Cloud-based transactions with magnetic secure transmission
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06Q-020/32
G06Q-020/38
H04L-029/06
G06Q-020/40
H04L-009/08
출원번호
US-0004705
(2016-01-22)
등록번호
US-9922322
(2018-03-20)
발명자
/ 주소
Flurscheim, Christian
Aabye, Christian
출원인 / 주소
Visa International Service Association
대리인 / 주소
Kilpatrick Townsend & Stockton LLP
인용정보
피인용 횟수 :
1인용 특허 :
206
초록▼
Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and transmitting a token instead of a real account identifier and the transaction cryptogram to
Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and transmitting a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction. The token and the transaction cryptogram can be transmitted to a magnetic stripe reader by generating an emulated magnetic signal. The LUK may be associated with a set of one or more limited-use thresholds that limits usage of the LUK, and the transaction can be authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds.
대표청구항▼
1. A method for enhancing security of a communication device when conducting a transaction using the communication device, the method comprising: receiving, from a remote computer, a token that is provisioned for conducting transactions;receiving, by the communication device, a limited-use key (LUK)
1. A method for enhancing security of a communication device when conducting a transaction using the communication device, the method comprising: receiving, from a remote computer, a token that is provisioned for conducting transactions;receiving, by the communication device, a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK;requesting, by an application executing in an applications environment of the communication device, a transaction cryptogram from a trusted execution environment of the communication device;generating, by the trusted execution environment of the communication device, a transaction cryptogram using the LUK;providing the transaction cryptogram to a magnetic stripe transmission driver executing in the trusted execution environment, wherein the providing is performed by a crypto engine within the trusted execution environment communicating the transaction cryptogram to the magnetic stripe transmission driver;generating, by an inductive coil controlled by the magnetic stripe transmission driver, an emulated magnetic signal representing data that includes the transaction cryptogram and the token instead of a real account identifier;wherein the inductive coil for generating the emulated magnetic signal representing the data further provides function for wireless charging of the communication device;transmitting the emulated magnetic signal to a magnetic stripe reader of an access device using the inductive coil of the communication device instead of a magnetic stripe to conduct the transaction; andwherein the transaction is authorized based on at least whether the usage of the LUK is within the set of one or more limited-use thresholds. 2. The method of claim 1, wherein the token is also usable for conducting contactless reader transactions. 3. The method of claim 1, wherein the emulated magnetic signal is generated in response to receiving user input on the communication device to initiate the transaction with the access device. 4. The method of claim 1, wherein the emulated magnetic signal is generated in response to receiving user input on the communication device to initiate the transaction, and without detecting a contactless transceiver in proximity to the communication device when the user input is received. 5. The method of claim 1, wherein the transaction cryptogram is generated by encrypting at least a transaction counter value with the LUK. 6. The method of claim 5, wherein the transaction cryptogram is generated by encrypting the transaction counter value and a predetermined static string with the LUK. 7. The method of claim 5, wherein the transaction counter value is incremented for each magnetic stripe reader transaction conducted by a mobile application of the communication device. 8. The method of claim 5, wherein the transaction counter value is incremented for each magnetic stripe reader transaction and each contactless reader transaction conducted by a mobile application of the communication device. 9. The method of claim 1, wherein the LUK is generated by encrypting a key index that includes at least one of: time information indicating when the LUK is generated; anda replenishment counter value indicating a number of times the LUK has been replenished. 10. A communication device comprising: an inductive coil;a processor; anda memory coupled to the processor and storing a mobile application that performs operations for enhancing security of the communication device when conducting transactions using the communication device, the operations including:receiving a token that is provisioned for conducting transactions;receiving a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK;requesting a transaction cryptogram from a trusted execution environment of the communication device;generating a transaction cryptogram using the LUK, the transaction cryptogram being generated in the trusted execution environment of the communication device;providing the transaction cryptogram to a magnetic stripe transmission driver executing in the trusted execution environment, wherein the providing is performed by a crypto engine within the trusted execution environment communicating the transaction cryptogram to the magnetic stripe transmission driver;generating, by the inductive coil controlled by the magnetic stripe transmission driver, an emulated magnetic signal representing data that includes the transaction cryptogram and the token instead of a real account identifier;wherein the inductive coil for generating the emulated magnetic signal representing the data further provides function for wireless charging of the communication device;transmitting the emulated magnetic signal to a magnetic stripe reader of an access device using the inductive coil of the communication device instead of a magnetic stripe to conduct the transaction; andwherein the transaction is authorized based on at least whether the usage of the LUK is within the set of one or more limited-use thresholds. 11. The communication device of claim 10, wherein the token is also usable for conducting contactless reader transactions. 12. The communication device of claim 10, wherein the emulated magnetic signal is generated in response to receiving user input on the communication device to initiate the transaction with the access device. 13. The communication device of claim 10, wherein the emulated magnetic signal is generated in response to receiving user input on the communication device to initiate the transaction, and without detecting a contactless transceiver in proximity to the communication device when the user input is received. 14. The communication device of claim 10, wherein the transaction cryptogram is generated by encrypting at least a transaction counter value with the LUK. 15. The communication device of claim 14, wherein the transaction cryptogram is generated by encrypting the transaction counter value and a predetermined static string with the LUK. 16. The communication device of claim 14, wherein the transaction counter value is incremented for each magnetic stripe reader transaction conducted by the mobile application of the communication device. 17. The communication device of claim 14, wherein the transaction counter value is incremented for each magnetic stripe reader transaction and each contactless reader transaction conducted by the mobile application of the communication device. 18. The communication device of claim 10, wherein the LUK is generated by encrypting a key index that includes at least one of: time information indicating when the LUK is generated; anda replenishment counter value indicating a number of times the LUK has been replenished.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (206)
Mullen, Jeffrey D.; Yen, Philip W., Advanced payment options for powered cards and devices.
Asghari Kamrani,Nader; Asghari Kamrani,Kamran, Direct authentication and authorization system and method for trusted network of financial institutions.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Franklin D. Chase ; Rosen Daniel ; Benaloh Josh ; Simon Daniel R., Electronic online commerce card with customer generated transaction proxy number for online transactions.
Bierbaum, Christopher J.; Cope, Warren B.; Katzer, Robin D.; Paczkowski, Lyle W., Electronic payment using a proxy account number stored in a secure element.
Stolfo,Salvotore J.; Yemini,Yechiam; Shaykin,Leonard P., Electronic purchase of goods over a communications network including physical delivery while securing private and personal information of the purchasing party.
Pitroda, Satyan G.; Desai, Mehul, Facilitating establishing trust for a conducting direct secure electronic transactions between a user and a financial service providers.
Zimmer, Vincent J.; Anvin, H. P.; Rothman, Michael A.; Estrada, David C.; Yoke, Nicholas J.; Selvaraje, Gopinatth, Flexible bootstrap code architecture.
Barr, John Mathias; Park, Geon Hyuk; Gupta, Somit, Method and apparatus for applying revision specific electronic signatures to an electronically stored document.
DeMello, Marco A.; Keely, Leroy B.; Byrum, Frank D.; Yaacovi, Yoram; Hughes, Kathryn E., Method and system for binding enhanced software features to a persona.
Talbert, Vincent W.; Keithly, Thomas H.; Hirschfeld, Daniel A.; Lavelle, Mark L., Method and system for completing a transaction between a customer and a merchant.
Fisher, Douglas; Dominguez, Benedicto H.; Lee, Timothy Mu-Chu, Method and system for performing two factor authentication in mail order and telephone order transactions.
Jonathan Shem-Ur IL; Anat Wolfson IL; Shaul Bar-Lev IL; Roni Sivan IL; Ehud Kaahtan IL, Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein.
Fung, Daniel Y.; Evans, Stephen C., Method, system and computer readable medium for web site account and e-commerce management from a central location.
Khan,Mohammad; Kumar,Pradeep; Vijayshankar,Roshan; Liu,Ming Li; Narayanan,Narendra, Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities.
Bhambri, Vikram; Walsh, Deirdre L.; Sausville, Paul C.; Biyani, Raj; Button, Thomas L.; Nolan, Sean; Warren, Susan; Hempey, Matthew D., Payment information security for multi-merchant purchasing environment for downloadable products.
Baker, David Preston; Marshall, III, Stanley N.; Hussein, Mohamed Reza; Hiller, Matthew Eric; Tung, Chin Pang; Mitchell, Andrew Robert, Secure storage of payment information on client devices.
Berardi, Michael J.; Bliman, Michal; Bonalle, David S.; Saunders, Peter D., System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C R; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C. R.; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C. R.; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Saunders, Peter D.; Leggatt, Lesley; Chuang, I-Hsin; Oh, John J., Systems, methods and computer program products for performing mass transit merchant transactions.
Hoffman Ned (Berkeley CA) Pare ; Jr. David F. (Berkeley CA) Lee Jonathan A. (Berkeley CA), Tokenless identification system for authorization of electronic transactions and electronic transmissions.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M.; Weber, Robert P., Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management.
Abraham Dennis G. (Concord NC) Henningsmeyer Daniela (Stuttgart VA DEX) Hudson John M. (Manassas VA) Johnson Donald B. (Manassas VA) Le An V. (Manassas VA) Matyas Stephen M. (Manassas VA) Stevens Jam, User defined function facility.
von Behren, Rob; Wall, Jonathan; Muehlberg, Alexej; Meyn, Hauke, Wallet application for interacting with a secure element application without a trusted server for authentication.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.