SYSTEM ARCHITECTURES FOR POINT-OF-SALE DATA OBFUSCATION, DATA REMOVAL AND DATA ENCRYPTION
20210090077 ยท 2021-03-25
Inventors
Cpc classification
H04L2209/56
ELECTRICITY
G06Q20/204
PHYSICS
G06Q20/209
PHYSICS
G06Q20/38215
PHYSICS
International classification
Abstract
A system for securing payments is provided. The system may include a payment-receiving entity. The payment-receiving entity may include a point-of-sale device, a point-of-sale encryption selection display and a storage medium. The point-of-sale device may include homomorphic encryption capabilities. The system may include a payment processing entity. The payment processing entity may include a payment receiver and a payment processor. Upon receipt of a payment from the user at the payment-receiving entity, the payment-receiving entity may be configured to present to the user the point-of-sale encryption selection display; receive one or more user selections; transmit payment details, associated with the payment, to the payment processing entity; receive payment confirmation; and encrypt and store point-of-sale details based on the user selections. The point-of-sale encryption selection display may be operable to present, to a user, one or more transaction encryption selectable choices.
Claims
1. A method for protecting transaction metadata privacy, the method comprising: receiving a transaction at a first entity, the transaction comprising a plurality of transaction details, the transaction details comprising: a transaction entity; a payment instrument identifier; one or more items associated with the transaction; and a total amount of the transaction; forwarding, prior to storing, transaction details from the first entity to a proxy device; executing the transaction at the proxy device; receiving a transaction confirmation at the first entity; assigning a transaction identification number to the transaction; encrypting the transaction identification number, the one or more items associated with the transaction and a total amount of the transaction; storing the encrypted transaction identification number, the one or more items associated with the transaction and a total amount of the transaction at a storage location associated with the first entity; and printing a receipt with the transaction identification number and the total amount of the transaction.
2. The method of claim 1 wherein the first entity is a point-of-sale device.
3. The method of claim 1 wherein the first entity is a website.
4. The method of claim 1 wherein the encrypting is a homomorphic-type encryption.
5. The method of claim 4 further comprising receiving, from an authorized user, one or more binary queries relating to the transaction.
6. The method of claim 5 further comprising accessing, based on the one or more binary queries, the stored encrypted transaction data.
7. The method of claim 6 further comprising responding to the binary queries based on the accessed data.
8. A method for protecting transaction metadata privacy, the method comprising: receiving a transaction at a first entity, the transaction comprising a first tier of transaction details, the first tier of transaction details comprising: one or more items associated with the transaction; and a total amount of the transaction; forwarding, prior to storing, the total amount of the transaction from the first entity to a proxy device; requesting, at the proxy device, from the transaction entity, a second tier of transaction details, the second tier of transaction details comprising: a transaction entity; and payment instrument information; executing the transaction at the proxy device; receiving a transaction confirmation at the first entity; assigning, at the first entity, a transaction identification number to the transaction; encrypting, at the first entity, the transaction identification number together with the one or more items associated with the transaction and the total amount of the transaction; storing the encrypted transaction identification number together with the one or more items associated with the transaction and the total amount of the transaction at a storage location associated with the first entity; and printing a receipt with the transaction identification number and the total amount of the transaction.
9. The method of claim 8 wherein the first entity is a point-of-sale device.
10. The method of claim 8 wherein the first entity is a website.
11. The method of claim 8 wherein the proxy device is an online payment system.
12. The method of claim 8 wherein the encrypting is a homomorphic-type encryption.
13. The method of claim 12 further comprising receiving, from an authorized user, one or more binary queries relating to the transaction.
14. The method of claim 13 further comprising accessing, based on the one or more binary queries, the stored encrypted transaction data.
15. The method of claim 14 further comprising responding to the binary queries based on the accessed data.
16. A system for securing payments, the system comprising: a payment-receiving entity, said payment-receiving entity comprising: a point-of-sale device, said point-of-sale device comprising homomorphic encryption capabilities; a point-of-sale encryption selection display operable to present, to a user, a plurality of transaction encryption selectable choices, said plurality of transaction encryption selectable choices comprising: complete encryption; payment instrument data encryption; and no encryption; and a storage medium; a payment processing entity, said payment-processing entity comprising: a payment receiver; and a payment processor; wherein: upon receipt of a payment from the user at the payment-receiving entity, the payment-receiving entity is configured to: present to the user the point-of-sale encryption selection display; receive one or more user selections; transmit payment details, associated with the payment, to the payment processing entity; receive payment confirmation; and encrypt and store, in the storage medium, point-of-sale details based on the user selection.
17. The system of claim 16 wherein the payment-receiving entity is a separate entity than a merchant entity.
18. The system of claim 16 wherein the encryption is homomorphic encryption.
19. The system of claim 16 wherein, the point-of-sale user selection display comprises a complete encryption option.
20. The system of claim 19 wherein upon user selection of the complete encryption option, the payment details are homomorphically-encrypted prior to storage at the payment-receiving entity, and a receipt associated with the payment details include a transaction number and a total transaction amount.
Description
BRIEF DESCRIPTION OF THE DRAWINGS
[0028] The objects and advantages of the invention will be apparent upon consideration of the following detailed description, taken in conjunction with the accompanying drawings, in which like reference characters refer to like parts throughout, and in which:
[0029]
[0030]
[0031]
DETAILED DESCRIPTION
[0032] Apparatus and methods for point-of-sale data obfuscation, data removal and data encryption are provided. The apparatus and methods may secure payments and transactions that pass through conventional point-of-sale (POS) systems.
[0033] In some embodiments, a first entity may collect transaction data. The transaction data may include personal customer data, such as a customer name, customer telephone number or other suitable customer data. The transaction data may also include payment instrument information and/or any other suitable data that is required to execute a transaction.
[0034] Examples of a first entity may include a merchant, a non-profit organization and/or any other entity that functions as part of a transaction. The first entity may comprise a plurality of entities.
[0035] In these embodiments, the first entity may transmit the transaction data to a proxy server for processing. The proxy server may be associated with a financial institution. The proxy server may process or execute the transaction. Upon transaction execution, the proxy server may transmit a result to the first entity.
[0036] The first entity may store the result of the transactioni.e., approval or denial. The first entity may also store the transaction details. The result of the transaction and/or the transaction details may be stored in local storage, such as onsite at a merchant, or offsite storage, such as in the cloud. In some embodiments, the result of the transaction and/or the transaction details may be stored in an encrypted manner.
[0037] The encryption manner may be homomorphic encryption. Homomorphic encryption, as described above, may be an irrevocable encryption method. The encrypted data may be accessed by an authorized user by transmitting binary queries to the encrypted data, and receiving responses from the encrypted data. An example of a query may be Did person X conduct a transaction in your store on Sep. 7, 2008? The response provided to the query may be yes or no.
[0038] Homomorphic encryption may allow data analytics, artificial intelligence, and machine learning on the encrypted data. The system may be configured to allow some sophisticated queries to gather intelligence such as purchasing-category retrieval. Such purchasing-category retrieval may serve many purposes such as, for example, forecasting or prediction purposes. For example, homomorphic encryption may enable determining the typical purchase categories of a customer, or group of customers, while maintaining the anonymity of the customer, or group of customers. This information may be provided to the merchant.
[0039] Predictions may also be executed at the time of purchase or transaction. Predictions may also be executed on a predetermined schedule, such as nightly, or weekly. The predetermined schedule may perform the predictions when the system has greater bandwidth, such as in the evening. Predictions may be applied to the customer at the purchase time or transaction time. Such an encryption system may protect the privacy of the consumers or customers. Although homomorphic encryption protects consumer's privacy, homomorphic encryption does enable a user to execute specific queries on the encrypted data and provides technical, specific information retrieval.
[0040] In the event that the homomorphically-encrypted data is compromised, or leaked to external parties, the external party may only be able to view gibberish code or no code at all.
[0041] Homomorphic encryption may be computationally intensive. Managing homomorphically-encrypted data may require large amounts of computational power. Therefore, a personal computer (PC), which has more computational power than a point-of-sale device, may be linked to the point-of-sale device. The PC may execute the homomorphic encryption and manage the homomorphically-encrypted data. In some circumstances, the point-of-sale device may be equipped with large amounts of computational power and may have the capability to execute the homomorphic encryption and manage the homomorphically-encrypted data.
[0042] Additionally, because of the large amounts of computational power that is required to execute the homomorphic encryption, there may be a time lag involved in completing a homomorphically-encrypted transaction.
[0043] However, at times, the transaction processing may occur simultaneous to, or in tandem with the transaction encryption. Therefore, the transaction processing time may be similar to, or even greater than, the transaction encryption time. Therefore, in such an embodiment, the time lag may not be significant.
[0044] Also, a point-of-sale device may be connected to a 5G network. 5G networks reduce the latency of connection speeds on the network. Specifically, 5G networks double the bandwidth of typical bandwidths. 5G networks may have a bandwidth of 5 GHz, while typical networks may have a bandwidth of 2.5 GHz. Therefore, co-opting the bandwidth of a 5G network in a homomorphically-encrypted transaction may reduce time lags associated with homomorphic encryption.
[0045] In some embodiments, a first entity may present an encryption option to the customer. The encryption option may include two choices: whether the customer would like to encrypt the transaction data and wait the extra two seconds, or whether the customer would prefer to leave the transaction data unencrypted and not to wait the extra two seconds.
[0046] In some embodiments, the point-of-sale device may present an encryption incentive to the customer. For example, if the customer chooses to wait and encrypt the transaction data, the customer may be presented with a coupon or a price reduction.
[0047] In other embodiments, the point-of-sale device may cost share the encryption cost with the customer. The encryption cost may compensate the first entity for additional time and/or additional storage resources required to encrypt the transaction data. In these embodiments, the customer may be charged a small fee to encrypt the data.
[0048] In other embodiments, a second entity may provide a data protection storage and encryption service. The second entity may be a payment instrument entity, such as a credit card company or financial institution. The data protection storage and encryption service may merge with the transaction processing service. The data protection storage and encryption service may remain a separate service from the transaction processing service.
[0049] The data protection storage and encryption service may communicate with a point-of-sale device. In an example, a customer may swipe or tap a payment instrument at the point-of-sale device. The customer data is encrypted either at the point-of-sale device, in the cloud that communicates with the point-of-sale device or at a platform that communicates with the point-of-sale device. The second entity, associated with the point-of-sale device, may have access to the encrypted customer data. The second entity may perform analysis, queries and/or reporting based on the encrypted data. The data protection storage and encryption service may conceal plain viewing of the customer data from the second entity.
[0050] The data protection storage and encryption service may provide a level of security confidence at the second entity level.
[0051] In some embodiments, the data encryption is configurable. The data encryption and/or the level of data encryption may depend on a variety of factors. These factors may include the type of transaction, the person associated with the transaction, the point-of-sale location, the second entity and any other suitable factor. In one example, purchasing of a firearm may never be encrypted. In another example, purchases of a known person of malicious intent may never be encrypted. In another example, purchases in a high crime neighborhood may never be encrypted. In another example, food purchases of which the total amount is less than five dollars may always be encrypted. In another example, payments at a doctor's office may always be encrypted. In another example, purchases above a predetermined dollar amount may never be encrypted.
[0052] A hierarchical priority index may organize the priority of the configuration factors. Factors that are higher on the index may be considered prior to factors that are lower on the index. In an example, non-encryption of purchases of a known person of malicious intent may precede encryption of food purchases under five dollars. In this example, in the event that a known person of malicious intent executes a food purchase of which the total purchase amount is less than five dollars, the transaction may remain unencrypted.
[0053] In some embodiments, the hierarchical priority index may include multiple tiers. A first tier may include data to be stored in an encrypted manner, a second tier may include data to be stored in an unencrypted manner and a third tier may include data to be deleted. Data to be deleted may include low risk data. Low risk data may be defined in certain circumstances. These circumstances may include purchases that total less than a threshold dollar amount, low-risk goods or other suitable circumstances.
[0054] Upon execution of the transaction, the customer may be presented a receipt. In some embodiments, the receipt may not include detailed transaction data. The receipt may include a transaction number and a total amount of the transaction. The transaction number may be assigned by the first entity. The receipt may not include specific items purchased or a payment instrument used. The receipt may be presented to the customer.
[0055] It should be appreciated that the receipt may be used to return items to the first entity. The customer may present the item with the receipt to the first entity. The first entity may enter the transaction number and the item into the system. The system may execute a query on the homomorphically-encrypted data to determine whether the customer actually made the purchase. The query may include the following binary question: Did transaction number X occur with item X? Upon system confirmation, the first entity may complete the return. At times, the payment instrument that was used may also be required to complete the return.
[0056] Upon completion of the return, the system may update the encrypted transaction to indicate that one or more items have been returned. In some embodiments, the return transaction may be a considered a new transaction. In these embodiments, a flag may be appended to the original transaction. The flag may be included in each original transaction. However, the flag may be set to a default value unless specified otherwise. The flag may indicate that a new return transaction, associated with the original transaction, has been processed.
[0057] It should be appreciated that the system may optimize the records. Specifically with encrypted data, optimization of records may enable substantially faster record retrieval.
[0058] In some embodiments, the system may be customer configurable. For example, the customer may determine if and what elements of the transaction may be encrypted. The customer configurable system may empower customers. For example, some customer may prefer to have complete encryption of their transactions, receive minimal receipts and not receive incentives based on transaction history. Other customers may prefer non-encryption of their transactions, receive more detailed receipts and receive incentives based on transaction history.
[0059] This system may be used to enhance the security of non-profit organizations. Many times, donors may want to hide their identity when donating to a specific non-profit organization. Therefore, this system may encrypt the donor data at the point-of-sale device. The encrypted data may be passed to a financial institution to perform the funds transfer. However, the donor data may never be made available to the non-profit organization. The only data that may be made available to the non-profit organization is that a specific dollar amount was transferred into the account of the non-profit organization. This system privatizes the donation and the donor data. This system also shields the non-profit organization from properly securing and being responsible for the donor data.
[0060] It should be appreciated that this system improves previous security standards, such as PCI-DSS (payment card industry data security standard). PCI-DSS recommends twelve requirements for building a secure payment network, maintaining the secure payment network and security payment data. However, there are many flaws and faults associated with PCI-DSS. These include: unclear specifications, minimum requirements, subjective to interpretation, not required by law, retain the names of the transaction participants, retain a portion of the payment instrument number and only required for a portion of payment instrument holders.
[0061] Additionally, PCI-DSS does not provide a framework to which merchants can subscribe. Many merchants do not have the resources to properly implement the PCI-DSS security standards. Therefore, the implementation of a data obfuscation system may provide merchants the ability to comply with security regulations and security standards.
[0062] Illustrative embodiments of apparatus and methods in accordance with the principles of the invention will now be described with reference to the accompanying drawings, which form a part hereof. It is to be understood that other embodiments may be utilized and structural, functional and procedural modifications may be made without departing from the scope and spirit of the present invention.
[0063] The drawings show illustrative features of apparatus and methods in accordance with the principles of the invention. The features are illustrated in the context of selected embodiments. It will be understood that features shown in connection with one of the embodiments may be practiced in accordance with the principles of the invention along with features shown in connection with another of the embodiments.
[0064] Apparatus and methods described herein are illustrative. Apparatus and methods of the invention may involve some or all of the features of the illustrative apparatus and/or some or all of the steps of the illustrative methods. The steps of the methods may be performed in an order other than the order shown or described herein. Some embodiments may omit steps shown or described in connection with the illustrative methods. Some embodiments may include steps that are not shown or described in connection with the illustrative methods, but rather shown or described in a different portion of the specification.
[0065] One of ordinary skill in the art will appreciate that the steps shown and described herein may be performed in other than the recited order and that one or more steps illustrated may be optional. The methods of the above-referenced embodiments may involve the use of any suitable elements, steps, computer-executable instructions, or computer-readable data structures. In this regard, other embodiments are disclosed herein as well that can be partially or wholly implemented on a computer-readable medium, for example, by storing computer-executable instructions or modules or by utilizing computer-readable data structures.
[0066]
[0067] Upon receipt of initiation of a payment or donation, the payment or donation data may be duplicated. One set of the duplicate data may be transmitted to a bank server, as shown at 106. The bank server may authorize the payment or donation.
[0068] The bank server may print a receipt, as shown at 108. In some embodiments, the bank server may transmit receipt information to the merchant or organization services. The merchant or organization services may print the receipt and transmit to the customer/donor. The receipt may include minimal data, such as a transaction number and total transaction amount.
[0069] Another set of the duplicate data may be transmitted to a merchant or organization services, as shown at 110. It should be appreciated that a complete version of the data need not, in some embodiments, be transmitted to the merchant or organization services. The merchant or organization services may encrypt the transaction data, as shown at 112. The merchant or organization services may build reports using encrypted data, as shown at 114. It should be appreciated that data analysis and report generation may be executed on a limited version of the transaction data. The limited version of the transaction data may not include personal data.
[0070]
[0071] An answer to the binary query may be determined. The answer may be presented as a report or analytic data. The reports and/or analytic data, shown at 212, may be transmitted to the merchant or organization services. The reports and/or analytic data may be transmitted from the merchant or organization services to the authorized user, as shown at 206.
[0072] It should be appreciated that data may only be made available to an authorized user. The system may present gibberish, unintelligible data or no data at all to an unauthorized user, as shown in
[0073]
[0074] Thus, systems and methods for system architectures for point-of-sale data obfuscation, data removal and data encryption have been provided. Persons skilled in the art will appreciate that the present invention can be practiced by other than the described embodiments, which are presented for purposes of illustration rather than of limitation.