View All Documents & Correspondence
Method And System For Enhanced Validation Of Cryptograms In Cloud Based Systems
Abstract: A method for enhanced validation of cryptograms for varying account number lengths includes: storing one or more primary account numbers and a plurality of formatting templates each template being associated with an account number length; receiving a selection indicating a specific primary account number; identifying a specific formatting template where the associated account number length corresponds to a length of the specific primary account number; receiving an unpredictable number from a point of sale device; generating a cryptogram based on at least the unpredictable number and one or more algorithms; generating a data string wherein the data string includes at least the generated cryptogram the specific primary account number and the unpredictable number and wherein the data string is formatted based on the identified specific formatting template; and electronically transmitting the generated data string to the point of sale device.
Notices, Deadlines & Correspondence
Patent Information
Applicants
MASTERCARD INTERNATIONAL INCORPORATED
Inventors
1. COLLINGE Mehdi
2. WARD Michael Christopher
3. JANSEN Sandra
Specification
This application claims priority to and the benefit of the filing date of
U.S. Patent Application Nos. 62/210,659 filed on August 27, 2015 and 14/985,664 filed on December 31, 2015, which are hereby incorporated by reference in their entireties.
FIELD
The present disclosure relates to enhanced validation of cryptograms for in cloud-based systems, specifically the enhanced validation of cryptograms and inclusion in data strings of varied data based on length of account numbers and unpredictable numbers used therein.
BACKGROUND
During the conducting of a payment transaction involving a payment card, cryptograms are often generated that are used in authentication of the payment card and authorization of the transaction. In many instances, a cryptogram may be generated by the payment card itself (e.g., in payment cards with integrated circuit) or a computing device used to convey payment details, such as a smart phone or tablet computer. However, there are limits on the amount of data that may be conveyed from the payment card or computing device to a point of sale for inclusion in a transaction message for the payment transaction. As a result, payment cards and computing devices often use specific formatting for the transmitted data, which includes the at least the cryptogram and a transaction account number.
However, as the number and type of transaction accounts increases, many financial institutions and other entities are interested in using account numbers of varying lengths. In particularly, many entities are interested in expanding transaction account numbers beyond the additional sixteen digits, for improved routing, accommodation of a greater number of transaction accounts, etc. Current systems are configured to use up to the limit of data space available for conveying to a point of sale and inclusion in a transaction message. As such, traditional computing systems are not equipped for the use of transaction account numbers of varying lengths, due to necessitated changes to the remainder of data to be conveyed to the point of sale, particularly while ensuring the inclusion of proper cryptograms and additional data.
Thus, mere is a need for a technical solution where a computing device can be properly configured to accommodate for transaction account numbers of varying lengths while still including cryptograms and other data necessary for the use in payment transaction and staying whhin data limits.
SUMMARY
The present disclosure provides a description of systems and methods for enhanced validation of cryptograms for varying account number lengths.
A method for enhanced validation of cryptograms for varying account number lengths includes: storing, in a memory of a computing device, one or more primary account numbers and a plurality of formatting templates, wherein each template is associated with at least an account number length; receiving, by an input device of the computing device, a selection indicating a specific primary account number of the one or more primary account numbers; executing, by a querying module of the computing device, a query on the memory to identify a specific formatting template of the plurality of formatting templates where the associated account number length corresponds to a length of the specific primary account number; receiving, by a receiving device of the computing device, at least an unpredictable number from a point of sale device; generating, by a generation module of the computing device, a cryptogram based on at least the unpredictable number and one or more algorithms; generating, by the generation module of the computing device, a data string, wherein the data string includes at least the generated cryptogram, the specific primary account number, and the unpredictable number, and wherein the data string is formatted based on the identified specific formatting template; and electronically transmitting, by a transmitting device of the computing device, the generated data string to the point of sale device.
A system for enhanced validation of cryptograms for varying account number lengths includes: a memory of a computing device configured to store one or more primary account numbers and a plurality of formatting templates, wherein each template is associated with at least an account number length; an input device of the computing device configured to receive a selection indicating a specific primary account number of the one or more primary account numbers; a querying module of
the computing device configured to execute a query on the memory to identify a specific formatting template of the plurality of formatting templates where the associated account number length corresponds to a length of the specific primary account number; a receiving device of the computing device configured to receive at least an unpredictable number from a point of sale device; a generation module of the computing device configured to generate a cryptogram based on at least the unpredictable number and one or more algorithms, and a data string, wherein the data string includes at least the generated cryptogram, the specific primary account number, and the unpredictable number, and wherein the data string is formatted based on the identified specific formatting template; and a transmitting device of the computing device configured to electronically transmit the generated data string to the point of sale device.
BRIEF DESCRIPTION OF THE DRAWING FIGURES
The scope of the present disclosure is best understood from the following detailed description of exemplary embodiments when read in conjunction with the accompanying drawings. Included in the drawings are the following figures:
FIG. 1 is a block diagram illustrating a high level system architecture for enhanced validation of cryptograms for varying account number lengths in accordance with exemplary embodiments.
FIG.2 is a block diagram illustrating the computing device of FIG. 1 for the generation and providing of a data string for enhanced cryptogram validation for account numbers of varying lengths in accordance with exemplary embodiments.
FIG. 3 is a flow diagram illustrating a process for enhanced generation and validation of cryptograms for varying account number lengths using the system of FIG. 1 in accordance with exemplary embodiments.
FIG.4 is a flow diagram illustrating a process for generation and conveyance of a data string for enhanced validation of a cryptogram for account numbers of varying lengths using the computing device of FIG. 1 in accordance with exemplary embodiments.
FIG. 5 is a diagram illustrating the varied formatting of a data string for the conveyance of cryptograms and other transaction data for account numbers of varying lengths in accordance with exemplary embodiments.
FIG. 6 is a flow chart illustrating an exemplary method for enhanced validation of cryptograms for varying account number lengths in accordance with exemplary embodiments.
FIG.7 is a flow diagram illustrating the processing of a payment transaction in accordance with exemplary embodiments.
FIG. 8 is a block diagram illustrating a computer system architecture in accordance with exemplary embodiments.
Further areas of applicability of the present disclosure will become apparent from the detailed description provided hereinafter. It should be understood that the detailed description of exemplary embodiments are intended for illustration purposes only and are, therefore, not intended to necessarily limit the scope of the disclosure.
DETAILED DESCRIPTION
Glossary of Terms
Payment Network - A system or network used for the transfer of money via the use of cash-substitutes. Payment networks may use a variety of different protocols and procedures in order to process the transfer of money for various types of transactions. Transactions that may be performed via a payment network may include product or service purchases, credit purchases, debit transactions, fund transfers, account withdrawals, etc. Payment networks may be configured to perform transactions via cash-substitutes, which may include payment cards, letters of credit, checks, transaction accounts, etc. Examples of networks or systems configured to perform as payment networks include those operated by MasterCard*, VISA* Discover* American Express* PayPal*, etc. Use of the term "payment network" herein may refer to bom the payment network as an entity, and the physical payment network, such as the equipment, hardware, and software comprising the payment network.
Payment Rails - Infrastructure associated with a payment network used in the processing of payment transactions and the communication of transaction messages and other similar data between the payment network and other entities interconnected with the payment network. The payment rails may be comprised of the hardware used to establish the payment network and the interconnections between the payment network and other associated entities, such as financial institutions, gateway processors, etc. In some instances, payment rails may also be affected by software, such as via special programming of the communication hardware and devices that comprise the payment rails. For example, the payment rails may include specifically configured computing devices that are specially configured for the routing of transaction messages, which may be specially formatted data messages that are electronically transmitted via the payment rails, as discussed in more detail below.
Payment Card - A card or data associated with a transaction account that may be provided to a merchant in order to fund a financial transaction via the associated transaction account. Payment cards may include credit cards, debit cards, charge cards, stored-value cards, prepaid cards, fleet cards, virtual payment numbers, virtual card numbers, controlled payment numbers, etc. A payment card may be a physical card that may be provided to a merchant, or may be data representing the associated transaction account (e.g., as stored in a communication device, such as a smart phone or computer). For example, in some instances, data including a payment account number may be considered a payment card for the processing of a transaction funded by the associated transaction account In some instances, a check may be considered a payment card where applicable.
Merchant - An entity that provides products (e.g., goods and/or services) for purchase by another entity, such as a consumer or another merchant A merchant may be a consumer, a retailer, a wholesaler, a manufacturer, or any other type of entity that may provide products for purchase as will be apparent to persons having skill in the relevant art. In some instances, a merchant may have special knowledge in the goods and/or services provided for purchase. In other instances, a merchant may not have or require any special knowledge in offered products. In some embodiments, an entity involved in a single transaction may be considered a merchant. In some instances, as used herein, the term "merchant" may refer to an apparatus or device of a merchant entity.
Issuer - An entity that establishes (e.g., opens) a letter or line of credit in favor of a beneficiary, and honors drafts drawn by the beneficiary against the amount specified in the letter or line of credit In many instances, the issuer may be a bank or other financial institution authorized to open lines of credit. In some instances, any entity that may extend a line of credit to a beneficiary may be considered an issuer. The line of credit opened by the issuer may be represented in the form of a payment account, and may be drawn on by the beneficiary via the use of a payment card. An issuer may also offer additional types of payment accounts to consumers as will be apparent to persons having skill in the relevant art, such as debit accounts, prepaid accounts, electronic wallet accounts, savings accounts, checking accounts, etc., and may provide consumers with physical or non-physical means for accessing and/or utilizing such an account, such as debit cards, prepaid cards, automated teller machine cards, electronic wallets, checks, etc.
Acquirer - An entity mat may process payment card transactions on behalf of a merchant. The acquirer may be a bank or other financial institution authorized to process payment card transactions on a merchant's behalf. In many instances, the acquirer may open a line of credit with the merchant acting as a beneficiary. The acquirer may exchange funds with an issuer in instances where a consumer, which may be a beneficiary to a line of credit offered by the issuer, transacts via a payment card with a merchant that is represented by the acquirer.
System for Enhanced Validation of Cryptograms
FIG. 1 illustrates a system 100 for the enhanced validation of cryptograms accounting for transaction account numbers of varying lengths.
The system 100 may include a computing device 102. The computing device 102, discussed in more detail below, may be configured to generate cryptograms for inclusion in a data string mat accounts for transaction account numbers of varying lengths for inclusion in a transaction message used to process a payment transaction. The computing device 102 may be any suitable type of computing device, which may be a computing device specifically configured to perform the methods as discussed herein, such as a cellular phone, smart phone, laptop computer, tablet computer, desktop computer, smart watch, smart television, wearable computing device, implantable computing device, etc.
In the system 100, a consumer 104 may use the computing device 102 to convey payment details for use in a payment transaction. The consumer 104 may have a transaction account established with an issuer 106, which may be a financial institution, such as an issuing bank, or other entity configured to possess or otherwise manage transaction accounts for use by consumers 104 in funding payment transactions. The issuer 106 may issue the consumer 104 a transaction account,
which may be used to fund payment transactions. The computing device 102 may be configured to store payment details associated with the transaction account, which may include at least a transaction account number and additional data associated therewith that may be used in the processing of payment transactions, such as a transaction counter, name, expiration date, security code, algorithm data, cryptogram data, etc. In some instances, the computing device 102 may be configured to store payment details for multiple transaction accounts, such as additional transaction accounts associated with the issuer 106 or one or more transaction accounts associated with one or more additional issuers 106.
The consumer 104 may, using the computing device 102, engage in a payment transaction with a merchant As part of the engaging of the payment transaction, the consumer 104 may present the computing device 102 to a point of sale device 108 associated with the merchant for the conveyance of payment details to the point of sale device 108. As discussed in more detail below, the point of sale device 108 and computing device 102 may establish a communication channel and, using the communication channel, may exchange data for use in the processing of the payment transaction. The communication channel may use any suitable type of communication, such as cellular communication, radio frequency, near field communication, Bluetooth, etc.
The point of sale device 108 may generate an unpredictable number using methods that will be apparent to persons having skill in the relevant art, such as using a random or pseudo-random number generator, which may be electronically transmitted to the computing device 102 using the communication channel. In some instances, the unpredictable number may be of a varied length. For example, the unpredictable number may be two, three, four digits, or even more digits as may be applicable. In some embodiments, the length of the unpredictable number may be based on the length of the transaction account number used for funding of the payment transaction. In such an embodiment, the consumer 104 may first select a transaction account to use in the payment transaction via the computing device 102. The computing device 102 may, via the established communication channel, electronically transmit a length for the selected transaction account number or a desired unpredictable number length to the point of sale device 108. The point of sale device 108 may then generate and supply an unpredictable number of a suitable length accordingly, such as by using a random number generator configured to
generate a random, unpredictable number of a specified length. In other
embodiments, the point of sale device 108 may generate an unpredictable number of a length based on one or more internal rules, while the computing device 102 may adjust its processes accordingly to account for varying unpredictable number lengths.
Hie computing device 102 may receive the unpredictable number and may then generate one or more cryptograms for use in the payment transaction based thereon. Each cryptogram may be generated using one or more associated algorithms, which may be applied to at least the unpredictable number received from the point of sale device 108. In some instances, the algorhhm(s) may also be applied to a transaction counter associated with the selected transaction account and an initialization vector. The initialization vector may be a diversification value input to the cryptogram calculation that does not depend on transaction data. In some cases, each cryptogram may be generated using a different algorithm or set of algorithms.
The computing device 102 may be configured to generate a data string. The data string may be formatted based on a specific formatting template. The specific formatting template may be one of a plurality of different formatting templates stored therein and configured for use in the formatting of data strings. The plurality of formatting templates may include formatting templates associated with each account number length for the transaction account numbers stored in the computing device 102. For example, the computing device 102 may store a formatting template for 16 digit account numbers, a formatting template for 17 digit account numbers, a formatting template for 18 digit account numbers, etc. In some instances, formatting templates may also be based on the unpredictable number length. For example, a formatting template may be associated with both an account number length (e.g., 16, 17, 18, 19, or 20 digits) and an unpredictable number length (e.g., 2, 3, or 4 digits).
In some embodiments, each formatting template may represent a data string of the same overall length, where the formatting template may specify the length and location of data included therein. For example, each formatting template may be used in the generation of a 28-digit data string or 28 digits of data located in a longer data string and may specify the length and location of the transaction account number and unpredictable number included therein, as well as the location of additional data to be included therein. Additional data that may be included in a data string may include the transaction counter associated with the transaction account
used to fund the payment transaction, the cryptograms generated for the transaction, and extra digits suitable for use that may be dependent on additional criteria. For example, the extra digits may be used for cardholder verification method data, such as may be requested by the point of sale device 108 or specified by the computing device 102.
In some embodiments, each formatting template may be associated with one of Level 1, Level 2, or Level 3 data, as these terms would be known to someone skilled in the relevant art. In such instances, the formatting template may specify the length and location of the transaction account number, unpredictable number, and additional data in the context of the Level 1, Level 2, or Level 3 data. For example, the formatting template may specify the location of the data in a larger data string configured to store Level 1 data as set forth in standards associated with Level 1 data. In some instances, the formatting template may specify the entirety of the data string for the Level 1, Level 2, or Level 3 data, which may include the location and length of the transaction account number and unpredictable number.
In some instances, each formatting template may also be associated with a number and/or type of cryptogram. For example, a formatting template may specify that one, two, or three cryptograms are to be generated for inclusion in the corresponding data string, and may indicate algorithms for the generation thereof. In other instances, each formatting template may be associated with a number of cryptograms such mat the computing device 102 may select a formatting template based on a number of cryptograms being generated, such as may be specifically requested by the point of sale device 108 or the issuer 106. For example, the issuer 106 may specify that, for a specific transaction account, two cryptograms must always be used. The computing device 102 may then select a formatting template accordingly that accommodates for two cryptograms and for the unpredictable number provided by the point of sale device 108.
The computing device 102 may generate the data string using the appropriate formatting template, and may electronically transmit the data string to the point of sale device 108 using the established communication channel. In some embodiments, the data string may be accompanied by a bitmap. The bitmap may be configured to indicate the formatting of the data string. The bitmap may be generated by the computing device 102 based on the formatting template, or may be stored therein and identified as accompanying the corresponding formatting template.
The point of sale device 108 may receive the data string, and, if applicable, the accompanying bitmap, from the computing device 102 using the communication channel. The point of sale device 108 may then electronically transmit the data string and additional transaction data related to the payment transaction to an acquirer 110 or other entity for processing via the payment rails. Additional transaction data may include, for example, a transaction amount, product data, offer data, point of sale device data, reward data, loyalty data, etc. The acquirer 110 may be a financial institution or other entity configured to possess or otherwise manage a transaction account associated with the merchant involved in the payment transaction for the receipt of funds from the consumer 104. The acquirer 110 may receive the transaction data and data string directly from the point of sale device 108 or via another entity (e.g., a gateway processor) via the payment rails associated with a payment network 112.
The acquirer 110 may generate a transaction message for the payment transaction, which may be submitted to the payment network 112 for processing. The transaction message may be a specially formatted data message that may be formatted pursuant to one or more standards governing the exchange of financial transaction messages, such as the International Organization of Standardization's ISO 8S83 standard. The transaction message may include a plurality of data elements, which may be configured to store data as set forth in the associated standard(s). For instance, the transaction message may include a data element configured to store a transaction amount, a data element configured to store a transaction time, a data element configured to store a transaction date, etc. One or more data elements may also be configured to store the data string received from the computing device 102. In some instances, the data string may be stored in a data element configured to store Level 1, Level 2, or Level 3 data. In some cases, the data string may be included in a larger data string stored in a data element configured to store Level 1 , Level 2, or Level 3 data.
The transaction message may also be configured to store a message type indicator, which may indicate a type of the transaction message. For example, the message type indicator may indicate the transaction message as being an authorization request, authorization response, etc. The acquirer 110 may
electronically transmit the transaction message to the payment network 112 via the payment rails for processing. The payment network 112 may then process the
payment transaction using traditional methods and systems based on the data included in the received transaction message, including the exchange of transaction information with the issuer 106. Additional data regarding transaction messages, the processing of payment transactions, and the exchange of transaction messages and transaction data via the payment rails is discussed below with respect to the process 700 illustrated in FIG. 7.
The methods and system discussed herein enable the processing of payment transactions via enhanced cryptogram generation and validation that can accommodate for transaction account numbers and unpredictable numbers of varying lengths. Via the use of special formatting templates by a specifically configured computing device, data strings may be generated that include cryptograms that are generated based on the length of the account number for the transaction account used to fund the payment transaction as well as the length of the unpredictable number used in the transaction.
Computing Device
FIG.2 illustrates an embodiment of the computing device 102 of the system 100. It will be apparent to persons having skill in the relevant art that the embodiment of the computing device 102 illustrated in FIG.2 is provided as illustration only and may not be exhaustive to all possible configurations of the computing device 102 suitable for performing the functions as discussed herein. For example, the computer system 800 illustrated in FIG. 8 and discussed in more detail below may be a suitable configuration of the computing device 102.
The computing device 102 may include a receiving device 202. The receiving device 202 may be configured to receive data over one or more networks via one or more network protocols. In some embodiments, the receiving device 202 may be configured to receive data over the payment rails, such as using specially configured infrastructure associated with payment networks 112 for the transmission of transaction messages that include sensitive financial data and information. In some instances, the receiving device 202 may also be configured to receive data from issuers 106, point of sale devices 108, payment networks 112, and other entities via alternative networks, such as the Internet In some embodiments, the receiving device 202 may be comprised of multiple devices, such as different receiving devices for receiving data over different networks, such as a first receiving device for receiving data over payment rails and a second receiving device for receiving data over the Internet. The receiving device 202 may receive electronically data signals that are transmitted, where data may be superimposed on the data signal and decoded, parsed, read, or otherwise obtained via receipt of the data signal by the receiving device 202. In some instances, the receiving device 202 may include a parsing module for parsing the received data signal to obtain the data superimposed thereon. For example, the receiving device 202 may include a parser program configured to receive and transform the received data signal into usable input for the functions performed by the processing device to carry out the methods and systems described herein.
The receiving device 202 may be configured to receive data signals electronically transmitted by issuers 106, which may be superimposed with payment account details. For example, the issuer 106 may provision payment credentials for a transaction account to the computing device 102, which may be received by the receiving device 202 and include the corresponding transaction account number, transaction counter, and other data suitable for use in performing the functions discussed herein. The receiving device 202 may also be configured to receive data signals electronically transmitted by the point of sale device 108 during the conducting of payment transactions. Such data signals may be superimposed with unpredictable numbers, other transaction data, transaction confirmations, data requests, data specifications, etc. For example, the point of sale device 108 may specify a Level for the data requested from the computing device 102, and may also request a length for the unpredictable number.
The computing device 102 may also include a communication module 204. The communication module 204 may be configured to transmit data between modules, engines, databases, memories, and other components of the computing device 102 for use in performing the functions discussed herein. The communication module 204 may be comprised of one or more communication types and utilize various communication methods for communications within a computing device. For example, the communication module 204 may be comprised of a bus, contact pin connectors, wires, etc. In some embodiments, the communication module 204 may also be configured to communicate between internal components of the computing device 102 and external components of the computing device 102, such as externally connected databases, display devices, input devices, etc. The computing device 102 may also include a processing device. The processing device may be configured to perform the functions of the computing device 102 discussed herein as will be apparent to persons having skill in the relevant art. In some embodiments, the processing device may include and/or be comprised of a plurality of engines and/or modules specially configured to perform one or more functions of the processing device, such as a querying module 206, generation module 208, input module 210, transaction processing module 212, etc. As used herein, the term "module" may be software executed on hardware thereby resulting in a particularly programmed computer to receive an input, perform one or more processes using the input, and provide an output in a manner general purpose computers are not capable of performing. The input output, and processes performed by various modules will be apparent to one skilled in the art based upon the present disclosure.
The computing device 102 may also include a memory 216. The memory 216 may be configured to store data for use by the computing device 102 in performing the functions discussed herein. The memory 216 may be configured to store data using suitable data formatting methods and schema and may be any suitable type of memory, such as read-only memory, random access memory, etc. The memory 216 may include, for example, encryption keys and algorithms,
communication protocols and standards, data formatting standards and protocols, program code for modules and application programs of the processing device, and other data that may be suitable for use by the computing device 102 in the performance of the functions disclosed herein as will be apparent to persons having skill in the relevant art upon reading the present disclosure.
The memory 216 may also be configured to store a plurality of formatting templates. Each formatting template may be associated with a length for transaction account numbers. In some instances, each formatting template may also be associated with an unpredictable number length. Formatting templates may also be associated with additional criteria, such as a Level for data (e.g., Level 1, 2, or 3), a number of cryptograms, extra digit specifications, etc. In some instances, formatting templates may also be associated with corresponding bitmaps stored in the memory 216. The memory 216 may also be configured to store payment transaction numbers and additional transaction account data suitable for use in the processing of payment transactions, such as a transaction counter, account name, zip code or postal code, expiration date, security number, etc. In some instances, data stored in the memory 216 may be stored in one or more relational databases mat may utilize structured query language for the storage, identification, modifying, updating, accessing, etc. of structured data sets stored therein.
The computing device 102 may include a querying module 206. The querying module 206 may be configured to execute queries on databases to identify information. The querying module 206 may receive one or more data values or query strings, and may execute a query string based thereon on an indicated database, such as the memory 216, to identify information stored therein. The querying module 206 may then output the identified information to an appropriate engine or module of the computing device 102 as necessary. The querying module 206 may, for example, execute a query on the memory 216 to identify account data associated whh a transaction account and a specific formatting template for use in generating a data string for use in processing a payment transaction. The identified account data, which may include at least a transaction account number and transaction counter, and the specific formatting template may be passed to a generation module 208.
The generation module 208 may be configured to generate cryptograms and data strings. The generation module 208 may receive and instruction and corresponding data, may generate data based thereon, and may output the generated data to one or more other modules or engines of the computing device 102 for use in performing the functions discussed herein. For example, the generation module 208 may receive account and/or transaction data, as well as one or more algorithms (e.g., identified in the memory 216 by the querying module 206) and generate one or more cryptograms accordingly. In some instances, each cryptogram may utilize separate algorithms in the generation thereof, but may utilize the same data in the generation thereof. The generation module 208 may also use the account and transaction data and a specific formatting template and generate a data string formatted based on the specific formatting template, and may include the transaction account number, unpredictable number, cryptograms, and other data at lengths and locations accordingly. Generated data strings may be output to the transaction processing module 212 and/or transmitting device 214. In some embodiments, the generation module 208 may also be configured to generate a bitmap corresponding to a specific formatting template, which may be included in a corresponding generated data string.
In some embodiments, the computing device 102 may include an input module 210. The input module 210 may be configured to receive input from a user of the computing device 102, such as the consumer 104. The input module 210 may be interfaced with one or more input devices for the receipt of data signals therefrom, such as a keyboard, mouse, touch screen, scroll wheel, click wheel, microphone, camera, etc. The input module 210 may receive input from the consumer 104 and may pass the data to a corresponding module or engine of the computing device 102. For example, the input module 210 may receive an instruction from the consumer 104 for the conducting of a payment transaction, which may instruct the receiving device 202 to establish a communication channel with a point of sale device 108 to receive transaction data, as well as a selection indicating a transaction account to use to fund the payment transaction.
In some instances, the computing device 102 may include a transaction processing module 212. The transaction processing module 212 may be configured to perform additional functions of the computing device 102 suitable for use in the processing of payment transactions. For example, the transaction processing module 212 may be configured to increment a transaction counter for a transaction account each time a data signal is transmitted for use in a payment transaction, such as by submitting a query to the querying module 206 to update the transaction counter in the memory 216. In another example, the transaction processing module 212 may be configured to validate transaction data received by the receiving device 202 from the point of sale device 108, such as to ensure the point of sale device 108 is genuine using methods that will be apparent to persons having skill in the relevant art
The transmitting device 214 may be configured to transmit data over one or more networks via one or more network protocols. In some embodiments, the transmitting device 214 may be configured to transmit data over the payment rails, such as using specially configured infrastructure associated with payment networks 112 for the transmission of transaction messages that include sensitive financial data and information, such as identified payment credentials. In some instances, the transmitting device 214 may be configured to transmit data to issuers 106, point of sale devices 108, acquirers 110, payment networks 112, and other entities via alternative networks, such as the Internet. In some embodiments, the transmitting device 214 may be comprised of multiple devices, such as different transmitting devices for transmitting data over different networks, such as a first transmitting device for transmitting data over the payment rails and a second transmitting device for transmitting data over the Internet. The transmitting device 214 may
electronically transmit data signals mat have data superimposed that may be parsed by a receiving computing device. In some instances, the transmitting device 214 may include one or more modules for superimposing, encoding, or otherwise formatting data into data signals suitable for transmission.
The transmitting device 214 may be configured to electronically transmit data signals to point of sale devices 108 that are superimposed with generated data strings using a communication channel established with the point of sale device 108. In some instances, the transmitting device 214 may also electrically transmit bitmaps to point of sale devices 108, which may correspond to the formatting of the data string transmitted thereto. The transmitting device 214 may also be configured to electronically transmit data messages to additional entities, such as to the issuer 106 requesting the provisioning of payment credentials.
Process for Enhanced Cryptogram Validation for Varying Account Lengths
FIG.3 illustrates a process for the use of enhanced cryptogram validation that accounts for transaction account numbers and unpredictable numbers of varying lengths using the system 100.
In step 302, the computing device 102 and point of sale device 108 may establish a communication channel. In some instances, the communication channel may be a secure connection, such that other devices and/or entities may be unable to access the data electronically transmitted between the devices using the connection. The communication channel may utilize any type of communication method and/or protocol suitable for performing the functions discussed herein, such as near field communication, radio frequency communication, cellular network communication, etc.
In step 304, the point of sale device 108 may generate an unpredictable number. In some embodiments, the length of the unpredictable number may be set by the point of sale device 108, but may also not be uniform with all other point of sale devices. The length may be static (e.g., the same in every transaction) or may vary. The variance of the length may be random, may be based on internal criteria of the point of sale device 108, or may be based on a requested unpredictable number length as provided by the computing device 102 to the point of sale device 108 via an electronic transmission using the communication channel.
In step 306, the point of sale device 108 may electronically transmit the unpredictable number to the computing device 102 using the communication channel. In step 308, the receiving device 202 of the computing device 102 may receive the unpredictable number. In step 310, one or more payment cryptograms may be generated by the generation module 208 of the computing device 102. Each cryptogram may be generated via the application of one or more algorithms (e.g., as queried from the memory 216 by the querying module 206) to at least the unpredictable number. Each algorithm may also be applied to the transaction counter associated with the transaction account being used to fund the payment transaction, and an initialization vector.
In some instances, the number and/or type of cryptograms may be based on a specific formatting template identified for the transaction. The specific formatting template may be based on at least the length of a transaction account number used in the funding of the payment transaction. The transaction account number may be identified as a default number to be used in transactions, or may be indicated in a selection made by the consumer 104 via the input module 210 of the computing device 102. In some instances, the number and/or type of cryptograms may be specified by the point of sale device 108, and may be indicated in a submission accompanying the unpredictable number, as transmitted to the computing device 102 in step 306 and received in step 308.
Once the cryptogram(s) have been generated, then, in step 312, the generation module 208 may generate a data string. The data string may be formatted based on the specific formatting template and may include the data indicated therein in the lengths and location as specified in the formatting template. For example, the formatting template may specify the length of the transaction account number and unpredictable number and the location of each in the data string, as well as the location of additional data that may be included therein, such as the transaction counter and one or more extra digits.
In step 314, the transmitting device 214 of the computing device 102 may electronically transmit the generated data string to the point of sale device 108 using the established communication channel. In some instances, the transmitting device 214 may also transmit a bitmap corresponding to the specific formatting
template to the point of sale device 108. In step 316, the point of sale device 108 may receive the data string, and, in step 318, may electronically transmit transaction data and payment data, including the received data string, to an acquirer 110 or other entity for use in processing the payment transaction.
Process for Generating a Data String Formatted Based on Varying Account Lengths
FIG.4 illustrates a process 400 for the generation and conveyance of a data string that includes a transaction account number and one or more cryptogram for enhanced validation that is formatted based on the length of the transaction account number and an unpredictable number, which may vary from one transaction to another.
WHAT IS CLAIMED IS:
1. A method for enhanced validation of cryptograms for varying account number lengths, comprising:
storing, in a memory of a computing device, one or more primary account numbers and a plurality of formatting templates, wherein each template is associated with at least an account number length;
receiving, by an input device of the computing device, a selection indicating a specific primary account number of the one or more primary account numbers;
executing, by a querying module of the computing device, a query on the memory to identify a specific formatting template of the plurality of formatting templates where the associated account number length corresponds to a length of the specific primary account number;
receiving, by a receiving device of the computing device, at least an unpredictable number from a point of sale device;
generating, by a generation module of the computing device, a cryptogram based on at least the unpredictable number and one or more algorithms;
generating, by die generation module of the computing device, a data string, wherein the data string includes at least the generated cryptogram, the specific primary account number, and the unpredictable number, and wherein the data string is formatted based on the identified specific formatting template; and
electronically transmitting, by a transmitting device of the computing device, the generated data string to the point of sale device.
2. Hie method of claim 1 , wherein
each formatting template of the plurality of formatting templates is further associated with a number of digits, and
the specific formatting template is identified based on a correspondence between the associated number of digits and a number of digits of the received unpredictable number.
3. The method of claim 1, wherein the generated data string is electronically transmitted in a data message mat further includes a bitmap indicative of formatting of the generated data message.
4. The method of claim 3, further comprising:
generating, by the generation module of the computing device, the bitmap based on at least the identified specific formatting template.
5. The method of claim 3, wherein
each formatting template of the plurality of formatting templates further includes a bitmap, and
the bitmap included in the data message corresponds to the bitmap included in the identified specific formatting template.
6. The method of claim 1 , wherein
the memory further includes, for each of the one or more primary account numbers, a transaction counter, and
the generated data string further includes the transaction counter associated with the specific primary account number.
7. The method of claim 6, wherein the cryptogram is further based on the transaction counter associated with the specific primary account number.
8. The method of claim 1, further comprising:
generating, by the generation module of the computing device, a second cryptogram based on at least the unpredictable number and at least one additional algorithm, wherein
the data string further includes the second cryptogram.
9. The method of claim 1, wherein the data slrmg further includes at least one extra digit, and where a number of extra digits is based on the length of the specific primary account number and a number of digits of the received unpredictable number.
10. The method of claim 9, wherein the at least one extra digit stores cardholder verification method data.
11. A system for enhanced validation of cryptograms for varying account number lengths, comprising:
a memory of a computing device configured to store one or more primary account numbers and a plurality of formatting templates, wherein each template is associated with at least an account number length;
an input device of the computing device configured to receive a selection indicating a specific primary account number of the one or more primary account numbers;
a querying module of the computing device configured to execute a query on the memory to identify a specific formatting template of the plurality of formatting templates where the associated account number length corresponds to a length of the specific primary account number;
a receiving device of the computing device configured to receive at least an unpredictable number from a point of sale device;
a generation module of the computing device configured to generate
a cryptogram based on at least the unpredictable number and one or more algorithms, and
a data string, wherein the data string includes at least the generated cryptogram, the specific primary account number, and the unpredictable number, and wherein the data string is formatted based on the identified specific formatting template; and
a transmitting device of the computing device configured to electronically transmit the generated data string to the point of sale device.
12. The system of claim 11 , wherein
each formatting template of the plurality of formatting templates is further associated with a number of digits, and
the specific formatting template is identified based on a correspondence between the associated number of digits and a number of digits of the received unpredictable number.
13. The system of claim 11 , wherein the generated data string is electronically transmitted in a data message that further includes a bitmap indicative of formatting of the generated data message.
14. The system of claim 13, wherein the generation module of the computing device is further configured to generate the bitmap based on at least the identified specific formatting template.
15. The system of claim 13, wherein
each formatting template of the plurality of formatting templates further includes a bitmap, and
the bitmap included in the data message corresponds to the bitmap included in the identified specific formatting template.
16. The system of claim 11 , wherein
the memory further includes, for each of the one or more primary account numbers, a transaction counter, and
the generated data string further includes the transaction counter associated with the specific primary account number.
17. The system of claim 16, wherein the cryptogram is further based on the transaction counter associated with the specific primary account number.
18. The system of claim 11 , wherein
the generation module of the computing device is further configured to generate a second cryptogram based on at least the unpredictable number and at least one additional algorithm, and
the data string further includes the second cryptogram.
19. The system of claim 11 , wherein the data string further includes at least one extra digit, and where a number of extra digits is based on the length of the specific primary account number and a number of digits of the received unpredictable number.
20. The system of claim 19, wherein the at least one extra digit stores cardholder verification method data.
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 201817003164-STATEMENT OF UNDERTAKING (FORM 3) [27-01-2018(online)].pdf | 2018-01-27 |
| 2 | 201817003164-PROOF OF RIGHT [27-01-2018(online)].pdf | 2018-01-27 |
| 3 | 201817003164-POWER OF AUTHORITY [27-01-2018(online)]_33.pdf | 2018-01-27 |
| 4 | 201817003164-POWER OF AUTHORITY [27-01-2018(online)].pdf | 2018-01-27 |
| 5 | 201817003164-FORM 18 [27-01-2018(online)].pdf | 2018-01-27 |
| 6 | 201817003164-FORM 1 [27-01-2018(online)]_34.pdf | 2018-01-27 |
| 7 | 201817003164-FORM 1 [27-01-2018(online)].pdf | 2018-01-27 |
| 8 | 201817003164-FIGURE OF ABSTRACT [27-01-2018(online)]_20.pdf | 2018-01-27 |
| 9 | 201817003164-FIGURE OF ABSTRACT [27-01-2018(online)].pdf | 2018-01-27 |
| 10 | 201817003164-DRAWINGS [27-01-2018(online)]_19.pdf | 2018-01-27 |
| 11 | 201817003164-DRAWINGS [27-01-2018(online)].pdf | 2018-01-27 |
| 12 | 201817003164-DECLARATION OF INVENTORSHIP (FORM 5) [27-01-2018(online)].pdf | 2018-01-27 |
| 13 | 201817003164-COMPLETE SPECIFICATION [27-01-2018(online)]_25.pdf | 2018-01-27 |
| 14 | 201817003164-COMPLETE SPECIFICATION [27-01-2018(online)].pdf | 2018-01-27 |
| 15 | 201817003164-Power of Attorney-020218.pdf | 2018-02-07 |
| 16 | 201817003164-OTHERS-020218.pdf | 2018-02-07 |
| 17 | 201817003164-Correspondence-020218.pdf | 2018-02-07 |
| 18 | 201817003164.pdf | 2018-03-24 |
| 19 | abstract.jpg | 2018-04-12 |
| 20 | 201817003164-FORM 3 [27-07-2018(online)].pdf | 2018-07-27 |
| 21 | 201817003164-PETITION UNDER RULE 137 [11-08-2020(online)].pdf | 2020-08-11 |
| 22 | 201817003164-OTHERS [11-08-2020(online)].pdf | 2020-08-11 |
| 23 | 201817003164-Information under section 8(2) [11-08-2020(online)].pdf | 2020-08-11 |
| 24 | 201817003164-FORM 3 [11-08-2020(online)].pdf | 2020-08-11 |
| 25 | 201817003164-FER_SER_REPLY [11-08-2020(online)].pdf | 2020-08-11 |
| 26 | 201817003164-DRAWING [11-08-2020(online)].pdf | 2020-08-11 |
| 27 | 201817003164-CLAIMS [11-08-2020(online)].pdf | 2020-08-11 |
| 28 | 201817003164-ABSTRACT [11-08-2020(online)].pdf | 2020-08-11 |
| 29 | 201817003164-FER.pdf | 2021-10-18 |
| 30 | 201817003164-PatentCertificate08-12-2023.pdf | 2023-12-08 |
| 31 | 201817003164-IntimationOfGrant08-12-2023.pdf | 2023-12-08 |
Search Strategy
| 1 | SEarchdoc-Copy-converted_21-02-2020.pdf |