Description:FIELD
[0001] Various embodiments of the present disclosure relate generally to rooted devices. More particularly, various embodiments of the present disclosure relate to payments in rooted devices.
BACKGROUND
[0002] Technological advancements have enabled users to customize their devices such as mobile phones and smart phones as per their preferences to enhance the performance of the devices. A customized device is referred to as a rooted device or a jailbroken device. The customization of the device may include replacing original components of the device with alternate components or modifying original values of parameters of the original components.
[0003] The original components are typically assigned with configuration values by an authentication service provider. These configuration values are assigned when the original components meet the specifications set by the authentication service provider to ensure secure payments through the device. The authentication service provider stores a mapping between the configuration values and the corresponding device in a memory associated with the authentication service provider.
[0004] When the device is rooted, the configuration values of the rooted device are modified. For enabling payments in the rooted device, the configuration values associated with the rooted device are validated by the authentication service provider. Since the configuration values of the rooted device are modified, the modified configuration values do not match the configuration values that are stored in the memory associated with the authentication service provider. Thus, any request for installation of a payment application on the rooted device or a request for initiating a payment transaction through the rooted device is declined. As a result, the user is unable to perform payments by way of the rooted device.
[0005] In light of the foregoing, there is a need for a technical solution that solves the abovementioned problem and enables payments on rooted devices.
SUMMARY
[0006] Methods and systems for enabling payments in rooted devices are provided substantially as shown in and described in connection with, at least one of the figures, as set forth more completely in the claims.
[0007] In an embodiment of the present disclosure, a method is disclosed. The method includes fetching, by a processor of a first device, a set of original configuration values of a set of original components of the first device from a secure element of the first device. The method further includes storing, by the processor, the set of original configuration values in a database server. Further, the method includes receiving by the processor, upon modification of the first device, a validation request from a payment application provider. The first device is a modified device upon the modification of the first device. The set of original configuration values is modified such that a set of modified configuration values associated with the set of original components is stored in the secure element upon the modification. The method further includes fetching, by the processor, the set of original configuration values from the database server based on successful validation of the modified device. Additionally, the method includes replacing by the processor, the set of modified configuration values with the set of original configuration values in the secure element, based on the fetching of the set of original configuration values from the database server. The set of original configuration values is accessed from the secure element by the payment application provider to install a payment application associated with the payment application provider in the modified device.
[0008] In another embodiment of the present disclosure, a first device is disclosed. The first device includes a secure element that is configured to store a set of original configuration values of a set of original components of the first device. The first device further includes a processor that is coupled to the secure element. The processor is configured to fetch the set of original configuration values of the set of original components from the secure element of the first device. The processor is further configured to store the set of original configuration values in a database server. Further, the processor is configured to receive a validation request from a payment application provider upon modification of the first device. The first device is a modified device upon the modification of the first device. The set of original configuration values is modified such that a set of modified configuration values associated with the set of original components is stored in the secure element upon the modification. The processor is further configured to fetch the set of original configuration values from the database server based on successful validation of the modified device. Additionally, the processor is configured to replace the set of modified configuration values with the set of original configuration values in the secure element based on the fetching of the set of original configuration values from the database server. The set of original configuration values is accessed from the secure element by the payment application provider to install a payment application associated with the payment application provider in the modified device.
[0009] In some embodiments, the method includes determining, by the processor, based on the validation request, that the first device is the modified device based on at least one of (i) replacement of the set of original components with a set of alternate components and (ii) modification of a set of original values of a set of parameters of the set of original components. The set of original configuration values is modified to the set of modified configuration values based on at least one of the replacement of the set of original components and the modification of the set of original values.
[00010] In some embodiments, the method includes generating based on the determination that the first device is the modified device, a set of validation instructions for validating at least one of a first alternate component of the set of alternate components and a first original component having a first modified value of a first parameter of the set of parameters. A set of actions is executed by at least one of the first alternate component and the first original component having the first modified value of the first parameter, based on the set of validation instructions.
[00011] In some embodiments, the method includes receiving a first response based on the execution of the set of actions by at least one of the first alternate component and the first original component having the first modified value of the first parameter. The method further includes comparing the first response with a predefined response to determine a match. The match indicates successful validation of at least one of the first alternate component and the first original component with the first parameter having the first modified value. The successful validation of at least one of the first alternate component and the first original component having the first modified value of the first parameter indicates the successful validation of the modified device.
[00012] In some embodiments the method includes validating by the processor, the modified device based on the validation request to generate an access key. The method further includes communicating by the processor, the access key to the payment application provider in response to the validation request. The set of original configuration values is accessed from the secure element based on reception of the access key by the payment application provider.
[00013] In some embodiments, the modified device is one of a rooted device and a jailbroken device.
[00014] In some embodiments, the method includes hashing by the processor, the set of original configuration values to generate a hashed set of original configuration values upon the fetching of the set of original configuration values from the secure element. The set of original configuration values stored in the database server is the hashed set of original configuration values. The hashed set of original configuration values is fetched from the database server and replaced with the set of modified configuration values in the secure element upon the successful validation of the modified device.
[00015] In some embodiments, the processor is configured to determine, based on the validation request, that the first device is the modified device based on at least one of (i) replacement of the set of original components with a set of alternate components and (ii) modification of a set of original values of a set of parameters of the set of original components. The set of original configuration values is modified to the set of modified configuration values based on at least one of the replacement of the set of original components and the modification of the set of original values.
[00016] In some embodiments, the processor is configured to validate the modified device to generate an access key based on the validation request. Further, the processor is configured to communicate the access key to the payment application provider in response to the validation request. The set of original configuration values is accessed from the secure element based on reception of the access key by the payment application provider.
BRIEF DESCRIPTION OF THE DRAWINGS
[00017] The accompanying drawings illustrate the various embodiments of systems, methods, computer program products, and other aspects of the disclosure. It will be apparent to a person skilled in the art that the illustrated element boundaries (e.g., boxes, groups of boxes, or other shapes) in the figures represent one example of the boundaries. In some examples, one element may be designed as multiple elements, or multiple elements may be designed as one element. In some examples, an element shown as an internal component of one element may be implemented as an external component in another, and vice versa.
[00018] Various embodiments of the present disclosure are illustrated by way of example, and not limited by the appended figures, in which like references indicate similar elements:
[00019] FIG. 1A is a block diagram that illustrates a system environment, in accordance with an exemplary embodiment of the present disclosure;
[00020] FIG. 1B is a block diagram that illustrates a system environment for enabling payments in rooted devices, i.e., modified devices, in accordance with an exemplary embodiment of the present disclosure;
[00021] FIG. 2A is a block diagram that illustrates a database server of the system environment of FIGS. 1A and 1B, in accordance with an exemplary embodiment of the present disclosure;
[00022] FIG. 2B illustrates a second memory of the database server of FIG. 2A, in accordance with an exemplary embodiment of the present disclosure;
[00023] FIG. 3A-3C, collectively, represent a process flow diagram that illustrates an exemplary scenario of enabling payments in a modified device of the system environment of FIG. 1B, in accordance with an exemplary embodiment of the present disclosure;
[00024] FIGS. 4A and 4B, collectively, represent a process flow diagram that illustrates another exemplary scenario of enabling payments in the modified device of the system environment of FIG. 1B, in accordance with an exemplary embodiment of the present disclosure;
[00025] FIG. 5 is a block diagram that illustrates a system architecture of a computer system of the system environments of FIGS. 1A and 1B, in accordance with an exemplary embodiment of the present disclosure;
[00026] FIGS. 6A-6E, collectively, represent a flowchart that illustrates a method for enabling payments in the modified device of the system environment of FIG. 1B, in accordance with an exemplary embodiment of the present disclosure; and
[00027] FIG. 7 represents a high-level flowchart that illustrates a method for enabling payments in the modified device of the system environment of FIG. 1B, in accordance with an exemplary embodiment of the present disclosure.
[00028] Further areas of applicability of the present disclosure will become apparent from the detailed description provided hereinafter. It should be understood that the detailed description of exemplary embodiments is intended for illustration purposes only and is, therefore, not intended to necessarily limit the scope of the present disclosure.
DETAILED DESCRIPTION
[00029] The present disclosure is best understood with reference to the detailed figures and description set forth herein. Various embodiments are discussed below with reference to the figures. However, those skilled in the art will readily appreciate that the detailed descriptions given herein with respect to the figures are simply for explanatory purposes as the methods and systems may extend beyond the described embodiments. In one example, the teachings presented and the needs of a particular application may yield multiple alternate and suitable approaches to implement the functionality of any detail described herein. Therefore, any approach may extend beyond the particular implementation choices in the following embodiments that are described and shown.
[00030] References to “an embodiment”, “another embodiment”, “yet another embodiment”, “one example”, “another example”, “yet another example”, “for example”, and so on, indicate that the embodiment(s) or example(s) so described may include a particular feature, structure, characteristic, property, element, or limitation, but that not every embodiment or example necessarily includes that particular feature, structure, characteristic, property, element or limitation. Furthermore, repeated use of the phrase “in an embodiment” does not necessarily refer to the same embodiment.
OVERVIEW
[00031] A user may modify a device to enhance the performance of the device. The modification of the device is referred to as rooting of the device or jailbreaking of the device. On modification, original components of the device may be replaced with alternate components and/or original values of parameters of the original components may be modified. The modification of the device further results in modification of configuration values of the original components of the device. The configuration values are assigned by authentication service providers when the original components meet the specifications set by the authentication service providers to ensure secure payments through the device. As the configuration values change due to the modification, installation of a payment application in the rooted device or initiation of a payment transaction through the rooted device is denied. Thus, even though the modification is genuine, the user is restricted from performing payments through the rooted device.
[00032] Various embodiments of the present disclosure provide a method and a system that solve the abovementioned problems by enabling payments in a rooted device. The method includes fetching original configuration values of original components of a device from a secure element of the device. Further, the fetched original configuration values are stored in a database server. A validation request is received by the device from a payment application provider upon rooting the device. In other words, the validation request is received in response to an installation request to install a payment application associated with the payment application provider in the rooted device. As a result of rooting, the original configuration values are modified such that modified configuration values associated with the original components are stored in the secure element. The original configuration values are fetched from the database server upon successful validation of the modified device. Further, the modified configuration values in the secure element are replaced with the original configuration values that are fetched from the database server. The original configuration values are accessed from the secure element by the payment application provider to install a payment application associated with the payment application provider in the rooted device.
[00033] Thus, the payments are enabled in the rooted device. As the rooted device is validated, the modification is determined to be genuine and the user can perform payments by way of the rooted device.
TERMS DESCRIPTION (in addition to plain and dictionary meaning)
[00034] First device may refer to an electronic communication device that enables a user to install various applications such as a payment application and perform payments by way of the first device. Examples of the first device include mobile phones, tablets, personal computers, laptops, phablets, and the like.
[00035] Original component may refer to a component of the first device when the first device is manufactured by an original device manufacturer. The original components abide by the specifications set by authentication service providers.
[00036] Modified device may refer to a modified version of the first device. Modification of the first device occurs based on at least one of replacement of one or more original components of the first device with one or more alternate components or modification of one or more original values of one or more parameters of the one or more original components of the first device. The modified device may also be referred to as a rooted device or a jailbroken device.
[00037] Configuration value may refer to a value that is assigned to a component such as the original component that adheres to the specifications. The specifications include an explicit set of requirements to be satisfied by a component. The configuration value is used to determine security level and specifications of the component.
[00038] Alternate component may refer to a component that is similar to the original component with specifications that are different from the specification of the original component. A configuration value associated with the alternate component is different from a configuration value associated with the original component.
[00039] A parameter of the original component refers to a functional attribute of the original parameter.
[00040] An original value of a parameter of an original component refers to a measurable factor that controls a parameter which in turn sets conditions for operation of the original component.
[00041] Secure element may refer to a component of the first device that stores sensitive data (such as the configuration values of the components, passwords, or the like).
[00042] Validation request refers to a request from a payment application provider for validating a device.
[00043] Payment application provider refers to an entity that performs various operations such as transmitting the validation request, facilitating installation of a payment application in the modified device, performing payment transactions, and the like. The payment application provider may be associated with a financial institution such as a bank or a digital wallet provider.
[00044] Payment application facilitates payments on various devices such as the first device. The payment application is associated with the payment application provider. The payment application provider facilitates installation of the payment application in various devices and initiation of payment transaction by way of the payment application. Examples of the payment application include Google Pay®, PhonePe®, PayPal®, UnionPay®, Amazon Pay®, and the like.
[00045] Authentication service providers are associated with an authentication service providing organization that authenticates the integrity of the components of a device. An authentication service provider sets the specifications to be adhered by the original equipment manufacturers during the manufacturing of the components. The authentication service provider assigns the configuration values to the components. In an example, the authentication service provider is FIDO® (Fast Identity Online).
[00046] Validation response refers to a response that includes one of successful validation details and a key to access original configuration values of original components. The validation response is provided to the payment application provider. Upon receiving the validation response, the payment application is installed in the modified device and/or a payment transaction associated with the payment application provider is initiated on the modified device.
[00047] Validation details may refer to details that indicate successful validation of the modified device. In an example, the validation details include a validation certificate.
[00048] Handshake may refer to an exchange of standardized information between two entities.
[00049] Hashing is a process or technique of transforming any key or a string of characters into different values. This is usually represented by a short, fixed length value or a key and makes it easier to find or employ the original string by an associated entity.
[00050] Computer program product may refer to software as a product. The computer program product includes instructions, which when executed by a computer, cause the computer to perform various operations.
[00051] Access key may refer to a key that provides access to secure information such as configuration values of original components stored in the secure element.
[00052] FIG. 1A is a block diagram that illustrates a system environment 100A, in accordance with an exemplary embodiment of the present disclosure. The system environment 100A includes a user 102, a first device 104, a payment application provider 106, an authentication service provider 108, and a database server 110. The first device 104, the payment application provider 106, the authentication service provider 108, and the database server 110 may communicate with each other by way of a communication network 112 or through a separate communication channel established therebetween.
[00053] The user 102 owns the first device 104. The first device 104 is a computing device. The user 102 may utilize the first device 104 for performing various operations such as playing games, capturing images and videos, recording audios, communicating with other devices, performing payments, and the like. The user 102 may install various applications on the first device 104 for performing the afore-mentioned operations. In an embodiment of the present disclosure, the user 102 installs a validation application that enables payments in a modified version of the first device 104. Further, the user 102 registers on the validation application. The user 102 may create a username and a password for the registration on the validation application through a user interface provided by the validation application on the first device 104. The enabling of payments in the modified version of the first device 104 is described in detail in FIG. 1B of the present disclosure. Examples of the first device 104 may include, but are not limited to, a mobile phone, a computer, a laptop, a smartphone, a tablet, and a phablet. The first device 104 may include a first processor 114, a first memory 116, a network interface 118, a plurality of components 120, and a secure element 122. The first processor 114, the first memory 116, the network interface 118, the plurality of components 120, and the secure element 122 may communicate with each other via a first communication bus 123. The first communication bus 123 may be configured to allow data such as electrical signals and electromagnetic signals to be transferred between the first processor 114, the first memory 116, the network interface 118, the plurality of components 120, and the secure element 122. Examples of the first communication bus 123 may include, but are not limited to a data bus, an address bus, and a control bus.
[00054] The first memory 116 includes suitable logic, circuitry, and/or interfaces to store a set of instructions which when executed by the first processor 114, causes the first processor 114 to perform various operations for enabling payments in the modified version of the first device 104. In one embodiment, on installing the validation application on the first device 104, the set of instructions associated with the validation application may be stored in the first memory 116. Examples of the first memory 116 may include a random-access memory (RAM), a read-only memory (ROM), a programmable ROM (PROM), an erasable PROM (EPROM), a removable storage drive, a hard disk drive (HDD), a flash memory, a solid-state memory, or the like.
[00055] The network interface 118 includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, to transmit and receive data over the communication network 112 using one or more communication network protocols. The network interface 118 transmits and receives communication requests and responses from various elements (such as the payment application provider 106, the authentication service provider 108, and the database server 110) in the system environment 100A through the communication network 112. Examples of the network interface 118 may include, but are not limited to, an antenna, a radio frequency network interface, a wireless network interface, a Bluetooth network interface, an ethernet port, a Universal Serial Bus (USB) port, or any other device configured to transmit and receive data.
[00056] The plurality of components 120 may include a first original component 120a, a second original component 120b, a third original component (not shown), until an nth original component 120n. Each component of the plurality of components 120 includes suitable logic, circuitry, interface and/or code, executable by the circuitry, for performing various functions. In an example, the first original component 120a is a camera module, the second original component 120b is a touch screen module, the third original component is a microphone module, a fourth original component (not shown) is an operating system module, and the nth original component 120n is a fingerprint scanner module. In another example, the first original component 120a is the first memory 116, the second original component 120b is the first processor 114, the third original component is the network interface 118, …., and the nth original component 120n is the secure element 122. Each of the plurality of components 120 may be manufactured by a respective original equipment manufacturer. The original equipment manufacturers adhere to specifications set by various authentication service providers (such as the authentication service provider 108) during the manufacturing of the plurality of components 120. The specifications include an explicit set of requirements to be satisfied by a component. In an example, the specifications of a camera module may specify materials used to manufacture the camera module, a megapixel (MP) of the camera module, an aperture size of the camera module, and the like. In the example, the megapixel of the camera module may be 2MP and the aperture size of the camera module is 6 millimeters.
[00057] A configuration value is assigned to each of the plurality of components 120 that adheres to the specifications set by the authentication service provider 108. The authentication service provider 108 sets the specifications to be adhered by the original equipment manufacturers during the manufacturing of the plurality of components 120. The authentication service provider 108 is explained in detail in the forthcoming description. The configuration value is used to determine security levels and the specifications of the corresponding component. Thus, a first configuration value is associated with the first original component 120a, a second configuration value is associated with the second original component 120b, …, and an nth configuration value is associated with the nth original component 120n. The first configuration value, the second configuration value, …, and the nth configuration values may be collectively referred to as the “plurality of original configuration values”. Examples of the configuration value may include, but are not limited to a numerical value (such as 4597302), an alphanumerical value (such as 4e4que6), an alphabetical value (such as fhnclsw), and a mixed character code that is inclusive of alphanumeric characters and special characters, such as @, $, +, =, #, or the like (such as 4579#83).
[00058] The secure element 122 includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry for performing various operations such as storing the plurality of original configuration values of the plurality of components 120 of the first device 104, securing the plurality of original configuration values of the plurality of components 120 with various encryption and decryption techniques, and the like. The secure element 122 may further store sensitive data (such as a plurality of original configuration values, passwords, or the like). In an embodiment, the plurality of original configuration values of the plurality of components 120 may be stored in the secure element 122 during the manufacturing of the first device 104. In another embodiment, the secure element 122 may extract the plurality of original configuration values from the plurality of components 120 and store the plurality of original configuration values therein. The secure element 122 may further store and execute instructions that are utilized to extract the plurality of original configuration values from the plurality of components 120. In an example, the secure element 122 may execute a function to capture an image through a camera module of the first device 104 and process the captured image to extract the configuration value of the camera module.
[00059] Referring now to the payment application provider 106, the payment application provider 106 includes suitable logic, circuitry, interface and/or code, executable by the circuitry, for performing various operations such as transmitting a validation request (as explained with respect to FIG. 1B), facilitating installation of a payment application 124 associated with the payment application provider 106, performing payment transactions, and the like. In an embodiment, the payment application provider 106 may be associated with a financial institution such as a bank, where accounts of several users (such as the user 102) are established and maintained. In another embodiment, the payment application provider 106 may be associated with a digital wallet provider.
[00060] The payment application 124 may be utilized for performing various transactions associated with a payment account maintained at the financial institution or with the digital wallet provider. In an example, a payment transaction for a purchase of an article is performed by the user 102 through the payment application 124 installed on the first device 104. Examples of the payment application 124 may include but are not limited to, HDFC Bank Mobile Banking®, YONO Lite SBI®, Bank of America Mobile Banking®, Citi Mobile®, Google Pay®, PhonePe®, PayPal®, UnionPay®, and Amazon Pay®.
[00061] Referring now to the authentication service provider 108, the authentication service provider 108 is associated with an authentication service providing organization that authenticates the integrity of the plurality of components 120. The authentication service provider 108 sets the specifications to be adhered by the original equipment manufacturers during the manufacturing of the plurality of components 120. The authentication service provider 108 assigns the plurality of original configuration values to the plurality of components 120, respectively. In other words, one or more configuration values of the plurality of original configuration values may be assigned to a corresponding component of the plurality of components 120. The authentication service provider 108 may be configured to store a mapping between device identifiers (IDs) of a plurality of devices (that includes the first device 104) and a corresponding plurality of original configuration values of a corresponding plurality of components in a memory (not shown) or a database (not shown) associated with the authentication service provider 108. A device ID is assigned to each device (such as the first device 104) during the manufacturing of the corresponding device by a manufacturer of the device. The device ID may be a numerical value, an alphanumerical value, an alphabetical value, or a mixed character code that is inclusive of alphanumeric characters and special characters. Further, the device manufacturer may provide the device ID to the authentication service provider 108.
[00062] Referring back to the first device 104, the first processor 114 includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry for performing various operations to enable payments in the modified version of the first device 104. The first processor 114 is coupled to the secure element 122. Further, the first processor 114 may be configured to execute the set of instructions associated with the validation application, stored in the first memory 116 for enabling payments in the modified version of the first device 104. Examples of the first processor 114 may include, but are not limited to, an application-specific integrated circuit (ASIC) processor, a reduced instruction set computer (RISC) processor, a complex instruction set computer (CISC) processor, a field programmable gate array (FPGA), a central processing unit (CPU), or a microprocessor.
[00063] Modification of the first device 104 results in the modified version of the first device 104. In an embodiment, modification of the first device 104 refers to replacement of a set of original components of the plurality of components 120 with a set of alternate components. The replacement of the set of original components with the set of alternate components results in modification of a set of original configuration values associated with the set of original components. In an example, the set of original components includes the first original component 120a. Further, when the first original component 120a (such as a camera module) is replaced with an alternate component (such as another camera module), the first original configuration value such as “FNJSKE8” is modified to a first modified configuration value such as “DJKEOS32”. In another embodiment, modification of the first device 104 refers to modification of a set of original values of a set of parameters of the set of original components. An original value of a parameter of an original component refers to a measurable factor that controls a parameter which in turn sets conditions for operation of the original component. A parameter of the original component refers to a functional attribute of the original parameter. The set of original values may include a first original value, a second original value, …, and an nth original value. Further, the set of parameters may include a first parameter, a second parameter, …, and an nth parameter. In an example, clock speed is the first parameter of an original component such as the first processor 114. The set of original values of the set of parameters may be stored in the secure element 122 of the first device 104. Further, the modification of the set of original values of the set of parameters results in modification of the set of original configuration values of the set of original components. In an example, when the first parameter, i.e., a clock speed of the first original component 120a (such as the first processor 114) is modified from the first original value, i.e., 1 gigahertz (GHz) to a first modified value, i.e., 1.8 GHz, the first original configuration value such as “FNJSKE8” is modified to “LDVROS32”. In yet another embodiment, the modification of the first device 104 refers to the replacement of the set of original components with the set of alternate components and the modification of the set of original values of the set of parameters.
[00064] The first processor 114 may be configured to fetch the plurality of original configuration values of the plurality of components 120 from the secure element 122, prior to the modification of the first device 104. In other words, the first processor 114 fetches the set of original configuration values of the set of components from the secure element 122. The first processor 114 may be further configured to perform a first handshake with the authentication service provider 108 to verify the plurality of original configuration values. In other words, the first handshake is performed by the first processor 114 to detect whether the first device 104 is modified. In an embodiment, the first processor 114 may transmit a first request to the authentication service provider 108. The first request may include a first device ID associated with the first device 104 and a request to retrieve the plurality of original configuration values stored in a memory (not shown) associated with the authentication service provider 108. In response, the first processor 114 may receive the retrieved plurality of original configuration values from the authentication service provider 108. Further, the first processor 114 fetches the plurality of original configuration values from the secure element 122. The first processor 114 may compare the plurality of original configuration values retrieved from the authentication service provider 108 with the plurality of original configuration values fetched from the secure element 122 to verify the fetched plurality of original configuration values. A successful match between the plurality of original configuration values fetched from the secure element 122 with the plurality of original configuration values retrieved from the authentication service provider 108 results in verification of the fetched plurality of original configuration values. Thus, the first processor 114 determines the first handshake to be successful. In another embodiment, the first processor 114 may transmit a second request to the authentication service provider 108. The second request may include the first device ID associated with the first device 104 and the plurality of original configuration values fetched from the secure element 122. The authentication service provider 108 may compare the plurality of original configuration values fetched from the secure element 122 with the plurality of original configuration values retrieved from the memory (not shown) associated with the authentication service provider 108 to verify the fetched plurality of original configuration values. The fetched plurality of original configuration values are verified upon a successful match between the fetched plurality of original configuration values and the plurality of original configuration values retrieved from the memory (not shown) associated with the authentication service provider 108. Further, the first processor 114 may receive a first response that indicates successful verification or failure of verification of the fetched plurality of original configuration values from the authentication service provider 108. When the first response indicates the successful verification of the plurality of original configuration values fetched from the secure element 122, the first processor 114 determines the first handshake to be successful.
[00065] The first handshake being successful indicates to the first processor 114 that the first device 104 is unmodified. The plurality of original configuration values includes the first original configuration value, the second original configuration value, …, and the nth original configuration value. The first processor 114 may be further configured to store the plurality of original configuration values in the database server 110. The plurality of original configuration values include the set of original configuration values. In other words, the first processor 114 stores a mapping between the first device ID and the plurality of original configuration values in the database server 110. Additionally, the first processor 114 may be configured to hash the plurality of original configuration values upon the first handshake being successful to generate a hashed plurality of original configuration values. In other words, the first processor 114 hashes the set of original configuration values when the set of original configuration values is fetched from the secure element 122 and the first handshake is successful, to generate a hashed set of original configuration values. Hashing is a technique of transforming each of the plurality of original configuration values into unique values for security purposes. The first processor 114 may utilize a hash function for hashing the plurality of original configuration values. Examples of the hash function may include, but are not limited to secure hash algorithm (SHA)-1, SHA-256, SHA3-256, message digest algorithm (MD5), or the like. In an example, hashing the first original configuration value represented as “2UIDFJVBKS” yields “0345ufer” as a hashed first original configuration value. Thus, the plurality of original configuration values stored in the database server 110 is the hashed plurality of original configuration values. In other words, the set of original configuration values stored in the database server 110 is the hashed set of original configuration values. The plurality of original configuration values stored in the database server 110 are utilized for enabling payments in a modified version of the first device 104. Further, the enablement of payments in the modified version of the first device 104 utilizing the plurality of original configuration values stored in the database server 110 is described in detail in FIG. 1B.
[00066] The database server 110 is a server arrangement that includes suitable logic, circuitry, interface and/or code, executable by the circuitry, for processing and storing the plurality of original configuration values of the plurality of components 120. The plurality of original configuration values are stored in the database server 110. In other words, the set of original configuration values are stored in the database server 110. Examples of the database server 110 may include but are not limited to, a personal computer, a laptop, or a network of computer systems. The database server 110 may be associated with an entity providing the validation application.
[00067] The communication network 112 may be a medium through which content and messages are transmitted between the first device 104, the payment application provider 106, the authentication service provider 108, and the database server 110, and other entities that are pursuant to one or more standards for the interchange of transaction requests, such as the ISO8583 standard. Examples of the communication network 112 may include, but are not limited to, a wireless fidelity (Wi-Fi) network, a light fidelity (Li-Fi) network, a local area network (LAN), a wide area network (WAN), a metropolitan area network (MAN), a satellite network, the Internet, a fiber optic network, a coaxial cable network, an infrared (IR) network, a radio frequency (RF) network, and combinations thereof. Various entities in the system environment 100A may connect to the communication network 112 in accordance with various wired and wireless communication protocols, such as Transmission Control Protocol and Internet Protocol (TCP/IP), User Datagram Protocol (UDP), Long Term Evolution (LTE) communication protocols, or any combination thereof.
[00068] FIG. 1B is a block diagram that illustrates a system environment 100B to enable payments in rooted devices, in accordance with an exemplary embodiment of the present disclosure. The system environment 100B includes the user 102, the payment application provider 106, the authentication service provider 108, the database server 110, the communication network 112, and the modified device 126. The modified device 126 is the modified version of the first device 104.
[00069] The first device 104 may be modified by the user 102 for achieving enhanced performance of the first device 104. The user 102 may modify the first device 104 by replacing the set of original components of the plurality of components 120 with the set of alternate components and/or modifying the set of original values of the set of parameters of the set of original components. The set of original components having the modified set of original values of the set of parameters is hereinafter referred to as the “modified version of the set of original components”. In an example, the first original component 120a (such as a camera module) may be replaced with a first alternate component 128a (another camera module) for better shutter speed. In another example, clock speed of the first original component 120a (such as a processor module) may be increased to increase processing speed of the first device 104. The first device 104 is referred to as “the modified device 126” post modification. The modification of the first device 104 may be referred to as one of rooting of the first device 104 and jailbreaking of the first device 104. Thus, the modified device 126 may be one of a rooted device 126 or a jailbroken device 126. The first device ID remains unchanged even after the modification of the first device 104.
[00070] When the set of original components of the first device 104 is replaced with the set of alternate components and/or the set of original values of the set of parameters of the set of original components is modified, the set of original configuration values of the set of original components is modified such that a set of modified configuration values is stored in the secure element 122. The set of modified configuration values is thus associated with the set of original components. The set of original configuration values is associated with the set of original components prior to modification of the first device 104. The set of modified configuration values is thus a modified version of the set of original configuration values. In an example, replacement of the first original component 120a with the first alternate component 128a results in modification of the first original configuration value (such as “DGI86FR”) to a first alternate configuration value (such as “MWZ56FL”). In another example, the modification of the first original value (such as 1 GHz) of the first parameter (such as a clock speed) to the first modified value (such as 1.2 GHz) results in modification of the first original configuration value (such as “DGI86FR”) to the first alternate configuration value (such as “BHZ56RQ).
[00071] When the first device 104 is modified, the first original configuration value is erased from the secure element 122 and the first alternate configuration value is stored in the secure element 122. In an example, the validation application is installed in the first device 104 before the modification of the first device 104. Thus, the set of instructions associated with the validation application stored in the first memory 116 is lost or erased when the first original component 120a is the first memory 116 and the first original component 120a is replaced with the first alternate component 128a (i.e., an alternate memory component). In such a scenario, the validation application is reinstalled on the modified device 126 by the user 102. Thus, the set of instructions associated with the validation application is stored in the first alternate component 128a (i.e., the alternate memory component). In another example, when the first original component 120a is a camera module, the first original configuration value of the camera module is erased from the secure element 122 as a result of the replacement of the first original component 120a with the first alternate component 128a. Further, the first alternate configuration value is stored in the secure element 122.
[00072] To initiate payments by way of the modified device 126, the modified device 126 may communicate payment requests to the payment application provider 106. In an embodiment, the user 102 may communicate an installation request to the payment application provider 106 through the modified device 126 for installation of the payment application 124 on the modified device 126. In other words, the payment application provider 106 may receive the installation request for installing the payment application 124 on the modified device 126. In another embodiment, the user 102 may initiate a transaction request for a payment transaction associated with the payment application provider 106 through the payment application 124 installed on the modified device 126. In other words, the transaction request is initiated by way of the modified device 126 and provided to the payment application provider 106. The payment application provider 106 may thus receive the transaction request. In response to one of the installation request and the transaction request, the payment application provider 106 may transmit a validation request to the first processor 114 for validating the modified device 126.
[00073] On receiving the validation request, the first processor 114 may thus perform a second handshake with the authentication service provider 108 to determine whether the first device 104 is the modified device 126. In an embodiment, the first processor 114 may transmit a third request to the authentication service provider 108. The third request is associated with the second handshake. The third request may include the first device ID associated with the modified device 126 and a request to retrieve the plurality of original configuration values stored in the memory (not shown) associated with the authentication service provider 108. In response, the first processor 114 may receive the retrieved plurality of original configuration values from the authentication service provider 108 during the second handshake. Further, the first processor 114 fetches the plurality of original configuration values of the plurality of components 120 from the secure element 122 of the modified device 126 during the second handshake. As a result of the modification, the plurality of original configuration values include the set of modified configuration values in place of the set of original configuration values of the set of original components. In other words, the plurality of original configuration values include the first alternate configuration value in place of the first original configuration value.
[00074] The first processor 114 may compare the plurality of original configuration values retrieved from the authentication service provider 108 with the plurality of original configuration values fetched from the secure element 122 to verify the fetched plurality of original configuration values during the second handshake. As the plurality of original configuration values include the first alternate configuration value in place of the first original configuration value, a mismatch between the received plurality of original configuration values by the first processor 114 and the fetched plurality of original configuration values occurs. The first processor 114 thus determines the second handshake to be unsuccessful. In another embodiment, the first processor 114 may transmit the first device ID associated with the modified device 126 and the plurality of original configuration values fetched from secure element 122 to the authentication service provider 108. The authentication service provider 108 may compare the fetched plurality of original configuration values with the plurality of original configuration values retrieved from the memory (not shown) associated with the authentication service provider 108 to verify the received plurality of original configuration values. As the fetched plurality of original configuration values do not match the plurality of original configuration values retrieved from the memory (not shown), a mismatch occurs. Further, the first processor 114 may receive a second response that indicates failure of verification of the plurality of original configuration values fetched from the secure element 122 of the modified device 126. Thus, the first processor 114 determines the second handshake to be unsuccessful. In an embodiment, the first processor 114 detects that the first original component 120a is replaced by the first alternate component 128a based on the second handshake. Further, the first processor 114 determines that the first device 104 is the modified device 126 based on the detection that the first original component 120a is replaced with the first alternate component 128a. In another embodiment, the first processor 114 detects that the first original value of the first parameter of the first original component 120a is modified based on the second handshake. Further, the first processor 114 determines that the first device 104 is the modified device 126 based on the detection that the first original value of the first parameter of the first original component 120a is modified.
[00075] The first processor 114 may be further configured to validate the modified device 126. In an embodiment, the first processor 114 is required to validate the first alternate component 128a to validate the modified device 126. In another embodiment, the first processor 114 is required to validate the first original component 120a having the first modified value of the first parameter to validate the modified device 126. The first original component 120a having the first modified value of the first parameter is hereinafter referred to as “the modified version of the first original component 120a”.
[00076] Validation of the modified device 126 is essential to initiate payments by way of the modified device 126. The first processor 114 may be configured to generate a set of validation instructions for validating the modified device 126. In an embodiment, the first processor 114 generates the set of validation instructions to validate the first alternate component 128a. In another embodiment, the first processor 114 generates the set of validation instructions to validate the modified version of the first original component 120a. In some embodiments, the set of instructions stored in the first memory 116 may include the set of validation instructions and the first processor 114 retrieves the set of validation instructions for validation of the first alternate component 128a or the modified version of the first original component 120a from the first memory 116. In some embodiments, the set of validation instructions may be stored in the database server 110 and the first processor 114 retrieves the set of validation instructions for validation of the first alternate component 128a or the modified version of the first original component 120a from the database server 110.
[00077] The modified device 126 may execute a set of actions based on the set of validation instructions. In an embodiment, the first alternate component 128a executes the set of actions based on the set of validation instructions. In another embodiment, the modified version of the first original component 120a executes the set of actions based on the set of validation instructions. The set of actions refers to operations performed during the execution of the set of validation instructions. In an example, the set of actions may include scanning a quick response (QR) code and processing the QR code.
[00078] The first processor 114 receives a response such as a third response based on the execution of the set of actions. In an embodiment, the first processor 114 receives the third response based on the execution of the set of actions by the first alternate component 128a. In another embodiment, the first processor 114 receives the third response based on the execution of the set of actions by the modified version of the first original component 120a. The first processor 114 compares the third response with a predefined response to determine a match. The predefined response may be stored in the first memory 116. In an embodiment, the predefined response may be obtained on execution of the set of actions based on the set of validation instructions by a corresponding original component of the first device 104. The set of actions may be executed by the corresponding original component of the first device 104 prior to the modification of the first device 104. The response generated based on the execution of the set of actions by the corresponding original component may be stored in the first memory 116 or the database server 110 and is referred to as the predefined response. In another embodiment, the predefined response may be obtained on execution of the set of actions based on the set of validation instructions by a corresponding component that adheres to the specifications set by the authentication service provider 108.
[00079] The modified device 126 is validated when the third response matches the predefined response. In an embodiment, the first alternate component 128a is successfully validated when the third response matches the predefined response. The successful validation of the first alternate component 128a indicates successful validation of the modified device 126. In an exemplary scenario, the first alternate component 128a is a camera module. In such a scenario, the set of validation instructions may indicate the first alternate component 128a to scan a presented QR code. The first alternate component 128a scans the presented QR code and provides the third response generated based on the scanning to the first processor 114. The camera is validated when the third response indicates a webpage that is same as a webpage specified in the predefined response. In another exemplary scenario, the first alternate component 128a is a microphone module. In such a scenario, the set of validation instructions may indicate the user 102 to utter a word that is being displayed on a display screen of the modified device 126. Further, the microphone module may generate the third response based on detection of the word uttered by the user 102. The microphone module is validated when the third response indicates the word displayed on the display screen of the modified device 126. In yet another exemplary scenario, the first alternate component 128a is a touchscreen module. In such a scenario, the set of validation instructions may indicate the user 102 to draw a pattern displayed on the display screen of the modified device 126. Further, the touchscreen module may generate the third response based on detection of the pattern drawn by the user 102 on the touchscreen module. The touchscreen module is validated when the third response indicates the pattern displayed on the display screen of the modified device 126. In another embodiment, the modified version of the first original component 120a is successfully validated when the third response matches the predefined response. The successful validation of the modified version of the first original component 120a indicates successful validation of the modified device 126. Additionally, the user 102 may be required to enter the username and password on the validation application of the modified device 126. The first processor 114 authenticates the username and password entered by the user 102. The authentication is successful when the username and password entered by the user matches the username and password created during the registration. The authentication fails when the username and password entered by the user 102 do not match the username and the password created during the registration. The validation of the modified device is successful when the authentication is successful.
[00080] The first processor 114 may further generate a validation response based on the validation of the modified device 126 to communicate to the payment application provider 106. In an embodiment, the validation response may include validation details of the modified device 126 upon successful validation of the modified device 126. The validation details may include at least one of a validation certificate that indicates successful validation of the modified device 126 and the plurality of original configuration values. In another embodiment, the first processor 114 may fetch the set of original configuration values from the database server 110 upon successful validation of the modified device 126. Further, the first processor 114 may replace the set of modified configuration values with the set of original configuration values in the secure element 122. The plurality of original configuration values stored in the database server 110 include the set of original configuration values. Further, the first processor 114 may generate an access key to access the set of original configuration values from the secure element 122. Thus, the validation response includes the access key to access the set of original configuration values upon successful validation of the modified device 126.
[00081] The validation application may be installed prior to the modification of the first device 104 or after the modification of the first device 104. In one embodiment, when the validation details are required to be included in the validation response, the validation application is installed in the modified device 126 by the user 102. In another embodiment, when the access key to access the set of original configuration values is required to be included in the validation response, the validation application is installed in the first device 104 prior to modification of the first device 104 by the user 102. The validation application is installed in the first device 104 prior to modification of the first device 104 as the plurality of original configuration values are to be fetched from the secure element 122 of the first device 104 and stored in the database server 110.
[00082] The first processor 114 communicates the validation response to the payment application provider 106 in response to the validation request. In an embodiment, the first processor 114 communicates the validation details to the payment application provider 106. The payment application provider 106 further permits one of the installation of the payment application 124 in the modified device 126 and the initiation of the payment transaction on the modified device 126, based on the validation details. In another embodiment, the first processor 114 communicates the access key to the payment application provider 106. The payment application provider 106 further accesses the set of original configuration values from the secure element 122 by utilizing the access key. Further, the payment application provider 106 permits one of the installation of the payment application 124 in the modified device 126 and the initiation of the payment transaction on the modified device 126 based on the set of original configuration values. In some embodiments, upon receiving the validation response, the payment application 124 is installed in the modified device 126 and the payment transaction is initiated by way of the payment application 124 on the modified device 126. In an example, the payment application provider 106 may perform a third handshake with the authentication service provider 108 by utilizing the set of original configuration values thereby validating the modified device 126, to permit the installation of the payment application 124 in the modified device 126. As a result of the successful validation of the modified device 126, at least one of the payment application 124 is installed in the modified device 126 and the transaction is initiated way of the payment application 124 using the modified device 126. Thus, the user 102 is able to perform payments by way of the modified device 126. In an example, the user 102 performs payment for purchase of an article from a store by scanning a QR code through the first alternate component 128a (such as a camera module) of the modified device 126.
[00083] Although it is described that in one embodiment, the first original component 120a is replaced with the first alternate component 128a and in another embodiment the first original value of the first parameter of the first original component 120a is modified to the first modified value, the scope of the present disclosure is not limited to it. In yet another embodiment, the first original component 120a is replaced with the first alternate component 128a and the second original component 120b is modified. In other words, the second original configuration value of the second parameter of the second original component 120b is modified to a second modified value. Upon receiving the validation request to validate the modified device 126, the first processor 114 performs the second handshake with the authentication service provider 108 as described in the foregoing description. Further, the first processor 114 generates the set of instructions to validate the first alternate component 128a and a modified version of the second original component 120b, i.e., the second original component 120b that has the second modified value of the second parameter. The set of actions is executed by the first alternate component 128a and the modified version of the second original component 120b based on the set of instructions. Further, the third response is received by the first processor 114 based on the execution of the set of actions by the first alternate component 128a and the modified version of the second original component 120b. The first processor 114 compares the third response with the predefined response to determine a match. The first alternate component 128a and the modified version of the second original component 120b are successfully validated when the third response matches the predefined response. Further, the successful validation of the first alternate component 128a and the modified version of the second original component 120b indicates the successful validation of the modified device 126. Further, the first processor 114 generates the validation response and communicates the validation response to the payment application provider 106 to enable payments in the modified device 126 as described in the foregoing description.
[00084] Although the installation of the payment application 124 in the modified device 126 and the initiation of the transaction by way of the payment application 124 on the modified device 126 is described in conjunction with FIGS. 1A and 1B, the scope of the disclosure is not limited to it. In other embodiments, installation of various payment applications and initiation of the payment transaction by way of various payment applications is achieved in the similar aforementioned manner.
[00085] Although it is described that one modified device such as the modified device 126 is validated, the scope of the present disclosure is not limited to it. In other embodiments, various modified devices may be validated, without deviating from the scope of the present disclosure.
[00086] In operation, the validation application is installed in the first device 104 by the user 102. The set of instructions associated with the validation application is stored in the first memory 116 of the first device 104. The first processor 114 executes the set of instructions stored in the first memory 116 for enabling payments in the modified device 126 after the modification of the first device 104. The first processor 114 fetches the plurality of original configuration values of the plurality of components 120 from the secure element 122. Further, the first processor 114 performs the first handshake with the authentication service provider 108 to verify the plurality of original configuration values. The first processor 114 determines the first handshake to be successful upon successful verification of the plurality of original configuration values.
[00087] The first handshake being successful indicates to the first processor 114 that the first device 104 is unmodified. The first processor 114 stores the mapping between the first device ID and the plurality of original configuration values in the database server 110 when the first device 104 is determined to be unmodified.
[00088] The user 102 modifies the first device 104 by replacing the first original component 120a of the first device 104 with the first alternate component 128a. The first device 104 is referred to as the modified device 126 after the replacement of the first original component 120a with the first alternate component 128a. In an example, the first original component 120a is a camera. Thus, the first original configuration value stored in the secure element 122 is replaced with the first alternate configuration value due to the replacement of the first original component 120a with the first alternate component 128a.
[00089] On modifying the first device 104, the user 102 wishes to install the payment application 124 in the modified device 126. Thus, the installation request is communicated to the payment application provider 106 by way of the modified device 126 for the installation of the payment application 124 in the modified device 126. The payment application provider 106 receives the installation request. In response to the installation request, the payment application provider 106 transmits the validation request to the first processor 114 for validating the modified device 126.
[00090] On receiving the validation request, the first processor 114 performs the second handshake with the authentication service provider 108. The second handshake is performed each time a payment application needs to be installed or a payment transaction needs to be initiated by way of the modified device 126. The second handshake further aids the first processor 114 to determine whether the first device 104 has been modified, i.e., whether the first device 104 is the modified device 126. In an embodiment, the first processor 114 transmits the third request to the authentication service provider 108. The third request includes the first device ID associated with the modified device 126 and the request to retrieve the plurality of original configuration values stored in the memory (not shown) associated with the authentication service provider 108. In response, the first processor 114 receives the retrieved plurality of original configuration values from the authentication service provider 108. Further, the first processor 114 fetches the plurality of original configuration values of the plurality of components 120 from the secure element 122 of the modified device 126. The first processor 114 compares the plurality of original configuration values retrieved from the authentication service provider 108 with the plurality of original configuration values fetched from the secure element 122 to verify the fetched plurality of original configuration values. As the plurality of original configuration values include the first alternate configuration value in place of the first original configuration value, the first processor 114 determines the second handshake to be unsuccessful. In another embodiment, the first processor 114 transmits the first device ID associated with the modified device 126 and the plurality of original configuration values fetched from the secure element 122. The authentication service provider 108 compares the fetched plurality of original configuration values with the plurality of original configuration values retrieved from the memory (not shown) associated with the authentication service provider 108 to verify the fetched plurality of original configuration values. As the comparison result indicates failure of the verification, the first processor 114 determines the second handshake to be unsuccessful.
[00091] Based on the second handshake, the first processor 114 further detects that the first original component 120a is replaced by the first alternate component 128a and determines that the first device 104 has been modified. Further, the first processor 114 validates the modified device 126. In other words, the first processor 114 validates the first alternate component 128a to validate the modified device 126. In an embodiment, the first processor 114 generates the set of validation instructions to validate the first alternate component 128a. The first alternate component 128a executes the set of actions based on the set of validation instructions. Further, the first processor 114 receives the third response based on the execution of the set of actions by the first alternate component 128a. The first processor 114 compares the third response with the predefined response to determine the match. The first alternate component 128a is validated when the third response matches the predefined response.
[00092] Upon successful validation of the modified device 126, the first processor 114 further generates the validation response. In an embodiment, the validation response includes the validation details such as the validation certificate that indicates successful validation of the modified device 126 and the plurality of original configuration values. In another embodiment, the first processor 114 fetches the set of original configuration values from the database server 110 upon successful validation of the modified device 126. Further, the first processor 114 replaces the set of modified configuration values with the set of original configuration values in the secure element 122. The first processor 114 generates the access key to access the set of original configuration values from the secure element 122. Thus, the validation response includes the access key to access the set of original configuration values upon successful validation of the modified device 126. Further, the first processor 114 communicates the validation response to the payment application provider 106 in response to the validation request. In an embodiment, the payment application provider 106 receives the validation details and permits the installation of the payment application 124 in the modified device 126. In another embodiment, the payment application provider 106 receives the access key, accesses the set of original configuration values from the secure element 122 by utilizing the access key, and permits the installation of the payment application 124 in the modified device 126.
[00093] In an event of failed validation of the modified device 126, the validation response indicates that the modified device 126 is unsuitable for performing payments. Thus, the payment application provider 106 may deny the installation of the payment application 124 in the modified device 126 or deny the transaction request for initiating the payment transaction based on the validation response.
[00094] FIG. 2A is a block diagram that illustrates the database server 110 of the system environments 100A and 100B of FIGS. 1A and 1B, in accordance with an exemplary embodiment of the present disclosure. The database server 110 may include a second processor 202 and a second memory 204. The second processor 202 and the second memory 204 may communicate with each other via a second communication bus 206. The second communication bus 206 may be configured to allow data such as electrical signals and electromagnetic signals to be transferred between the second processor 202 and the second memory 204. Examples of the second communication bus 206 may include, but are not limited to a data bus, an address bus, and a control bus.
[00095] The second processor 202 includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry to perform various operations such as storing the plurality of original configuration values in the second memory 204, storing the set of validation instructions in the second memory 204, and the like. The second processor 202 may be configured to receive one or more queries from the first processor 114 via the communication network 112. Each query may correspond to an encrypted message that is decoded by the second processor 202 for retrieving requisite information. In an example, the requisite information is the set of original configuration values. In another example, the requisite information is the set of validation instructions. In an embodiment, the second processor 202 may be configured to generate the set of validation instructions for validating the modified device 126 upon receiving the validation request. In other words, the first processor 114 may transmit a query that indicates the second processor 202 to generate the set of validation instructions when the first processor 114 receives the validation request. In response to each received query, the second processor 202 may be configured to retrieve and communicate the requisite information to the first processor 114. Examples of the second processor 202 may include but are not limited to, an ASIC processor, a RISC processor, a CISC processor, a FPGA, a CPU, or a microprocessor.
[00096] The second memory 204 includes suitable logic, circuitry, and/or interfaces to store various instructions or code which when executed by the second processor 202 causes the second processor 202 to perform various operations. The second memory 204 may be configured to store the mapping between the first device ID of the first device 104 and the plurality of original configuration values of the plurality of components 120. In other words, the second memory 204 stores the mapping between the first device ID of the first device 104 and the set of original configuration values of the plurality of components 120. The second memory 204 may be configured to store the set of validation instructions. The second processor 202 retrieves the requisite information from the second memory 204 and communicates the requisite information to the first processor 114. In an embodiment, the second memory 204 may be configured to store original configuration values of original components associated with a plurality of devices. The plurality of devices may include the first device 104. The original configuration values of the original components associated with the plurality of devices may be provided by original equipment manufacturers of the plurality of devices or authentication service providers (such as the authentication service provider 108). Examples of the second memory 204 may include a RAM, a ROM, a PROM, EPROM, a removable storage drive, a HDD, a flash memory, a solid-state memory, or the like.
[00097] FIG. 2B illustrates the second memory 204 of the database server 110 of FIG. 2A, in accordance with an exemplary embodiment of the present disclosure. Referring now to FIG. 2B, a table 208 of the second memory 204, in accordance with an exemplary embodiment of the present disclosure is shown. The table 208 shows the mapping between the plurality of original configuration values and the first device ID. The table 208 is shown to include the device ID in a first column C1, a plurality of original component IDs in a second column C2, and the plurality of original configuration values in a third column C3. The device ID is shown to include the first device ID. The first device ID remains unchanged even after the modification of the first device 104. An original component ID is assigned to each component of the plurality of components 120 during the manufacturing of the component by a manufacturer of the first device 104. The original component ID may be a numerical value, an alphanumerical value, an alphabetical value, or a mixed character code that is inclusive of alphanumeric characters and special characters. The plurality of original component IDs are stored in the second column C2. For the sake of brevity, the plurality of original component IDs are shown to include a first original component ID, a second original component ID, and a third original component ID. The first original component ID is associated with the first original component 120a, the second original component ID is associated with the second original component 120b, and the third original component ID is associated with the third original component. Additionally, for the sake of brevity, the plurality of original configuration values are shown to include the first original configuration value, the second original configuration value, and the third original configuration value.
[00098] The first original configuration value is mapped with the first original component ID, the second original configuration value is mapped with the second original component ID, and the third original configuration value is mapped with the third original component ID. In an embodiment, the plurality of original component IDs may indicate the names of the corresponding original component. In an example, the first original component ID is a “camera module” and the second original component ID is a “microphone module”. In another embodiment, the plurality of original component IDs may be numerical values, alphanumerical values, or alphabetical values. In another example, the first original component ID is “34685” and the second original component ID is “56783”. The first processor 114 may utilize the first device ID and a set of original component IDs of the set of original components to retrieve the set of original configuration values after the successful validation of the modified device 126. In an example, the first processor 114 transmits a query to the second processor 202 for retrieval of the first original configuration value. The query indicates the first device ID such as “GBHJKWL” and the first original component ID such as “34685”. The second processor 202 retrieves the first original configuration value such as “dhnje432” from the table 208 based on the received query and transmits the first original configuration value such as “dhnje432” to the first processor 114.
[00099] FIGS. 3A-3C, collectively, represent a process flow diagram 300 that illustrates an exemplary scenario of enabling payments in the modified device 126 of the system environment 100B of FIG. 1B, in accordance with an exemplary embodiment of the present disclosure.
[000100] Referring now to FIG. 3A, the validation application is installed in the first device 104 by the user 102 (as shown by arrow 301). The set of instructions associated with the validation application is stored in the first memory 116 and the set of instructions is executed by the first processor 114. The first processor 114 of the first device 104 fetches the plurality of original configuration values of the plurality of components 120 from the secure element 122 (as shown by arrow 302). Further, the first processor 114 performs the first handshake with the authentication service provider 108 (as shown by arrow 304) to verify the plurality of original configuration values. The first processor 114 determines the first handshake to be successful upon successful verification of the plurality of original configuration values. The first handshake being successful indicates to the first processor 114 that the first device 104 is unmodified. As a result, the first processor 114 stores the plurality of original configuration values (i.e., the plurality of original configuration values that are verified) in the database server 110 (as shown by arrow 306). In an embodiment, the first processor 114 hashes the plurality of original configuration values to generate the hashed plurality of original configuration values such that the plurality of original configuration values stored in the database server 110 is the hashed plurality of original configuration values. Further, the first device 104 is modified by the user 102 (as shown by arrow 308) by replacing the set of original components with the set of alternate components or modifying the set of original values of the set of parameters of the set of original components.
[000101] Referring now to FIG. 3B, the first processor 114 of the modified device 126 transmits one of the installation request or the transaction request to the payment application provider 106 (as shown by arrow 310). The installation request corresponds to the request for the installation of the payment application 124 in the modified device 126. The transaction request corresponds to the request for initiation of the payment transaction through the payment application 124 installed on the modified device 126. In response to one of the installation request and the transaction request, the first processor 114 receives the validation request to validate the modified device 126, from the payment application provider 106 (as shown by arrow 312).
[000102] Upon receiving the validation request from the payment application provider 106, the first processor 114 fetches the plurality of original configuration values from the secure element 122 of the modified device 126 (as shown by arrow 314). Further, the first processor 114 performs the second handshake with the authentication service provider 108 (as shown by arrow 316). As the plurality of original configuration values include the first alternate configuration value in place of the first original configuration value, the second handshake is unsuccessful. The first processor 114 detects that the first original component 120a is replaced by the first alternate component 128a or the first value of the first parameter of the first original component 120a is modified based on the second handshake (as shown by arrow 317). Further, the first processor 114 determines that the first device 104 is the modified device 126 based on the detection that the first original component 120a is replaced with the first alternate component 128a or the first value of the first parameter of the first original component 120a is modified (as shown by arrow 318).
[000103] The first processor 114 validates the modified device 126 (as shown by arrow 319). In other words, the first processor 114 validates the first alternate component 128a or the modified version of the first original component 120a. The first processor 114 generates the set of validation instructions to validate the first alternate component 128a or the modified version of the first original component 120a. The first alternate component 128a or the modified version of the first original component 120a executes the set of actions based on the set of validation instructions. Further, the first processor 114 receives the third response based on the execution of the set of actions by the first alternate component 128a or the modified version of the first original component 120a. The first processor 114 compares the third response with the predefined response to determine a match. The first alternate component 128a or the modified version of the first original component 120a is successfully validated when the third response matches the predefined response. The successful validation of the first alternate component 128a or the modified version of the first original component 120a results in the successful validation of the modified device 126.
[000104] Now referring to FIG. 3C, upon the successful validation of the modified device 126, the first processor 114 requests the database server 110 to fetch the set of original configuration values (as shown by arrow 320). Further, the first processor 114 receives the set of original configuration values from the database server 110 (as shown by arrow 322). When the hashed plurality of original configuration values is stored in the database server 110, the received set of original configuration values is the hashed set of original configuration values. The first processor 114 replaces the set of modified configuration values with the set of original configuration values in the secure element 122 (as shown by arrow 324). Further, the first processor 114 generates the access key for accessing the set of original configuration values from the secure element 122 (as shown by arrow 326).
[000105] The first processor 114 communicates the access key to the payment application provider 106 in response to the validation request (as shown by arrow 328). The payment application provider 106 utilizes the access key to access the set of original configuration values stored in the secure element 122. Further, the payment application 124 is installed on the modified device 126 or the payment transaction is initiated on the modified device 126 (as shown by arrow 330). The payment application provider 106 permits the installation of the payment application 124 in the modified device 126 or the initiation of the payment transaction on the modified device 126 based on the set of original configuration values. Thus, the user 102 may perform payments on the modified device 126 through the payment application 124.
[000106] FIGS. 4A and 4B, collectively, represent a process flow diagram 400 that illustrates another exemplary scenario of enabling payments in the modified device 126 of the system environment 100B of FIG. 1B, in accordance with an exemplary embodiment of the present disclosure.
[000107] Referring now to FIG. 4A, the validation application is installed in the modified device 126 by the user 102 (as shown by arrow 402). The first processor 114 transmits the installation request or the transaction request to the payment application provider 106 (as shown by arrow 404). The installation request corresponds to the request for the installation of the payment application 124 in the modified device 126. The transaction request corresponds to the request for initiation of the transaction through the payment application 124 installed on the modified device 126. In response to one of the installation request and the transaction request, the first processor 114 receives the validation request to validate the modified device 126, from the payment application provider 106 (as shown by arrow 406).
[000108] Upon receiving the validation request from the payment application provider 106, the first processor 114 fetches the plurality of original configuration values from the secure element 122 of the modified device 126 (as shown by arrow 408). Further, the first processor 114 performs the second handshake with the authentication service provider 108 (as shown by arrow 410) to verify the plurality of original configuration values. As the plurality of original configuration values include the first alternate configuration value in place of the first original configuration value, the second handshake is unsuccessful. The first processor 114 detects that the first original component 120a is replaced by the first alternate component 128a or the first value of the first parameter of the first original component 120a is modified based on the second handshake (as shown by arrow 412). Further, the first processor 114 determines that the first device 104 is the modified device 126 based on the detection that the first original component 120a is replaced with the first alternate component 128a or the first value of the first parameter of the first original component 120a is modified (as shown by arrow 413).
[000109] Referring now to FIG. 4B, the first processor 114 validates the modified device 126 (as shown by arrow 414). In other words, the first processor 114 validates the first alternate component 128a. The first processor 114 generates the set of validation instructions to validate the first alternate component 128a or the modified version of the first original component 120a. The first alternate component 128a or the modified version of the first original component 120a executes the set of actions based on the set of validation instructions. Further, the first processor 114 receives the third response based on the execution of the set of actions by the first alternate component 128a or the modified version of the first original component 120a. The first processor 114 compares the third response with the predefined response to determine a match. The first alternate component 128a or the modified version of the first original component 120a is successfully validated when the third response matches the predefined response. The successful validation of the first alternate component 128a results in the validation of the modified device 126.
[000110] Upon validation of the modified device 126, the first processor 114 generates the validation details (as shown by arrow 415). The validation details include the validation certificate that indicates successful validation of the modified device 126 upon the successful validation of the modified device 126. The first processor 114 further communicates validation details to the payment application provider 106 in response to the validation request (as shown by arrow 416). As a result, the payment application 124 is installed on the modified device 126 or the transaction is initiated on the modified device 126 (as shown by arrow 418). The payment application provider 106 permits the installation of the payment application 124 in the modified device 126 or the initiation of the payment transaction on the modified device 126 based on the validation certificate. Thus, the user 102 may perform payments on the modified device 126 through the payment application 124.
[000111] FIG. 5 is a block diagram that illustrates a system architecture of a computer system 500 of the system environments 100A and 100B of FIGS. 1A and 1B, in accordance with an exemplary embodiment of the present disclosure. An embodiment of disclosure, or portions thereof, may be implemented as computer-readable code on the computer system 500. In one example, the first device 104, the payment application provider 106, the authentication service provider 108, and the database server 110 may be implemented as the computer system 500. Hardware, software, or any combination thereof may embody modules and components used to implement methods of FIGS. 6A-6E and 7. The computer system 500 may include a third processor 502, a communication infrastructure 504, a main memory 506, a secondary memory 508, an input/output (I/O) interface 510, and a communication interface 512.
[000112] The third processor 502 may be a special-purpose or a general-purpose processing device. The third processor 502 may be a single processor, multiple processors, or combinations thereof. Further, the third processor 502 may be connected to the communication infrastructure 504, such as a bus, message queue, multi-core message-passing scheme, and the like. The main memory 506 may be configured to store instructions that facilitate various operations described in conjunction with FIGS. 6A-6E and 7. Examples of the main memory 506 may include a RAM, a ROM, and the like. The secondary memory 508 may include an HDD or a removable storage drive, such as a floppy disk drive, a magnetic tape drive, a compact disc, an optical disk drive, a flash memory, and the like. In an embodiment, the removable storage drive may be a non-transitory computer-readable medium. In an example, the first memory 116 corresponds to the main memory 506.
[000113] The I/O interface 510 includes various input and output devices that are configured to communicate with the third processor 502. Examples of the input devices may include a keyboard, a mouse, a joystick, a touchscreen, a microphone, and the like. Examples of the output devices may include a display screen, a speaker, headphones, and the like. The communication interface 512 may be configured to allow data to be transferred between the computer system 500 and various devices that are communicatively coupled to the computer system 500. Examples of the communication interface 512 may include a modem, a network interface, i.e., an Ethernet card, a communication port, and the like. Data transferred via the communication interface may correspond to signals, such as electronic, electromagnetic, optical, or other signals as will be apparent to a person skilled in the art.
[000114] The present invention may be implemented in numerous ways including as a method or a computer program product such as a computer-readable storage medium or a computer network wherein programming instructions are communicated from a remote location.
[000115] The present invention may suitably be embodied as a computer program product for use with the computer system 500. The method described herein is typically implemented as a computer program product that includes a non-transitory computer-readable medium. The non-transitory computer-readable medium stores instructions that are executed or translated by the computer system 500 or any other similar device. In other words, the instructions stored in the non-transitory computer-readable medium are translatable by the first processor 114 associated with the first device 104/the modified device 126 to perform operations for enabling payments in the modified device 126. The instructions may be a series of computer-readable codes stored on a tangible medium that may be the non-transitory computer-readable medium. The tangible medium may be a computer-readable storage medium (such as the main memory 506 or the secondary memory 508), for example, diskette, Compact Disc-Read Only Memory (CD-ROM), ROM, flash drives or hard disk, or transmittable to the computer system 500, via a modem or other interface device, over either a tangible medium, including but not limited to optical or analogue communication interface. The implementation of the invention as a computer program product may be in an intangible form using wireless techniques, including but not limited to microwave, infrared, Bluetooth or other transmission techniques. These instructions can be preloaded into a system or recorded on a storage medium such as a CD-ROM, or made available for downloading over a network such as the Internet or a mobile telephone network. The series of computer-readable instructions may embody all or part of the functionality previously described herein.
[000116] FIGS. 6A-6E, collectively, represent a flowchart 600 that illustrates a method (i.e., a process) for enabling payments in the modified device 126 of the system environment 100B of FIG. 1B, in accordance with an exemplary embodiment of the present disclosure.
[000117] With reference to FIG. 6A, the process may start at step 602. At step 602, the plurality of original configuration values is fetched by the first processor 114 from the secure element 122 of the first device 104. The plurality of original configuration values is fetched after the installation of the validation application in the first device 104. At step 603, the first handshake is performed with the authentication service provider 108 to verify the plurality of original configuration values, by the first processor 114. At step 604a, a fourth response is received by the first processor 114 based on the first handshake. In an embodiment, the fourth response includes the plurality of original configuration values retrieved from the authentication service provider 108. The fetched plurality of original configuration values is verified based on the plurality of original configuration values retrieved from the authentication service provider 108. In another embodiment, the fourth response indicates successful verification or failure of verification of the fetched plurality of original configuration values. At step 604b, the first handshake is determined to be successful based on the fourth response by the first processor 114. In other words, the first handshake is determined to be successful when the fourth response indicates the successful verification of the plurality of original configuration values fetched from the secure element 122. The first handshake being successful indicates to the first processor 114 that the first device 104 is unmodified.
[000118] Referring now to FIG. 6B, in an embodiment, the process initially proceeds to step 605 and then proceeds to step 606. In another embodiment, the process proceeds to step 606 from step 604b. At step 605, the plurality of original configuration values are hashed by the first processor 114 upon the determination that the first handshake is successful. The plurality of original configuration values are hashed to generate the hashed plurality of original configuration values. At step 606, the plurality of original configuration values are stored in the database server 110 upon determination that the first handshake is successful, by the first processor 114. The plurality of original configuration values stored in the database server 110 are the hashed plurality of original configuration values when the process proceeds from step 605 to step 606. The first device 104 is modified by the user 102 to improve the performance of the first device 104. The user 102 may initiate the installation request to the payment application provider 106 through the modified device 126. At step 607, the installation request is communicated to the payment application provider 106 by the first processor 114.
[000119] At step 608, the validation request to validate the modified device 126 is received by the first processor 114 from the payment application provider 106. The validation request is received in response to the installation request.
[000120] Referring now to FIG. 6C, at step 610, the plurality of original configuration values is fetched from the secure element 122 of the modified device 126, by the first processor 114.
[000121] At step 612a, the second handshake is performed by the first processor 114 with the authentication service provider 108 to determine whether the first device 104 is modified. At step 612b, a fifth response is received by the first processor 114 based on the second handshake. In an embodiment, the fifth response includes the plurality of original configuration values retrieved from the authentication service provider 108. As the plurality of original configuration values fetched from the secure element 122 includes the first alternate configuration value in place of the first original configuration value, the first processor 114 determines the second handshake to be unsuccessful. In another embodiment, the fifth response indicates failure of verification of the plurality of original configuration values fetched from the secure element 122 of the modified device 126 as the plurality of original configuration values fetched from the secure element 122 includes the first alternate configuration value in place of the first original configuration value. Thus, the first processor 114 determines the second handshake to be unsuccessful.
[000122] At step 613, based on the fifth response, it is detected by the first processor 114, that the first device 104 is modified. In other words, the first processor 114 detects that at least one of the set of original components is replaced by the set of alternate components and the set of original values of the set of parameters of the first original component 120a is modified based on the second handshake.
[000123] Referring now to FIG. 6D, at step 614, the first device 104 is determined to be the modified device 126 by the first processor 114 based on the detection that at least one of the set of original components is replaced by the set of alternate components and the set of original values of the set of parameters of the first original component 120a is modified. At step 615, the set of validation instructions is generated by the first processor 114 to validate the modified device 126 upon the determination that the first device 104 is the modified device 126. In an embodiment, the set of validation instructions is generated for validating the set of alternate components. In another embodiment, the set of validation instructions is generated for validating the modified version of the set of original components. In yet another embodiment, the set of validation instructions is generated for validating the set of alternate components and the modified version of the set of original components.
[000124] At step 616, the third response is received by the first processor 114 based on the set of validation instructions. In an embodiment, the set of alternate components executes the set of actions based on the set of validation instructions. In another embodiment, the modified version of the set of original components executes the set of actions based on the set of validation instructions. In yet another embodiment, the set of alternate components and the modified version of the set of original components execute the set of actions based on the set of validation instructions. Further, the first processor 114 receives the third response based on the execution of the set of actions. In an embodiment, the third response is received by the first processor 114 based on the execution of the set of actions by the set of alternate components. In another embodiment, the third response is received by the first processor 114 based on the execution of the set of actions by the modified version of the set of original components. In yet another embodiment, the third response is received by the first processor 114 based on the execution of the set of actions by the set of alternate components and the modified version of the set of original components. At step 618, the third response is compared with the predefined response by the first processor 114 to determine a match to validate the modified device 126.
[000125] At step 619, it is determined by the first processor 114 whether the third response matches the predefined response. If at step 619, it is determined that the third response matches the predefined response, the process proceeds to one of step 620a or step 620b. However, if at step 619, it is determined that the third response does not match the predefined response, it is detected by the first processor 114 that the modification is not genuine and the process comes to a halt. In an embodiment, the set of alternate components is successfully validated when the third response matches the predefined response and the successful validation of the set of alternate components indicates successful validation of the modified device 126. In another embodiment, the modified version of the set of original components is successfully validated when the third response matches the predefined response and the successful validation of the modified version of the set of original components indicates successful validation of the modified device 126. In yet another embodiment, the set of alternate components and the modified version of the set of original components are successfully validated when the third response matches the predefined response. Further, the successful validation of the set of alternate components and the modified version of the set of original components indicates successful validation of the modified device 126.
[000126] Referring now to FIG. 6E, at step 620, the set of original configuration values of the set of original components is fetched from the database server 110 upon successful validation of the modified device 126, by the first processor 114. The fetched set of original configuration values is the hashed set of original configuration values when the hashed plurality of original configuration values is stored in the database server 110. At step 622, the set of modified configuration values is replaced with the set of original configuration values such that the set of original configuration values is stored in the secure element 122, by the first processor 114. At step 624, the access key to access the set of original configuration values from the secure element 122 is generated by the first processor 114. Thus, the validation response includes the access key to access the set of original configuration values, upon successful validation of the modified device 126. At step 626, the access key to access the set of original configuration values is communicated to the payment application provider 106 in response to the validation request, by the first processor 114. Further, the payment application provider 106 permits the installation of the payment application 124 in the modified device 126 based on accessing the set of original configuration values from the secure element 122.
[000127] FIG. 7 represents a high-level flowchart 700 that illustrates a method for enabling payment in the modified device 126 of the system environment 100B of FIG. 1B, in accordance with an exemplary embodiment of the present disclosure.
[000128] At step 702, the set of original configuration values of the set of original components of the first device 104 is fetched from the secure element 122 of the first device 104 by the first processor 114. At step 704, the set of original configuration values of the set of original components is stored in the database server 110 by the first processor 114.
[000129] At step 706, the validation request is received from the payment application provider 106 by the first processor 114 upon modification of the first device 104. As the first device 104 is modified, the set of modified configuration values is stored in the secure element 122. At step 708, the set of original configuration values of the set of original components of the first device 104 is fetched from the database server 110 by the first processor 114 upon successful validation of the modified device 126.
[000130] At step 710, the set of modified configuration values is replaced with the set of original configuration values in the secure element 122 by the first processor 114. The set of original configuration values is accessed by the payment application provider 106 from the secure element 122 to install the payment application 124 in the modified device 126.
[000131] Embodiments in the disclosure enable payments on the modified device 126. As a result, the user 102 may perform payments even after modification of the first device 104 to enhance the performance of the first device 104. The modified device 126 is validated by the first processor 114 to enable payments in the modified device 126. The validation of the modified device 126 ensures that the modification is done for genuine requirements and the modification does not pose any threat while performing payments through the modified device 126. The modified device 126 may be utilized to perform biometric checkout payments, voice-enabled payments, tap & pay, and the like after the successful validation of the modified device 126.
[000132] Techniques consistent with the present disclosure provide, among other features, computer program product and methods for enabling payments on rooted devices. In the claims, the words ‘comprising’, ‘including’ and ‘having’ do not exclude the presence of other elements or steps then those listed in a claim. The terms “a” or “an,” as used herein, are defined as one or more than one. Unless stated otherwise, terms such as “first” and “second” are used to arbitrarily distinguish between the elements such terms describe. Thus, these terms are not necessarily intended to indicate temporal or other prioritization of such elements. The fact that certain measures are recited in mutually different claims does not indicate that a combination of these measures cannot be used to advantage.
[000133] While various embodiments of the present disclosure have been illustrated and described, it will be clear that the present disclosure is not limited to these embodiments only. Numerous modifications, changes, variations, substitutions, and equivalents will be apparent to those skilled in the art, without departing from the spirit and scope of the present disclosure, as described in the claims.
, Claims:We Claim:
1. A method comprising:
fetching, by a processor (114) of a first device (104), a set of original configuration values of a set of original components of the first device (104) from a secure element (122) of the first device (104);
storing, by the processor (114), the set of original configuration values in a database server (110);
receiving, by the processor (114) upon modification of the first device (104), a validation request, from a payment application provider (106), wherein the first device (104) is a modified device (126) upon the modification of the first device (104), and wherein upon the modification, the set of original configuration values is modified such that a set of modified configuration values associated with the set of original components is stored in the secure element (122);
fetching, by the processor (114), the set of original configuration values from the database server (110) based on successful validation of the modified device (126); and
replacing, by the processor (114) based on the fetching of the set of original configuration values from the database server (110), the set of modified configuration values with the set of original configuration values in the secure element (122), wherein the set of original configuration values is accessed from the secure element (122) by the payment application provider (106) to install a payment application (124) associated with the payment application provider (106), in the modified device (126).

2. The method as claimed in claim 1, comprising:
determining, by the processor (114), based on the validation request, that the first device (104) is the modified device (126) based on at least one of (i) replacement of the set of original components with a set of alternate components and (ii) modification of a set of original values of a set of parameters of the set of original components, wherein the set of original configuration values is modified to the set of modified configuration values based on at least one of the replacement of the set of original components and the modification of the set of original values.

3. The method as claimed in claim 2, comprising:
generating, by the processor (114), based on the determination that the first device (104) is the modified device (126), a set of validation instructions for validating at least one of (i) a first alternate component (128a) of the set of alternate components and (ii) a first original component (120a) having a first modified value of a first parameter of the set of parameters, wherein a set of actions is executed by at least one of (i) the first alternate component (128a) and (ii) the first original component (120a) having the first modified value of the first parameter, based on the set of validation instructions.

4. The method as claimed in claim 3, comprising:
receiving, by the processor (114), a first response based on the execution of the set of actions by at least one of (i) the first alternate component (128a) and (ii) the first original component (120a) having the first modified value of the first parameter; and
comparing, by the processor (114), the first response with a predefined response to determine a match, wherein the match indicates successful validation of at least one of (i) the first alternate component (128a) and (ii) the first original component (120a) with the first parameter having the first modified value, and wherein the successful validation of at least one of (i) the first alternate component (128a) and (ii) the first original component (120a) having the first modified value of the first parameter, indicates the successful validation of the modified device (126).

5. The method as claimed in claim 1, comprising:
validating, by the processor (114), based on the validation request, the modified device (126) to generate an access key; and
communicating, by the processor (114), the access key to the payment application provider (106) in response to the validation request, wherein based on reception of the access key, by the payment application provider (106), the set of original configuration values is accessed from the secure element (122).

6. The method as claimed in claim 1, comprising:
hashing, by the processor (114), the set of original configuration values upon the fetching of the set of original configuration values from the secure element (122), to generate a hashed set of original configuration values, wherein the set of original configuration values stored in the database server (110) is the hashed set of original configuration values, and wherein the hashed set of original configuration values is fetched from the database server (110) and replaced with the set of modified configuration values in the secure element (122) upon the successful validation of the modified device (126).

7. The method as claimed in claim 1, wherein the modified device (126) is one of a rooted device and a jailbroken device.

8. A first device (104), comprising:
a secure element (122) configured to store a set of original configuration values of a set of original components of the first device (104); and
a processor (114) that is coupled to the secure element (122), wherein the processor (114) is configured to:
fetch the set of original configuration values of the set of original components from the secure element (122) of the first device (104);
store the set of original configuration values in a database server (110);
receive, upon modification of the first device (104), a validation request, from a payment application provider (106), wherein the first device (104) is a modified device (126) upon the modification of the first device (104), and wherein upon the modification, the set of original configuration values is modified such that a set of modified configuration values associated with the set of original components is stored in the secure element (122);
fetch the set of original configuration values from the database server (110) based on successful validation of the modified device (126); and
replace, based on the fetching of the set of original configuration values from the database server (110), the set of modified configuration values with the set of original configuration values in the secure element (122), wherein the set of original configuration values is accessed from the secure element (122) by the payment application provider (106) to install a payment application (124) associated with the payment application provider (106), in the modified device (126).

9. The first device (104) as claimed in claim 8, wherein the processor (114) is configured to:
determine, based on the validation request, that the first device (104) is the modified device (126) based on at least one of (i) replacement of the set of original components with a set of alternate components and (ii) modification of a set of original values of a set of parameters of the set of original components, wherein the set of original configuration values is modified to the set of modified configuration values based on at least one of the replacement of the set of original components and the modification of the set of original values.

10. The first device (104) as claimed in claim 8, wherein the processor (114) is configured to:
validate, based on the validation request, the modified device (126) to generate an access key; and
communicate the access key to the payment application provider (106) in response to the validation request, wherein based on reception of the access key, by the payment application provider (106), the set of original configuration values is accessed from the secure element (122).