Clay W. von Mueller Secured transaction system and method
SG11201403861XA (en) * 2012-01-05 2014-08-28 Visa Int Service Ass Data protection with translation
US8566168B1 (en) 2012-01-05 2013-10-22 Sprint Communications Company L.P. Electronic payment using a proxy account number stored in a secure element
WO2013113004A1 (en) 2012-01-26 2013-08-01 Visa International Service Association System and method of providing tokenization as a service
US10643191B2 (en) 2012-01-27 2020-05-05 Visa International Service Association Mobile services remote deposit capture
US8595850B2 (en) 2012-01-30 2013-11-26 Voltage Security, Inc. System for protecting sensitive data with distributed tokenization
EP2624190A1 (en) 2012-02-03 2013-08-07 Pieter Dubois Authentication of payment transactions using an alias
WO2013116726A1 (en) 2012-02-03 2013-08-08 Ebay Inc. Adding card to mobile wallet using nfc
US20130212024A1 (en) 2012-02-10 2013-08-15 Protegrity Corporation Tokenization in distributed payment environments
US20130212017A1 (en) 2012-02-14 2013-08-15 N.B. Development Services Inc. Transaction system and method of conducting a transaction
US20130226813A1 (en) 2012-02-23 2013-08-29 Robert Matthew Voltz Cyberspace Identification Trust Authority (CITA) System and Method
US20130246199A1 (en) 2012-03-14 2013-09-19 Mark Carlson Point-of-transaction account feature redirection apparatuses, methods and systems
US20130246267A1 (en) 2012-03-15 2013-09-19 Ebay Inc. Systems, Methods, and Computer Program Products for Using Proxy Accounts
US9092776B2 (en) 2012-03-15 2015-07-28 Qualcomm Incorporated System and method for managing payment in transactions with a PCD
US9105021B2 (en) 2012-03-15 2015-08-11 Ebay, Inc. Systems, methods, and computer program products for using proxy accounts
US20130246259A1 (en) 2012-03-15 2013-09-19 Firethorn Mobile, Inc. System and method for managing payment in transactions with a pcd
US9818098B2 (en) 2012-03-20 2017-11-14 First Data Corporation Systems and methods for facilitating payments via a peer-to-peer protocol
US20130254102A1 (en) 2012-03-20 2013-09-26 First Data Corporation Systems and Methods for Distributing Tokenization and De-Tokenization Services
US20130254028A1 (en) 2012-03-22 2013-09-26 Corbuss Kurumsal Telekom Hizmetleri A.S. System and method for conducting mobile commerce
US20130262315A1 (en) 2012-03-30 2013-10-03 John Hruska System for Secure Purchases Made by Scanning Barcode Using a Registered Mobile Phone Application Linked to a Consumer-Merchant Closed Loop Financial Proxy Account System
US10515359B2 (en) 2012-04-02 2019-12-24 Mastercard International Incorporated Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements
WO2013151807A1 (en) 2012-04-02 2013-10-10 Jvl Ventures, Llc Systems, methods, and computer program products for provisioning payment accounts into mobile wallets and managing events
EP2836971B1 (en) 2012-04-13 2017-12-13 Mastercard International, Inc. Systems, methods, and computer readable media for conducting a transaction using cloud based credentials
WO2013158419A1 (en) 2012-04-18 2013-10-24 Google Inc. Processing payment transactions without a secure element
US20130282588A1 (en) 2012-04-22 2013-10-24 John Hruska Consumer, Merchant and Mobile Device Specific, Real-Time Dynamic Tokenization Activation within a Secure Mobile-Wallet Financial Transaction System
US10275764B2 (en) 2012-05-04 2019-04-30 Mastercard International Incorporated Transaction data tokenization
WO2013166501A1 (en) 2012-05-04 2013-11-07 Visa International Service Association System and method for local data conversion
US9521548B2 (en) 2012-05-21 2016-12-13 Nexiden, Inc. Secure registration of a mobile device for use with a session
US20130311382A1 (en) 2012-05-21 2013-11-21 Klaus S. Fosmark Obtaining information for a payment transaction
WO2013179271A2 (en) 2012-06-01 2013-12-05 Mani Venkatachalam Sthanu Subra Method and system for human assisted secure payment by phone to an insecure third-party service provider
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US20140007213A1 (en) 2012-06-29 2014-01-02 Wepay, Inc. Systems and methods for push notification based application authentication and authorization
US9059972B2 (en) 2012-07-03 2015-06-16 International Business Machines Corporation Issuing, presenting and challenging mobile device identification documents
WO2014008403A1 (en) 2012-07-03 2014-01-09 Visa International Service Association Data protection hub
US9043609B2 (en) 2012-07-19 2015-05-26 Bank Of America Corporation Implementing security measures for authorized tokens used in mobile transactions
US20140025581A1 (en) 2012-07-19 2014-01-23 Bank Of America Corporation Mobile transactions using authorized tokens
US20140025585A1 (en) 2012-07-19 2014-01-23 Bank Of America Corporation Distributing authorized tokens to conduct mobile transactions
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US10152711B2 (en) 2012-07-31 2018-12-11 Worldpay, Llc Systems and methods for arbitraged enhanced payment processing
US10346838B2 (en) 2012-07-31 2019-07-09 Worldpay, Llc Systems and methods for distributed enhanced payment processing
US10339524B2 (en) 2012-07-31 2019-07-02 Worldpay, Llc Systems and methods for multi-merchant tokenization
ES2680152T3 (es) 2012-08-03 2018-09-04 OneSpan International GmbH Método y aparato de autenticación conveniente para el usuario usando una aplicación de autenticación móvil
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
CN104813349A (zh) 2012-08-17 2015-07-29 谷歌公司 无线读取器和支付交易终端功能
US20140068706A1 (en) 2012-08-28 2014-03-06 Selim Aissi Protecting Assets on a Device
AU2013315510B2 (en) 2012-09-11 2019-08-22 Visa International Service Association Cloud-based Virtual Wallet NFC Apparatuses, methods and systems
US9390412B2 (en) 2012-10-16 2016-07-12 Visa International Service Association Dynamic point of sale system integrated with reader device
WO2014066559A1 (en) 2012-10-23 2014-05-01 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US20140164243A1 (en) 2012-12-07 2014-06-12 Christian Aabye Dynamic Account Identifier With Return Real Account Identifier
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US9249241B2 (en) 2013-03-27 2016-02-02 Ut-Battelle, Llc Surface-functionalized mesoporous carbon materials
US20140310183A1 (en) 2013-04-15 2014-10-16 Lance Weber Embedded acceptance system
US20140331265A1 (en) 2013-05-01 2014-11-06 Microsoft Corporation Integrated interactive television entertainment system
US20140330722A1 (en) 2013-05-02 2014-11-06 Prasanna Laxminarayanan System and method for using an account sequence identifier
US11055710B2 (en) 2013-05-02 2021-07-06 Visa International Service Association Systems and methods for verifying and processing transactions using virtual currency
US9760886B2 (en) 2013-05-10 2017-09-12 Visa International Service Association Device provisioning using partial personalization scripts
EP2997532A4 (en) 2013-05-15 2016-05-11 Visa Int Service Ass MOBILE TOKENIZATION HUB
US10878422B2 (en) 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
KR102255458B1 (ko) 2013-07-15 2021-05-25 비자 인터네셔널 서비스 어소시에이션 보안 원격 지불 거래 처리
CA2919199C (en) 2013-07-24 2020-06-16 Visa International Service Association Systems and methods for communicating risk using token assurance data
US10510073B2 (en) 2013-08-08 2019-12-17 Visa International Service Association Methods and systems for provisioning mobile devices with payment credentials
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
EP3033725A4 (en) 2013-08-15 2017-05-03 Visa International Service Association Secure remote payment transaction processing using a secure element
WO2015042548A1 (en) 2013-09-20 2015-03-26 Visa International Service Association Secure remote payment transaction processing including consumer authentication
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
EP3937108A1 (en) 2013-10-11 2022-01-12 Visa International Service Association Network token system
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
US20150127529A1 (en) 2013-11-05 2015-05-07 Oleg Makhotin Methods and systems for mobile payment application selection and management using an application linker
US20150142673A1 (en) 2013-11-18 2015-05-21 Mark Nelsen Methods and systems for token request management
US9516487B2 (en) 2013-11-19 2016-12-06 Visa International Service Association Automated account provisioning
US20150161597A1 (en) 2013-12-09 2015-06-11 Kaushik Subramanian Transactions using temporary credential data
CA2931093A1 (en) 2013-12-19 2015-06-25 Visa International Service Association Cloud-based transactions methods and systems
US10445718B2 (en) 2013-12-27 2019-10-15 Visa International Service Association Processing a transaction using multiple application identifiers
US10108409B2 (en) 2014-01-03 2018-10-23 Visa International Service Association Systems and methods for updatable applets
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US20150199679A1 (en) 2014-01-13 2015-07-16 Karthikeyan Palanisamy Multiple token provisioning
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
CA2936985A1 (en) 2014-02-04 2015-08-13 Visa International Service Association Token verification using limited use certificates
EP3120310A4 (en) 2014-03-18 2017-12-27 Visa International Service Association Systems and methods for locally derived tokens
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
WO2015171625A1 (en) 2014-05-05 2015-11-12 Visa International Service Association System and method for token domain control
WO2015175696A1 (en) 2014-05-13 2015-11-19 Visa International Service Association Master applet for secure remote payment processing
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US9779345B2 (en) 2014-08-11 2017-10-03 Visa International Service Association Mobile device with scannable image including dynamic data
EP3195521B1 (en) 2014-08-29 2020-03-04 Visa International Service Association Methods for secure cryptogram generation
RU2019124722A (ru) 2014-09-26 2019-10-01 Виза Интернэшнл Сервис Ассосиэйшн Система и способы предоставления зашифрованных данных удаленного сервера
US11257074B2 (en) 2014-09-29 2022-02-22 Visa International Service Association Transaction risk based token
WO2016058006A1 (en) 2014-10-10 2016-04-14 Visa International Service Association Methods and systems for partial personalization during mobile application update
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
US11501288B2 (en) 2016-02-09 2022-11-15 Visa International Service Association Resource provider account token provisioning and processing

Also Published As

Publication number Publication date
US20220156732A1 (en) 2022-05-19
EP2801061A1 (en) 2014-11-12
EP3770839A1 (en) 2021-01-27
US11276058B2 (en) 2022-03-15
RU2017131424A (ru) 2019-02-06
EP2801061B1 (en) 2020-08-26
US10147089B2 (en) 2018-12-04
WO2013103991A1 (en) 2013-07-11
CN104094302A (zh) 2014-10-08
EP2801061A4 (en) 2015-06-03
CN109508983A (zh) 2019-03-22
US20130212026A1 (en) 2013-08-15
US20190066102A1 (en) 2019-02-28
SG11201403861XA (en) 2014-08-28
RU2014132162A (ru) 2016-02-27
RU2631983C2 (ru) 2017-09-29

Similar Documents

Publication Publication Date Title
CN104094302B (zh) 用转换进行数据保护
AU2008268326B2 (en) System and method for account identifier obfuscation
RU2547621C2 (ru) Обработка переключения шифрования
AU2007311025B2 (en) Encrypted token transactions
US9123042B2 (en) Pin block replacement
US20130117138A1 (en) Metrics systems and methods for token transactions
US20080040284A1 (en) Method and system for secured transactions
CN107111694A (zh) 软件篡改检测和报告过程

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant