US 12,008,548 B2
Systems and methods for using a cryptogram lockbox
Howard Spector, Woolwich, NJ (US); Eric L. Connolly, Avondale, PA (US); David Christopher Carey, Middletown, DE (US); Gayathri Sundar, Irving, TX (US); Raghuram Vudathu, Downington, PA (US); Ankur Kulshreshtha, Newark, DE (US); Ishank Paharia, Newark, DE (US); Pavan Mummareddi, Newark, DE (US); Benjamin Brandt, Philadelphia, PA (US); Mervin Majella Felix, Newark, DE (US); Ajith Chandran Karuvathil, West Chester, PA (US); Arun Neelan, Chadds Ford, PA (US); Rajeeva Chandra Nagarakanti, Chadds Ford, PA (US); and Venkata Kunam, Newark, DE (US)
Assigned to JPMORGAN CHASE BANK , N.A., New York, NY (US)
Filed by JPMORGAN CHASE BANK, N.A., New York, NY (US)
Filed on Jun. 5, 2019, as Appl. No. 16/432,623.
Claims priority of provisional application 62/680,674, filed on Jun. 5, 2018.
Prior Publication US 2019/0370790 A1, Dec. 5, 2019
Int. Cl. G06Q 20/36 (2012.01); G06Q 20/32 (2012.01); G06Q 20/38 (2012.01); G06Q 20/40 (2012.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01)
CPC G06Q 20/3674 (2013.01) [G06Q 20/322 (2013.01); G06Q 20/385 (2013.01); G06Q 20/4097 (2013.01); H04L 9/0891 (2013.01); H04L 9/3247 (2013.01); H04L 9/3263 (2013.01)] 14 Claims
OG exemplary drawing
 
1. A method for activating a merchant-specific cryptogram lockbox, comprising:
receiving, by a merchant backend for a merchant in a physical merchant datacenter and from a financial institution backend and using a merchant general gateway, a startup code comprising a unique value that authorizes use of a merchant-specific cryptogram lockbox by the merchant, the merchant backend in communication with a plurality of merchant point of sale devices and wherein the merchant-specific cryptogram lockbox generates cryptograms for the plurality of merchant point of sale devices;
communicating, by the merchant backend, the startup code to the merchant-specific cryptogram lockbox;
generating, by the merchant-specific cryptogram lockbox in Rail the physical merchant datacenter, a call comprising the startup code and cryptogram lockbox metadata for the merchant-specific cryptogram lockbox;
encrypting, by the merchant-specific cryptogram lockbox, the call with a public key for the financial institution backend;
calling, by the merchant-specific cryptogram lockbox and using a merchant outbound gateway, the financial institution backend with the encrypted call;
establishing, by the merchant-specific cryptogram lockbox, a secure communication channel with the financial institution backend, wherein the secure communication channel uses IP whitelisting;
receiving, by the merchant-specific cryptogram lockbox, limited use keys from the financial institution backend over the secure communication channel;
receiving, by the merchant-specific cryptogram lockbox and from one of the plurality of merchant point of sale devices, a call comprising a request for a cryptogram and a payment token for an account in a transaction;
generating, by the merchant-specific cryptogram lockbox, the cryptogram for the payment token using the limited use keys;
returning, by the merchant-specific cryptogram lockbox, the cryptogram to the merchant backend;
combining, by the merchant backend, the cryptogram and the payment token; and
conducting, by the merchant backend, the transaction with the combined cryptogram and the payment token.