US20120317037A1 - Methods for Providing Secure Transactions - Google Patents

Methods for Providing Secure Transactions Download PDF

Info

Publication number
US20120317037A1
US20120317037A1 US13/528,062 US201213528062A US2012317037A1 US 20120317037 A1 US20120317037 A1 US 20120317037A1 US 201213528062 A US201213528062 A US 201213528062A US 2012317037 A1 US2012317037 A1 US 2012317037A1
Authority
US
United States
Prior art keywords
validation code
recited
entity
money source
transaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/528,062
Inventor
Larry Routhenstein
Roy L. Anderson
Jacob Y. Wong
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PrivaSys Inc
Original Assignee
PrivaSys Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/571,707 external-priority patent/US6592044B1/en
Application filed by PrivaSys Inc filed Critical PrivaSys Inc
Priority to US13/528,062 priority Critical patent/US20120317037A1/en
Publication of US20120317037A1 publication Critical patent/US20120317037A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06187Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with magnetically detectable marking
    • G06K19/06206Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with magnetically detectable marking the magnetic marking being emulated
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/06187Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with magnetically detectable marking
    • G06K19/06196Constructional details
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/105Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • G06Q20/3415Cards acting autonomously as pay-media
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • G06Q20/3576Multiple memory zones on card
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/383Anonymous user system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Definitions

  • the present invention is in the field of payment systems.
  • any solution needs to be something that is acceptable to the public at large. It should be easy to use. It should not be complicated or expensive to implement. Preferably, it should fit within the existing infrastructure, and not be something that requires a great deal of educational effort, or a radical change in behavior or habits of consumers. In other words, it should be user friendly, readily understandable and something that does not require a completely new infrastructure, which is a reason suggested by some as to why smart cards have not been widely accepted in the United States.
  • the present invention seeks to provide new methods for generating and processing Secure Card Numbers (SCN) that can be used in all types of transactions in which a conventional credit card account number is accepted.
  • SCN Secure Card Numbers
  • the present invention conforms to the existing standards for PIN encryption as promulgated by the American Bankers Association (ABA), the American National Standards Institute (ANSI), the International Standards Organization (ISO), and the Federal Information Processing Standards (FIPS) Publications of the National Institute of Standards and Technology (NIST). Because the methodology is well suited for use in hardware and software applications, it has widespread applicability to many different types of transactions.
  • the present invention is related to the concept of customer one-time unique purchase order numbers (“Coupons”) as described in U.S. Ser. No. 09/640,044.
  • An algorithm is executed that uses a user account number, a customer sequence number, a customer permutated user key, and a Transaction Information Block (TIB) as input variables to form an SCN that is correlated with a sequence number.
  • TIB Transaction Information Block
  • TDES Triple Data Encryption Standards
  • a random number generator generates the user insertion key that is correlated with the sequence number.
  • the TIB may provide several pieces of information, including the conditions under which the SCN will be valid (i.e., the SCN type), additional account identification information, and the status of the device used for SCN generation.
  • the sequence number can be changed after each SCN is generated and a new SCN can then be generated using a new user insertion variable correlated to the changed sequence number.
  • an SCN After an SCN is generated, it is transferred with a first entity identifier to a second entity (which can actually be several entities), which then transfers the information to a money source.
  • An individual SCN is verified as being valid by the money source by duplicating the generation of the customer permutated user key for the specified first entity and the specified sequence number, and then comparing it to the customer permutated user key which is embedded in the provided SCN. Additionally, the money source verifies that the specified SCN type is valid given the specific conditions of the transaction. Once verified as valid, each SCN passes through a life cycle in accordance with conventional credit card processing practices and with its SCN type, in which it may be used for various types of transactions before being retired. If a preselected number of SCNs are received by the money source and determined to be invalid (either consecutively or within a predetermined timeframe), then an invalid user account number condition is set to prevent further attempts to verify SCNs for that first entity.
  • a user key can be entered into an input device, and validates the user key by comparing it to a stored user key. If the entered user key is valid, the user can generate an SCN. The sequence number changes each time a user key is entered into the input device.
  • the present invention is generally directed to methods in which an encrypted transaction validation code is received which positively identifies a first transaction for a first entity, the first entity having a first entity identifier, and the first transaction is electronically verified as being valid by use of the first entity identifier and the validation code.
  • the first entity identifier is transferred to a money source as an account number and the validation code is transferred to the money source in a non-account data field.
  • a money source validates the validation code by duplicating the encryption process used to create the validation code and by then comparing the result to the validation code received with the first transaction.
  • the validation code is at least in part, encrypted, and a money source validates the validation code by duplicating a validation code encryption process and by then comparing the result to the validation code received with the first transaction.
  • the validation code can be transferred in an account number while the first entity identifier can be transferred in a non-account data field, or they can be received in a form, or the validation code can be transmitted through an Address Verification System Billing Address.
  • the validation code can be generated by an electronic device and used to identify a physical device to generate the validation code which uses a Triple Data Encryption Standard algorithm (“TEDS”).
  • TESS Triple Data Encryption Standard algorithm
  • a unique validation code can be assigned to each first entity which is valid only for at least one of mail order, telephone order, and Internet transactions, and which is used for multiple transactions with multiple merchants.
  • the unique validation code can include a customization variable that is used to customize the first transaction, an example of which is to send the first entity a replacement apparatus for generating the encrypted transaction validation code in response to the customization variable.
  • the validation code may be readable from either a Track 1 or a Track 2 of an electronic device such as an electronic card.
  • FIG. 1 illustrates an exemplary embodiment of the invention.
  • the preferred embodiment of the present invention is adapted for use in credit card transactions, and as such can be used in connection with a wide variety of instruments that can be used in connection with such financial transactions: electronic cards, software programs used in network applications, telephones (especially telephones used in what is now being referred to as m-commerce, or mobile commerce), or even physical imprint transactions. Moreover, it can be used whether such transactions are conducted in person, face-to-face, or whether such transactions are conducted by an indirect medium, such as a mail order transaction, a transaction conducted over a computer network (for example, the Internet), or a telephone transaction.
  • a computer network for example, the Internet
  • a party presents a credit card account number with the intent to initiate a monetary payment (or credit/return). In the context of the following description, this is the first entity or customer.
  • Another party receives the credit card account number with the intent to receive a monetary payment (or credit I return), and this party can be a single party or two or more parties.
  • the party or parties that are receiving the credit card account number are referred to as the second entity or merchant.
  • the second entity provides the credit card account number to this party over several transactions to effect the monetary payment (or credit/return): authorization, incremental authorization, authorization reversal, settlement, and credit/return.
  • the intermediary group of one or more parties will be referred to in the context of the following description as a money source.
  • the money source may be one or more banks, a credit card company or any other institution involved with issuance of credit cards or bank debit cards, such as a credit union or other institution, or a money source as described in U.S. Pat. No. 5,913,203.
  • the first entity it is not necessary that the first entity use a real identity, although such an option is also acceptable. Instead, a pseudonym, such as a screen name or an alias, could be used to protect the first entity's privacy and provide additional security.
  • a pseudonym such as a screen name or an alias
  • the first entity need not use a real identity, the first entity must establish an account with a money source. When the account is established, the first entity and the money source must agree upon a payment mechanism or protocol. In the case of a credit card or a bank card, this could be done in the same fashion as exists today, and the first entity could select a fictitious account name as is explained in greater detail in co-pending U.S. patent application Ser. No. 09/619,859. It is especially preferred that two different users not be allowed to select the same fictitious account name so that a fictitious account name also represents a unique identifier. However, the preferred embodiment could also be used in connection with a prepaid account. In such a scenario, the first entity could simply purchase a prepaid card and no real identity would ever be required.
  • a user key When the first entity establishes an account with the money source, a user key must be selected.
  • the user key can be a PIN, similar to that which is currently in widespread use in the United States in connection with automated teller machines.
  • Both the first entity and the money source must have access to the user key, which can be selected by either entity.
  • the money source In order to be able to retrieve this user key, the money source must create a record associated with the first entity that includes the user key and a first entity identifier (whether this be the real name of the first entity or a fictitious account name).
  • the first entity Once the first entity has established an account with the money source and a user key has been selected, the first entity must be supplied with the means to generate a customer SCN. As already described, this could be hardware or software, but in either case it will include a user account number, a customer random number generator that will be used to generate user insertion keys that are correlated with a customer sequence number, and TDES encryption keys.
  • the TDES encryption standard is the accepted standard for protecting a PIN during data transmission of financial transactions, as described by ISO 9564-1-1991 (Banking-Personal Identification Number Management and Security-PIN Protection Principles and Techniques, Section 6.2), ISO 9564-2-1991 (Banking-Personal Identification Number Management and Security-Approved Algorithms for PIN Encipherment), ANSI X9.52-1998 (Triple Data Encryption Algorithm-Modes of Operation), and FIPS PUB 46-3 (Data Encryption Standard (DES), dated 1999), the disclosures of which are specifically incorporated herein by reference.
  • ISO 9564-1-1991 Banking-Personal Identification Number Management and Security-PIN Protection Principles and Techniques, Section 6.2
  • ISO 9564-2-1991 Banking-Personal Identification Number Management and Security-Approved Algorithms for PIN Encipherment
  • ANSI X9.52-1998 Triple Data Encryption Algorithm-Modes of Operation
  • a customer random number generator such as the one that is described in U.S. patent application Ser. No. 09/640,044, filed Aug. 15, 2000 and which is generally known as a Linear Congruential Generator (LCG), is used for this purpose.
  • This random number generator is algorithmic (i.e., pseudo-random)—when starting with the same set of seeds, it always produces the same sequence of numbers. It can therefore be reproduced by the money source in order to validate a given SCN.
  • each of the values in the sequence can be identified by a Counter value that indicates that number's location in the sequence.
  • the set of random numbers generated and combined with the PIN are collectively referred to as the Sequence Insertion Number (SIN).
  • the money source method of SCN validation must be based on an embedded sequence value.
  • the Counter value is used for this purpose in the preferred embodiment.
  • this method can be used to generate SCNs of many different lengths.
  • a credit card number is typically 16 digits in length.
  • Such a number comprises three sub-numbers: a 6 digit Bank Identification Number (BIN), a 9-digit account number, and a 1-digit checksum number.
  • BIN Bank Identification Number
  • the SCN could be 9 digits in length, and could take the place of the account number in the conventional 16-digit credit card number.
  • the 9-digit SCN itself comprises three sub-numbers: a 1 digit T1B, a 4 digit Counter Block (which identifies the random number being used for encryption), and a 4 digit encrypted PIN Block.
  • the 1 digit TIB may take on up to 10 different values, each of which may indicate multiple pieces of information.
  • the TIB can be used to determine which of a plurality of account numbers associated with the first entity should be used for the first transaction.
  • the account numbers can represent, for example, different credit card accounts or different payment or credit cards.
  • a first account number might be associated with the TIB value of 0, a second account number might be associated with the values of 1 and 2, a third account number might be associated with values of 3 and 4, and so forth, wherein any odd value may be restricted to a one transaction limitation while any even value may be used to invoke permission for multiple transactions at a single merchant.
  • a TIB value of 0 indicates that the SCN may only be used for one transaction; any attempts to use it for subsequent transactions will result in a transaction denial from the money source.
  • a value of 1 indicates the same transaction restrictions as 0, but also indicates that the device generating the SCN has a low battery power condition.
  • a value of 2 indicates that the SCN may be used for multiple transactions, but only at a single merchant; any attempts to use it for subsequent transactions at a different merchant will result in a transaction denial from the money source.
  • a value of 3 indicates the same transaction restrictions as 1, but also indicates that the device generating the SCN has a low battery power condition.
  • TIB values (4, 5, 6, 7) might represent the same restriction and status information as (0, 1, 2, 3), respectively, but further indicate that the transaction is associated with a different subentity (e.g., the first entity identifier identifies a married couple, and the TIB identifies each individual spouse.)
  • Other values might also be used to enforce additional transaction restrictions in ways readily apparent to those skilled in the art.
  • the TIB can also be used by the money source to uniquely identify a physical device (such as an electronic card) used to generate the SCN.
  • This aspect of the TIB is especially useful when the money source issues more than one card to a first entity. Multiple cards might be issued to the same person (i.e., the first entity) for different uses, or multiple cards might be issued to the same person for use by different individuals (such as family members). In such instances, the TIB can identify which physical card, issued to the first entity, is used for a given transaction. When the TIB is used in this way, the TIB can be used as a customization variable to recognize multiple cards otherwise issued to a single first entity (which might also be a legal entity, such as a corporation).
  • the 4-digit Counter Block is unencrypted information provided so that the money source may decrypt and validate the SCN. It may be simply the actual Counter value (incremented after each use), but in the preferred embodiment, it is created by adding the Counter value to a starting value known to both the first entity and to the money source.
  • the 4-digit PIN Block is the encrypted information that is used to validate the fact that the SCN originated from the first entity.
  • the PIN Block is formed using the PIN, the SIN, and a starting value known to both the first entity and to the money source. It is encrypted using TDES, which requires use of three 64-bit keys known to both the first entity and to the money source. In order to encrypt such a small number (16 bits) with such a high level of encryption (158 bits), the PIN must first be expanded to a 64 bit number, then encrypted, and finally reduced back to a 16 bit number—and in such a way that it is guaranteed to be different for each transaction.
  • the SIN is the product of an LCG random number generator that is initialized with three 2-byte integer seeds—the result of operating the LCG on these seeds is a 2-byte random value.
  • the 8-byte SIN consists of the three seeds plus the random value.
  • the LCG also produces three new seeds, which will be used for the next iteration of the LCG algorithm.
  • the SIN may therefore be associated with a Counter value that indicates a unique location in the sequence of seeds and value generated by the LCG. This SIN is used as the random basis for each successively TDES-encrypted PIN Block, and guarantees a properly encrypted PIN Block for each transaction.
  • the Counter value stored in the Counter block is the one associated with the SIN used as the random basis for the PIN Block.
  • the creation of the PIN Block starts by dividing the 8-byte SIN into four 2-byte integers.
  • the PIN and a predefined constant value are both added to each individual 2-byte integer.
  • the results are then concatenated back again to form an 8-byte input block to the TDES algorithm, which encrypts them into an 8-byte output block.
  • the output block is then divided back into four 2-byte integers (x1, x2, x3, x4). These four values are then used in the following formula to produce the 4-digit PIN Block value P:
  • the four values (A, B, C, D) are each odd integers.
  • the “mod” calculation is a standard modulo arithmetic operation, and works as follows: if the resulting number is greater than 10,000 (or 20,000 or 30,000, etc.), then the value of 10,000 (or 20,000 or 30,000, etc.) is subtracted from it, leaving a positive four digit value.
  • the SCN is transmitted along with the first entity identifier from the first entity to the second entity and, subsequently, to the money source.
  • the SCN is used in an account number that replaces the conventional credit card number
  • the first entity identifier is a static 9 digit number pre-assigned to the first entity that is transferred to the money source in a non-account data field
  • the first entity identifier is dynamically encoded onto Track 1 and/or Track 2 of the magnetic stripe in the area known as the Discretionary Data Field, which comprises up to 13 digits of information.
  • the first entity identifier is transmitted as part of the Billing Address field in one of many possible forms. For example, it may be entered as “P.O. Box ⁇ first-entity-identifier”.
  • the SCN is not used in an account number to replace the conventional credit card number, but is instead used in conjunction with it—the conventional credit card number itself functions as the first entity identifier, and the SCN is used as a dynamic digital signature to positively identify the first entity and is transferred to the money source in a non-account field of data
  • the SCN is transmitted either in the Discretionary Data Field of Track 1 and/or Track 2 or via the Billing Address in a card-not-present transaction.
  • the Money Source validates the SCN by using the first entity identifier to lookup the information necessary to reproduce the PIN Block encryption for the first entity: the TDES keys, the LCG Seeds, and the PIN.
  • the Money source determines the Counter value by examining the Counter Block, reproduces the calculation of the PIN Block, and then compares the results to the received PIN Block to perform the actual validation.
  • the Money Source also validates the usage of the SCN based on the embedded TIB. It therefore enforces the various policies based on the first entity's previous transaction history: single-use, multiple-use for single merchant, card-present only.
  • the SCN when used in an account number in place of the conventional credit card number, it passes through the standard credit card transaction life-cycle: initial authorization, potential incremental authorization, potential authorization reversal, settlement, and potential credit/return.
  • the SCN is only used for initial authorization—beyond that, the Money Source performs its standard transaction processing.
  • the Money Source may detect fraudulent transaction attempts in various ways. In both the embodiment where the SCN replaces the conventional credit card number, the Money Source may check for re-use of single-use SCNs, use of SCNs without first entity identifiers when the card is not present, re-use of multiple-use/single-merchant SCNs at a different merchant, or SCNs with invalid PIN Blocks. Each of these cases represents a different type of fraud. The Money Source may take various actions in response to each of these types of attacks, such as disabling the account after an excessive number of fraudulent transaction attempts, or returning the code indicating that the merchant should retain the credit card being used for the transaction.
  • the Money Source detects fraudulent authorization attempts such as re-use of single-use SCNs, re-use of multiple-use/single-merchant SCNs at a different merchant, SCNs with invalid PIN Blocks, or use of the conventional credit card number on an SCN-enabled account without inclusion of an SCN when the card is not-present.
  • This last case covers simple Internet fraud attempts, but allows, for example, a manual-entry transaction at a POS machine or an imprint transaction.
  • the Money Source may take the same types of actions as described above.
  • the preferred embodiment allows the SCN, when paired with a conventional credit card number, to be validated by back-end software that is integrated with the issuing money source's authorization and settlement processing.
  • An issuing money source can identify an SCN-enabled credit card account in an issuer-determined fashion (e.g., a unique Bank Identification Number). It then forwards select transaction information to the SCN-enabling software, which is installed behind the issuing money source's firewall, which validates the SCN.
  • This means that software generating the SCN can be allowed operate in isolation—it does not have to be in communication with the back-end software—and thus it can be embedded in a credit card or other standalone device.
  • the inventions described above can be implemented by a money source for use with an electronic card. It is preferable that every user account utilizes the same Pseudo Random Number Generator (PRNG), such as the PRNG described in P. L'Ecuyer, “Efficient and Portable Combined Random Number Generators”, Communications of the ACM, 31(6):742-749,774, 1988, the disclosure of which is specifically incorporated herein by reference.
  • PRNG Pseudo Random Number Generator
  • each cardholder account has a different initial seed, and thus uses a different part of the PRNG sequence. Since the PRNG has an overall period of 10.sup.12, there is ample room for each account to have its own non-repeating subsequence of 10,000 values.
  • the PRNG is divided into two parts: seed generation (Formula 2) and value calculation (Formula 3).
  • the set (S.sub.x.sup.0, S.sub.x.sup.1, S.sub.x.sup.2) is a triplet of five-digit values in the range ([1, 32362], [1, 31726], [1, 31656]), and represents the seed in the x.sup.th location in the sequence.
  • Z is interim storage for the pseudo random number
  • PRNG[x] indicates the pseudo random number in the x.sup.th location in the sequence. Note that for the practical usage of this algorithm, “x” corresponds to the current Counter value.
  • Formula 2 For each transaction, Formula 2 generates the seed (based on the previous seed) and Formula 3 generates the PRNG value.
  • the initial PRNG seed (which generates value 0 in the PRNG sequence) is pre-assigned to the card. Additionally, the most recently used seed is stored in Random Access Memory (RAM).
  • RAM Random Access Memory
  • the card runs through both Formulas 2 and 3 exactly once, and then updates the seed storage in RAM.
  • the Counter value is also stored in RAM, and is initialized to the value of 1 at the time the card is manufactured. Multiple values of the Counter are stored to detect accidental corruption. Each time an SCN is generated, the current value of the Counter is used. The Counter is then incremented by 1, and stored again for the next use.
  • the SCN is calculated in an algorithmic fashion, it is possible to pre-calculate the values for a given first entity, and store them on an electronic card. This embodiment is most useful where it is more advantageous to store a large amount of data on the electronic card than it is to perform the algorithms discussed above.
  • FIG. 1 illustrate, a method, set forth by way of example and not limitation, in accordance with certain embodiments as disclosed herein.
  • An exemplary Method for Generating Customer Secure Card Numbers Subject to Use by an Electronic Card begins at 10 .
  • a First Entity is provided with an Electronic Card containing a First Entity Identifier, Secure Card Cumber (SCN) Generator, Pseudo Random Number Generator (PRNG), and Triple DES (TDES) Encryption Keys.
  • Operation 14 allows the First Entity to enter a Personal Identification Number (PIN) into the Electronic Card.
  • the Electronic Card enters the PIN into the SCN generator in an operation 16 .
  • PIN Personal Identification Number
  • the Electronic Card generates an appropriate Transaction Information Block (TIB) and, in an operation 20 , a next Counter Block.
  • the Electronic Card further generates a Sequence Insertion Number (SIN) using the PRNG and Counter Block in an operation 22 , an Encrypted PIN Block using, the PIN, SIN and TDES Encryption Keys in an operation 24 , and finally the SCN using the TIB, Counter Block and Encrypted PIN Block in an operation 26 .
  • TIB Transaction Information Block
  • SIN Sequence Insertion Number
  • the First Entity Identifier and SCN are transferred from the First Entity to a Second Entity in an operation 28 .
  • the First Entity Identifier and the SCN are transferred from the Second Entity to the Money Source.
  • the Money Source uses the First Entity Identifier to lookup PRNG, PIN and TDES Encryption Keys such that the Money Source can extract the Encrypted PIN Block from the received SCN in an operation 34 .
  • the Money Source then enters the PIN into the SCN generator in an operation 36 , and then extracts the TIB from the received SCN in an operation 38 .
  • the Money Source extracts the Counter Block from the received SCN in an operation 40 and then generates the SIN using the PRNG and the Counter Block in an operation 42 .
  • the Money Source generates the Encrypted PIN Block using the PIN, SIN, and TDES Encryption Keys.
  • the Money Source validates the SCN by comparing the received PIN Block against the generated PIN Block.

Abstract

Methods in which an encrypted transaction validation code is received which positively identifies a first transaction for a first entity, the first entity having a first entity identifier, and the first transaction is electronically verified as being valid by use of the first entity identifier and the validation code. The first entity identifier can be transferred as an account number and the validation code transferred to the money source in a non-account data field. A money source can validate the validation code by duplicating the encryption process used to create the validation code and by then comparing the result to the validation code received. The validation code can be, at least in part, encrypted, and a money source can validate the validation code by duplicating a validation code encryption process and by then comparing the result to the validation code received.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • The present application is a continuation application of U.S. patent application Ser. No. 10/968,401, filed Oct. 18, 2004, which was a continuation application of U.S. patent application Ser. No. 09/960,714, filed Sep. 21, 2001, which was a continuation-in-part application of U.S. application Ser. Nos. 09/667,081 and 09/667,089, filed Sep. 21, 2000, which are continuation-in-part applications of U.S. Ser. No. 09/659,434, filed Sep. 8, 2000, which is a continuation-in-part of U.S. Ser. No. 09/640,044, filed Aug. 15, 2000, which is a continuation-in-part of U.S. Ser. No. 09/619,859, filed Jul. 20, 2000, which is a continuation-in-part of U.S. Pat. No. 6,592,044, all of which disclosures are specifically incorporated herein by reference. The present application is also related to U.S. patent application Ser. Nos. 09/667,835, 09/667,089, and 09/667,082, all of which were filed on Sep. 21, 2000, and all of which are specifically incorporated herein by reference.
    • FIELD OF THE INVENTION
  • The present invention is in the field of payment systems.
    • BACKGROUND OF THE INVENTION
  • Three forms of money in widespread use today throughout the world are cash, checks and payment cards (debit or credit). Each has distinct advantages, and distinct disadvantages. Cash is readily accepted, easy to use and anonymous, but it does not earn interest, it can be lost or stolen, and it is not always readily accessible. Checks are not always accepted, but they offer many advantages, since they do not have to be written until the time of payment. However, they must be physically presented and they are not anonymous. Payment cards are readily, but not always, accepted, and they offer many advantages over checks. If the card is a credit card, payment can be deferred, but the transaction is not anonymous. If the card is a debit card, payment has usually been made prior to its use, but it is anonymous. Accordingly, it is apparent that different types of money have different advantages to different persons in different situations. This may be one reason why all these forms of money are still in widespread use, and are even used by the same persons at different times.
  • As society and international commerce have become more dependent upon electronic transactions, money has also become more electronic. Many attempts have been made to come up with suitable forms of electronic money that mimic the physical world, or even create new forms of electronic money. However, despite the enormous need for such money, and efforts by some of the best minds and most successful companies in the world, electronic money has suffered many setbacks and been far slower to materialize than many had hoped or predicted. The reasons are many and varied, but some of the obvious reasons are security, ease of use/operation, and unwillingness of the public and/or commerce to make radical changes or embrace new technology and/or procedures. As a result, many efforts, including several potentially promising efforts, have met with failure.
  • Even though new forms of electronic money have been slow to develop or gain widespread acceptance, electronic payments have still moved forward. Many banks now offer some form f electronic checking. And payment cards have been used for electronic transactions in e-commerce and m-commerce (mobile commerce). Still, there is widespread concern about the safety of such transactions, and recent news stories have uncovered widespread fraudulent activity associated with use of traditional credit card numbers in e-commerce over the Internet. In addition, there is growing concern about consumer privacy, or lack thereof, due to widespread electronic profiling of consumers who make electronic payments.
  • Although the media has been quick to cover fraud associated with use of credit cards over the Internet, it is often overlooked, at least by the public and the media (but not the credit card companies), that the majority of fraudulent activity concerning credit cards is not associated with e-commerce activity. Most fraud occurs in the “brick and mortar” world, and the numbers are daunting. Despite many attempts to combat unauthorized or fraudulent use of credit cards, it is estimated that credit card fraud now exceeds hundreds of millions, if not several billion, dollars per year. And this does not even count the cost of inconvenience to consumers, merchants and credit card issuer/providers, or the emotional distress caused to victims of such fraud, or the cost to society in terms of law enforcement and preventative activities.
  • Accordingly, there is a very real, long-felt need to reduce the amount of fraudulent activity that is associated with credit cards, and this need has only grown more acute as consumers and commerce search for better ways to purchase and sell goods and services via e-commerce and m-commerce. However, any solution needs to be something that is acceptable to the public at large. It should be easy to use. It should not be complicated or expensive to implement. Preferably, it should fit within the existing infrastructure, and not be something that requires a great deal of educational effort, or a radical change in behavior or habits of consumers. In other words, it should be user friendly, readily understandable and something that does not require a completely new infrastructure, which is a reason suggested by some as to why smart cards have not been widely accepted in the United States.
  • In addition, it is highly desirable that any solution to such problems be capable of widespread use, in many different platforms, for many different applications.
  • In U.S. Pat. No. 5,956,699 issued in September of 1999, Wong and Anderson were the first to introduce the methodology of a system for secure and anonymous credit card transactions on the Internet. This patent introduced a system which used an algorithm to use one's own selected Personal Identification Number (PIN) as one's own de facto digital signature. The algorithm instructs the cardholder how to insert one's PIN into one's valid credit card number before using it for any transactions on the Internet. The resultant scrambled up credit card number, which is tailored by the algorithm to having the same number of digits as before, is rendered useless on the Internet because the PIN insertion algorithm is changed automatically after every transaction. This methodology is not only capable of drastically reducing credit card fraud on the Internet, it is also capable of safeguarding one's anonymity, and thus privacy, in credit card purchases on the Internet.
  • After the issuance of U.S. Pat. No. 5,956,699, Wong et al. also invented an anonymous electronic card for generating personal coupons useful in commercial and security transactions, a method for implementing anonymous credit card transactions using a fictitious account name, as well as methods for generating one-time unique numbers that can be used in credit card transactions in the brick and mortar world, e-commerce, m-commerce and in many other applications.
  • The present invention seeks to provide new methods for generating and processing Secure Card Numbers (SCN) that can be used in all types of transactions in which a conventional credit card account number is accepted. In addition, the present invention conforms to the existing standards for PIN encryption as promulgated by the American Bankers Association (ABA), the American National Standards Institute (ANSI), the International Standards Organization (ISO), and the Federal Information Processing Standards (FIPS) Publications of the National Institute of Standards and Technology (NIST). Because the methodology is well suited for use in hardware and software applications, it has widespread applicability to many different types of transactions.
  • The present invention is related to the concept of customer one-time unique purchase order numbers (“Coupons”) as described in U.S. Ser. No. 09/640,044. An algorithm is executed that uses a user account number, a customer sequence number, a customer permutated user key, and a Transaction Information Block (TIB) as input variables to form an SCN that is correlated with a sequence number. Combining a user key with a user account number, a user insertion key correlated with the customer sequence number, and then encrypting the result using the Triple Data Encryption Standards (TDES), forms the customer permutated user key. A random number generator generates the user insertion key that is correlated with the sequence number. The TIB may provide several pieces of information, including the conditions under which the SCN will be valid (i.e., the SCN type), additional account identification information, and the status of the device used for SCN generation. The sequence number can be changed after each SCN is generated and a new SCN can then be generated using a new user insertion variable correlated to the changed sequence number.
  • After an SCN is generated, it is transferred with a first entity identifier to a second entity (which can actually be several entities), which then transfers the information to a money source. An individual SCN is verified as being valid by the money source by duplicating the generation of the customer permutated user key for the specified first entity and the specified sequence number, and then comparing it to the customer permutated user key which is embedded in the provided SCN. Additionally, the money source verifies that the specified SCN type is valid given the specific conditions of the transaction. Once verified as valid, each SCN passes through a life cycle in accordance with conventional credit card processing practices and with its SCN type, in which it may be used for various types of transactions before being retired. If a preselected number of SCNs are received by the money source and determined to be invalid (either consecutively or within a predetermined timeframe), then an invalid user account number condition is set to prevent further attempts to verify SCNs for that first entity.
  • A user key can be entered into an input device, and validates the user key by comparing it to a stored user key. If the entered user key is valid, the user can generate an SCN. The sequence number changes each time a user key is entered into the input device.
    • SUMMARY OF THE INVENTION
  • The present invention is generally directed to methods in which an encrypted transaction validation code is received which positively identifies a first transaction for a first entity, the first entity having a first entity identifier, and the first transaction is electronically verified as being valid by use of the first entity identifier and the validation code. In one method the first entity identifier is transferred to a money source as an account number and the validation code is transferred to the money source in a non-account data field. In a second method a money source validates the validation code by duplicating the encryption process used to create the validation code and by then comparing the result to the validation code received with the first transaction. In a third method the validation code is at least in part, encrypted, and a money source validates the validation code by duplicating a validation code encryption process and by then comparing the result to the validation code received with the first transaction.
  • The validation code can be transferred in an account number while the first entity identifier can be transferred in a non-account data field, or they can be received in a form, or the validation code can be transmitted through an Address Verification System Billing Address. The validation code can be generated by an electronic device and used to identify a physical device to generate the validation code which uses a Triple Data Encryption Standard algorithm (“TEDS”). A unique validation code can be assigned to each first entity which is valid only for at least one of mail order, telephone order, and Internet transactions, and which is used for multiple transactions with multiple merchants. The unique validation code can include a customization variable that is used to customize the first transaction, an example of which is to send the first entity a replacement apparatus for generating the encrypted transaction validation code in response to the customization variable. The validation code may be readable from either a Track 1 or a Track 2 of an electronic device such as an electronic card. An
  • Accordingly, it is a primary object of the present invention to provide methods for providing secure transactions involving an encrypted transaction validation code and a first entity identifier.
  • This and further objects and advantages will be apparent to those skilled in the art in connection with the detailed description of the preferred embodiment set forth below.
    • BRIEF DESCRIPTION OF THE DRAWING
  • FIG. 1 illustrates an exemplary embodiment of the invention.
    •  DETAILED DESCRIPTION OF THE INVENTION The present invention is related to U.S. Pat. Nos. 5,913,203, 5,937,394 and 5,956,699, the disclosures of which are all specifically incorporated herein by reference.
  • The preferred embodiment of the present invention is adapted for use in credit card transactions, and as such can be used in connection with a wide variety of instruments that can be used in connection with such financial transactions: electronic cards, software programs used in network applications, telephones (especially telephones used in what is now being referred to as m-commerce, or mobile commerce), or even physical imprint transactions. Moreover, it can be used whether such transactions are conducted in person, face-to-face, or whether such transactions are conducted by an indirect medium, such as a mail order transaction, a transaction conducted over a computer network (for example, the Internet), or a telephone transaction.
  • As is the case in most financial transactions, three parties are typically involved in completed credit card transactions according to the present invention. A party presents a credit card account number with the intent to initiate a monetary payment (or credit/return). In the context of the following description, this is the first entity or customer. Another party receives the credit card account number with the intent to receive a monetary payment (or credit I return), and this party can be a single party or two or more parties. In the context of the following description, the party or parties that are receiving the credit card account number are referred to as the second entity or merchant. Finally, there is at least one party, and usually multiple parties, that serve as intermediaries to the monetary payment (or credit/return). The second entity provides the credit card account number to this party over several transactions to effect the monetary payment (or credit/return): authorization, incremental authorization, authorization reversal, settlement, and credit/return. The intermediary group of one or more parties will be referred to in the context of the following description as a money source. Thus, the money source may be one or more banks, a credit card company or any other institution involved with issuance of credit cards or bank debit cards, such as a credit union or other institution, or a money source as described in U.S. Pat. No. 5,913,203.
  • In connection with the preferred embodiment, it is not necessary that the first entity use a real identity, although such an option is also acceptable. Instead, a pseudonym, such as a screen name or an alias, could be used to protect the first entity's privacy and provide additional security.
  • Although the first entity need not use a real identity, the first entity must establish an account with a money source. When the account is established, the first entity and the money source must agree upon a payment mechanism or protocol. In the case of a credit card or a bank card, this could be done in the same fashion as exists today, and the first entity could select a fictitious account name as is explained in greater detail in co-pending U.S. patent application Ser. No. 09/619,859. It is especially preferred that two different users not be allowed to select the same fictitious account name so that a fictitious account name also represents a unique identifier. However, the preferred embodiment could also be used in connection with a prepaid account. In such a scenario, the first entity could simply purchase a prepaid card and no real identity would ever be required.
  • When the first entity establishes an account with the money source, a user key must be selected. The user key can be a PIN, similar to that which is currently in widespread use in the United States in connection with automated teller machines. Both the first entity and the money source must have access to the user key, which can be selected by either entity. In order to be able to retrieve this user key, the money source must create a record associated with the first entity that includes the user key and a first entity identifier (whether this be the real name of the first entity or a fictitious account name).
  • Once the first entity has established an account with the money source and a user key has been selected, the first entity must be supplied with the means to generate a customer SCN. As already described, this could be hardware or software, but in either case it will include a user account number, a customer random number generator that will be used to generate user insertion keys that are correlated with a customer sequence number, and TDES encryption keys.
  • The TDES encryption standard is the accepted standard for protecting a PIN during data transmission of financial transactions, as described by ISO 9564-1-1991 (Banking-Personal Identification Number Management and Security-PIN Protection Principles and Techniques, Section 6.2), ISO 9564-2-1991 (Banking-Personal Identification Number Management and Security-Approved Algorithms for PIN Encipherment), ANSI X9.52-1998 (Triple Data Encryption Algorithm-Modes of Operation), and FIPS PUB 46-3 (Data Encryption Standard (DES), dated 1999), the disclosures of which are specifically incorporated herein by reference.
  • In order to effectively use TDES for PIN encryption, the PIN must be combined with a new set of randomly generated data for each transaction. Otherwise, the encrypted PIN would always be the same value. A customer random number generator, such as the one that is described in U.S. patent application Ser. No. 09/640,044, filed Aug. 15, 2000 and which is generally known as a Linear Congruential Generator (LCG), is used for this purpose. This random number generator is algorithmic (i.e., pseudo-random)—when starting with the same set of seeds, it always produces the same sequence of numbers. It can therefore be reproduced by the money source in order to validate a given SCN. Furthermore, since this pseudo random number generator generates its values in a reproducible sequence, each of the values in the sequence can be identified by a Counter value that indicates that number's location in the sequence. The set of random numbers generated and combined with the PIN are collectively referred to as the Sequence Insertion Number (SIN).
  • In the real world of credit card transactions, it is not possible to assume that transactions conducted by the first entity in a given order will always be received by the money source in that same order. Therefore, the money source method of SCN validation must be based on an embedded sequence value. The Counter value is used for this purpose in the preferred embodiment.
  • In general, this method can be used to generate SCNs of many different lengths. In the conventional credit card processing infrastructure, a credit card number is typically 16 digits in length. Such a number comprises three sub-numbers: a 6 digit Bank Identification Number (BIN), a 9-digit account number, and a 1-digit checksum number. For the purpose of being compatible with the existing credit card processing infrastructure, the SCN could be 9 digits in length, and could take the place of the account number in the conventional 16-digit credit card number.
  • In the preferred embodiment, the 9-digit SCN itself comprises three sub-numbers: a 1 digit T1B, a 4 digit Counter Block (which identifies the random number being used for encryption), and a 4 digit encrypted PIN Block.
  • The 1 digit TIB may take on up to 10 different values, each of which may indicate multiple pieces of information. The TIB can be used to determine which of a plurality of account numbers associated with the first entity should be used for the first transaction. The account numbers can represent, for example, different credit card accounts or different payment or credit cards. A first account number might be associated with the TIB value of 0, a second account number might be associated with the values of 1 and 2, a third account number might be associated with values of 3 and 4, and so forth, wherein any odd value may be restricted to a one transaction limitation while any even value may be used to invoke permission for multiple transactions at a single merchant. In the preferred embodiment, a TIB value of 0 indicates that the SCN may only be used for one transaction; any attempts to use it for subsequent transactions will result in a transaction denial from the money source. A value of 1 indicates the same transaction restrictions as 0, but also indicates that the device generating the SCN has a low battery power condition. A value of 2 indicates that the SCN may be used for multiple transactions, but only at a single merchant; any attempts to use it for subsequent transactions at a different merchant will result in a transaction denial from the money source. A value of 3 indicates the same transaction restrictions as 1, but also indicates that the device generating the SCN has a low battery power condition. Furthermore, a set of TIB values (4, 5, 6, 7) might represent the same restriction and status information as (0, 1, 2, 3), respectively, but further indicate that the transaction is associated with a different subentity (e.g., the first entity identifier identifies a married couple, and the TIB identifies each individual spouse.) Other values might also be used to enforce additional transaction restrictions in ways readily apparent to those skilled in the art.
  • The TIB can also be used by the money source to uniquely identify a physical device (such as an electronic card) used to generate the SCN. This aspect of the TIB is especially useful when the money source issues more than one card to a first entity. Multiple cards might be issued to the same person (i.e., the first entity) for different uses, or multiple cards might be issued to the same person for use by different individuals (such as family members). In such instances, the TIB can identify which physical card, issued to the first entity, is used for a given transaction. When the TIB is used in this way, the TIB can be used as a customization variable to recognize multiple cards otherwise issued to a single first entity (which might also be a legal entity, such as a corporation).
  • The 4-digit Counter Block is unencrypted information provided so that the money source may decrypt and validate the SCN. It may be simply the actual Counter value (incremented after each use), but in the preferred embodiment, it is created by adding the Counter value to a starting value known to both the first entity and to the money source.
  • The 4-digit PIN Block is the encrypted information that is used to validate the fact that the SCN originated from the first entity. The PIN Block is formed using the PIN, the SIN, and a starting value known to both the first entity and to the money source. It is encrypted using TDES, which requires use of three 64-bit keys known to both the first entity and to the money source. In order to encrypt such a small number (16 bits) with such a high level of encryption (158 bits), the PIN must first be expanded to a 64 bit number, then encrypted, and finally reduced back to a 16 bit number—and in such a way that it is guaranteed to be different for each transaction.
  • The SIN is the product of an LCG random number generator that is initialized with three 2-byte integer seeds—the result of operating the LCG on these seeds is a 2-byte random value. The 8-byte SIN consists of the three seeds plus the random value. As a by-product of its operation, the LCG also produces three new seeds, which will be used for the next iteration of the LCG algorithm. The SIN may therefore be associated with a Counter value that indicates a unique location in the sequence of seeds and value generated by the LCG. This SIN is used as the random basis for each successively TDES-encrypted PIN Block, and guarantees a properly encrypted PIN Block for each transaction. To allow proper validation of the SCN, the Counter value stored in the Counter block is the one associated with the SIN used as the random basis for the PIN Block.
  • The creation of the PIN Block starts by dividing the 8-byte SIN into four 2-byte integers. The PIN and a predefined constant value are both added to each individual 2-byte integer. The results are then concatenated back again to form an 8-byte input block to the TDES algorithm, which encrypts them into an 8-byte output block. The output block is then divided back into four 2-byte integers (x1, x2, x3, x4). These four values are then used in the following formula to produce the 4-digit PIN Block value P:

  • P=(Ax1+Bx2+Cx3+Dx4)mod 10000  Formula 1: PRNG Value Calculation
  • In this formula, the four values (A, B, C, D) are each odd integers. The “mod” calculation is a standard modulo arithmetic operation, and works as follows: if the resulting number is greater than 10,000 (or 20,000 or 30,000, etc.), then the value of 10,000 (or 20,000 or 30,000, etc.) is subtracted from it, leaving a positive four digit value.
  • Once created, the SCN is transmitted along with the first entity identifier from the first entity to the second entity and, subsequently, to the money source. In one embodiment, the SCN is used in an account number that replaces the conventional credit card number, and the first entity identifier is a static 9 digit number pre-assigned to the first entity that is transferred to the money source in a non-account data field, In the case of an electronic swipe credit card transaction, the first entity identifier is dynamically encoded onto Track 1 and/or Track 2 of the magnetic stripe in the area known as the Discretionary Data Field, which comprises up to 13 digits of information. In the case of a transaction where the first entity is not present, such as a mail order, telephone order, or Internet order, the first entity identifier is transmitted as part of the Billing Address field in one of many possible forms. For example, it may be entered as “P.O. Box <first-entity-identifier”.
  • In an especially preferred embodiment, the SCN is not used in an account number to replace the conventional credit card number, but is instead used in conjunction with it—the conventional credit card number itself functions as the first entity identifier, and the SCN is used as a dynamic digital signature to positively identify the first entity and is transferred to the money source in a non-account field of data In this case, the SCN is transmitted either in the Discretionary Data Field of Track 1 and/or Track 2 or via the Billing Address in a card-not-present transaction.
  • The Money Source validates the SCN by using the first entity identifier to lookup the information necessary to reproduce the PIN Block encryption for the first entity: the TDES keys, the LCG Seeds, and the PIN. The Money source determines the Counter value by examining the Counter Block, reproduces the calculation of the PIN Block, and then compares the results to the received PIN Block to perform the actual validation.
  • The Money Source also validates the usage of the SCN based on the embedded TIB. It therefore enforces the various policies based on the first entity's previous transaction history: single-use, multiple-use for single merchant, card-present only.
  • In the embodiment when the SCN is used in an account number in place of the conventional credit card number, it passes through the standard credit card transaction life-cycle: initial authorization, potential incremental authorization, potential authorization reversal, settlement, and potential credit/return. However, in an especially preferred embodiment, the SCN is only used for initial authorization—beyond that, the Money Source performs its standard transaction processing.
  • The Money Source may detect fraudulent transaction attempts in various ways. In both the embodiment where the SCN replaces the conventional credit card number, the Money Source may check for re-use of single-use SCNs, use of SCNs without first entity identifiers when the card is not present, re-use of multiple-use/single-merchant SCNs at a different merchant, or SCNs with invalid PIN Blocks. Each of these cases represents a different type of fraud. The Money Source may take various actions in response to each of these types of attacks, such as disabling the account after an excessive number of fraudulent transaction attempts, or returning the code indicating that the merchant should retain the credit card being used for the transaction.
  • In the preferred embodiment, the Money Source detects fraudulent authorization attempts such as re-use of single-use SCNs, re-use of multiple-use/single-merchant SCNs at a different merchant, SCNs with invalid PIN Blocks, or use of the conventional credit card number on an SCN-enabled account without inclusion of an SCN when the card is not-present. This last case covers simple Internet fraud attempts, but allows, for example, a manual-entry transaction at a POS machine or an imprint transaction. After detecting fraud attempts, the Money Source may take the same types of actions as described above.
  • It should be noted that the preferred embodiment allows the SCN, when paired with a conventional credit card number, to be validated by back-end software that is integrated with the issuing money source's authorization and settlement processing. An issuing money source can identify an SCN-enabled credit card account in an issuer-determined fashion (e.g., a unique Bank Identification Number). It then forwards select transaction information to the SCN-enabling software, which is installed behind the issuing money source's firewall, which validates the SCN. This means that software generating the SCN can be allowed operate in isolation—it does not have to be in communication with the back-end software—and thus it can be embedded in a credit card or other standalone device.
  • The inventions described above can be implemented by a money source for use with an electronic card. It is preferable that every user account utilizes the same Pseudo Random Number Generator (PRNG), such as the PRNG described in P. L'Ecuyer, “Efficient and Portable Combined Random Number Generators”, Communications of the ACM, 31(6):742-749,774, 1988, the disclosure of which is specifically incorporated herein by reference. However, each cardholder account has a different initial seed, and thus uses a different part of the PRNG sequence. Since the PRNG has an overall period of 10.sup.12, there is ample room for each account to have its own non-repeating subsequence of 10,000 values.
  • The PRNG is divided into two parts: seed generation (Formula 2) and value calculation (Formula 3). In these formulas (expressed using C code fragments), the set (S.sub.x.sup.0, S.sub.x.sup.1, S.sub.x.sup.2) is a triplet of five-digit values in the range ([1, 32362], [1, 31726], [1, 31656]), and represents the seed in the x.sup.th location in the sequence. Z is interim storage for the pseudo random number, and PRNG[x] indicates the pseudo random number in the x.sup.th location in the sequence. Note that for the practical usage of this algorithm, “x” corresponds to the current Counter value. For each transaction, Formula 2 generates the seed (based on the previous seed) and Formula 3 generates the PRNG value.

  • Z=Sx0−Sx1;
      • if (Z>706)Z=Z−32362;

  • Z=Z+Sx2;  Formula 2: PRNG Value Calculation
      • if (Z<1)Z=Z+32362;
      • PRNG[x]=Z

  • Sx10=(Sx−10*157)mod 32363

  • Sx20=(Sx−11*146)mod 31727

  • Sx2=(Sx−12*142)mod 31657  Formula 3: PRNG Seed Generation
  • In all cases, the initial PRNG seed (which generates value 0 in the PRNG sequence) is pre-assigned to the card. Additionally, the most recently used seed is stored in Random Access Memory (RAM). Thus, when an SCN must be generated, the card runs through both Formulas 2 and 3 exactly once, and then updates the seed storage in RAM. The Counter value is also stored in RAM, and is initialized to the value of 1 at the time the card is manufactured. Multiple values of the Counter are stored to detect accidental corruption. Each time an SCN is generated, the current value of the Counter is used. The Counter is then incremented by 1, and stored again for the next use.
  • Since the SCN is calculated in an algorithmic fashion, it is possible to pre-calculate the values for a given first entity, and store them on an electronic card. This embodiment is most useful where it is more advantageous to store a large amount of data on the electronic card than it is to perform the algorithms discussed above.
  • Use of the SCN technology described herein is secure when it requires the cardholder to enter a PIN in order to generate a unique SCN that is valid for only one transaction, and for only the specified cardholder. At no time during the transaction is the PIN at risk. By utilizing both encryption and random number generation technologies described herein, it is possible to achieve at least a 99.9% level of protection against fraud.
  • FIG. 1 illustrate, a method, set forth by way of example and not limitation, in accordance with certain embodiments as disclosed herein. An exemplary Method for Generating Customer Secure Card Numbers Subject to Use by an Electronic Card begins at 10. Next, in an operation 12, a First Entity is provided with an Electronic Card containing a First Entity Identifier, Secure Card Cumber (SCN) Generator, Pseudo Random Number Generator (PRNG), and Triple DES (TDES) Encryption Keys. Operation 14 allows the First Entity to enter a Personal Identification Number (PIN) into the Electronic Card. The Electronic Card enters the PIN into the SCN generator in an operation 16. Next, in an operation 18, the Electronic Card generates an appropriate Transaction Information Block (TIB) and, in an operation 20, a next Counter Block. The Electronic Card further generates a Sequence Insertion Number (SIN) using the PRNG and Counter Block in an operation 22, an Encrypted PIN Block using, the PIN, SIN and TDES Encryption Keys in an operation 24, and finally the SCN using the TIB, Counter Block and Encrypted PIN Block in an operation 26.
  • With continuing reference to FIG. 1, the First Entity Identifier and SCN are transferred from the First Entity to a Second Entity in an operation 28. In an operation 30, the First Entity Identifier and the SCN are transferred from the Second Entity to the Money Source. In an operation 32, the Money Source uses the First Entity Identifier to lookup PRNG, PIN and TDES Encryption Keys such that the Money Source can extract the Encrypted PIN Block from the received SCN in an operation 34. The Money Source then enters the PIN into the SCN generator in an operation 36, and then extracts the TIB from the received SCN in an operation 38. Next, the Money Source extracts the Counter Block from the received SCN in an operation 40 and then generates the SIN using the PRNG and the Counter Block in an operation 42. In an operation 44, the Money Source generates the Encrypted PIN Block using the PIN, SIN, and TDES Encryption Keys. Lastly, in an operation 46, the Money Source validates the SCN by comparing the received PIN Block against the generated PIN Block.
  • Although the foregoing detailed description is illustrative of preferred embodiments of the present invention, it is to be understood that additional embodiments thereof will be obvious to those skilled in the art. For example, the same inventive concepts disclosed herein could be used in a system in which a customer has two or more account numbers and/or identities, with the same or different user keys. In the case of an electronic card or telephone, this would allow the customer to select which account should be used (for example, to choose a business credit card for use with a business expense, a personal credit card for use with a personal expense, or a bank card at a local store for groceries and cash back). Alternatively, a customer might be permitted to use multiple user keys for the same account number and the same identity. This could allow some of the same functionality, or it could be used to classify the type or nature of the expense or transaction. Furthermore, the same SCN concept can be easily extended to non-financial transactions where user authentication is required, such as with electronic Identification cards. Further modifications are also possible in alternative embodiments without departing from the inventive concept.
  • Accordingly, it will be readily apparent to those skilled in the art that still further changes and modifications in the actual concepts described herein can readily be made without departing from the spirit and scope of the disclosed inventions as defined by the following claims.

Claims (29)

1. A method, comprising:
(a) receiving an encrypted transaction validation code which positively identifies a first transaction for a first entity, the first entity having a first entity identifier; and
(b) electronically verifying that the first transaction is valid by use of the first entity identifier and the validation code;
wherein the first entity identifier is transferred to a money source as an account number and the validation code is transferred to the money source in a non-account data field.
2. The method as recited in claim 1, wherein the validation code is transferred to the money source in an account number and the first entity identifier is transferred to the money source in a non-account data field.
3. The method as recited in claim 1, wherein the validation code is used by the money source to identify a physical device to generate the validation code.
4. The method as recited in claim 1, wherein the validation code is formed by using a Triple Data Encryption Standard algorithm (“TEDS”).
5. The method as recited in claim 1, wherein the validation code and the first entity identifier are received in a form.
6. The method as recited in claim 1, wherein the validation code is transmitted through an Address Verification System Billing Address.
7. The method as recited in claim 1, wherein a unique validation code is assigned to each first entity which is valid only for at least one of mail order, telephone order, and Internet transactions, and which is used for multiple transactions with multiple merchants.
8. The method as recited in claim 1, wherein the unique validation code includes a customization variable that is used to customize the first transaction.
9. The method as recited in claim 8, further comprising sending the first entity a replacement apparatus for generating the encrypted transaction validation code in response to the customization variable.
10. The method as recited in claim 1, wherein the validation code is readable from either a Track 1 or a Track 2 of an electronic device.
11. The method as recited in claim 10, wherein the electronic device is an electronic card.
12. The method as recited in claim 1 wherein an electronic device generates the validation code.
13. A method, comprising:
(a) receiving an encrypted transaction validation code which positively identifies a first transaction for a first entity, the first entity having a first entity identifier; and
(b) electronically verifying that the first transaction is valid by use of the first entity identifier and the validation code;
wherein a money source validates the validation code by duplicating the encryption process used to create the validation code and by then comparing the result to the validation code received with the first transaction.
14. The method as recited in claim 13, wherein the validation code is transferred to the money source in an account number and the first entity identifier is transferred to the money source in a non-account data field.
15. The method as recited in claim 13, wherein the first entity identifier is transferred to the money source as an account number and the validation code is transferred to the money source in a non-account data field.
16. The method as recited in claim 13, wherein the validation code is used by the money source to identify a physical device used to generate the validation code.
17. The method as recited in claim 13, wherein the validation code is formed by using a Triple Data Encryption Standard algorithm (“TDES”).
18. The method as recited in claim 13 wherein the validation code and first entity identifier are received in a form.
19. The method as recited in claim 13 wherein the validation code is transmitted through an Address Verification System Billing Address.
20. The method as recited in claim 13 wherein a unique validation code is assigned to each first entity which is valid only for at least one of mail order, telephone order, and Internet transactions, and which is used for multiple transactions with multiple merchants.
21. The method as recited in claim 13 wherein the validation code is readable from either a Track 1 or a Track 2 of an electronic device.
22. A method, comprising:
(a) receiving an encrypted transaction validation code which positively identifies a first transaction for a first entity, the first entity having a first entity identifier; and
(b) electronically verifying that the first transaction is valid by use of the first entity identifier and the validation code;
wherein the validation code is, at least in part, encrypted, and
wherein a money source validates the validation code by duplicating a validation code encryption process and by then comparing the result to the validation code received with the first transaction.
23. The method as recited in claim 22, wherein the validation code is transferred to the money source in an account number and the first entity identifier is transferred to the money source in a non-account data field.
24. The method as recited in claim 22, wherein the first entity identifier is transferred to the money source as an account number and the validation code is transferred to the money source in a non-account data field.
25. The method as recited in claim 22, wherein the validation code is used by the money source to identify a physical device used to generate the validation code.
26. The method as recited in claim 22, wherein the validation code is formed by using a Triple Data Encryption Standard algorithm (“TDES”).
27. The method as recited in claim 22 wherein the validation code and first entity identifier are transferred to the second entity in a form.
28. The method as recited in claim 22 wherein the validation code is transmitted through an Address Verification System Billing Address.
29. The method as recited in claim 22 wherein the validation code is readable from either a Track 1 or a Track 2 of an electronic device.
US13/528,062 2000-05-15 2012-06-20 Methods for Providing Secure Transactions Abandoned US20120317037A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US13/528,062 US20120317037A1 (en) 2000-05-15 2012-06-20 Methods for Providing Secure Transactions

Applications Claiming Priority (9)

Application Number Priority Date Filing Date Title
US09/571,707 US6592044B1 (en) 2000-05-15 2000-05-15 Anonymous electronic card for generating personal coupons useful in commercial and security transactions
US61985900A 2000-07-20 2000-07-20
US64004400A 2000-08-15 2000-08-15
US65943400A 2000-09-08 2000-09-08
US66708100A 2000-09-21 2000-09-21
US66708900A 2000-09-21 2000-09-21
US09/960,714 US6805288B2 (en) 2000-05-15 2001-09-21 Method for generating customer secure card numbers subject to use restrictions by an electronic card
US10/968,401 US20050086177A1 (en) 2000-05-15 2004-10-18 Method for customizing payment card transactions at the time of the transactions
US13/528,062 US20120317037A1 (en) 2000-05-15 2012-06-20 Methods for Providing Secure Transactions

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US10/968,401 Continuation US20050086177A1 (en) 2000-05-15 2004-10-18 Method for customizing payment card transactions at the time of the transactions

Publications (1)

Publication Number Publication Date
US20120317037A1 true US20120317037A1 (en) 2012-12-13

Family

ID=34427183

Family Applications (9)

Application Number Title Priority Date Filing Date
US09/960,714 Expired - Lifetime US6805288B2 (en) 2000-05-15 2001-09-21 Method for generating customer secure card numbers subject to use restrictions by an electronic card
US10/968,398 Expired - Fee Related US7748616B2 (en) 2000-05-15 2004-10-18 Method for implementing anonymous credit card transactions using a fictitious account name
US10/968,402 Expired - Fee Related US7693798B2 (en) 2000-05-15 2004-10-18 Anonymous merchandise delivery system
US10/968,399 Active 2026-09-01 US8191772B2 (en) 2000-05-15 2004-10-18 Method for generating customer one-time unique purchase order numbers
US10/968,401 Abandoned US20050086177A1 (en) 2000-05-15 2004-10-18 Method for customizing payment card transactions at the time of the transactions
US13/438,710 Expired - Fee Related US8690055B2 (en) 2000-05-15 2012-04-03 Electronic card
US13/528,062 Abandoned US20120317037A1 (en) 2000-05-15 2012-06-20 Methods for Providing Secure Transactions
US13/529,713 Abandoned US20120265689A1 (en) 2000-05-15 2012-06-21 Methods for Customizing Secured Transactions that are Verified by a Money Source
US14/188,491 Abandoned US20140231527A1 (en) 2000-05-15 2014-02-24 Electronic Card

Family Applications Before (6)

Application Number Title Priority Date Filing Date
US09/960,714 Expired - Lifetime US6805288B2 (en) 2000-05-15 2001-09-21 Method for generating customer secure card numbers subject to use restrictions by an electronic card
US10/968,398 Expired - Fee Related US7748616B2 (en) 2000-05-15 2004-10-18 Method for implementing anonymous credit card transactions using a fictitious account name
US10/968,402 Expired - Fee Related US7693798B2 (en) 2000-05-15 2004-10-18 Anonymous merchandise delivery system
US10/968,399 Active 2026-09-01 US8191772B2 (en) 2000-05-15 2004-10-18 Method for generating customer one-time unique purchase order numbers
US10/968,401 Abandoned US20050086177A1 (en) 2000-05-15 2004-10-18 Method for customizing payment card transactions at the time of the transactions
US13/438,710 Expired - Fee Related US8690055B2 (en) 2000-05-15 2012-04-03 Electronic card

Family Applications After (2)

Application Number Title Priority Date Filing Date
US13/529,713 Abandoned US20120265689A1 (en) 2000-05-15 2012-06-21 Methods for Customizing Secured Transactions that are Verified by a Money Source
US14/188,491 Abandoned US20140231527A1 (en) 2000-05-15 2014-02-24 Electronic Card

Country Status (1)

Country Link
US (9) US6805288B2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170026185A1 (en) * 2015-07-21 2017-01-26 Entrust, Inc. Method and apparatus for providing secure communication among constrained devices

Families Citing this family (300)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6131811A (en) 1998-05-29 2000-10-17 E-Micro Corporation Wallet consolidator
US6615189B1 (en) 1998-06-22 2003-09-02 Bank One, Delaware, National Association Debit purchasing of stored value card for use by and/or delivery to others
US7809642B1 (en) 1998-06-22 2010-10-05 Jpmorgan Chase Bank, N.A. Debit purchasing of stored value card for use by and/or delivery to others
US7058817B1 (en) 1999-07-02 2006-06-06 The Chase Manhattan Bank System and method for single sign on process for websites with multiple applications and services
US7321864B1 (en) * 1999-11-04 2008-01-22 Jpmorgan Chase Bank, N.A. System and method for providing funding approval associated with a project based on a document collection
WO2001033477A2 (en) 1999-11-04 2001-05-10 Jpmorgan Chase Bank System and method for automated financial project management
US8571975B1 (en) 1999-11-24 2013-10-29 Jpmorgan Chase Bank, N.A. System and method for sending money via E-mail over the internet
US8793160B2 (en) 1999-12-07 2014-07-29 Steve Sorem System and method for processing transactions
US6615190B1 (en) * 2000-02-09 2003-09-02 Bank One, Delaware, National Association Sponsor funded stored value card
EP1269429A2 (en) 2000-03-15 2003-01-02 Mastercard International, Inc. Method and system for secure payments over a computer network
US20050127164A1 (en) * 2002-03-19 2005-06-16 John Wankmueller Method and system for conducting a transaction using a proximity device and an identifier
US20100223186A1 (en) * 2000-04-11 2010-09-02 Hogan Edward J Method and System for Conducting Secure Payments
US6805288B2 (en) * 2000-05-15 2004-10-19 Larry Routhenstein Method for generating customer secure card numbers subject to use restrictions by an electronic card
US7426530B1 (en) 2000-06-12 2008-09-16 Jpmorgan Chase Bank, N.A. System and method for providing customers with seamless entry to a remote server
US10185936B2 (en) 2000-06-22 2019-01-22 Jpmorgan Chase Bank, N.A. Method and system for processing internet payments
ES2272533T3 (en) * 2000-08-28 2007-05-01 Axalto S.A. PROCEDURE TO PROVIDE IDENTIFICATION DATA OF A PAYMENT CARD TO A USER.
US7000001B2 (en) * 2000-09-12 2006-02-14 Research In Motion Limited Bookmark beacon system and method
US7246263B2 (en) * 2000-09-20 2007-07-17 Jpmorgan Chase Bank System and method for portal infrastructure tracking
US8335855B2 (en) 2001-09-19 2012-12-18 Jpmorgan Chase Bank, N.A. System and method for portal infrastructure tracking
US20020103736A1 (en) * 2001-01-29 2002-08-01 Webb Steven L. Method for secure credit card entry into an online database
US8849716B1 (en) 2001-04-20 2014-09-30 Jpmorgan Chase Bank, N.A. System and method for preventing identity theft or misuse by restricting access
US7313546B2 (en) 2001-05-23 2007-12-25 Jp Morgan Chase Bank, N.A. System and method for currency selectable stored value instrument
WO2002099598A2 (en) 2001-06-07 2002-12-12 First Usa Bank, N.A. System and method for rapid updating of credit information
US7266839B2 (en) 2001-07-12 2007-09-04 J P Morgan Chase Bank System and method for providing discriminated content to network users
AU2002327322A1 (en) 2001-07-24 2003-02-17 First Usa Bank, N.A. Multiple account card and transaction routing
US8020754B2 (en) 2001-08-13 2011-09-20 Jpmorgan Chase Bank, N.A. System and method for funding a collective account by use of an electronic tag
US7195154B2 (en) * 2001-09-21 2007-03-27 Privasys, Inc. Method for generating customer secure card numbers
US7103576B2 (en) 2001-09-21 2006-09-05 First Usa Bank, Na System for providing cardless payment
CA2466071C (en) 2001-11-01 2016-04-12 Bank One, Delaware, N.A. System and method for establishing or modifying an account with user selectable terms
US7987501B2 (en) 2001-12-04 2011-07-26 Jpmorgan Chase Bank, N.A. System and method for single session sign-on
US7941533B2 (en) * 2002-02-19 2011-05-10 Jpmorgan Chase Bank, N.A. System and method for single sign-on session management without central server
CA2479602C (en) * 2002-03-19 2014-12-23 Mastercard International Incorporated Method and system for conducting a transaction using a proximity device
US7899753B1 (en) 2002-03-25 2011-03-01 Jpmorgan Chase Bank, N.A Systems and methods for time variable financial authentication
US20180165441A1 (en) 2002-03-25 2018-06-14 Glenn Cobourn Everhart Systems and methods for multifactor authentication
US8751391B2 (en) 2002-03-29 2014-06-10 Jpmorgan Chase Bank, N.A. System and process for performing purchase transactions using tokens
US7246324B2 (en) * 2002-05-23 2007-07-17 Jpmorgan Chase Bank Method and system for data capture with hidden applets
US7472171B2 (en) * 2002-06-21 2008-12-30 Jpmorgan Chase Bank, National Association Method and system for determining receipt of a delayed cookie in a client-server architecture
US7234065B2 (en) * 2002-09-17 2007-06-19 Jpmorgan Chase Bank System and method for managing data privacy
US7058660B2 (en) 2002-10-02 2006-06-06 Bank One Corporation System and method for network-based project management
US20040122736A1 (en) 2002-10-11 2004-06-24 Bank One, Delaware, N.A. System and method for granting promotional rewards to credit account holders
US8301493B2 (en) 2002-11-05 2012-10-30 Jpmorgan Chase Bank, N.A. System and method for providing incentives to consumers to share information
JP2004172923A (en) * 2002-11-20 2004-06-17 Nec Corp Portable telephone terminal, and pay service restriction method used therefor
US20040153418A1 (en) * 2003-02-05 2004-08-05 Hanweck Gerald Alfred System and method for providing access to data from proprietary tools
US7100821B2 (en) * 2003-05-15 2006-09-05 Mehran Randall Rasti Charge card and debit transactions using a variable charge number
US8306907B2 (en) 2003-05-30 2012-11-06 Jpmorgan Chase Bank N.A. System and method for offering risk-based interest rates in a credit instrument
US20050055555A1 (en) * 2003-09-05 2005-03-10 Rao Srinivasan N. Single sign-on authentication system
US8190893B2 (en) 2003-10-27 2012-05-29 Jp Morgan Chase Bank Portable security transaction protocol
US7543739B2 (en) * 2003-12-17 2009-06-09 Qsecure, Inc. Automated payment card fraud detection and location
US7584153B2 (en) * 2004-03-15 2009-09-01 Qsecure, Inc. Financial transactions with dynamic card verification values
US7337956B2 (en) * 2004-04-12 2008-03-04 Rearden Capital Corporation System and method for facilitating the purchase of goods and services
US7275685B2 (en) * 2004-04-12 2007-10-02 Rearden Capital Corporation Method for electronic payment
US7748617B2 (en) * 2004-04-12 2010-07-06 Gray R O'neal Electronic identification system
US7500602B2 (en) * 2005-02-22 2009-03-10 Gray R O'neal System for increasing the security of credit and debit cards transactions
US20050269401A1 (en) * 2004-06-03 2005-12-08 Tyfone, Inc. System and method for securing financial transactions
WO2005119607A2 (en) * 2004-06-03 2005-12-15 Tyfone, Inc. System and method for securing financial transactions
US7669772B2 (en) * 2004-07-15 2010-03-02 Mastercard International Incorporated Method and system using a bitmap for passing contactless payment card transaction variables in standardized data formats
US8439271B2 (en) 2004-07-15 2013-05-14 Mastercard International Incorporated Method and system using a bitmap for passing contactless payment card transaction variables in standardized data formats
FR2875080B1 (en) * 2004-09-09 2006-10-27 Gemplus Sa OPTIMIZED UPDATING OF A DETERMINISTIC VALUE IN A COMMUNICATION DEVICE
US20060074798A1 (en) * 2004-09-27 2006-04-06 Din Khaja M Financial instrument, system, and method for electronic commerce transactions
US20060080593A1 (en) * 2004-10-08 2006-04-13 Alexander Hudspith System and method for generating computer-readable documents
US8740069B2 (en) * 2005-01-26 2014-06-03 Heng Kah Choy Fraud-free payment for internet purchases
US20060190723A1 (en) * 2005-02-18 2006-08-24 Jp Morgan Chase Bank Payload layer security for file transfer
US7581678B2 (en) 2005-02-22 2009-09-01 Tyfone, Inc. Electronic transaction card
US8226001B1 (en) 2010-06-23 2012-07-24 Fiteq, Inc. Method for broadcasting a magnetic stripe data packet from an electronic smart card
US8684267B2 (en) 2005-03-26 2014-04-01 Privasys Method for broadcasting a magnetic stripe data packet from an electronic smart card
EP1882220A2 (en) 2005-03-26 2008-01-30 Privasys, Inc. Electronic financial transaction cards and methods
US20060226217A1 (en) * 2005-04-07 2006-10-12 Tyfone, Inc. Sleeve for electronic transaction card
EP1882229B1 (en) 2005-04-27 2014-07-23 Privasys, Inc. Electronic cards and methods for making same
US7793851B2 (en) 2005-05-09 2010-09-14 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US20080035738A1 (en) * 2005-05-09 2008-02-14 Mullen Jeffrey D Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US20060265278A1 (en) * 2005-05-18 2006-11-23 Napster Llc System and method for censoring randomly generated character strings
US7401731B1 (en) 2005-05-27 2008-07-22 Jpmorgan Chase Bank, Na Method and system for implementing a card product with multiple customized relationships
US8185877B1 (en) 2005-06-22 2012-05-22 Jpmorgan Chase Bank, N.A. System and method for testing applications
US8477940B2 (en) * 2005-07-15 2013-07-02 Tyfone, Inc. Symmetric cryptography with user authentication
US7805615B2 (en) * 2005-07-15 2010-09-28 Tyfone, Inc. Asymmetric cryptography with user authentication
US8189788B2 (en) * 2005-07-15 2012-05-29 Tyfone, Inc. Hybrid symmetric/asymmetric cryptography with user authentication
US8762263B2 (en) 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
US7210621B2 (en) * 2005-09-13 2007-05-01 Woronec John S Secure credit card and method and apparatus for utilizing the same
US8583926B1 (en) 2005-09-19 2013-11-12 Jpmorgan Chase Bank, N.A. System and method for anti-phishing authentication
WO2007079079A2 (en) * 2005-12-30 2007-07-12 Ready Credit Corporation Issuing a value-bearing card associated with only non-personally identifying information
US7930754B2 (en) * 2006-01-18 2011-04-19 International Business Machines Corporation Method for concealing user identities on computer systems through the use of temporary aliases
US7784682B2 (en) 2006-02-08 2010-08-31 Jpmorgan Chase Bank, N.A. System and method for granting promotional rewards to both customers and non-customers
US8408455B1 (en) 2006-02-08 2013-04-02 Jpmorgan Chase Bank, N.A. System and method for granting promotional rewards to both customers and non-customers
US7753259B1 (en) 2006-04-13 2010-07-13 Jpmorgan Chase Bank, N.A. System and method for granting promotional rewards to both customers and non-customers
US7966263B2 (en) * 2006-05-04 2011-06-21 First Data Corporation Wireless phone RF presentation instrument with sensor control
US9466057B2 (en) * 2006-05-04 2016-10-11 First Data Corporation RF presentation instrument with sensor control
US8793490B1 (en) 2006-07-14 2014-07-29 Jpmorgan Chase Bank, N.A. Systems and methods for multifactor authentication
WO2008013945A2 (en) * 2006-07-27 2008-01-31 Leverage, Inc. System and method for targeted marketing and consumer resource management
US20180300707A1 (en) * 2006-09-15 2018-10-18 Jean-Yves Rossi Payment method and systems
EP2074569A2 (en) * 2006-09-15 2009-07-01 ROSSI, Jean-Yves Payment method and systems
US20080208681A1 (en) * 2006-09-28 2008-08-28 Ayman Hammad Payment using a mobile device
US7527208B2 (en) 2006-12-04 2009-05-05 Visa U.S.A. Inc. Bank issued contactless payment card used in transit fare collection
US8738485B2 (en) 2007-12-28 2014-05-27 Visa U.S.A. Inc. Contactless prepaid product for transit fare collection
US8386349B2 (en) * 2007-02-28 2013-02-26 Visa U.S.A. Inc. Verification of a portable consumer device in an offline environment
US8346639B2 (en) * 2007-02-28 2013-01-01 Visa U.S.A. Inc. Authentication of a data card using a transit verification value
US8523069B2 (en) 2006-09-28 2013-09-03 Visa U.S.A. Inc. Mobile transit fare payment
US8118223B2 (en) 2006-09-28 2012-02-21 Visa U.S.A. Inc. Smart sign mobile transit fare payment
US20080086765A1 (en) * 2006-10-05 2008-04-10 Microsoft Corporation Issuance privacy
US7991692B2 (en) 2006-10-09 2011-08-02 First Data Corporation Electronic payment instrument and packaging
US7991158B2 (en) * 2006-12-13 2011-08-02 Tyfone, Inc. Secure messaging
US20090164380A1 (en) * 2006-12-20 2009-06-25 Brown Kerry D Financial transaction network
US9779556B1 (en) 2006-12-27 2017-10-03 Stamps.Com Inc. System and method for identifying and preventing on-line fraud
ZA200905538B (en) * 2007-02-27 2010-10-27 Emigrant Bank A method and system of facilitating a purchase between a buyer and a seller
US8473735B1 (en) 2007-05-17 2013-06-25 Jpmorgan Chase Systems and methods for managing digital certificates
US20080296368A1 (en) * 2007-06-04 2008-12-04 Newsom Victor V Stored-value instrument protection system and method
US8326758B2 (en) 2007-08-06 2012-12-04 Enpulz, L.L.C. Proxy card representing many monetary sources from a plurality of vendors
US20090106058A1 (en) * 2007-10-17 2009-04-23 Yahoo! Inc. Assessing ad value
US8417601B1 (en) 2007-10-18 2013-04-09 Jpmorgan Chase Bank, N.A. Variable rate payment card
US8157178B2 (en) 2007-10-19 2012-04-17 First Data Corporation Manufacturing system to produce contactless devices with switches
US8812401B2 (en) * 2007-11-20 2014-08-19 Propay Usa Inc. Secure payment capture processes
US9741027B2 (en) 2007-12-14 2017-08-22 Tyfone, Inc. Memory card based contactless devices
US20090159699A1 (en) 2007-12-24 2009-06-25 Dynamics Inc. Payment cards and devices operable to receive point-of-sale actions before point-of-sale and forward actions at point-of-sale
US8321682B1 (en) 2008-01-24 2012-11-27 Jpmorgan Chase Bank, N.A. System and method for generating and managing administrator passwords
US8725611B1 (en) 2008-02-21 2014-05-13 Jpmorgan Chase Bank, N.A. System and method for providing borrowing schemes
US20090240620A1 (en) * 2008-03-24 2009-09-24 Propay Usa, Inc. Secure payment system
US7885878B2 (en) 2008-05-28 2011-02-08 First Data Corporation Systems and methods of payment account activation
US8069121B2 (en) * 2008-08-04 2011-11-29 ProPay Inc. End-to-end secure payment processes
US8451122B2 (en) 2008-08-08 2013-05-28 Tyfone, Inc. Smartcard performance enhancement circuits and systems
US7961101B2 (en) 2008-08-08 2011-06-14 Tyfone, Inc. Small RFID card with integrated inductive element
US8447669B2 (en) 2008-08-26 2013-05-21 Visa U.S.A. Inc. System and method for implementing financial assistance programs
US20100051686A1 (en) * 2008-08-29 2010-03-04 Covenant Visions International Limited System and method for authenticating a transaction using a one-time pass code (OTPK)
US8579203B1 (en) 2008-12-19 2013-11-12 Dynamics Inc. Electronic magnetic recorded media emulators in magnetic card devices
US10354321B2 (en) 2009-01-22 2019-07-16 First Data Corporation Processing transactions with an extended application ID and dynamic cryptograms
US10037524B2 (en) * 2009-01-22 2018-07-31 First Data Corporation Dynamic primary account number (PAN) and unique key per card
US10628881B2 (en) 2009-01-22 2020-04-21 First Data Corporation Processing transactions with an extended application ID and dynamic cryptograms
EP2401708A4 (en) 2009-02-24 2012-08-15 Tyfone Inc Contactless device with miniaturized antenna
US8931703B1 (en) 2009-03-16 2015-01-13 Dynamics Inc. Payment cards and devices for displaying barcodes
US9329619B1 (en) 2009-04-06 2016-05-03 Dynamics Inc. Cards with power management
US8282007B1 (en) 2009-04-06 2012-10-09 Dynamics Inc. Laminated cards with manual input interfaces
US8622309B1 (en) 2009-04-06 2014-01-07 Dynamics Inc. Payment cards and devices with budgets, parental controls, and virtual accounts
US8320962B2 (en) 2009-06-05 2012-11-27 Visa International Service Association Contactless disablement
US8393545B1 (en) 2009-06-23 2013-03-12 Dynamics Inc. Cards deployed with inactivated products for activation
US9608826B2 (en) 2009-06-29 2017-03-28 Jpmorgan Chase Bank, N.A. System and method for partner key management
US8511574B1 (en) 2009-08-17 2013-08-20 Dynamics Inc. Advanced loyalty applications for powered cards and devices
US9306666B1 (en) 2009-10-08 2016-04-05 Dynamics Inc. Programming protocols for powered cards and devices
US8727219B1 (en) 2009-10-12 2014-05-20 Dynamics Inc. Magnetic stripe track signal having multiple communications channels
US8523059B1 (en) 2009-10-20 2013-09-03 Dynamics Inc. Advanced payment options for powered cards and devices
US8393546B1 (en) 2009-10-25 2013-03-12 Dynamics Inc. Games, prizes, and entertainment for powered cards and devices
CA2818958A1 (en) * 2009-11-18 2011-05-26 Magid Joseph Mina Anonymous transaction payment systems and methods
US10049356B2 (en) 2009-12-18 2018-08-14 First Data Corporation Authentication of card-not-present transactions
WO2011103160A1 (en) 2010-02-16 2011-08-25 Dynamics Inc. Systems and methods for drive circuits for dynamic magnetic stripe communications devices
US8348172B1 (en) 2010-03-02 2013-01-08 Dynamics Inc. Systems and methods for detection mechanisms for magnetic cards and devices
US10693263B1 (en) 2010-03-16 2020-06-23 Dynamics Inc. Systems and methods for audio connectors for powered cards and devices
EP3091473A1 (en) 2010-05-18 2016-11-09 Dynamics Inc. Systems and methods for cards and devices operable to communicate via light pulses and touch sensitive displays
CN101872507B (en) * 2010-06-12 2012-10-10 武汉天喻信息产业股份有限公司 Data safe transmission method for mobile payment
US8317103B1 (en) 2010-06-23 2012-11-27 FiTeq Method for broadcasting a magnetic stripe data packet from an electronic smart card
USD672389S1 (en) 2010-07-02 2012-12-11 Dynamics Inc. Multiple button interactive electronic card with light sources
USD674013S1 (en) 2010-07-02 2013-01-08 Dynamics Inc. Multiple button interactive electronic card with light sources
USD652448S1 (en) 2010-07-02 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
USD652075S1 (en) 2010-07-02 2012-01-10 Dynamics Inc. Multiple button interactive electronic card
USD652867S1 (en) 2010-07-02 2012-01-24 Dynamics Inc. Multiple button interactive electronic card
USD652449S1 (en) 2010-07-02 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
USD687094S1 (en) 2010-07-02 2013-07-30 Dynamics Inc. Multiple button interactive electronic card with light sources
USD670759S1 (en) 2010-07-02 2012-11-13 Dynamics Inc. Multiple button interactive electronic card with light sources
USD651238S1 (en) 2010-07-09 2011-12-27 Dynamics Inc. Interactive electronic card with display
USD792512S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
USD651237S1 (en) 2010-07-09 2011-12-27 Dynamics Inc. Interactive electronic card with display
USD651644S1 (en) 2010-07-09 2012-01-03 Dynamics Inc. Interactive electronic card with display
USD652450S1 (en) 2010-07-09 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
USD652076S1 (en) 2010-07-09 2012-01-10 Dynamics Inc. Multiple button interactive electronic card with display
USD665022S1 (en) 2010-07-09 2012-08-07 Dynamics Inc. Multiple button interactive electronic card with light source
USD792513S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
USD653288S1 (en) 2010-07-09 2012-01-31 Dynamics Inc. Multiple button interactive electronic card
USD643063S1 (en) 2010-07-09 2011-08-09 Dynamics Inc. Interactive electronic card with display
USD792511S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
USD666241S1 (en) 2010-07-09 2012-08-28 Dynamics Inc. Multiple button interactive electronic card with light source
USD665447S1 (en) 2010-07-09 2012-08-14 Dynamics Inc. Multiple button interactive electronic card with light source and display
US8322623B1 (en) 2010-07-26 2012-12-04 Dynamics Inc. Systems and methods for advanced card printing
US9818125B2 (en) 2011-02-16 2017-11-14 Dynamics Inc. Systems and methods for information exchange mechanisms for powered cards and devices
US10055614B1 (en) 2010-08-12 2018-08-21 Dynamics Inc. Systems and methods for advanced detection mechanisms for magnetic cards and devices
US9053398B1 (en) 2010-08-12 2015-06-09 Dynamics Inc. Passive detection mechanisms for magnetic cards and devices
US10022884B1 (en) 2010-10-15 2018-07-17 Dynamics Inc. Systems and methods for alignment techniques for magnetic cards and devices
US8561894B1 (en) 2010-10-20 2013-10-22 Dynamics Inc. Powered cards and devices designed, programmed, and deployed from a kiosk
US20120209677A1 (en) 2010-10-20 2012-08-16 Mehta Kaushal N Person-2-person social network marketing apparatuses, methods and systems
US9646240B1 (en) 2010-11-05 2017-05-09 Dynamics Inc. Locking features for powered cards and devices
WO2012078810A2 (en) * 2010-12-07 2012-06-14 Groupon Zappedy, Inc. Method and system for credit card holder identification
US8567679B1 (en) 2011-01-23 2013-10-29 Dynamics Inc. Cards and devices with embedded holograms
US10095970B1 (en) 2011-01-31 2018-10-09 Dynamics Inc. Cards including anti-skimming devices
WO2012106655A2 (en) 2011-02-05 2012-08-09 Visa International Service Association Merchant-consumer bridging platform apparatuses, methods and systems
WO2012109628A2 (en) 2011-02-10 2012-08-16 Visa International Service Assocation Electronic coupon issuance and redemption apparatuses, methods and systems
US10586227B2 (en) 2011-02-16 2020-03-10 Visa International Service Association Snap mobile payment apparatuses, methods and systems
SG193481A1 (en) 2011-02-16 2013-10-30 Visa Int Service Ass Snap mobile payment apparatuses, methods and systems
WO2012116125A1 (en) 2011-02-22 2012-08-30 Visa International Service Association Universal electronic payment apparatuses, methods and systems
AU2012223415B2 (en) 2011-02-28 2017-05-18 Visa International Service Association Secure anonymous transaction apparatuses, methods and systems
US9836680B1 (en) 2011-03-03 2017-12-05 Dynamics Inc. Systems and methods for advanced communication mechanisms for magnetic cards and devices
WO2012122060A1 (en) 2011-03-04 2012-09-13 Visa International Service Association Cloud service facilitator apparatuses, methods and systems
US8485446B1 (en) 2011-03-28 2013-07-16 Dynamics Inc. Shielded magnetic stripe for magnetic cards and devices
EP2707847A4 (en) 2011-05-10 2015-04-01 Dynamics Inc Systems, devices, and methods for mobile payment acceptance, mobile authorizations, mobile wallets, and contactless communication mechanisms
US9646291B2 (en) 2011-05-11 2017-05-09 Visa International Service Association Electronic receipt manager apparatuses, methods and systems
USD670329S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive display card
USD670330S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive card
USD670332S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive card
USD670331S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive display card
USD676904S1 (en) 2011-05-12 2013-02-26 Dynamics Inc. Interactive display card
US8628022B1 (en) 2011-05-23 2014-01-14 Dynamics Inc. Systems and methods for sensor mechanisms for magnetic cards and devices
CN103797500A (en) 2011-06-03 2014-05-14 维萨国际服务协会 Virtual wallet card selection apparatuses, methods and systems
US9582598B2 (en) 2011-07-05 2017-02-28 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US20130018779A1 (en) * 2011-07-14 2013-01-17 Bank Of America Corporation Alias-based merchant transaction system
US10438176B2 (en) 2011-07-17 2019-10-08 Visa International Service Association Multiple merchant payment processor platform apparatuses, methods and systems
US8827153B1 (en) 2011-07-18 2014-09-09 Dynamics Inc. Systems and methods for waveform generation for dynamic magnetic stripe communications devices
CN102904664A (en) * 2011-07-27 2013-01-30 国民技术股份有限公司 Anti-interference communication system and anti-interference method
US9710807B2 (en) 2011-08-18 2017-07-18 Visa International Service Association Third-party value added wallet features and interfaces apparatuses, methods and systems
US10825001B2 (en) 2011-08-18 2020-11-03 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10318941B2 (en) 2011-12-13 2019-06-11 Visa International Service Association Payment platform interface widget generation apparatuses, methods and systems
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US8768830B1 (en) 2011-09-08 2014-07-01 Citibank, N.A. Method and system for a multi-purpose transactional platform
US9117225B2 (en) 2011-09-16 2015-08-25 Visa International Service Association Apparatuses, methods and systems for transforming user infrastructure requests inputs to infrastructure design product and infrastructure allocation outputs
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
US11551046B1 (en) 2011-10-19 2023-01-10 Dynamics Inc. Stacked dynamic magnetic stripe commmunications device for magnetic cards and devices
US20130104197A1 (en) * 2011-10-23 2013-04-25 Gopal Nandakumar Authentication system
US11409971B1 (en) 2011-10-23 2022-08-09 Dynamics Inc. Programming and test modes for powered cards and devices
US9619741B1 (en) 2011-11-21 2017-04-11 Dynamics Inc. Systems and methods for synchronization mechanisms for magnetic cards and devices
US8960545B1 (en) 2011-11-21 2015-02-24 Dynamics Inc. Data modification for magnetic cards and devices
US9953378B2 (en) 2012-04-27 2018-04-24 Visa International Service Association Social checkout widget generation and integration apparatuses, methods and systems
WO2013090611A2 (en) 2011-12-13 2013-06-20 Visa International Service Association Dynamic widget generator apparatuses, methods and systems
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
US11308227B2 (en) 2012-01-09 2022-04-19 Visa International Service Association Secure dynamic page content and layouts apparatuses, methods and systems
US10262148B2 (en) 2012-01-09 2019-04-16 Visa International Service Association Secure dynamic page content and layouts apparatuses, methods and systems
AU2013214801B2 (en) 2012-02-02 2018-06-21 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems
US9064194B1 (en) 2012-02-03 2015-06-23 Dynamics Inc. Systems and methods for spike suppression for dynamic magnetic stripe communications devices
US9710745B1 (en) 2012-02-09 2017-07-18 Dynamics Inc. Systems and methods for automated assembly of dynamic magnetic stripe communications devices
US8888009B1 (en) 2012-02-14 2014-11-18 Dynamics Inc. Systems and methods for extended stripe mechanisms for magnetic cards and devices
US9916992B2 (en) 2012-02-20 2018-03-13 Dynamics Inc. Systems and methods for flexible components for powered cards and devices
US20130248594A1 (en) * 2012-03-21 2013-09-26 Sunit SOOM Multi-function, interactive payment card
US9734669B1 (en) 2012-04-02 2017-08-15 Dynamics Inc. Cards, devices, systems, and methods for advanced payment game of skill and game of chance functionality
US11418483B1 (en) 2012-04-19 2022-08-16 Dynamics Inc. Cards, devices, systems, and methods for zone-based network management
US9033218B1 (en) 2012-05-15 2015-05-19 Dynamics Inc. Cards, devices, systems, methods and dynamic security codes
US9064195B2 (en) 2012-06-29 2015-06-23 Dynamics Inc. Multiple layer card circuit boards
US20140052564A1 (en) * 2012-08-17 2014-02-20 Robb Lewis Notarized Game Card and Achievement Card
USD687489S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with buttons
USD688744S1 (en) 2012-08-27 2013-08-27 Dynamics Inc. Interactive electronic card with display and button
USD694322S1 (en) 2012-08-27 2013-11-26 Dynamics Inc. Interactive electronic card with display buttons
USD695636S1 (en) 2012-08-27 2013-12-17 Dynamics Inc. Interactive electronic card with display and buttons
USD729871S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and buttons
USD673606S1 (en) 2012-08-27 2013-01-01 Dynamics Inc. Interactive electronic card with display and buttons
USD687488S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with buttons
USD730439S1 (en) 2012-08-27 2015-05-26 Dynamics Inc. Interactive electronic card with buttons
USD828870S1 (en) 2012-08-27 2018-09-18 Dynamics Inc. Display card
USD675256S1 (en) 2012-08-27 2013-01-29 Dynamics Inc. Interactive electronic card with display and button
USD687490S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with display and button
USD676487S1 (en) 2012-08-27 2013-02-19 Dynamics Inc. Interactive electronic card with display and buttons
USD687487S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with display and button
USD729869S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and button
USD692053S1 (en) 2012-08-27 2013-10-22 Dynamics Inc. Interactive electronic card with display and button
USD730438S1 (en) 2012-08-27 2015-05-26 Dynamics Inc. Interactive electronic card with display and button
USD687887S1 (en) 2012-08-27 2013-08-13 Dynamics Inc. Interactive electronic card with buttons
USD687095S1 (en) 2012-08-27 2013-07-30 Dynamics Inc. Interactive electronic card with buttons
USD729870S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and button
US11126997B1 (en) 2012-10-02 2021-09-21 Dynamics Inc. Cards, devices, systems, and methods for a fulfillment system
US9010647B2 (en) 2012-10-29 2015-04-21 Dynamics Inc. Multiple sensor detector systems and detection methods of magnetic cards and devices
CN102930645A (en) * 2012-11-04 2013-02-13 张仁平 System for maintaining bank card account safety by using dynamic password card
US9659246B1 (en) 2012-11-05 2017-05-23 Dynamics Inc. Dynamic magnetic stripe communications device with beveled magnetic material for magnetic cards and devices
US9010644B1 (en) 2012-11-30 2015-04-21 Dynamics Inc. Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices
US10949627B2 (en) 2012-12-20 2021-03-16 Dynamics Inc. Systems and methods for non-time smearing detection mechanisms for magnetic cards and devices
US20140239068A1 (en) * 2013-02-22 2014-08-28 John Chowhan Park Credit card with alterable id/security features
USD765174S1 (en) 2013-03-04 2016-08-30 Dynamics Inc. Interactive electronic card with button
USD751640S1 (en) 2013-03-04 2016-03-15 Dynamics Inc. Interactive electronic card with display and button
USD751639S1 (en) 2013-03-04 2016-03-15 Dynamics Inc. Interactive electronic card with display and button
USD777252S1 (en) 2013-03-04 2017-01-24 Dynamics Inc. Interactive electronic card with buttons
USD750168S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with display and button
USD750166S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with display and buttons
USD765173S1 (en) 2013-03-04 2016-08-30 Dynamics Inc. Interactive electronic card with display and button
USD750167S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with buttons
USD764584S1 (en) 2013-03-04 2016-08-23 Dynamics Inc. Interactive electronic card with buttons
US20160148194A1 (en) * 2013-03-14 2016-05-26 Nagraid Security, Inc. Radio Frequency Powered Smart, Debit and Credit Card System Employing a Light Sensor to Enable Authorized Transactions
US9022286B2 (en) 2013-03-15 2015-05-05 Virtual Electric, Inc. Multi-functional credit card type portable electronic device
US9419957B1 (en) 2013-03-15 2016-08-16 Jpmorgan Chase Bank, N.A. Confidence-based authentication
NZ714050A (en) 2013-04-12 2018-10-26 Cardlab Aps A card, an assembly, a method of assembling the card and a method of outputting information
CA2912105A1 (en) 2013-04-12 2014-10-16 Cardlab Aps A card with an offset field generator
US8690054B1 (en) 2013-05-29 2014-04-08 The Toronto-Dominion Bank System and method for chip-enabled card transaction processing and alert communication
CN103413238A (en) * 2013-08-30 2013-11-27 苏州跨界软件科技有限公司 System for providing discount coupons randomly
USD767024S1 (en) 2013-09-10 2016-09-20 Dynamics Inc. Interactive electronic card with contact connector
USD737373S1 (en) 2013-09-10 2015-08-25 Dynamics Inc. Interactive electronic card with contact connector
US10769613B1 (en) * 2013-10-22 2020-09-08 Ondot Systems, Inc Delegate cards
US10148726B1 (en) 2014-01-24 2018-12-04 Jpmorgan Chase Bank, N.A. Initiating operating system commands based on browser cookies
US9225689B2 (en) * 2014-02-28 2015-12-29 Sap Se Hardware security agent for network communications
US10108891B1 (en) 2014-03-21 2018-10-23 Dynamics Inc. Exchange coupled amorphous ribbons for electronic stripes
US20150371183A1 (en) * 2014-06-20 2015-12-24 United Parcel Service Of America, Inc. Systems and methods for confidential shipping
EP3035230A1 (en) 2014-12-19 2016-06-22 Cardlab ApS A method and an assembly for generating a magnetic field
MA41187A (en) 2014-12-19 2021-04-07 Cardlab Aps PROCESS AND ASSEMBLY FOR GENERATING A MAGNETIC FIELD AND PROCESS FOR MANUFACTURING AN ASSEMBLY
CN105825371A (en) * 2015-01-07 2016-08-03 阿里巴巴集团控股有限公司 Method and device for processing service
US11216468B2 (en) 2015-02-08 2022-01-04 Visa International Service Association Converged merchant processing apparatuses, methods and systems
CN115018578A (en) * 2015-02-09 2022-09-06 创新先进技术有限公司 Service implementation method and device
CN106161807A (en) 2015-04-13 2016-11-23 阿里巴巴集团控股有限公司 Communication means and server
CN106161374A (en) 2015-04-13 2016-11-23 阿里巴巴集团控股有限公司 The exchange method of order data and server
CN106157079A (en) 2015-04-13 2016-11-23 阿里巴巴集团控股有限公司 The exchange method of order data and server
EP3082071A1 (en) 2015-04-17 2016-10-19 Cardlab ApS Device for and method of outputting a magnetic field
US20160371685A1 (en) * 2015-06-16 2016-12-22 Ned M. Smith System, apparatus and method for providing randomly generated codes in a user anonymous manner
US10032049B2 (en) 2016-02-23 2018-07-24 Dynamics Inc. Magnetic cards and devices for motorized readers
US10460367B2 (en) * 2016-04-29 2019-10-29 Bank Of America Corporation System for user authentication based on linking a randomly generated number to the user and a physical item
US10268635B2 (en) 2016-06-17 2019-04-23 Bank Of America Corporation System for data rotation through tokenization
FR3058814B1 (en) * 2016-11-15 2019-10-25 Ingenico Group METHOD FOR PROCESSING TRANSACTIONAL DATA, COMMUNICATION TERMINAL, CARD READER AND CORRESPONDING PROGRAM.
CN107682571B (en) * 2017-08-31 2019-09-03 携程旅游信息技术(上海)有限公司 Change the means of communication, system, equipment and the storage medium of base number
CN108829650B (en) * 2018-06-01 2022-08-23 腾讯科技(北京)有限公司 Card number generation method, device, server and storage medium
US10747658B2 (en) * 2018-11-19 2020-08-18 Paypal, Inc. Systems and methods for testing online use-case scenarios in a staging environment
US11244312B2 (en) * 2019-11-13 2022-02-08 Bank Of America Corporation One-time abstraction coding for resource deployment
US11631078B2 (en) 2020-04-13 2023-04-18 Capital One Services, Llc System and method for obfuscating transaction information
TR202020153A2 (en) * 2020-12-09 2021-04-21 Ahmet Tahsin Oezarslan Payment system and method with shopping ID number

Family Cites Families (195)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3665161A (en) 1969-10-20 1972-05-23 Day Albert J Card readout system
US4314352A (en) 1972-04-12 1982-02-02 Docutel Corporation Banking machine
US3845277A (en) 1972-09-01 1974-10-29 Mosler Safe Co Off-line cash dispenser and banking system
US4253017A (en) 1978-05-31 1981-02-24 Whitehead Edwin N Magnetically coded identification card
FR2311365A1 (en) 1975-05-13 1976-12-10 Innovation Ste Int SYSTEM FOR TRANSFERRING AND STORING DATA IN A PERSONAL AND CONFIDENTIAL WAY BY MEANS OF PORTABLE INDEPENDENT ELECTRONIC OBJECTS
US4016405A (en) 1975-06-09 1977-04-05 Diebold, Incorporated Card validation, method and system
US4214230A (en) * 1978-01-19 1980-07-22 Rolf Blom Personal identification system
US4234932A (en) 1978-09-05 1980-11-18 Honeywell Information Systems Inc. Security system for remote cash dispensers
JPS55143679A (en) 1979-04-24 1980-11-10 Nec Corp Credit number verification system
JPS5710869A (en) 1980-06-24 1982-01-20 Omron Tateisi Electronics Co Fault processing method of automatic transaction processing equipment
US4390968A (en) 1980-12-30 1983-06-28 Honeywell Information Systems Inc. Automated bank transaction security system
US4443027A (en) 1981-07-29 1984-04-17 Mcneely Maurice G Multiple company credit card system
US4458142A (en) 1981-10-07 1984-07-03 Hecon Corporation Programmed electronic keycorder unit
US4437130A (en) 1981-12-18 1984-03-13 Hennessy John Brian Cassette adapter for eight track machines
US4926480A (en) 1983-08-22 1990-05-15 David Chaum Card-computer moderated systems
GB2146814A (en) 1983-09-17 1985-04-24 Ibm Electronic fund transfer systems
EP0247623A3 (en) 1984-03-19 1989-09-20 Omron Tateisi Electronics Co. Ic card transaction system
DE3417766A1 (en) 1984-05-12 1985-11-14 Betriebswirtschaftliches Institut der Deutschen Kreditgenossenschaften BIK GmbH, 6000 Frankfurt WORKING METHOD AND DEVICE FOR ELECTRONICALLY AUTHORIZED DETECTING A MATTER
US4918631A (en) 1984-09-07 1990-04-17 Casio Computer Co., Ltd. Compact type electronic information card
US4614861A (en) 1984-11-15 1986-09-30 Intellicard International, Inc. Unitary, self-contained card verification and validation system and method
US5168520A (en) 1984-11-30 1992-12-01 Security Dynamics Technologies, Inc. Method and apparatus for personal identification
US4679236A (en) 1984-12-21 1987-07-07 Davies Richard E Identification verification method and system
US4689478A (en) 1984-12-24 1987-08-25 Ncr Corporation System for handling transactions including a portable personal terminal
US4634845A (en) 1984-12-24 1987-01-06 Ncr Corporation Portable personal terminal for use in a system for handling transactions
FR2575566B1 (en) 1984-12-28 1990-06-22 Bull Sa METHOD FOR CUSTOMIZING PORTABLE MEDIA SUCH AS CARDS
US4650978A (en) 1985-01-23 1987-03-17 Rmh Systems, Inc. Off line cash card system and method
US4701601A (en) 1985-04-26 1987-10-20 Visa International Service Association Transaction card with magnetic stripe emulator
US4707594A (en) 1985-06-27 1987-11-17 Intellicard International, Inc. Unitary, self-contained consumer transaction card
JPH083821B2 (en) 1985-07-12 1996-01-17 カシオ計算機株式会社 IC card system
JPH0615273B2 (en) * 1986-01-20 1994-03-02 株式会社アイテイテイキャノン IC card
US4837822A (en) 1986-04-08 1989-06-06 Schlage Lock Company Cryptographic based electronic lock system and method of operation
US4791283A (en) 1986-06-03 1988-12-13 Intellicard International, Inc. Transaction card magnetic stripe emulator
USD298317S (en) * 1986-06-20 1988-11-01 Oki Electric Industry Co., Ltd. Mobile handset telephone and stand therefor with integral speakerphone and magnetic card reader
JPS6354294A (en) * 1986-08-25 1988-03-08 株式会社日立製作所 Information medium and information protective method using said medium
JPS63231692A (en) 1987-03-20 1988-09-27 Mitsubishi Electric Corp Secret code writer
JPS63253493A (en) 1987-04-09 1988-10-20 Mitsubishi Electric Corp Information recording system
US4868376A (en) 1987-05-15 1989-09-19 Smartcard International Inc. Intelligent portable interactive personal data system
JPH0195362A (en) * 1987-10-07 1989-04-13 Omron Tateisi Electron Co Debit-cum-credit terminal
FR2625000B1 (en) 1987-12-22 1991-08-16 Sgs Thomson Microelectronics CHIP CARD STRUCTURE
JPH02148374A (en) 1988-11-30 1990-06-07 Tokyo Electric Co Ltd Information storing and displaying card
US5220501A (en) 1989-12-08 1993-06-15 Online Resources, Ltd. Method and system for remote delivery of retail banking services
US5130519A (en) 1990-01-16 1992-07-14 George Bush Portable pin card
US5192947A (en) 1990-02-02 1993-03-09 Simon Neustein Credit card pager apparatus
JP3031971B2 (en) * 1990-07-31 2000-04-10 株式会社東芝 Terminal device of product sales system
FR2669267B1 (en) 1990-11-16 1993-01-22 Supermag PERSONALIZATION MACHINE FOR CHIP CARDS.
FR2673476B1 (en) 1991-01-18 1996-04-12 Gemplus Card Int SECURE METHOD FOR LOADING MULTIPLE APPLICATIONS INTO A MICROPROCESSOR MEMORY CARD.
GB9105851D0 (en) 1991-03-20 1991-05-08 Security Systems Consortium Th Securing financial transactions
FR2676294B1 (en) 1991-05-06 1993-07-16 Gemplus Card Int LOCKING METHOD FOR MEMORY CARD.
JPH0540864A (en) 1991-08-06 1993-02-19 Matsushita Electric Ind Co Ltd Ic card
US5426281A (en) * 1991-08-22 1995-06-20 Abecassis; Max Transaction protection system
US5440108A (en) 1991-10-11 1995-08-08 Verifone, Inc. System and method for dispensing and revalung cash cards
US5557518A (en) 1994-04-28 1996-09-17 Citibank, N.A. Trusted agents for open electronic commerce
US5453601A (en) 1991-11-15 1995-09-26 Citibank, N.A. Electronic-monetary system
US5585787A (en) 1991-12-09 1996-12-17 Wallerstein; Robert S. Programmable credit card
US5955961A (en) 1991-12-09 1999-09-21 Wallerstein; Robert S. Programmable transaction card
FR2686172B1 (en) 1992-01-14 1996-09-06 Gemplus Card Int PLUG - IN CARD FOR A MICROCOMPUTER FORMING A CARD READER WITH FLUSHED CONTACTS.
US5280527A (en) * 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5365221A (en) * 1992-10-19 1994-11-15 Motorola, Inc. Computer card having low battery indicator
AU5364794A (en) * 1992-10-22 1994-05-09 American Express Travel Related Services Company, Inc. Automated billing consolidation system and method
AU5538494A (en) 1992-10-30 1994-05-24 Microbilt Corporation Multi-reader transaction terminal
US5267314A (en) 1992-11-17 1993-11-30 Leon Stambler Secure transaction system and method utilized therein
US5317636A (en) 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
US5371797A (en) 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
US5373558A (en) 1993-05-25 1994-12-13 Chaum; David Desinated-confirmer signature systems
US5568121A (en) 1993-05-27 1996-10-22 Lamensdorf; David M. Wireless system for sensing information at remote locations and communicating with a main monitoring center
US5917168A (en) 1993-06-02 1999-06-29 Hewlett-Packard Company System and method for revaluation of stored tokens in IC cards
US5412192A (en) 1993-07-20 1995-05-02 American Express Company Radio frequency activated charge card
US5538442A (en) 1993-10-04 1996-07-23 Murata Mfg. Co., Ltd. Communication card
USRE36365E (en) 1993-10-25 1999-11-02 Visa International Service Association Method and apparatus for distributing currency
US5465206B1 (en) * 1993-11-01 1998-04-21 Visa Int Service Ass Electronic bill pay system
US5578808A (en) 1993-12-22 1996-11-26 Datamark Services, Inc. Data card that can be used for transactions involving separate card issuers
US5526428A (en) 1993-12-29 1996-06-11 International Business Machines Corporation Access control apparatus and method
US5434919A (en) 1994-01-11 1995-07-18 Chaum; David Compact endorsement signature systems
US5623552A (en) 1994-01-21 1997-04-22 Cardguard International, Inc. Self-authenticating identification card with fingerprint identification
US5434398A (en) 1994-02-22 1995-07-18 Haim Labenski Magnetic smartcard
US5497411A (en) 1994-03-14 1996-03-05 Pellerin; Joseph C. E. Telecommunications card-access system
US6925439B1 (en) * 1994-06-20 2005-08-02 C-Sam, Inc. Device, system and methods of conducting paperless transactions
US5590038A (en) 1994-06-20 1996-12-31 Pitroda; Satyan G. Universal electronic transaction card including receipt storage and system and methods of conducting electronic transactions
US5627355A (en) 1994-07-13 1997-05-06 Rahman; Sam Transaction device, equipment and method for protecting account numbers and their associated personal identification numbers
US5583933A (en) 1994-08-05 1996-12-10 Mark; Andrew R. Method and apparatus for the secure communication of data
GB9416595D0 (en) 1994-08-17 1994-10-12 British Telecomm User authentication in a communications network
DE69533328T2 (en) 1994-08-30 2005-02-10 Kokusai Denshin Denwa Co., Ltd. VERIFICATION DEVICE
US5834747A (en) 1994-11-04 1998-11-10 Pixel Instruments Universal credit card apparatus and method
US5754652A (en) 1994-12-14 1998-05-19 Lucent Technologies Inc. Method and apparatus for secure pin entry
US5689247A (en) 1994-12-30 1997-11-18 Ortho Pharmaceutical Corporation Automated system for identifying authorized system users
GB2297011B (en) 1995-01-13 1999-03-10 Telsis Holdings Ltd Secure access telephony server systems
US6236391B1 (en) 1995-01-24 2001-05-22 Elo Touchsystems, Inc. Acoustic touch position sensor using a low acoustic loss transparent substrate
JPH08214281A (en) * 1995-02-06 1996-08-20 Sony Corp Charging method and system
FR2730576B1 (en) 1995-02-15 1997-04-04 Gemplus Card Int METHOD FOR MANUFACTURING ELECTRONIC CARDS AND CARDS OBTAINED BY SUCH A PROCESS
US6089451A (en) 1995-02-17 2000-07-18 Krause; Arthur A. Systems for authenticating the use of transaction cards having a magnetic stripe
US6012634A (en) 1995-03-06 2000-01-11 Motorola, Inc. Dual card and method therefor
US5818030A (en) 1995-03-07 1998-10-06 Reyes; Rene A. Credit card system with key module
US5590197A (en) * 1995-04-04 1996-12-31 V-One Corporation Electronic payment system and method
US5708422A (en) * 1995-05-31 1998-01-13 At&T Transaction authorization and alert system
US5655008A (en) 1995-06-07 1997-08-05 Dart, Inc. System and method for performing a variety of transactions having distributed decision-making capability
US5790677A (en) 1995-06-29 1998-08-04 Microsoft Corporation System and method for secure electronic commerce transactions
US5754653A (en) 1995-07-26 1998-05-19 Canfield; Henry A. Coding formula for verifying checks and credit cards
JPH0950465A (en) 1995-08-04 1997-02-18 Hitachi Ltd Electronic shopping method, electronic shopping system and document authentication method
US5671280A (en) 1995-08-30 1997-09-23 Citibank, N.A. System and method for commercial payments using trusted agents
US5663553A (en) 1995-09-27 1997-09-02 Intel Corporation Mass storage device adapter for smart cards
NL1001863C2 (en) 1995-12-08 1997-06-10 Nederland Ptt Method for securely writing down an electronic payment method, as well as payment method for implementing the method.
US6003763A (en) 1995-12-29 1999-12-21 Visa International Service Method and apparatus for recording magnetic information on traveler's checks
US5850442A (en) 1996-03-26 1998-12-15 Entegrity Solutions Corporation Secure world wide electronic commerce over an open network
US5915226A (en) 1996-04-19 1999-06-22 Gemplus Card International Prepaid smart card in a GSM based wireless telephone network and method for operating prepaid cards
FR2748152B1 (en) 1996-04-30 1998-08-07 Gemplus Card Int LOW THICKNESS INTEGRATED CIRCUIT BOARD HAVING IMPROVED MANUALLY OPERATED SWITCH
US6075861A (en) 1996-05-29 2000-06-13 At&T Corp. Security access system
US5834756A (en) 1996-06-03 1998-11-10 Motorola, Inc. Magnetically communicative card
US6072870A (en) 1996-06-17 2000-06-06 Verifone Inc. System, method and article of manufacture for a gateway payment architecture utilizing a multichannel, extensible, flexible architecture
US5831862A (en) 1996-08-05 1998-11-03 Mars, Incorporated Automatic transaction system with a dynamic display and methods of its operation
US5913203A (en) 1996-10-03 1999-06-15 Jaesent Inc. System and method for pseudo cash transactions
US6029150A (en) 1996-10-04 2000-02-22 Certco, Llc Payment and transactions in electronic commerce system
US5953710A (en) 1996-10-09 1999-09-14 Fleming; Stephen S. Children's credit or debit card system
US5905246A (en) 1996-10-31 1999-05-18 Fajkowski; Peter W. Method and apparatus for coupon management and redemption
US5844497A (en) 1996-11-07 1998-12-01 Litronic, Inc. Apparatus and method for providing an authentication system
US5932869A (en) 1996-12-27 1999-08-03 Graphic Technology, Inc. Promotional system with magnetic stripe and visual thermo-reversible print surfaced medium
US5988510A (en) 1997-02-13 1999-11-23 Micron Communications, Inc. Tamper resistant smart card and method of protecting data in a smart card
IL120672A (en) 1997-04-15 2000-06-29 Nush Marketing Man And Consult System for transaction over communication network
US6012636A (en) 1997-04-22 2000-01-11 Smith; Frank E. Multiple card data system having first and second memory elements including magnetic strip and fingerprints scanning means
US6111953A (en) 1997-05-21 2000-08-29 Walker Digital, Llc Method and apparatus for authenticating a document
US6078888A (en) 1997-07-16 2000-06-20 Gilbarco Inc. Cryptography security for remote dispenser transactions
AU8596098A (en) 1997-07-25 1999-02-16 Main Street Marketing Automated credit card payment system
US6003014A (en) 1997-08-22 1999-12-14 Visa International Service Association Method and apparatus for acquiring access using a smart card
US7177835B1 (en) * 1997-08-28 2007-02-13 Walker Digital, Llc Method and device for generating a single-use financial account number
US6163771A (en) * 1997-08-28 2000-12-19 Walker Digital, Llc Method and device for generating a single-use financial account number
US5883810A (en) 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions
US6000832A (en) 1997-09-24 1999-12-14 Microsoft Corporation Electronic online commerce card with customer generated transaction proxy number for online transactions
US6047268A (en) 1997-11-04 2000-04-04 A.T.&T. Corporation Method and apparatus for billing for transactions conducted over the internet
US6050493A (en) 1997-12-01 2000-04-18 American Floral Company, Llc Pre-paid flower or gift card
EP0921487A3 (en) 1997-12-08 2000-07-26 Nippon Telegraph and Telephone Corporation Method and system for billing on the internet
US6188309B1 (en) 1998-01-07 2001-02-13 At&T Corp Method and apparatus for minimizing credit card fraud
US6101477A (en) 1998-01-23 2000-08-08 American Express Travel Related Services Company, Inc. Methods and apparatus for a travel-related multi-function smartcard
US6098053A (en) 1998-01-28 2000-08-01 Citibank, N.A. System and method for performing an electronic financial transaction
US5943241A (en) 1998-03-13 1999-08-24 Interlott Technologies, Inc. Item dispensing system
US6636833B1 (en) 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
US6422462B1 (en) * 1998-03-30 2002-07-23 Morris E. Cohen Apparatus and methods for improved credit cards and credit card transactions
US6315195B1 (en) * 1998-04-17 2001-11-13 Diebold, Incorporated Transaction apparatus and method
US6068184A (en) 1998-04-27 2000-05-30 Barnett; Donald A. Security card and system for use thereof
US6199762B1 (en) 1998-05-06 2001-03-13 American Express Travel Related Services Co., Inc. Methods and apparatus for dynamic smartcard synchronization and personalization
US6029890A (en) 1998-06-22 2000-02-29 Austin; Frank User-Specified credit card system
IL125826A (en) 1998-08-17 2001-05-20 Ur Jonathan Shem Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein
US6182894B1 (en) 1998-10-28 2001-02-06 American Express Travel Related Services Company, Inc. Systems and methods for authorizing a transaction card
US7236950B2 (en) * 1998-10-29 2007-06-26 Universal Card Services Corp. Method and system of combined billing of multiple accounts on a single statement
FR2786013B1 (en) 1998-11-12 2001-01-19 Gemplus Card Int AUTHENTICATION METHOD BETWEEN A MEMORY CARD AND A TERMINAL
US6032134A (en) 1998-11-18 2000-02-29 Weissman; Steven I. Credit card billing system for identifying expenditures on a credit card account
US6257486B1 (en) 1998-11-23 2001-07-10 Cardis Research & Development Ltd. Smart card pin system, card, and reader
US6339766B1 (en) 1998-12-02 2002-01-15 Transactionsecure Electronic payment system employing limited-use account number
US6327578B1 (en) 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
EP1028401A3 (en) 1999-02-12 2003-06-25 Citibank, N.A. Method and system for performing a bankcard transaction
EP1153375B1 (en) 1999-02-18 2003-01-15 Orbis Patents Limited Credit card system and method
GB9904791D0 (en) 1999-03-02 1999-04-28 Smartport Limited An internet interface system
CO5280174A1 (en) 1999-03-11 2003-05-30 American Express Travel Relate METHODS AND APPLIANCES FOR AUTHENTICATION OF INFORMATION DOWNLOAD ON A SMART CARD
US6230977B1 (en) 1999-03-18 2001-05-15 Axiohm Transaction Solutions, Inc. Apparatus for processing warped, bowed and bent credit cards
US20040083184A1 (en) * 1999-04-19 2004-04-29 First Data Corporation Anonymous card transactions
US6227447B1 (en) 1999-05-10 2001-05-08 First Usa Bank, Na Cardless payment system
US6938022B1 (en) * 1999-06-12 2005-08-30 Tara C. Singhal Method and apparatus for facilitating an anonymous information system and anonymous service transactions
AU6229000A (en) * 1999-07-26 2001-02-13 Iprivacy Llc Electronic purchase of goods over a communication network including physical delivery while securing private and personal information
US6224109B1 (en) 1999-08-07 2001-05-01 James Yung Chien Yang Credit card with driver's license or identification
USD436620S1 (en) 1999-09-01 2001-01-23 American Express Travel Related Services Company, Inc. Transparent card with a machine readable stripe, IC chip and ornamental rectangle
US6213403B1 (en) 1999-09-10 2001-04-10 Itt Manufacturing Enterprises, Inc. IC card with fingerprint sensor
US6394343B1 (en) 1999-10-14 2002-05-28 Jon N. Berg System for card to card transfer of monetary values
US6332134B1 (en) 1999-11-01 2001-12-18 Chuck Foster Financial transaction system
US20020070279A1 (en) 1999-12-21 2002-06-13 Zausner Alan J. Methods and apparatus for illuminating a transaction card
AU3086101A (en) 2000-01-05 2001-07-16 American Express Travel Related Services Company, Inc. Smartcard internet authorization system
US6742704B2 (en) 2000-01-21 2004-06-01 American Express Travel Related Services Company, Inc. Multiple-service card system
US6847953B2 (en) 2000-02-04 2005-01-25 Kuo James Shaw-Han Process and method for secure online transactions with calculated risk and against fraud
PL356446A1 (en) * 2000-02-05 2004-06-28 Diebold, Incorporated System and method for dispensing digital information from an automated transaction machine
US7003501B2 (en) * 2000-02-11 2006-02-21 Maurice Ostroff Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
US20060190412A1 (en) * 2000-02-11 2006-08-24 Maurice Ostroff Method and system for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
AUPQ564400A0 (en) * 2000-02-16 2000-03-09 Ong, Yong Kin (Michael) Electronic credit card-ecc
US6834270B1 (en) 2000-02-28 2004-12-21 Carlo Pagani Secured financial transaction system using single use codes
AU2001243473A1 (en) 2000-03-07 2001-09-17 American Express Travel Related Services Company, Inc. System for facilitating a transaction
EP1269429A2 (en) * 2000-03-15 2003-01-02 Mastercard International, Inc. Method and system for secure payments over a computer network
FR2806858B1 (en) 2000-03-22 2002-05-03 France Telecom CRYPTOGRAPHIC PROTECTION AGAINST FRAUD
AU5701901A (en) 2000-04-11 2001-10-23 Mastercard International Inc An improved method and system for conducting secure payments over a computer network
US6990470B2 (en) 2000-04-11 2006-01-24 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US7379919B2 (en) 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US20010047335A1 (en) * 2000-04-28 2001-11-29 Martin Arndt Secure payment method and apparatus
US6609654B1 (en) * 2000-05-15 2003-08-26 Privasys, Inc. Method for allowing a user to customize use of a payment card that generates a different payment card number for multiple transactions
US6592044B1 (en) * 2000-05-15 2003-07-15 Jacob Y. Wong Anonymous electronic card for generating personal coupons useful in commercial and security transactions
US6805288B2 (en) 2000-05-15 2004-10-19 Larry Routhenstein Method for generating customer secure card numbers subject to use restrictions by an electronic card
US6755341B1 (en) * 2000-05-15 2004-06-29 Jacob Y. Wong Method for storing data in payment card transaction
US6990586B1 (en) * 2000-06-02 2006-01-24 International Business Machines Corp. Secure data transmission from unsecured input environments
US7058611B2 (en) 2000-07-10 2006-06-06 Mastercard International Incorporated Method and system for conducting secure electronic commerce transactions with authorization request data loop-back
DE10038287A1 (en) 2000-08-05 2002-02-21 Itt Mfg Enterprises Inc Plug-in card for electronic devices
US7454356B2 (en) * 2000-10-24 2008-11-18 Clickshare Service Corp. Completely anonymous purchasing of goods on a computer network
US20020083010A1 (en) 2000-12-11 2002-06-27 Namsuk Kim Electronic identification system
US20020096570A1 (en) * 2001-01-25 2002-07-25 Wong Jacob Y. Card with a dynamic embossing apparatus
US6915279B2 (en) 2001-03-09 2005-07-05 Mastercard International Incorporated System and method for conducting secure payment transactions
US7181017B1 (en) * 2001-03-23 2007-02-20 David Felsher System and method for secure three-party communications
US7225156B2 (en) * 2001-07-11 2007-05-29 Fisher Douglas C Persistent dynamic payment service
AU2002355530A1 (en) * 2001-08-03 2003-02-24 John Allen Ananian Personalized interactive digital catalog profiling
US6607127B2 (en) * 2001-09-18 2003-08-19 Jacob Y. Wong Magnetic stripe bridge
TW594271B (en) * 2003-09-23 2004-06-21 Optimax Tech Corp Polarization plate capable of increasing LCD contrast of large viewing angle
US7793851B2 (en) * 2005-05-09 2010-09-14 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170026185A1 (en) * 2015-07-21 2017-01-26 Entrust, Inc. Method and apparatus for providing secure communication among constrained devices
US10728043B2 (en) * 2015-07-21 2020-07-28 Entrust, Inc. Method and apparatus for providing secure communication among constrained devices
US11102013B2 (en) 2015-07-21 2021-08-24 Entrust, Inc. Method and apparatus for providing secure communication among constrained devices

Also Published As

Publication number Publication date
US7693798B2 (en) 2010-04-06
US20120205443A1 (en) 2012-08-16
US20050086160A1 (en) 2005-04-21
US7748616B2 (en) 2010-07-06
US20140231527A1 (en) 2014-08-21
US8690055B2 (en) 2014-04-08
US6805288B2 (en) 2004-10-19
US20120265689A1 (en) 2012-10-18
US20050082362A1 (en) 2005-04-21
US20050086177A1 (en) 2005-04-21
US20050080747A1 (en) 2005-04-14
US20030034388A1 (en) 2003-02-20
US8191772B2 (en) 2012-06-05

Similar Documents

Publication Publication Date Title
US6805288B2 (en) Method for generating customer secure card numbers subject to use restrictions by an electronic card
US7559464B2 (en) Method for generating customer secure card numbers
US10991062B2 (en) Secure authorization system
US8315948B2 (en) Method and device for generating a single-use financial account number
US7024395B1 (en) Method and system for secure credit card transactions
US7844550B2 (en) Method and device for generating a single-use financial account number
US6609654B1 (en) Method for allowing a user to customize use of a payment card that generates a different payment card number for multiple transactions
US7039809B1 (en) Asymmetric encrypted pin
KR101456551B1 (en) Track data encryption
US20070262138A1 (en) Dynamic encryption of payment card numbers in electronic payment transactions
US8621230B2 (en) System and method for secure verification of electronic transactions
US20130168450A1 (en) Format preserving cipher system and method
JP2004500671A (en) Improved method and system for making secure payments over a computer network
WO2009039600A1 (en) System and method for secure verification of electronic transactions
Boyd A pragmatic approach to temporary payment card numbers
WO2002103642A2 (en) Method and system for secure credit card transactions

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION