This invention relates to purchase transaction systems in which payment card information is encrypted, and more particularly, to systems in which identity-based-encryption (IBE) is used to secure purchase transactions.
In modern financial systems, purchase transaction information often contains sensitive data. For example, when a customer makes a purchase with a credit card at a store, point-of-sale equipment in the store is used to acquire credit card information from the customer's credit card. The credit card information may be stored in tracks on a magnetic stripe on the credit card. The customer may swipe the magnetic stripe portion of the card through a card reader to make a purchase. The point-of-sale equipment conveys the track information that is acquired in this way to the computer systems of a purchase transaction processor. The purchase transaction processor may then process the transaction. For example, the purchase transaction processor may check the customer's account balance and other information to determine whether the customer is authorized to make a purchase and may debit the customer's account accordingly.
Track information on payment cards may include account number information, cardholder names, expiration data information, security codes, personal identification number (PIN) data, and other sensitive financial and personal data.
If care is not taken to secure sensitive payment card information, it is possible that an attacker may obtain unauthorized access to the payment card information. For example, a hacker might be able to install unauthorized eavesdropping software that monitors payment card data between the point at which the payment card data is first read off of a customer's payment card and the point at which the payment card data is successfully received at the purchase transaction processor.
The inadvertent disclosure of payment card data can result in the need to reissue cards and alert a potentially large number of affected customers. These responses to a successful attack may be exceedingly inconvenient and costly.
To help secure sensitive card data and prevent the undesirable effects of security breaches, some credit card systems use symmetric key encryption techniques. With this type of arrangement, a point-of-sale terminal and a payment processor may share a symmetric cryptographic key. The point of sale terminal can encrypt credit card information as soon as this information has been read from a customer's card. Once encrypted at the point of sale terminal, the card information is secure from eavesdropping. When the payment processor receives the encrypted version of the credit card information, the payment processor may use the shared symmetric key to decrypt the encrypted credit card information.
Symmetric key systems such as these can effectively thwart many types of attack. However, it can be burdensome to distribute symmetric keys. For example, some symmetric key distribution schemes require that point-of-sale terminals be physically returned to a central location such as a factory whenever it is desired to load an updated symmetric key onto the point-of-sale terminals. This process may be cumbersome or impractical when many point-of-sale terminals are involved.
It would therefore be desirable to be able to provide improved techniques for securing sensitive payment card information that is to be conveyed between point of sale terminals and payment processors.