What technology area does this patent fall under?

Primary CPC classification G06Q20/12. Mapped technology areas include Physics.

When was this patent published?

Publication date Thu Feb 10 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Method, system, and computer program product for network bound proxy re-encryption and pin translation

US2022045997A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2022045997-A1
Application number	US-202017421587-A
Country	US
Kind code	A1
Filing date	Jan 9, 2020
Priority date	Jan 9, 2019
Publication date	Feb 10, 2022
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A method, system, and computer program product generate, with a payment network, a first value (a) and a second value (ga), the second value (ga) generated based on the first value (a) and a generator value (g); generate, with the payment network, a plurality of random merchant numbers (mi) for a respective plurality of merchant banks; determine, with the payment network, a merchant product (M) based on a product of the plurality of random merchant numbers (mi); generate, with the payment network, a public key (pki) based on the second value (ga), the merchant product (M), and the random merchant number (mi) and a random key (rki) based on the merchant product (M) and the random merchant number (mi) for each respective merchant bank; and communicate, with the payment network, the public key (pki) and the random key (rki) to at least one respective merchant bank.

First claim

Opening claim text (preview).

1 . A computer-implemented method comprising: generating, with a point-of-sale (POS) terminal, a first ciphertext associated with a transaction, the first ciphertext comprising: (i) a first ciphertext value associated with a randomly selected key (r), the first ciphertext value encrypted based on the randomly selected key (r) and a generator value (g); and (ii) a second ciphertext value associated with a first public key (pk 1 ) of a first pair of keys comprising a first public key (pk 1 ) and a first secret key (sk 1 ), the first public key (pk 1 ) generated based on the first secret key (sk 1 ) and the generator value (g), the second ciphertext value encrypted based on transaction data associated with the transaction and a symmetric key (K) generated based on the first public key (pk 1 ) and the randomly selected key (r); communicating, with the POS terminal, the first ciphertext to at least one payment gateway; re-encrypting, with the at least one payment gateway, the first ciphertext value with a first re-encryption key to transform the first ciphertext value encrypted under the first public key (pk 1 ) to a re-encrypted first ciphertext value encrypted under a second public key (pk 2 ) associated with the at least one payment gateway; communicating, with the at least one payment gateway, the re-encrypted first ciphertext value and the second ciphertext value to at least one merchant bank; re-encrypting, with the at least one merchant bank, the re-encrypted first ciphertext value encrypted with a second re-encryption key to transform the re-encrypted first ciphertext value encrypted under the second public key (pk 2 ) of the at least one payment gateway to a second re-encrypted first ciphertext value under a third public key (pk 3 ) of the at least one merchant bank; communicating, with the at least one merchant bank, the second re-encrypted first ciphertext value and the second ciphertext value to a payment network; re-encrypting, with the payment network, the second re-encrypted first ciphertext value encrypted with a third re-encryption key to transform the second re-encrypted first ciphertext value encrypted under the third public key (pk 3 ) of the at least one merchant bank to a third re-encrypted first ciphertext value under a fourth public key (pk 4 ) of the payment network; communicating, with the payment network, the third re-encrypted first ciphertext value and the second ciphertext value to at least one consumer bank; determining, with the at least one consumer bank, the symmetric key (K) based on the third re-encrypted first ciphertext value and a secret key of the consumer bank; and decrypting, with the at least one consumer bank, the second ciphertext value based on the symmetric key (K) to obtain the transaction data. 2 . The computer-implemented method of claim 1 , wherein an intermediary server translates between multiple different parties by decrypting the second ciphertext value and using a portion of the transaction data to determine routing and a corresponding re-encryption key for a subsequent communication. 3 . The computer-implemented method of claim 1 , wherein the transaction data includes at least one of a mobile personal identification number (PIN), a card verification number, or a card number associated therewith. 4 . The computer-implemented method of claim 1 , wherein the second ciphertext value is used to encrypt a personal identification number (PIN) under the randomly selected key (r) protected by the first ciphertext value, and wherein a re-encryption generates a new ciphertext value while the second ciphertext value is unchanged. 5 . A system comprising: a point-of-sale (POS) terminal including one or more processors, wherein the POS terminal is programmed and/or configured to: generate a first ciphertext associated with a transaction, the first ciphertext comprising: (i) a first ciphertext value associated with a randomly selected key (r), the first ciphertext value encrypted based on the randomly selected key (r) and a generator value (g); and (ii) a second ciphertext value associated with a first public key (pk 1 ) of a first pair of keys comprising a first public key (pk 1 ) and a first secret key (sk 1 ), the first public key (pk 1 ) generated based on the first secret key (sk 1 ) and the generator value (g), the second ciphertext value encrypted based on transaction data associated with the transaction and a symmetric key (K) generated based on the first public key (pk 1 ) and the randomly selected key (r); and communicate the first ciphertext to at least one payment gateway; the at least one payment gateway including one or more processors, wherein the at least one payment gateway is programmed and/or configured to: re-encrypt the first ciphertext value with a first re-encryption key to transform the first ciphertext value encrypted under the first public key (pk 1 ) to a re-encrypted first ciphertext value encrypted under a second public key (pk 2 ) associated with the at least one payment gateway; and communicate the re-encrypted first ciphertext value and the second ciphertext value to at least one merchant bank; the at least one merchant bank including one or more processors, wherein the at least one merchant bank is programmed and/or configured to: re-encrypt the re-encrypted first ciphertext value encrypted with a second re-encryption key to transform the re-encrypted first ciphertext value encrypted under the second public key (pk 2 ) of the at least one payment gateway to a second re-encrypted first ciphertext value under a third public key (pk 3 ) of the at least one merchant bank; and communicate the second re-encrypted first ciphertext value and the second ciphertext value to a payment network; the payment network including one or more processors, wherein the payment network is programmed and/or configured to: re-encrypt the second re-encrypted first ciphertext value encrypted with a third re-encryption key to transform the second re-encrypted first ciphertext value encrypted under the third public key (pk 3 ) of the at least one merchant bank to a third re-encrypted first ciphertext value under a fourth public key (pk 4 ) of the payment network; and communicate the third re-encrypted first ciphertext value and the second ciphertext value to at least one consumer bank; and the at least one consumer bank including one or more processors, wherein the at least one consumer bank is programmed and/or configured to: determine the symmetric key (K) based on the third re-encrypted first ciphertext value and a secret key of the consumer bank; and decrypt the second ciphertext value based on the symmetric key (K) to obtain the transaction data. 6 . The system of claim 5 , further comprising: an intermediary server programmed and/or configured to translate between multiple different parties by decrypting the second ciphertext value and using a portion of the transaction data to determine routing and a corresponding re-encryption key for a subsequent communication. 7 . The system of claim 5 , wherein the transaction data includes at least one of a mobile personal identification number (PIN), a card verification number, or a card number associated therewith. 8 . The system of claim 5 , wherein the second ciphertext value is used to encrypt a personal identification number (PIN) under the randomly selected key (r) protected by the first ciphertext value, and wherein a re-encryption generates a new ciphertext value while the second ciphertext value is unchanged. 9 . A computer program product comprising at least one non-transitory computer-readable medium including program instructions that, when executed by at least one processor, cause the at least one pro

Assignees

Visa Int Service Ass

Inventors

Classifications

H04L9/0822
using key encryption key · CPC title
G06Q20/206
comprising security or operator identification provisions, e.g. password entry · CPC title
G06Q20/3821
Electronic credentials · CPC title
G06Q20/385
using an alias or single-use codes · CPC title
G07F7/1091
Use of an encrypted form of the PIN · CPC title

Patent family

Related publications grouped by family.

View patent family 71521820

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2022045997A1 cover?: A method, system, and computer program product generate, with a payment network, a first value (a) and a second value (ga), the second value (ga) generated based on the first value (a) and a generator value (g); generate, with the payment network, a plurality of random merchant numbers (mi) for a respective plurality of merchant banks; determine, with the payment network, a merchant product (M)…
Who is the assignee on this patent?: Visa Int Service Ass
What technology area does this patent fall under?: Primary CPC classification G06Q20/12. Mapped technology areas include Physics.
When was this patent published?: Publication date Thu Feb 10 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).