Patent Application
20160267472
The present invention relates to the tracking and recording of transfers of digital assets. More specifically, the present invention relates to retaining public records of gift card purchases and transfers.
A gift card is a digital asset which has value associated with a single business or group of businesses. Digital gift cards are prone to fraud as they rely on trusting multiple parties to safeguard the secret gift card codes. The goal of this invention is to provide a secure, compliant and portable way to mint, issue, transfer, and redeem digital gift cards.
Embodiments include a method for minting digital gift cards on a secure public ledger such as Bitcoin, in such a way that relevant regulations and issuers' policies are fully enforced. For instance, the method can be used to enforce the closed-loop movement of funds (funds can only be used only for goods or services in transactions involving a defined merchant or set of locations), or to limit the daily reload amount, or to prevent person-to-person transfer of funds. Such capabilities are key criteria for an issuer to be exempt from regulations such as the United States include FinCEN “prepaid access” rule.
Embodiments also include a method for supporting a variety of assets for each gift card, each asset with its own enforceable terms and rules, and a combination of assets. For instance, a single gift card may combine two assets: prepaid credits that never expire and bonus credits that expire on a certain date.
Embodiments also include a method for transferring a digital gift card into a customer wallet, for instance upon purchase by a customer.
Embodiments also include a method for preventing fraudulent transfer of a digital gift card's value through the use of short-lived tokens delivered in the customer wallet instead of the traditional static serial numbers and PINs. This method is designed such that secure digital gift cards can be used at brick-and-mortar and online merchants with existing points of sale (POS) systems, including brick-and-mortar POS systems where the gift card's serial number is typed, scanned (barcoded) or swiped (magnetic stripe), and online shopping carts of e-commerce companies.
Embodiments also include a system and method for uploading digital gift cards to a variety of wallet apps, such as Gyft Wallet® or Google Wallet®, and provide users with a consistent experience in those apps, for instance being able to check real-time balance for any card or send a card easily and quickly from one wallet app to another.
Embodiments also include a method for converting traditional plastic and paper gift cards, whose serial number and PIN are inherently static, into digital gift cards secured by a public ledger.
Gift cards are merchant-specific value issued in the form of a public serial number and oftentimes issued together with a concealed PIN. Gift cards have traditionally been issued with the serial number encoded on the magnetic stripe of a plastic card or as a barcode-encoded serial number on a plastic or paper card. Increasingly, gift cards are being uploaded or directly bought on websites and mobile apps like the Gyft mobile Application®, where gift cards only exist as digital representations. Such gift cards are called virtual gift cards or digital gift cards. For purposes of this disclosure, the term “gift card” includes virtual or digital gift cards.
Gift cards traditionally represent one asset, a prepaid asset, but digital gift cards increasingly represent more than one asset at a time, each with different terms and compliance requirements. For instance, a buyer may have purchased an offer to buy $100 worth of credits at a business for $90 in cash, with the extra $10 expiring after a certain date, while the $90 prepaid never expire.
Gift card PINs are not required at redemption, and because they use static serial numbers that are not concealed, gift cards are fraught with fraud. Serial numbers printed on paper or plastic gift cards may get compromised at any time between their minting and the purchase by the customer, for instance by unscrupulous employees of companies issuing, re-selling or retailing the serial numbers. This lack of security is hampering the wider adoption of gift cards in general, and of digital gift cards especially, as a payment mechanism.
Digital gift cards are also not securely transferable from one digital wallet to another. Security relies on the receiver trusting the gift card wallet provider to not allow transfer if the secret code has been revealed to the customer. This lack of portability is limiting competition, increasing transaction costs on secondary markets, or making resale impractical, and ultimately reducing the value of digital gift cards to consumers.
Digital gift cards are also very fragmented in terms of how they are purchased, authenticated, balance-checked, cancelled, re-gifted or redeemed. Different gift card issuers offer different computer programming interfaces for applications to perform actions on the digital gift cards, resulting in high development costs of digital gift card applications, lack of consistency in user experiences, and ultimately a reduction of digital gift cards' potential as a payment mechanism. For instance, a gift card issuer might offer a computer programming interface to check a digital gift card balance, while another issuer might not.
Digital gift cards are regulated in the U.S. by the Prepaid Access rule. Fraud monitoring and ensuring compliance are difficult since there is no central record of transactions that investigators can use to trace movements of funds.
Secure public ledgers are ledgers recording the minting, transfer and redemption of digital assets. Public ledgers are maintained by a large number of distributed computers called miners. They offer a high level of security against unauthorized spend and against double-spend of digital assets through the use of public-key cryptography, decentralized record-keeping and decentralized consensus. They also provide a high level of traceability of funds movements to facilitate fraud detection, prevention and resolution, to the extent that the identity of account holders is known. The most popular example of a secure public ledger is Bitcoin®, but many other public ledger implementations exist.
Upon verification of the authentication token, the wallet service returns a card token with an expiration date/time. This expiration date/time can vary among wallet service providers but typically lasts long enough to present the device to be scanned, typed in or read by a contactless device at the point of sale. If the card token expires while the cardholder is presenting the token at the point of sale, the wallet will automatically request a new card token. The cardholder or person holding the device can also request a new token at any time by selecting a button on the wallet application screen. The wallet application displays a timer showing how long the card token will remain valid.
An alternative to the online card token generation process is an offline Time-based One-Time Passcode/Token (TOTP) using the standard RFC 6238. The present invention proposes the use of a 19-digit standard card number (ISO/IEC 7812) that includes a 6-digit TOTP to secure access to digital assets organized as cards in a wallet. A ISO/IEC 7812 compliant 19 digit can be derived from the passcode as follows by concatenating the 6-digit Issuer Identification Number (ever changes from card token to card token), a 6-digit device identifier (the computer or mobile phone running the digital wallet), then use the 6-digit one-time passcode, a check digit generated from the first 18-digit with the Luhn algorithm.
Instead of a token being requested at the moment when the customer wants to redeem, per the standard RFC 6238 the token is automatically computed based on a shared secret between the cardholder wallet app and the issuer service. The secret is shared prior to redemption, for instance at the time the cardholder initially installs the cardholder wallet app or upon a successful authentication to the cardholder wallet app.
In step 206, the wallet service provider server validates the token. In step 208, the wallet service confirms that the cardholder has sufficient merchant issued credit for the purchase. In step 210, when the token is valid, assets are available at the token's corresponding address or addresses, and these assets are accepted by the merchant, then the wallet service prepares a public ledger transaction and signs it with the cardholder's private key. In step 212, the issuance service provider is then notified of the new transaction, and the issuance service provider validates the transaction's compliance with regulations and cardholder services. In step 214, the issuance service checks for compliance of the transaction. In step 216, assuming the transaction is compliant, the issuance service signs the transaction with its authorization key and in step 218, posts the transaction to the public ledger. Then, in step 220, the issuance service provides the wallet service provider a successful transaction ID, which is in turn provided to the point of sale.
In some embodiments of a method for using a digital wallet service, there are a number of entities that play a role. Entities include a digital wallet application and digital wallet service, a credit issuance service, and a merchant all of which, in combination, are configured to securely expend merchant-issued credit and encode transactions to a public ledger. In some embodiments, all of these entities are managed by the same organization. There is no express reason why these entities must be under a particular management organizational scheme.
The merchant uses the credit issuance service to issue a certain amount of merchant-issued credit to a digital wallet service in the name of a cardholder. The issuance is done through the issuance service who submits the transaction to the public ledger. The certain amount of merchant-issued credit makes up a balance. The digital wallet service obtains balance records from the issuance service or directly from the public ledger. The digital wallet service then enables the spending of the merchant-issued credit in a digital wallet through the digital wallet service and credit issuance service. In some embodiments, the credit issuance service and the merchant are the same entity. In other embodiments, the credit issuer and the merchant are separate entities and the credit issuer obtains merchant-issued credit from the merchant before issuing the merchant-issued credit to a user. Records of pre-purchased or issued merchant credit are stored in a shared decentralized database accessible by all parties through the Internet.
The digital wallet application generates a graphic user interface (GUI), which displays the digital wallet's content to the user and allows the user to select. The contents of the digital wallet, in this case, represent the digital gift card's value. When the user selects the digital wallet, the digital wallet application requests the digital wallet service to provide a fixed lifetime credit number which is usable to expend the certain amount of merchant-issued credits available on the selected card. The digital wallet application is supported by a web server or a database that communicates with a plurality of user devices associated with a plurality of users. Illustrative examples of user devices include smart phones, tablets, laptop computers, desktop computers, or “smart” wearable accessories.
In some embodiments, the issuing of the fixed lifetime credit code occurs periodically upon the end of the lifespan as long as the user maintains the request and is displaying the card on the digital wallet GUI. In some embodiments, the issuing of the fixed lifetime credit code occurs an additional time: when the user makes a second request, the fixed lifetime credit codes life is terminated and a second fixed lifetime credit code is issued.
In some embodiments, the issuance service establishes at least one tracking wallet, corresponding to the digital wallet, which stores cryptocurrency and is inaccessible to the user. An example of a cryptocurrency is Bitcoin, though other cryptocurrencies exist. A suitable cryptocurrency is one managed by a public ledger. An example of a public ledger is the blockchain, though others are suitable. When the cryptocurrency is Bitcoin, then the tracking wallet is managed and controlled by the Bitcoin protocol. Other cryptocurrencies are managed in other ways. In some embodiments, the cryptocurrency tracked by a public ledger is a custom designed currency. An example where use of a digital wallet and a corresponding tracking wallet are appropriate is when record of the digital wallet is held by a third party, such as the merchant.
In other embodiments, The issuance service creates a tracking wallet, which is synonymous with the digital wallet. Thus the only record of the existence of the merchant issued credit is the cryptocurrency tracking wallet. The cryptocurrency in the tracking wallet is used to generate transaction records which in turn encode data of transactions which are unrelated to the cryptocurrency contained within the tracking wallet. In these embodiments, the merchant and the issuance service make an agreement such that the merchant will honor the balance as encoded on the tracking wallet, and no further records are necessary.
In the single wallet embodiments, the gift card holder does not actually spend the cryptocurrency contained in the digital wallet/tracking wallet. Instead the cryptocurrency is used to generate transactions of either encoded amounts or encoded transactions that represent the expenditure of merchant issued credit.
The issuance service encodes the certain value of merchant-issued credit to the cryptocurrency tracked by a public ledger and associated with the tracking wallet. There are various embodiments of acceptable encoding. In some embodiments, a small amount of cryptocurrency called a dust amount is provided to the tracking wallet and data pertaining to merchant-issued credit is encoded to the transaction metadata through an encoding protocol. An example of an encoding protocol is the Open Assets Protocol, though other protocols are acceptable. In some embodiments, encoded data is generated by corresponding information to certain balances of the tracking wallet. As an example of an encoded amount, 0.00002500 of cryptocurrency might correspond to $25.
The issuance service generates a first encoded transaction associated with the tracking wallet(s), the first encoded transaction representing the balance of the certain amount of merchant-issued credit. In some embodiments, the transaction funds (e.g., dust amount, encoded amount) are sent from an issuance wallet to the tracking wallet. In addition to the dust amount, many cryptocurrencies additionally require a transaction fee.
In digital wallets that have multiple inputs and outputs, each kind of transaction associated with a given wallet has its own unique requirements for verification. Transaction fees have a low verification requirement because transaction fees only involve one entity: either the issuance service or the wallet service (depending on the transaction). Other transactions which include additional entities would include additional verification.
When the user wants to redeem the merchant-issued credit with the merchant, the user cites the fixed lifetime credit number in a transaction. The wallet service depletes the digital wallet of merchant-issued currency by the appropriate amount. This transaction creates a new balance of the merchant-issued credit.
In response to the user depleting the balance, multiple entities generate a second encoded transaction associated with the tracking wallet. In some embodiments, the multiple parties include the credit issuance service, the merchant and the wallet service. In order to verify the transaction to the necessary inputs and outputs of the tracking wallet, two of the entities sign the transaction. The second encoded transaction represents the new balance.
One of the entities retrieves encoded data from the public ledger concerning the tracking wallet. The encoded data includes the first encoded transaction and the second encoded transaction. Any of the above mentioned entities is enabled to retrieve the encoded data. The encoded transactions themselves are public as a result of being managed by the public ledger.
One of the entities decodes the encoded data. It is not mandatory that any given one of the entities decodes the data; any of the above mentioned entities is suitable to decode the encoded data. All that is required is a codec. The character of the codec depends on the method of encoding. In some embodiments, the codec is a data hash. In some embodiments, the codec is a mathematical formula. In various embodiments, the codec includes data regarding the correspondence of the tracking wallet and the digital wallet of merchant-issued currency. In various embodiments, the codec is made available to a number of entities to decode the data.
There are numerous uses for the decoded data. The decoded data provides a viewer with balance verification. The above mentioned entities, the user, and the merchant all have interests in the decoded data. There are applications for each to make use of the data. In one such use, the digital wallet application presents decoded data for the user in the graphic user interface.
The above method is illustrative, and many of the actions are performable by multiple parties. In such cases where it makes sense to do so, these actions can all be performed by a single entity or by many. In some embodiments, the merchant-issued credit is drawn from an inventory containing the merchant-issued credits from a plurality of merchants.
In some embodiments, encoded transaction verification is performed by a number of digital signatures. The transactions use any number of signatures, though three is a suitable example. The first digital signature is one of three digital signatures. In some embodiments, the first encoded transaction and second encoded transaction will not process without at least two of the three digital signatures. In some embodiments, the second digital signature is provided by the issuer of the merchant-issued credit.
Additional embodiments of an apparatus for encoding and subsequently decoding a digital wallet to a public ledger comprise a few components. An account server is enabled to create and manage a user account, the user account associated with but inaccessible to a user. A codec is enabled to generate an encoding scheme between merchant-issued credits and a cryptocurrency tracked by the public ledger. Embodiments of the encoding scheme include both encoded hash and encoded amounts. A transaction receiver is configured to receive notice that the user is transacting with the digital wallet associated with merchant-issued credit.
The transaction receiver is communicatively coupled to the account server. The transaction receiver is configured to forward a notice of a transaction with the digital wallet to the account server. The account server is configured to store with the user account an encoded hash received from the codec. The encoded hash is associated with a cryptocurrency transaction and comprises data associated with that transaction of the digital wallet.
The codec is configured to decode the encoded hash upon request by the account server. The account server is configured to output decoded data associated with the transaction of the digital wallet. In some embodiments, the account server is configured to output the decoded data to multiple entities. In some embodiments, the transaction receiver will not communicate the notice of the transaction to the account server until the transaction receiver has two or more authenticated notices of the transaction.
In some embodiments, the apparatus further includes a plurality of cryptocurrency wallets. The plurality of cryptocurrency wallets includes an issuing wallet, a user wallet, and a merchant wallet. The cryptocurrency transaction is configured to occur between the plurality of cryptocurrency wallets.
The cryptocurrency transaction is one of three types of transaction. First, an issuing transaction, wherein a dust amount of cryptocurrency is exchanged between the issuing wallet and the user wallet. Second, a spending transaction, wherein a dust amount of cryptocurrency is exchanged between the user wallet and the merchant wallet. Third, a minting transaction, wherein a dust amount of cryptocurrency is exchanged between the merchant wallet and the issuing wallet.
In some embodiments the cryptocurrency transaction includes a transaction fee. The transaction is drawn from yet another cryptocurrency wallet, a pool wallet, which is associated with no users.
In some embodiments, the apparatus further comprises a user interface. The user interface is communicatively coupled with the account server and configured to display the decoded data to the user. In some embodiments, the cryptocurrency tracked by a public ledger is bitcoins, and the public ledger is the blockchain. In other embodiments, the cryptocurrency tracked by a public ledger is a custom designed currency.
In some embodiments, users integrate legacy gift cards with static expenditure numbers. While the static expenditure number does not change, recording the gift card on the public ledger enables the user to have a record of transactions with the static expenditure number that are non-fraudulent. While the gift card potentially has fraudulent purchases, none of the fraudulent purchases will appear on the public ledger and the user is then enabled to prove to the merchant which transactions to void.
In operation, a user first provides a unified application interface with necessary information to access one or more of the user's digital wallets (Wallets A, B, and C). The digital wallets could consist of a plurality of merchant-issued currencies (Merchants A, B, and C). Wallets A, B, and C are normally accessed through separate interfaces using merchant-specific applications or third-party applications. The unified application then inventories the user's digital wallets and presents all of the user's digital wallets, A-C, in a single user interface (unified wallet) wherein each individual digital wallet inside the unified wallet can be individually selected and have card tokens issued to the application interface. The user provides the card token to the POS as described above. The proper digital wallet is charged.
As an example wherein merchant currency is encoded to a public currency, a digital wallet would have $25.00 associated with Merchant A (Wallet A). Wallet A, could be on any number of online wallet services—Merchant A's personal service or a third-party service. Wallet A, with a $25 credit, is represented on the public ledger by 0.00002500 of the public currency. When Wallet A is brought into the unified wallet, there is an associated minting cost in acquiring the requisite public currency, thereby generating a public currency wallet. The user never has access to the public currency wallet. The public currency wallet is merely a representation of Wallet A, contained within the unified wallet. The public currency wallet is owned by the administrator of the unified application.
As Wallet A is spent or redeemed with Merchant A, the proper wallet service processes the expenditure. Additionally, the public currency digital wallet is emptied into a central wallet account owned by the administrator of the unified application. If $10 is redeemed from Wallet A, 0.00001000 from the public currency wallet is shifted into the central wallet. The transactions of the public currency are recorded on a public ledger.
As additional wallets from various wallet services are brought into the unified wallet, additional representative public currency wallets are created from the central wallet account. In this way, the public currency is reused repeatedly because the public currency only circulates between accounts owned by the administrator of the unified wallet.
To present a reliable user interface to the user, data is retrieved from the public ledger and decoded such that the data is presented so only merchant-issued currency is displayed to the user rather than public currency or public assets.
The embodiments disclosed in
In some embodiments, the method uses 2-of-3 (N=2, M=3) addresses to secure and enforce compliance of digital gift cards. For each digital gift card on the secure ledger there is a distinct address holding the merchant-issued value. A 2-of-3 address is generated from 3 different addresses using an open source method available on secure public ledgers. Funds transferred out of the 2-of-3 address are only accepted by the secure public ledger if 2 of the 3 private keys of the respective 2 of the 3 addresses used to generate the 2-of-3 addresses are present. The invention teaches using 2-of-3 addresses controlled by the 3 parties to a gift card contract (the merchant, issuer, and cardholder) to secure and enforce compliance of digital gift cards. The present invention utilizes 2-of-3 addresses as follows:
The transaction is authorized only if 2 of 3 signatures for these 3 addresses are present. The three possible signature combinations are as follows:
This ensures that the merchant can accept funds that it issued without involving the issuance service.
Displayed in
When a card is not fully redeemed, to further enforce compliance and security, the unused portion of the card balance must be transferred to a new 2-of-3 address that is generated by a brand new set of 3 different addresses associated each with a private key respectively belonging to the cardholder, issuer, and merchant.
Each gift card is effectively a chain of multi-sig addresses that is tracked by the cardholder wallet app, the issuing service, and the merchant.
At step 601, per an established agreement between the issuer (merchant) and the gift card app/service provider, the gateway identifies the IIN as one owned by the gift card app/service provider and routes the request accordingly to the gift card/service. At step 602, the gift card app/service provider validates the token against data in its gift card vault. At step 603, if the token is valid, the payment request is updated with an actual card number and routed to the issuer's authorization server. At step 604, the issuer responds to the request.
At step 605, the token service at the gift card app/service provider relays the response to the gateway. At step 606, the gateway relays the response to merchant, and the employee notifies the customer of success or failure. At step 607, meanwhile, the token service relays the transaction processing result to the wallet service. At step 608, the wallet service relays transaction processing results to the gift card app/service.
In an example of a issuance transaction 700, there are multiple inputs a single output. The issuance transaction 700 refers to the creation of a gift card record on the public ledger (blockchain). At a first input 708, controlled by the merchant providing the credit, a dust amount 704 is supplied for use as an encoded transaction. The encoding contains the data concerning the gift card asset 710 (in
In an example of a redemption transaction 702, there are multiple inputs and outputs. The redemption transaction 702 refers to spending of part of the gift card asset 708. At a third input 716, the multi-signature digital wallet associated with the user provides a dust amount 704 for the transaction. Because there are multiple outputs, more than one dust amount is required. Thus, at a fourth input 718, controlled by the issuance service, a transaction fee 706 and an extra dust amount 704 is supplied. The data that the redemption transaction 702 actually contains is the spending of fifteen units of the gift asset 710. The remaining amount of gift asset 710 is then thirty-five units. This data is encoded into the redemption transaction 702.
The redemption transaction 702 includes multiple outputs. A first output 720 receives a dust amount 704 to show the “change” for the gift asset 710. The dust amount 704 associated with the first output 720 accordingly includes encoded data for the remaining of thirty-five units. The first output 720 is an digital wallet address controlled by multi-signature verification. In this example, a second digital wallet associated with the user and controlled by multi-signature verification is used. In this way, after every redemption transaction 702, the digital wallet associated with the user changes address. Accordingly, the third input 716 and the first output 720 are to different digital wallet addresses, despite that the same verification is required. In some embodiments, the digital wallet associated with the user remains the same, thus the third input 716 and the first output 720 are the same address.
A second output 722, controlled by the merchant who originally provided the credit also receives a dust amount 704. The dust amount 704 associated with the second output 722 includes encoded data for the expenditure of fifteen units. The digital wallet address used in the second output 722 is the same as the first input 708. In this way, the dust amounts 704 are recycled. The redemption transaction 702 has an associated cost, so the transaction fee 706 is drawn out to finalize the transaction.
The example in
This application is a continuation-in-part of U.S. Non-Provisional patent application Ser. No. 14/658,097, entitled “SYSTEM AND METHOD FOR ESTABLISHING A PUBLIC LEDGER FOR GIFT CARD TRANSACTIONS” and filed Mar. 13, 2015, and claims priority to U.S. Provisional Patent Application No. 62/133,244, entitled “SYSTEM AND METHOD FOR SECURING DIGITAL GIFT CARDS WITH A PUBLIC LEDGER” and filed Mar. 13, 2015. The contents of the above-identified applications are incorporated herein by reference in their entirety.
| Number | Date | Country | |
|---|---|---|---|
| 62133244 | Mar 2015 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 14658097 | Mar 2015 | US |
| Child | 14737135 | US |
