| CPC G06Q 20/3829 (2013.01) [G06Q 20/12 (2013.01); G06Q 20/32 (2013.01); G06Q 20/382 (2013.01); G06Q 20/3823 (2013.01); G06Q 20/401 (2013.01)] | 20 Claims |
|
1. A method comprising:
retrieving, by a mobile payment application on a mobile device, payment information including security information comprising user authentication data input into the mobile device by a user of the mobile device and device-specific security values associated with the mobile device;
encrypting, by the mobile payment application using a first encryption key, the payment information to form encrypted payment information;
providing, by the mobile device to a server computer, a payment request including the encrypted payment information, wherein the server computer decrypts the encrypted payment information using a second encryption key, includes an authentication response value from an authentication computer in the payment information, and re-encrypts the payment information with a third encryption key, wherein the authentication computer validates the security information comprising the user authentication data and the device-specific security values associated with the mobile device before providing the providing the authentication response value to the server computer; and
receiving, by the mobile device from the server computer, a payment response including re-encrypted payment information, wherein a transaction processor associated with the mobile device decrypts the re-encrypted payment information using a fourth encryption key and initiates a payment transaction using the decrypted payment information.
|