Search

US-12619978-B2 - Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting

US12619978B2US 12619978 B2US12619978 B2US 12619978B2US-12619978-B2

Abstract

A method for electronic transaction monitoring and reporting includes: determining whether the received transaction request is encrypted, upon determining that the received transaction request is not encrypted, sending a failure alert to the merchant, determining a receiving acquirer processor for the transaction request, and transmitting the transaction request to the determined acquirer processor.

Inventors

  • Brant Peterson

Assignees

  • WORLDPAY, LLC

Dates

Publication Date
20260505
Application Date
20241219

Claims (17)

  1. 1 . A computer-implemented method for validating encryption of electronic transactions using a decryption service system, the method comprising: receiving, by one or more processors, a plurality of transaction requests from one or more point-of-sale (POS) devices; determining, by the one or more processors, that a first transaction request of the plurality of transaction requests is one of clear data or corrupted; in response to determining that the first transaction request is one of clear data or corrupted, transmitting, by the one or more processors, a failure alert to the one or more POS devices, the failure alert associated with the first transaction request and including a number of point-to-point encryption failures, each point-to-point encryption failure of the number of point-to-point encryption failures categorized by one of malformed message received, clear data received, or invalid card; determining, by the one or more processors, that a second transaction request of the plurality of transaction requests is encrypted; in response to determining that the second transaction request is encrypted, decrypting, by the one or more processors, the second transaction request; determining, by the one or more processors, a recipient acquirer processor for payment authorization using decrypted data of the second transaction request; re-encrypting, by the one or more processors, the second transaction request using an encryption key associated with the decryption service system; receiving, by the one or more processors, an encrypted result for the second transaction request from the recipient acquirer processor; and transmitting, by the one or more processors, the encrypted result for the second transaction request to the one or more POS devices.
  2. 2 . The computer-implemented method of claim 1 , wherein the failure alert is transmitted to a reporting portal.
  3. 3 . The computer-implemented method of claim 1 , further comprising: assigning, by the one or more processors, a level of severity to the first transaction request based on one or more aspects of the failure alert, wherein the level of severity is higher for transaction requests associated with one of category clear data or category corrupted; and determining, by the one or more processors, a reporting frequency for the failure alert based on the assigned level of severity.
  4. 4 . The computer-implemented method of claim 1 , wherein a failure alert report is reported to the one or more POS devices based on a scheduled basis or upon an accumulation of a pre-determined number of failure alerts of a pre-determined severity level.
  5. 5 . The computer-implemented method of claim 4 , further comprising: generating, by the one or more processors, a presentation of a dashboard in a user interface of a device associated with the user for viewing the failure report, wherein the dashboard includes search criterion, search values, date ranges, and failure codes for searching a database for detailed information on point-to-point encryption (P2PE) failures.
  6. 6 . The computer-implemented method of claim 1 , wherein a corrupted transaction request indicates a mismatch between the encryption key and a registered decryption key associated with a user.
  7. 7 . The computer-implemented method of claim 1 , wherein a corrupted transaction request indicates a failure in decrypting a transaction request due to one of an error in the transaction request or an internal processing error within the decryption service system.
  8. 8 . A decryption service system for validating encryption of electronic transactions comprising: one or more processors; and at least one non-transitory computer readable medium storing instructions which, when executed by the one or more processors, cause the one or more processors to perform operations comprising: receiving, by one or more processors, a plurality of transaction requests from one or more point-of-sale (POS) devices; determining, by the one or more processors, that a first transaction request of the plurality of transaction requests is one of clear data or corrupted; in response to determining that the first transaction request is one of clear data or corrupted, transmitting, by the one or more processors, a failure alert to the one or more POS devices, the failure alert associated with the first transaction request and including a number of point-to-point encryption failures, each point-to-point encryption failure of the number of point-to-point encryption failures categorized by one of malformed message received, clear data received, or invalid card; determining, by the one or more processors, that a second transaction request of the plurality of transaction requests is encrypted; in response to determining that the second transaction request is encrypted, decrypting, by the one or more processors, the second transaction request; determining, by the one or more processors, a recipient acquirer processor for payment authorization using decrypted data of the second transaction request; re-encrypting, by the one or more processors, the second transaction request using an encryption key associated with the decryption service system; receiving, by the one or more processors, an encrypted result for the second transaction request from the recipient acquirer processor; and transmitting, by the one or more processors, the encrypted result for the second transaction request to the one or more POS devices.
  9. 9 . The decryption service system of claim 8 , wherein the failure alert is transmitted to a reporting portal.
  10. 10 . The decryption service system of claim 8 , the operations further comprising: assigning, by the one or more processors, a level of severity to the first transaction request based on one or more aspects of the failure alert, wherein the level of severity is higher for transaction requests associated with one of category clear data or category corrupted; and determining, by the one or more processors, a reporting frequency for the failure alert based on the assigned level of severity.
  11. 11 . The decryption service system of claim 8 , wherein a failure alert report is reported to the one or more POS devices based on a scheduled basis or upon an accumulation of a pre-determined number of failure alerts of a pre-determined severity level.
  12. 12 . The decryption service system of claim 8 , wherein a corrupted transaction request indicates a mismatch between the encryption key and a registered decryption key associated with a user.
  13. 13 . The decryption service system of claim 8 , wherein the corrupted transaction request indicates a failure in decrypting the corrupted transaction request due to an error in the corrupted transaction request or an internal processing error within the decryption service system.
  14. 14 . A non-transitory computer readable medium for validating encryption of electronic transactions using a decryption service system, the non-transitory computer readable medium storing instructions which, when executed by one or more processors, cause the one or more processors to perform operations comprising: receiving, by one or more processors, a plurality of transaction requests from one or more point-of-sale (POS) devices; determining, by the one or more processors, that a first transaction request of the plurality of transaction requests is one of clear data or corrupted; in response to determining that the first transaction request is one of clear data or corrupted, transmitting, by the one or more processors, a failure alert to the one or more POS devices, the failure alert associated with the first transaction request and including a number of point-to-point encryption failures, each point-to-point encryption failure of the number of point-to-point encryption failures categorized by one of malformed message received, clear data received, or invalid card; determining, by the one or more processors, that a second transaction request of the plurality of transaction requests is encrypted; in response to determining that the second transaction request is encrypted, decrypting, by the one or more processors, the second transaction request; determining, by the one or more processors, a recipient acquirer processor for payment authorization using decrypted data of the second transaction request; re-encrypting, by the one or more processors, the second transaction request using an encryption key associated with the decryption service system; receiving, by the one or more processors, an encrypted result for the second transaction request from the recipient acquirer processor; and transmitting, by the one or more processors, the encrypted result for the second transaction request to the one or more POS devices.
  15. 15 . The non-transitory computer readable medium of claim 14 , wherein the failure alert is transmitted to a reporting portal.
  16. 16 . The non-transitory computer readable medium of claim 14 , further comprising: assigning, by the one or more processors, a level of severity to the first transaction request based on one or more aspects of the failure alert, wherein the level of severity is higher for transaction requests associated with one of category clear data or category corrupted; and determining, by the one or more processors, a reporting frequency for the failure alert based on the assigned level of severity.
  17. 17 . The non-transitory computer readable medium of claim 14 , wherein a corrupted transaction request indicates a mismatch between the encryption key and a registered decryption key associated with a user, or indicates a failure in decrypting the corrupted transaction request due to an error in the corrupted transaction request or an internal processing error within the decryption service system.

Description

RELATED APPLICATION(S) This application is a continuation of and claims the benefit of priority to U.S. application Ser. No. 18/155,207, filed on Jan. 17, 2023, which claims priority to U.S. application Ser. No. 15/843,548 filed Dec. 15, 2017, now U.S. Pat. No. 11,587,073, each of which are incorporated herein by reference in their entirety. TECHNICAL FIELD Various embodiments of the present disclosure relate generally to the field of electronic transaction processing and, more particularly, to encryption and decryption services for electronic transaction messages. BACKGROUND Processing of electronic transactions typically involves the transmission of electronic transaction request messages across computer networks from a merchant to an acquirer processor and to a financial institution. In order to protect sensitive consumer information contained in the electronic transaction request message, such messages are typically encrypted. Merchants, acquirer processors, and financial institutions seeking assurances that the encryption applied to an electronic transaction request message is robust may rely on a previously validated encryption solution, such as a point-to-point encryption (P2PE) solution validated through the Payment Card Industry (PCI) Security Standards. Such a P2PE solution provides significant value to merchants as it may eliminate the risk of payment card data compromise within a merchant's retail environment. However, the benefits of P2PE are only realized if a P2PE solution is properly implemented. Good technologies implemented poorly may result in a false sense of security. Point of interaction (POI) devices that do not encrypt data and send unencrypted, or “clear,” data to their acquirer processor may present a data breach risk to merchants. Many such breaches occur over days or months before being detected. If critical security control failures alerts are not quickly and effectively responded to, attackers may use this time to insert malicious software, gain control of a system, or steal data from the merchant's, acquirer processor's, or financial institution's environment. The ability to quickly detect an incident is beneficial for protection of a merchant's assets and brand reputation. However, merchants may lack the technical expertise or infrastructure to prove the preventative measures are working, or to detect an encryption failure in, for example, the merchant's point of sale (POS) systems. Thus, merchants may wish to implement a security policy that meets these challenges but may not have the resources or capabilities to support real-time event detection. In addition, in order to achieve a PCI P2PE Validated Solution, a service provider must implement alerting and detection controls for the merchants using their services. Service providers may wish to offer a P2PE validated solution, but either cannot be eligible because of deficiencies in their decryption environment or because they lack the resources to build their own monitoring, reporting, as alerting solution. The present disclosure is directed to overcoming one or more of these above-referenced challenges. SUMMARY OF THE DISCLOSURE According to certain aspects of the disclosure, systems and methods are disclosed for electronic transaction monitoring and reporting. According to certain aspects of the present disclosure, systems and methods are disclosed for optimizing transaction authorization conversion rates. In one embodiment, a computer-implemented method is disclosed for electronic transaction monitoring and reporting. The method includes: receiving a transaction request from a merchant over a computer network, determining, using one or more processors, whether the received transaction request is encrypted, upon determining that the received transaction request is not encrypted, sending a failure alert to the merchant, determining a receiving acquirer processor for the transaction request, and transmitting the transaction request to the determined acquirer processor over a computer network. In accordance with another embodiment, a system is disclosed for electronic transaction monitoring and reporting. The system comprises: a data storage device storing instructions for electronic transaction monitoring and reporting in an electronic storage medium, and a processor configured to execute the instructions to perform a method including: receiving a transaction request from a merchant over a computer network, determining, using one or more processors, whether the received transaction request is encrypted, upon determining that the received transaction request is not encrypted, sending a failure alert to the merchant, determining a receiving acquirer processor for the transaction request, and transmitting the transaction request to the determined acquirer processor over a computer network. In accordance with another embodiment, a non-transitory machine-readable medium is disclosed that stores instructions that, when executed by