公开(公告)号：US20160358163A1

公开(公告)日：2016-12-08

申请号：US14584367

申请日：2014-12-29

Applicant: CA, INC.

Inventor： SHARATH LAKSHMAN KUMAR ,  Mahesh Malatesh Chitragar

IPC: G06Q20/38 ,  G06Q20/20 ,  G06Q20/36 ,  G06Q20/10

CPC classification number: G06Q20/3823 ,  G06Q20/02 ,  G06Q20/20 ,  G06Q20/3278 ,  G06Q20/385 ,  G06Q20/425

Abstract: A method includes communicating with a token server to identify a key, generating an initialization vector, performing a logical operation on the key using the initialization vector to generate a modified key, encrypting a financial account number using a format preserving encryption technique to generate a payment token where the format preserving encryption technique uses the modified key, establishing a communication connection with a point-of-sale terminal, and transmitting the payment token to the point-of-sale terminal.

Abstract translation: 一种方法包括与令牌服务器通信以识别密钥，生成初始化向量，使用初始化向量对密钥执行逻辑操作以生成修改的密钥，使用格式保留加密技术加密财务帐号以产生支付 令牌，其中格式保留加密技术使用修改的密钥，建立与销售点终端的通信连接，以及将支付令牌发送到销售点终端。

公开(公告)号：US10387884B2

公开(公告)日：2019-08-20

申请号：US14661894

申请日：2015-03-18

Applicant: CA, Inc.

Inventor： Sharath Lakshman Kumar ,  Mahesh Malatesh Chitragar ,  Vishwanatha Salian ,  Stephen Prasad

IPC: G06Q20/34 ,  G06Q20/40

Abstract: A method for preventing mobile payment is described. The method comprises generating an authorization request, via a payment module, based on sensitive data on a mobile device. The authorization request is transmitted from the payment module to an issuer system. The issuer system sends a neutralization trigger. In response to receiving the neutralization trigger, the payment module is disabled.

公开(公告)号：US10475036B2

公开(公告)日：2019-11-12

申请号：US14991511

申请日：2016-01-08

Applicant: CA, Inc.

Inventor： Sharath Lakshman Kumar ,  Mahesh Malatesh Chitragar ,  Mohammed Mujeeb Kaladgi ,  Pradeep G. Nair

IPC: G06Q20/40 ,  H04L29/06 ,  G06Q20/38 ,  G06Q20/22 ,  G06Q20/34

Abstract: A restriction request message, including a restriction parameter for a secondary account, is received from a device that is associated with a primary account, via a network node that is outside of a secure authorization network. A replenishment request message, including a password and an account replenishment parameter for the secondary account, is also received via a network node that is outside of the authorization network. Authentication is performed based on the password, and the restriction parameter for the secondary account is identified responsive to receiving the replenishment request message. Responsive to determining that the account replenishment parameter satisfies the restriction parameter, a replacement key is generated and associated with the account replenishment parameter for the secondary account. A replenishment response message including the replacement key is transmitted to a device that is associated with the secondary account, via a network node that is outside of the authorization network.

公开(公告)号：US10360558B2

公开(公告)日：2019-07-23

申请号：US14660240

申请日：2015-03-17

Applicant: CA, Inc.

Inventor： Mohammed Mujeeb Kaladgi ,  Mahesh Malatesh Chitragar ,  Vishwanatha Salian

IPC: G06Q20/36 ,  H04L29/06 ,  G06Q20/38 ,  G06Q20/40 ,  G06Q20/32 ,  H04W12/06 ,  G06F21/31

Abstract: A method for two factor authentication is described. The method comprises sending an activation code stored on a mobile device to a server for verification. An encrypted secret key generated by the server using the activation code is received. The secret key is decrypted using the activation code stored on the mobile device. The mobile device encrypts the secret key using a predetermined PIN. As a result of a user inputting the predetermined PIN, the secret key is decrypted, the mobile device generates a first token using the secret key and transmits the first token to the server to authenticate the user. After receiving authentication from the server, the information on the mobile device is synced with the server.

公开(公告)号：US09984371B2

公开(公告)日：2018-05-29

申请号：US14670657

申请日：2015-03-27

Applicant: CA, INC.

Inventor： Mahesh Malatesh Chitragar ,  Dhivya Kalyanasundaram ,  Sharath Lakshman Kumar ,  Vishwanatha Salian

IPC: G06Q20/40 ,  G06Q20/32 ,  G06Q20/38 ,  G06Q20/20

CPC classification number: G06Q20/4016 ,  G06Q20/204 ,  G06Q20/327 ,  G06Q20/385

Abstract: Methods of de-tokenizing secure payment tokens are disclosed. A method according to some embodiments includes receiving a request from an issuer to de-tokenize a secure payment token associated with a transaction conducted using a mobile terminal, generating a metric indicative of a risk of de-tokenizing the secure payment token, comparing the metric indicative of the risk of de-tokenizing the secure payment token to a predetermined threshold, and transmitting a response to the request to de-tokenize the secure payment token, wherein the response is based on the comparison of the metric indicative of the risk of de-tokenizing the secure payment token with the predetermined threshold.

公开(公告)号：US10607017B2

公开(公告)日：2020-03-31

申请号：US15397935

申请日：2017-01-04

Applicant: CA, Inc.

Inventor： Sharath L. Kumar ,  Mohammed Mujeeb Kaladgi ,  Rajendra Pachouri ,  Mahesh Malatesh Chitragar

IPC: G06F21/60 ,  G06F21/62 ,  H04L9/08 ,  H04L9/06 ,  H04L29/06 ,  G06F21/33 ,  G06Q20/36 ,  G06Q20/34

Abstract: A method includes receiving a security profile comprising user-defined rules for processing sensitive data, and identifying a plurality of sensitive data components in a data file according to the security profile. The method further includes generating a respective format-preserving token for each of the identified plurality of sensitive data components. The method additionally includes generating a corresponding token key for each of the respective-format preserving tokens, and replacing each of the plurality of sensitive data components in the data file with the respective format-preserving token. Further, the method includes cryptographically camouflaging each of the token keys using a first password and storing each of the cryptographically camouflaged token keys.

公开(公告)号：US10089631B2

公开(公告)日：2018-10-02

申请号：US14661870

申请日：2015-03-18

Applicant: CA, Inc.

Inventor： Sharath Lakshman Kumar ,  Mahesh Malatesh Chitragar ,  Vishwanatha Salian ,  Stephen Prasad

IPC: G06Q20/00 ,  G06Q20/40 ,  G06Q20/36 ,  G06Q20/34

Abstract: A method for preventing mobile payment is described. The method comprises receiving an authorization request at an issuer system from a payment module on a mobile device. The authorization request may be based on sensitive data on the mobile device. The issuer system determines whether the mobile device is missing. The issuer system sends a neutralization trigger to the mobile device, and in response to receiving the neutralization trigger, the payment module is disabled.

公开(公告)号：US20170032362A1

公开(公告)日：2017-02-02

申请号：US14815222

申请日：2015-07-31

Applicant: CA, Inc.

Inventor： RAJDEEP LAHKAR ,  Mahesh Malatesh Chitragar

IPC: G06Q20/36 ,  G06Q20/32

CPC classification number: G06Q20/3672 ,  G06Q20/3255 ,  G06Q20/36 ,  G06Q20/3674

Abstract: A method of enrolling a payment card in a mobile wallet app includes receiving, on a mobile device, a request from a user to enroll a financial account in a mobile wallet application installed on the mobile device, sending an enrollment request to a wallet server, the enrollment request including an identification string uniquely associated with the mobile device, receiving a payment token associated with the financial account from the wallet server, and notifying the user that the financial account has been enrolled into the mobile wallet application responsive to receipt of the payment token. Related computer program products are also disclosed.

Abstract translation: 在移动钱包应用程序中注册支付卡的方法包括在移动设备上接收来自用户的请求以在安装在移动设备上的移动钱包应用中注册金融账户，向钱包服务器发送注册请求， 所述注册请求包括与所述移动设备唯一相关联的识别字符串，从所述钱包服务器接收与所述金融帐户相关联的支付令牌，并且响应于所述支付的接收通知所述用户所述金融账户已被注册到所述移动钱包应用中 令牌 还公开了相关的计算机程序产品。