IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0905006
(2004-12-09)
|
등록번호 |
US-7312707
(2007-12-25)
|
발명자
/ 주소 |
- Bishop,Fred
- Saunders,Peter D
|
출원인 / 주소 |
- American Express Travel Related Services Company, Inc.
|
대리인 / 주소 |
Fitzpatrick, Cella, Harper & Scinto
|
인용정보 |
피인용 횟수 :
83 인용 특허 :
324 |
초록
▼
A system and method for securing a Radio Frequency (RF) transaction using a Radio Frequency Identification (RFID) transaction device are provided. A random number is transmitted from an RFID reader to an RFID transaction device, an RFID transaction device authentication tag is created in the RFID tr
A system and method for securing a Radio Frequency (RF) transaction using a Radio Frequency Identification (RFID) transaction device are provided. A random number is transmitted from an RFID reader to an RFID transaction device, an RFID transaction device authentication tag is created in the RFID transaction device, using at least the random number, a routing number associated with a transaction account, and a stored counter value. The RFID transaction device authentication tag is transmitted to the RFID reader, the stored counter value in the RFID transaction device is incremented, and a transaction request for verification, which comprises the RFID transaction device authentication tag and the stored counter value, is transmitted and processed. Either the RFID transaction device authentication tag or the stored counter value, or both, are verified.
대표청구항
▼
What is claimed is: 1. A method for facilitating securing a radio frequency identification (RFID) transaction, the method comprising the steps of: transmitting a random number from an RFID reader to an RFID transaction device; creating, in the RFID transaction device, an RFID transaction device aut
What is claimed is: 1. A method for facilitating securing a radio frequency identification (RFID) transaction, the method comprising the steps of: transmitting a random number from an RFID reader to an RFID transaction device; creating, in the RFID transaction device, an RFID transaction device authentication tag using at least (a) the random number, (b) a routing number associated with a transaction account, and (c) a stored counter value; transmitting the RFID transaction device authentication tag to the RFID reader; incrementing the stored counter value in the RFID transaction device; transmitting a transaction request for verification, the transaction request being formed from at least the RFID transaction device authentication tag and the stored counter value; and processing the transaction request, wherein at least one of the RFID transaction device authentication tag and the stored counter value is verified. 2. The method of claim 1, further comprising converting the RFID transaction device authentication tag, the stored counter value, the random number, and the transaction account payload data in accordance with a merchant point of sale (POS) recognized format and transmitting the converted RFID transaction device authentication tag, the converted counter value, the converted random number, and the converted transaction account payload data. 3. The method of claim 2, wherein the merchant POS recognized format is ISO/IEC 8583 compatible. 4. The method of claim 2, wherein the merchant POS recognizable format includes a cryptogram field, and wherein the encrypted transaction account payload data is stored in the cryptogram field when converted to merchant POS recognizable format. 5. The method of claim 1, wherein, in the step of incrementing the stored counter value, the stored counter value is incremented by a random amount. 6. The method of claim 1, wherein, in the step of incrementing the stored counter value, the stored counter value is incremented by a predetermined amount. 7. The method of claim 1, wherein the step of creating the RFID transaction device authentication tag uses at least the random number, the routing number associated with a transaction account, the stored counter value, and transaction account payload data. 8. The method of claim 7, wherein the transaction account payload data is encrypted. 9. The method of claim 8, wherein the RFID transaction device authentication tag is transmitted in an RFID transaction device data message, the RFID transaction device data message comprises the RFID transaction device authentication tag and at least one of the stored counter value, the routing number, and the encrypted transaction account payload data. 10. The method of claim 9, wherein the verification of the RFID transaction device authentication tag comprises: locating an RFID transaction device authentication tag encryption key; and decrypting the RFID transaction device authentication tag using the RFID transaction device authentication tag encryption key. 11. The method of claim 10, wherein a "Transaction Invalid" message is provided if the decrypting step is unsuccessful. 12. The method of claim 10, wherein the RFID transaction device authentication tag encryption key is substantially similar to a transaction account payload encryption key. 13. The method of claim 9, wherein the verification of the stored counter value comprises comparing the stored counter value to an expected counter value. 14. The method of claim 9, further comprising the steps of: locating a transcription account payload decryption key, using the routing number, for decrypting the encrypted transaction account payload data; and decrypting the encrypted transaction account payload data. 15. The method of claim 1, wherein the RFID transaction device authentication tag is transmitted in an RFID transaction device data message, the RFID transaction device data message comprises the RFID transaction device authentication tag and at least one of the stored counter value, the routing number, and transaction account payload data. 16. A system configured to facilitate securing a radio frequency identification (RFID) transaction, the system comprising: an RFID transaction device, an RFID reader and an issuer system, the RFID transaction device comprising: an RFID transaction device database, the RFID transaction device database is configured to store transaction account payload data, a routing number associated with a transaction account; an RFID transaction device counter, the RFID transaction device counter having a stored counter value; and an RFID transaction device processor, the RFID transaction device processor being configured to: receive a random number; create an RFID transaction device authentication tag using at least (a) the random number, (b) the routing number, and (c) the stored counter value; transmit the RFID transaction device authentication tag; and increment the stored counter value; the RFID reader being configured to: transmit the random number to the RFID transaction device; receive the RFID transaction device authentication tag from the RFID transaction device; and transmit at least the RFID transaction device authentication tag and the stored counter value; the issuer system being configured to: receive a transaction request, the transaction request being formed from at least the RFID transaction device authentication tag and the stored counter value; and process the transaction request, wherein the issuer system verifies at least one of the RFID transaction device authentication tag and the stored counter value. 17. The system of claim 16, wherein the RFID transaction device authentication tag is created using at least the random number, the routing number, the stored counter value, and the transaction account payload data. 18. The system of claim 17, wherein the transaction account payload data is encrypted. 19. The system of claim 18, wherein the RFID transaction device processor is further configured to create an RFID transaction device data message, the RFID transaction device data message comprises the RFID transaction device authentication tag and at least one of the stored counter value, the routing number and the encrypted transaction account payload data. 20. The system of claim 19, wherein the issuer system is configured to locate an RFID transaction device authentication tag and decrypt the RFID transaction device authentication tag using the RFID transaction device authentication tag encryption key. 21. The system of claim 20, wherein the issuer system is configured to provide a "Transaction Invalid" message if the decryption of the RFID transaction device authentication tag is unsuccessful. 22. The system of claim 19, wherein the issuer system is configured to compare the stored counter value to an expected counter value. 23. The system of claim 19, wherein the issuer system is configured to locate a transaction account payload decryption key and decrypt the encrypted transaction account payload data. 24. The system of claim 16, wherein the RFID transaction device processor is further configured to create an RFID transaction device data message, the RFID transaction device data message comprises the RFID transaction device authentication tag and at least one of the stored counter value, the routing number and the transaction account payload data.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.