Secure authorizations using independent communications and different one-time-use encryption keys for each party to a transaction

摘要

A registered provider device encrypts provider input related to a transaction between the provider device and one of many registered user devices to create an encrypted one-time-use provider code (the encryption is performed using an encryption key produced, in part, using a uniquely sequenced number generated by a sequencer maintained by the provider device). Similarly, the user device encrypts user input to create an encrypted one-time-use user code using an encryption key produced, in part, using a uniquely sequenced number generated by a user sequencer maintained by the user device. The provider and user devices independently transmit their different encrypted one-time-use codes to an intermediate entity, which decrypts the encrypted codes. This decryption is performed using one-time-use encryption keys produced using sequencers maintained by the intermediate entity, and this decryption generates an authorization request. The intermediate entity obtains an authorization decision regarding the authorization request from the authorization entity.

主权项

1. A system comprising:
a consortium device maintaining duplicate sequencers used in producing one-time-use encryption keys for registered user devices and registered provider devices; and a point-of-sale device in communication with said consortium device, said consortium device causing a provider device, of said registered provider devices, to encrypt provider input related to a transaction between said provider device and a user device, of said registered user devices, to create an encrypted one-time-use provider code using a one-time-use provider encryption key produced, in part, using a uniquely sequenced number generated by a provider sequencer maintained by said provider device, said consortium device causing said user device to encrypt user input related to said transaction to create an encrypted one-time-use user code using a one-time-use user encryption key produced, in part, using a uniquely sequenced number generated by a user sequencer maintained by said user device, said provider sequencer and said user sequencer separately producing different encryption keys for said transaction, said provider device using said uniquely sequenced number generated by said provider sequencer to produce said encrypted one-time-use provider code for said transaction, and said user device using said uniquely sequenced number generated by said user sequencer to produce said encrypted one-time-use user code for said transaction, said provider sequencer and said user sequencer being separately synchronized with corresponding ones of said duplicate sequencers maintained by said consortium device, such that said provider sequencer is synchronized with a corresponding duplicate sequencer maintained by said consortium device and said user sequencer is synchronized with a different duplicate sequencer maintained by said consortium device, and said provider sequencer and said user sequencer produce different encryption keys for a given transaction, said provider sequencer, said user sequencer, and said duplicate sequencers producing different one-time-use encryption keys for each different transaction to prevent any one-time-use encryption key from being used for different transactions, said provider device independently supplying said encrypted one-time-use provider code to said point-of-sale device, and said user device independently supplying said encrypted one-time-use user code to said point-of-sale device, such that said provider device only supplies an encrypted provider half of said transaction to said point-of-sale device and said user device only supplies an encrypted user half of said transaction to said point-of-sale device, said point-of-sale device transmitting said encrypted one-time-use provider code and said encrypted one-time-use user code to said consortium device for an authorization of said transaction, said consortium device decrypting said encrypted one-time-use provider code and decrypting said encrypted one-time-use user code using one-time-use encryption keys independently produced by said consortium device using corresponding ones of said duplicate sequencers maintained by said consortium device to produce unencrypted provider input related to said transaction and unencrypted user input related to said transaction; said consortium device combining said unencrypted provider input related to said transaction and said unencrypted user input related to said transaction to produce an authorization request for said transaction, said consortium device generating an authorization decision in response to said authorization request, said consortium device transmitting said authorization decision to said point-of-sale device, and said point-of-sale device outputting said authorization decision to said provider device and said user device.