| CPC H04L 9/085 (2013.01) [G06Q 20/3829 (2013.01); H04L 9/3247 (2013.01); H04L 63/0428 (2013.01); H04L 63/061 (2013.01); H04L 63/0823 (2013.01)] | 20 Claims |
|
1. A method, performed by an electronic device, the electronic device comprising:
deriving, responsive to a purchase request input to an application or Web browser installed on the electronic device, keying material to encrypt payment material, wherein the keying material is derived based on (1) a shared secret, the shared secret generated by combining an encryption private key of the electronic device and an ephemeral public key of a payment server and (2) a signing public key of the electronic device;
encrypting the payment material using the keying material to produce encrypted payment material, wherein the payment material identifies a payment mechanism associated with the electronic device;
generating a signature using a signing private key of the electronic device;
sending the encrypted payment material and the signature to the payment server via a merchant server associated with the application or Web browser;
receiving, from the payment server, a credential generated in response to determining that the encrypted payment material and the signature were generated by the electronic device;
sending the credential to the merchant server to establish an exchange of value based on the payment mechanism; and
confirming the exchange of value through the application or Web browser.
|