Method and system for secure credit card transactions

Assignee

• Storage Technology Corporation · US

Inventors

• Steven Harvey McCown · Mapleton, US
• James P. Hughes · Palo Alto, US
• Michael L. Leonhardt · Longmont, US
• Charles A. Milligan · Golden, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06Q40/03
• WIPO fieldIT methods for management
• WIPO sectorElectrical engineering

Abstract

A customer making a credit card transaction inserts their smart card into a card reader attached to the merchant's system. The card reader activates the customer's card and passes certain merchant information. The merchant's system then requests a “billing digest” from the customer's card. The billing digest is returned to the merchant's card reader that forwards it (and the transaction information which includes customer information and merchant information) to the corresponding credit card issuer, which maintains the customer's credit card account. In one embodiment, the customer information and the merchant information are encrypted. Upon receiving the billing digest, transaction information is decrypted if necessary and the credit card issuer looks up the customer's master key using the customer's account number. The credit card issuer then uses the transaction information to re-compute the billing digest (an authentication billing digest) and compares this new value with the billing digest submitted by the merchant. If authentic, the billing digest and authentication billing digest values are equivalent, then funds are transferred and an acceptance notification is returned to …