US 12,256,009 B2
Method, system, and computer program product for network bound proxy re-encryption and PIN translation
Sivanarayana Gaddam, Santa Clara, CA (US); Gaven James Watson, Palo Alto, CA (US); Pratyay Mukherjee, Sunnyvale, CA (US); and Rohit Sinha, Bokaro Steel (IN)
Assigned to Visa International Service Association, San Francisco, CA (US)
Filed by Visa International Service Association, San Francisco, CA (US)
Filed on Jun. 22, 2023, as Appl. No. 18/212,779.
Application 18/212,779 is a continuation of application No. 17/421,608, granted, now 11,736,295, previously published as PCT/US2020/012891, filed on Jan. 9, 2020.
Claims priority of provisional application 62/929,344, filed on Nov. 1, 2019.
Claims priority of provisional application 62/790,163, filed on Jan. 9, 2019.
Prior Publication US 2023/0353366 A1, Nov. 2, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06Q 20/38 (2012.01); G06Q 20/02 (2012.01); G06Q 20/10 (2012.01); G06Q 20/20 (2012.01); G06Q 20/40 (2012.01); H04L 9/08 (2006.01); H04L 9/30 (2006.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01)
CPC H04L 9/3226 (2013.01) [G06Q 20/027 (2013.01); G06Q 20/108 (2013.01); G06Q 20/202 (2013.01); G06Q 20/206 (2013.01); G06Q 20/3823 (2013.01); G06Q 20/3829 (2013.01); G06Q 20/385 (2013.01); G06Q 20/4012 (2013.01); H04L 9/0819 (2013.01); H04L 9/0869 (2013.01); H04L 9/30 (2013.01); H04L 63/0471 (2013.01); H04L 2209/56 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
generating, with at least one point-of-sale (POS) terminal, a random number (r) for a transaction message (m) associated with a transaction, wherein the transaction message (m) contains sensitive data, and wherein the sensitive data comprises an identification number associated with a user;
generating, with the at least one POS terminal, a first ciphertext associated with the transaction, the first ciphertext comprising:
(i) a first ciphertext value associated with the transaction message (m), the first ciphertext value encrypted based on the random number (r), a generator value (g), and the transaction message (m); and
ii) a second ciphertext value associated with the random number (r), the second ciphertext value encrypted based on the random number (r) and a terminal public key;
communicating, with the POS terminal, the first ciphertext to at least one payment gateway;
re-encrypting, with the at least one payment gateway, the second ciphertext value based on a terminal random key to transform the second ciphertext value to a re-encrypted second ciphertext value based on a second value (ga), a merchant product (M), and the random number (r);
communicating, with the at least one payment gateway, the re-encrypted second ciphertext value and the first ciphertext value to at least one respective merchant bank of a plurality of merchant banks;
re-encrypting, with the at least one respective merchant bank of the plurality of merchant banks, the re-encrypted second ciphertext value to transform the re-encrypted second ciphertext value to a second re-encrypted second ciphertext value;
communicating, with the at least one respective merchant bank, the second re-encrypted second ciphertext value and the first ciphertext value to a payment network;
decrypting, with the payment network, the first ciphertext value to form the transaction message (m) based on the second re-encrypted second ciphertext value, the merchant product (M), a random merchant number (mi), and the first ciphertext value;
communicating, with the payment network, the transaction message (m) associated with the transaction to a consumer bank;
verifying, with the consumer bank, the identification number associated with the user; and
in response to verifying the identification number, authorizing, with the consumer bank, the transaction.