公开(公告)号：US20130212026A1

公开(公告)日：2013-08-15

申请号：US13735800

申请日：2013-01-07

申请人： Glenn Powell ,  John Sheets ,  Paul Tait ,  Kim Wagner ,  Krishna Koganti ,  Marc Perl ,  Hector Rodriguez ,  Susan Zloth

发明人： Glenn Powell ,  John Sheets ,  Paul Tait ,  Kim Wagner ,  Krishna Koganti ,  Marc Perl ,  Hector Rodriguez ,  Susan Zloth

IPC分类号： G06Q20/38

CPC分类号： G06Q20/3823 ,  G06F21/606 ,  G06Q20/4012 ,  G07F7/1091

摘要： Systems and methods are disclosed in which data associated with a transaction are protected with encryption. At an access device, a PIN associated with a payment account may be encrypted with a first key derived from an initial key of the access device and sensitive data associated with the payment account may be encrypted with a second key derived from the initial key. At a secure module associated with a host server encrypted sensitive data of an authorization request message may be decrypted. The secure module associated with the host server can re-encrypt the sensitive data using a zone encryption key associated with a payment processing network. A translated authorization request message including the re-encrypted sensitive data can be transmitted by the merchant server to the payment processing network.

摘要翻译： 公开了与事务相关联的数据通过加密来保护的系统和方法。 在访问设备处，与支付帐户相关联的PIN可以用从访问设备的初始密钥导出的第一密钥加密，并且与支付帐户相关联的敏感数据可以用从初始密钥导出的第二密钥进行加密。 在与主机服务器相关联的安全模块中，可以解密授权请求消息的加密敏感数据。 与主机服务器相关联的安全模块可以使用与支付处理网络相关联的区域加密密钥来重新加密敏感数据。 包括重新加密的敏感数据的翻译的授权请求消息可以由商家服务器发送到支付处理网络。

公开(公告)号：US20150046338A1

公开(公告)日：2015-02-12

申请号：US14455574

申请日：2014-08-08

申请人： PRASANNA LAXMINARAYANAN ,  Glenn Powell ,  John Sheets ,  Paul Tait ,  Andrew Carpenter

发明人： PRASANNA LAXMINARAYANAN ,  Glenn Powell ,  John Sheets ,  Paul Tait ,  Andrew Carpenter

IPC分类号： G06Q20/38

CPC分类号： G06Q20/38215 ,  G06Q20/20

摘要： Systems, apparatuses, and methods are provided for enabling a transaction using a token associated with a first payment network to be conducted using a second payment network. When a transaction using a token is submitted to a payment network, the payment network can determine the payment network associated with the token. If the token is associated with a second payment network, a token verification request including the token can be sent to the second payment network. The second payment network can then return a token verification response including a primary account identifier such as a primary account number (PAN) corresponding to the token and a validation result. The transaction may then be processed using the primary account identifier.

摘要翻译： 提供了系统，装置和方法，以使得能够使用第二支付网络来执行使用与第一支付网络相关联的令牌的交易。 当使用令牌的交易被提交到支付网络时，支付网络可以确定与令牌相关联的支付网络。 如果令牌与第二支付网络相关联，则可以将包括令牌的令牌验证请求发送到第二支付网络。 第二支付网络然后可以返回令牌验证响应，该令牌验证响应包括诸如与令牌相对应的主帐号（PAN）的主帐户标识符和验证结果。 然后可以使用主帐户标识符处理该交易。

公开(公告)号：US20150019443A1

公开(公告)日：2015-01-15

申请号：US14332245

申请日：2014-07-15

申请人： John Sheets ,  Kim Wagner ,  Christian Aabye ,  Frederick Liu ,  Igor Karpenko ,  Glenn Powell ,  Kiushan Pirzadeh

发明人： John Sheets ,  Kim Wagner ,  Christian Aabye ,  Frederick Liu ,  Igor Karpenko ,  Glenn Powell ,  Kiushan Pirzadeh

IPC分类号： G06Q20/32 ,  G06Q20/38

CPC分类号： G06Q20/3278 ,  G06Q20/322 ,  G06Q20/3829

摘要： Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device comprising a server computer receiving a payment request including encrypted payment information. The encrypted payment information being generated by a mobile payment application of the mobile device and being encrypted using a third party key. The method further comprises decrypting the encrypted payment information using the third party key, determining a transaction processor public key associated with the payment information, and re-encrypting the payment information using the transaction processor public key. The method further comprises sending a payment response including the re-encrypted payment information to a transaction processor. The transaction processor decrypts the re-encrypted payment information using a transaction processor private key and initiates a payment transaction.

摘要翻译： 本发明的实施例涉及用于安全地处理远程事务的方法，装置，计算机可读介质和系统。 本发明的一个实施例涉及一种处理由移动设备发起的远程交易的方法，该移动设备包括服务器计算机接收包括加密支付信息的支付请求。 加密的支付信息由移动设备的移动支付应用程序生成，并使用第三方密钥进行加密。 该方法还包括使用第三方密钥对加密的支付信息进行解密，确定与支付信息相关联的交易处理器公开密钥，以及使用交易处理器公开密钥重新加密支付信息。 该方法还包括向业务处理器发送包括重新加密的支付信息的支付响应。 交易处理器使用交易处理器私钥解密重新加密的支付信息并启动支付交易。

公开(公告)号：US20170221056A1

公开(公告)日：2017-08-03

申请号：US15490191

申请日：2017-04-18

申请人： Igor Karpenko ,  Oleg Makhotin ,  Kiushan Pirzadeh ,  Glenn Powell ,  John Sheets ,  Erick Wong

发明人： Igor Karpenko ,  Oleg Makhotin ,  Kiushan Pirzadeh ,  Glenn Powell ,  John Sheets ,  Erick Wong

IPC分类号： G06Q20/38 ,  G06Q20/32 ,  G06Q20/40

CPC分类号： G06Q20/3829 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/38215 ,  G06Q20/401 ,  G06Q20/409

摘要： Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device. The method comprises receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device. The method further comprises validating that the transaction processor application is authentic and in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application. The transaction processor application further initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.

公开(公告)号：US09646303B2

公开(公告)日：2017-05-09

申请号：US14461227

申请日：2014-08-15

申请人： Igor Karpenko ,  Oleg Makhotin ,  Kiushan Pirzadeh ,  Glenn Powell ,  John Sheets ,  Erick Wong

发明人： Igor Karpenko ,  Oleg Makhotin ,  Kiushan Pirzadeh ,  Glenn Powell ,  John Sheets ,  Erick Wong

IPC分类号： G06Q20/00 ,  G06Q20/38 ,  G06Q20/32 ,  G06Q20/40

CPC分类号： G06Q20/3829 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/38215 ,  G06Q20/401 ,  G06Q20/409

摘要： Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device. The method comprises receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device. The method further comprises validating that the transaction processor application is authentic and in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application. The transaction processor application further initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.

公开(公告)号：US20150195133A1

公开(公告)日：2015-07-09

申请号：US14591836

申请日：2015-01-07

申请人： John Sheets ,  Glenn Powell ,  Igor Karpenko ,  Erick Wong

发明人： John Sheets ,  Glenn Powell ,  Igor Karpenko ,  Erick Wong

IPC分类号： H04L12/24 ,  H04W4/00

CPC分类号： H04W4/50

摘要： Embodiments of the present invention are directed to methods, systems, and apparatuses for provisioning account information to a mobile device. In one embodiment, following the provisioning of account information to a first mobile device of a user, a second mobile device of the user may be provisioned without requiring the user to provide account information for the provisioned accounts. In another embodiment, provisioned account information may be stored to a remote database, and subsequently restored to a previously provisioned mobile device or provisioned to a new mobile device.

摘要翻译： 本发明的实施例涉及用于向移动设备提供帐户信息的方法，系统和装置。 在一个实施例中，在向用户的第一移动设备提供帐户信息之后，可以提供用户的第二移动设备，而不需要用户提供所提供帐户的帐户信息。 在另一个实施例中，所设置的帐户信息可以被存储到远程数据库，并且随后被恢复到先前提供的移动设备或被提供给新的移动设备。

公开(公告)号：US20150046339A1

公开(公告)日：2015-02-12

申请号：US14455600

申请日：2014-08-08

申请人： Erick Wong ,  Kiushan Pirzadeh ,  Oleg Makhotin ,  Glenn Powell ,  Igor Karpenko ,  John Sheets ,  Frederick Liu

发明人： Erick Wong ,  Kiushan Pirzadeh ,  Oleg Makhotin ,  Glenn Powell ,  Igor Karpenko ,  John Sheets ,  Frederick Liu

IPC分类号： G06Q20/38 ,  G06Q20/40 ,  G06Q20/32

摘要： Embodiments are described that are directed to optimizing the provisioning of payment account credentials to mobile devices utilizing mobile wallets. In some embodiments, one of multiple provisioning schemes may be selectively chosen for payment account credential provisioning based upon a determined risk involved with a particular provisioning request. A low risk provisioning request leads to an immediate provisioning of a payment credential, whereas a provisioning request of high risk results in the provisioning request being denied. In some embodiments, medium risk provisioning requests will cause an additional user authentication to be performed before the payment account provisioning is finalized. The additional user authentication may occur using a separate communication channel than the channel in which the provisioning request was received.

摘要翻译： 描述的实施例旨在优化使用移动钱包的移动设备的支付帐户凭证的提供。 在一些实施例中，可以基于与特定供应请求相关的确定的风险来选择性地选择多个供应方案之一用于支付帐户凭证供应。 低风险提供请求导致立即提供支付凭证，而高风险的供应请求导致供应请求被拒绝。 在一些实施例中，中等风险供应请求将导致在支付帐户供应被最终确定之前执行额外的用户认证。 附加用户认证可以使用与接收供应请求的信道不同的通信信道来进行。

公开(公告)号：US20150032627A1

公开(公告)日：2015-01-29

申请号：US14340464

申请日：2014-07-24

申请人： Matthew Dill ,  Prasanna Laxminarayanan ,  Glenn Powell ,  John Sheets ,  Andrew Carpenter

发明人： Matthew Dill ,  Prasanna Laxminarayanan ,  Glenn Powell ,  John Sheets ,  Andrew Carpenter

IPC分类号： G06Q20/40

CPC分类号： G06Q20/385 ,  G06Q20/40 ,  G06Q20/4016 ,  H04L9/32 ,  H04L2209/42 ,  H04L2209/56

摘要： Systems and methods for interoperable network token processing are provided. A network token system provides a platform that can be leveraged by external entities (e.g., third party wallets, e-commerce merchants, payment enablers/payment service providers, etc.) or internal payment processing network systems that have the need to use the tokens to facilitate payment transactions. A token registry vault can provide interfaces for various token requestors (e.g., mobile device, issuers, merchants, mobile wallet providers, etc.), merchants, acquirers, issuers, and payment processing network systems to request generation, use and management of tokens. The network token system further provides services such as card registration, token generation, token issuance, token authentication and activation, token exchange, and token life-cycle management.

摘要翻译： 提供了可互操作的网络令牌处理的系统和方法。 网络令牌系统提供可以由外部实体（例如，第三方钱包，电子商务商家，支付使能者/支付服务提供商等）或需要使用令牌的内部支付处理网络系统来利用的平台 以方便支付交易。 令牌注册表库可以为令牌的生成，使用和管理提供各种令牌请求者（例如，移动设备，发行商，商家，移动钱包提供商等），商家，获取者，发行者和支付处理网络系统的接口。 网络令牌系统还提供诸如卡注册，令牌生成，令牌发行，令牌认证和激活，令牌交换和令牌生命周期管理等服务。

公开(公告)号：US20170200156A1

公开(公告)日：2017-07-13

申请号：US15471800

申请日：2017-03-28

申请人： Igor Karpenko ,  Oleg Makhotin ,  Kiushan Pirzadeh ,  Glenn Powell ,  John Sheets ,  Erick Wong

发明人： Igor Karpenko ,  Oleg Makhotin ,  Kiushan Pirzadeh ,  Glenn Powell ,  John Sheets ,  Erick Wong

IPC分类号： G06Q20/38

CPC分类号： G06Q20/3829 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/38215 ,  G06Q20/401 ,  G06Q20/409

摘要： Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device. The method comprises receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device. The method further comprises validating that the transaction processor application is authentic and in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application. The transaction processor application further initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.

公开(公告)号：US20150052064A1

公开(公告)日：2015-02-19

申请号：US14461227

申请日：2014-08-15

申请人： Igor Karpenko ,  Oleg Makhotin ,  Kiushan Pirzadeh ,  Glenn Powell ,  John Sheets ,  Erick Wong

发明人： Igor Karpenko ,  Oleg Makhotin ,  Kiushan Pirzadeh ,  Glenn Powell ,  John Sheets ,  Erick Wong

IPC分类号： G06Q20/38 ,  G06Q20/32

CPC分类号： G06Q20/3829 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/38215 ,  G06Q20/401 ,  G06Q20/409

摘要： Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device. The method comprises receiving, by a mobile payment application on a secure memory of the mobile device, transaction data from a transaction processor application on the mobile device. The method further comprises validating that the transaction processor application is authentic and in response to validating the transaction processor application, providing encrypted payment credentials to the transaction processor application. The transaction processor application further initiates a payment transaction with a transaction processor server computer using the encrypted payment credentials.

摘要翻译： 本发明的实施例涉及用于安全地处理远程事务的方法，装置，计算机可读介质和系统。 本发明的一个实施例涉及一种处理由移动设备发起的远程交易的方法。 该方法包括通过移动设备的安全存储器上的移动支付应用从移动设备上的交易处理器应用接收交易数据。 该方法还包括验证交易处理器应用是真实的并且响应于验证交易处理器应用，向交易处理器应用提供加密的支付凭证。 交易处理器应用程序使用加密的支付凭证进一步发起与交易处理器服务器计算机的支付交易。