EP 1320839 A2 20030625 - AN IMPROVED METHOD AND SYSTEM FOR CONDUCTING SECURE PAYMENTS OVER A COMPUTER NETWORK
Title (en)
AN IMPROVED METHOD AND SYSTEM FOR CONDUCTING SECURE PAYMENTS OVER A COMPUTER NETWORK
Title (de)
VERBESSERTES VERFAHREN UND SYSTEM ZUM AUSFÜHREN GESICHERTER ZAHLUNGEN ÜBER EIN COMPUTERNETZWERK
Title (fr)
PROCEDE ET SYSTEME AMELIORES PERMETTANT D'EFFECTUER DES PAIEMENTS SECURISES SUR UN RESEAU INFORMATIQUE
Publication
Application
Priority
- US 0119753 W 20010621
- US 21306300 P 20000621
- US 22622700 P 20000818
- US 80936701 A 20010315
- US 83304901 A 20010411
Abstract (en)
[origin: WO0199070A2] A secure method of conducting an electronic transaction over a public communications network is provided which utilizes a pseudo-expiration date in the expiration date field of an authorization request. One of the preferred methods comprises: generating a per-card key associated with an account number; generating a message authentication code using the per-card key; converting the message authentication code into a pseudo expiration date; generating an authorization request for the transaction, the request having an expiration date field containing the pseudo expiration date; and verifying the message authentication code based on the pseudo expiration date. Another embodiment of the invention includes a method of conducting an electronic transaction over a public communications network, with a payment account number having an associated pseudo account number, comprising: a) providing the pseudo account number with a control field indicating one of a plurality of key-generation processes to be used to generate an authentication key; b) generating an authentication key associated with the pseudo account number using one of the plurality of key-generation processes indicated in the control field of the pseudo account number; c) using the authentication key to generate a message authentication code specific to the transaction; d) generating an authorization request message including the message authentication code and the pseudo account number; and e) verifying the message authentication code using the indicated key-generation process and the authentication key.
IPC 1-7
IPC 8 full level
G06F 21/20 (2006.01); G06F 21/31 (2013.01); G06F 21/34 (2013.01); G06F 21/44 (2013.01); G06Q 20/00 (2006.01); G06Q 30/00 (2006.01); G07F 7/12 (2006.01); H04L 9/32 (2006.01)
CPC (source: EP)
G06Q 20/00 (2013.01); G06Q 20/02 (2013.01); G06Q 20/04 (2013.01); G06Q 20/14 (2013.01); G06Q 20/24 (2013.01); G06Q 20/3823 (2013.01); G06Q 20/3825 (2013.01); G06Q 20/3829 (2013.01); G06Q 20/385 (2013.01); G06Q 30/06 (2013.01); G07F 7/08 (2013.01); G07F 7/12 (2013.01); G07F 7/122 (2013.01)
Citation (search report)
See references of WO 0199070A2
Citation (examination)
US 5724424 A 19980303 - GIFFORD DAVID K [US]
Designated contracting state (EPC)
AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR
DOCDB simple family (publication)
WO 0199070 A2 20011227; WO 0199070 A3 20030116; AU 7001101 A 20020102; AU 781671 B2 20050602; CA 2382696 A1 20011227; EP 1320839 A2 20030625; JP 2003536180 A 20031202; JP 5093957 B2 20121212
DOCDB simple family (application)
US 0119753 W 20010621; AU 7001101 A 20010621; CA 2382696 A 20010621; EP 01948538 A 20010621; JP 2002503837 A 20010621