摘要 |
<p>A method by which merchants who store sensitive credit card information can secure the information from theft, while minimizing the impact on the customer, as well as minimizing the cost of implementation. The merchant uses a special secured record (Fig. 2, 100) for the storage of the credit card information for a specific customer. The record consists of two parts. The first part of the record contains public information (120) which is visible to anyone with access to the record (100). The public information includes the merchant identity, along with information that constrains the used of the record, such as limits on the type of purchase, amount of purchase, or frequency of purchase, as well as the expiration date of the record, approved shipping addresses, and other constraints that make the record effectively useless to anyone except the merchant who created and stored the record, as well as limiting possible abuses by said merchant. The second part (130) of the record (100) contains private information which is encrypted so as to be visible only to parties authorized to view the information. The private part (130) of the record (100) will contain the sensitive credit card information, along with a checksum (140) of the contents of the record (100). When the record (100) is submitted to the clearing entity, the private part (130) of the record (100) is decrypted using the appropriate key. The checksum (140) is used to verify that the record (100) has not been modified, and that the public and private sections (120, 130) correspond to each other. Once, the record (100) is validated, constraints are applied, and if met, the credit card information is used to process the transaction.</p> |
申请人 |
MANDALA SCIENCES, INC.;ENDRES, TIMOTHY, G.;SCHWARTZ, MARK, H. |
发明人 |
ENDRES, TIMOTHY, G.;SCHWARTZ, MARK, H. |