Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and sending a token instead of a real account identifier and the transaction cryptogram to an a
Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and sending a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction. The LUK may be associated with a set of one or more limited-use thresholds that limits usage of the LUK, and the transaction can be authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds.
대표청구항▼
1. A method for enhancing security of a communication device when conducting a transaction using the communication device, the method comprising: receiving, from a remote computer by the communication device, a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds
1. A method for enhancing security of a communication device when conducting a transaction using the communication device, the method comprising: receiving, from a remote computer by the communication device, a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK, wherein the LUK is usable for more than one transaction;generating, by the communication device, a transaction cryptogram using the LUK;sending, to an access device by the communication device, a token instead of a real account identifier and the transaction cryptogram to conduct the transaction, wherein the transaction is authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds;sending, to the remote computer by the communication device, a replenishment request for a second LUK, the replenishment request including transaction log information derived from transaction data that is unique for each of a plurality of transactions conducted using the LUK, the transaction data being stored in a transaction log on the communication device; andreceiving, from the remote computer by the communication device, the second LUK when the transaction log information in the replenishment request matches transaction log information at the remote computer, the second LUK being a different key than the LUK. 2. The method of claim 1, wherein the communication device stores the LUK or the token in a memory, instead of in a secure element. 3. The method of claim 1, wherein receiving the LUK further includes receiving a key index that includes information pertaining to generation of the LUK. 4. The method of claim 3, wherein the key index is sent with the transaction cryptogram to the access device to conduct the transaction. 5. The method of claim 3, wherein the key index includes at least one of: time information indicating when the LUK is generated; anda replenishment counter value indicating a number of times the LUK has been replenished. 6. The method of claim 3, wherein the key index includes: a pseudo-random number that is used as a seed to generate the LUK; ora transaction counter value indicating a number of transactions that has been previously conducted by a mobile application of the communication device at the time the LUK is generated. 7. The method of claim 1, wherein the set of one or more limited-use thresholds includes at least one of: a time-to-live indicating a time duration that the LUK is valid for;a predetermined number of transactions that the LUK is valid for; anda cumulative transaction amount indicating the total transaction amount that the LUK is valid for. 8. The method of claim 1, wherein the set of one or more limited-use thresholds includes an international usage threshold and a domestic usage threshold. 9. The method of claim 1, wherein the transaction log stored on the communication device includes: for each transaction conducted using the LUK:a transaction timestamp indicating the time of the corresponding transaction;an application transaction counter value associated with the corresponding transaction; anda transaction type indicator indicating whether the corresponding transaction is a magnetic stripe based transaction or an integrated chip based transaction. 10. The method of claim 1, wherein the transaction log information sent to the remote computer includes an authentication code computed over at least the transaction log using the LUK. 11. The method of claim 1, wherein the replenishment request is sent in response to: determining that a next transaction conducted with the LUK will exhaust the set of one or more limited-use thresholds;determining that the set of one or more limited-use thresholds associated with the LUK has been exhausted; orreceiving a push message requesting the communication device to replenish the LUK. 12. A communication device comprising: a processor; anda memory coupled to the processor and storing a mobile application that performs operations for enhancing security of the communication device when conducting transactions using the communication device, the operations including:receiving a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK, wherein the LUK is usable for more than one transaction;generating a transaction cryptogram using the LUK;sending a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction, wherein the transaction is authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds;sending a replenishment request for a second LUK, the replenishment request including transaction log information derived from transaction data that is unique for each of a plurality of transactions conducted using the LUK, the transaction data being stored in a transaction log on the communication device; andreceiving the second LUK when the transaction log information in the replenishment request matches transaction log information at the remote computer, the second LUK being a different key than the LUK. 13. The communication device of claim 12, wherein the communication device stores the LUK or the token in a memory, instead of in a secure element. 14. The communication device of claim 12, wherein receiving the LUK further includes receiving a key index that includes information pertaining to generation of the LUK. 15. The communication device of claim 14, wherein the key index is sent with the transaction cryptogram to the access device to conduct the transaction. 16. The communication device of claim 14, wherein the key index includes at least one of: time information indicating when the LUK is generated; anda replenishment counter value indicating a number of times the LUK has been replenished. 17. The communication device of claim 14, wherein the key index includes a seed from which the LUK is generated. 18. The communication device of claim 12, wherein the set of one or more limited-use thresholds includes at least one of: a time-to-live indicating a time duration that the LUK is valid for;a predetermined number of transactions that the LUK is valid for; anda cumulative transaction amount indicating the total transaction amount that the LUK is valid for. 19. The communication device of claim 12, wherein the set of one or more limited-use thresholds includes an international usage threshold and a domestic usage threshold. 20. The communication device of claim 12, wherein the transaction log stored on the communication device includes: for each transaction conducted using the LUK:a transaction timestamp indicating the time of the corresponding transaction;an application transaction counter value associated with the corresponding transaction; anda transaction type indicator indicating whether the corresponding transaction is a magnetic stripe based transaction or an integrated chip based transaction. 21. The communication device of claim 12, wherein the transaction log information includes an authentication code computed over at least the transaction log using the LUK. 22. The communication device of claim 12, wherein the replenishment request is sent in response to: determining that a next transaction conducted with the LUK will exhaust the set of one or more limited-use thresholds;determining that the set of one or more limited-use thresholds associated with the LUK has been exhausted; orreceiving a push message requesting the communication device to replenish the LUK. 23. The method of claim 1, wherein the transaction cryptogram is generated by: enciphering transaction information using a first portion of the LUK;deciphering the enciphered transaction information using a second portion of the LUK; andre-enciphering the deciphered transaction information using the first portion of the LUK. 24. The method of claim 1, wherein the transaction cryptogram is generated by: encrypting a predetermined numeric string using the LUK; anddecimalizing the encrypted predetermined numeric string.
Van de Velde, Eddy L. H.; Roberts, David A.; Smets, Patrik; Garrett, Duncan; Rans, Jean-Paul, Apparatus and method for integrated payment and electronic merchandise transfer.
Asghari Kamrani,Nader; Asghari Kamrani,Kamran, Direct authentication and authorization system and method for trusted network of financial institutions.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Mullen, Jeffrey David, Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card.
Franklin D. Chase ; Rosen Daniel ; Benaloh Josh ; Simon Daniel R., Electronic online commerce card with customer generated transaction proxy number for online transactions.
Bierbaum, Christopher J.; Cope, Warren B.; Katzer, Robin D.; Paczkowski, Lyle W., Electronic payment using a proxy account number stored in a secure element.
Stolfo,Salvotore J.; Yemini,Yechiam; Shaykin,Leonard P., Electronic purchase of goods over a communications network including physical delivery while securing private and personal information of the purchasing party.
Pitroda, Satyan G.; Desai, Mehul, Facilitating establishing trust for a conducting direct secure electronic transactions between a user and a financial service providers.
Zimmer, Vincent J.; Anvin, H. P.; Rothman, Michael A.; Estrada, David C.; Yoke, Nicholas J.; Selvaraje, Gopinatth, Flexible bootstrap code architecture.
Goldstein,Seth; Mahajan,Rajesh; Muppirala,Prakash; Quigley,Benjamin L.; Rawat,Jai; Subramanya,Venkatesh; Tran,Vincent, Intelligent method of order completion in an e-commerce environment based on availability of stored billing information.
Barr, John Mathias; Park, Geon Hyuk; Gupta, Somit, Method and apparatus for applying revision specific electronic signatures to an electronically stored document.
Hirai Chiaki (Tokyo JPX) Kondo Hidefumi (Yamato JPX), Method and apparatus for completing a partially completed document in accordance with a blank form from data automatical.
Lincoln, Adrian David; Debney, Charles William; Maxwell, Ian Ronald; Viney, Jonathan Lawrence, Method and apparatus in combination with a storage means for carrying out an authentication process for authenticating a subsequent transaction.
Bajikar,Sundeep M.; Girard,Luke E.; Silvester,Kelan C.; McKeen,Francis X., Method and system and authenticating a user of a computer system that has a trusted platform module (TPM).
Talbert, Vincent W.; Keithly, Thomas H.; Hirschfeld, Daniel A.; Lavelle, Mark L., Method and system for completing a transaction between a customer and a merchant.
Fisher, Douglas; Dominguez, Benedicto H.; Lee, Timothy Mu-Chu, Method and system for performing two factor authentication in mail order and telephone order transactions.
Mutschler ; III Eugene Otto ; Stefaniak Joseph Peter, Method for dynamically embedding objects stored in a web server within HTML for display by a web browser.
Jonathan Shem-Ur IL; Anat Wolfson IL; Shaul Bar-Lev IL; Roni Sivan IL; Ehud Kaahtan IL, Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein.
Fung, Daniel Y.; Evans, Stephen C., Method, system and computer readable medium for web site account and e-commerce management from a central location.
Veteläinen,Altti Pekka Henrik, Methods, system, and computer readable medium for user data entry, at a terminal, for communication to a remote destination.
Khan,Mohammad; Kumar,Pradeep; Vijayshankar,Roshan; Liu,Ming Li; Narayanan,Narendra, Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities.
Khan, Mohammad; Kumar, Pradeep; Vijayshankar, Roshan; Liu, Ming-Li; Narayanan, Narendra, Methods, systems, and computer readable media for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities.
Park, Kyung Yang; Kim, Chul Ki; Hwang, Que Min; Jung, Bong Sung; Sung, Kwang Hyun; Kim, Do Ha; Jung, Hoon Joon; Kang, Bog Heui; Cho, Eun Sang; Kim, Won Dong; Kim, Dae Yeon; Chang, Kwang Su; Woo, Hee Gu, Optical payment transceiver and system using the same.
Bhambri, Vikram; Walsh, Deirdre L.; Sausville, Paul C.; Biyani, Raj; Button, Thomas L.; Nolan, Sean; Warren, Susan; Hempey, Matthew D., Payment information security for multi-merchant purchasing environment for downloadable products.
Baker, David Preston; Marshall, III, Stanley N.; Hussein, Mohamed Reza; Hiller, Matthew Eric; Tung, Chin Pang; Mitchell, Andrew Robert, Secure storage of payment information on client devices.
Berardi, Michael J.; Bliman, Michal; Bonalle, David S.; Saunders, Peter D., System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions.
Snapper,Erik J.; Jiggins,Julian P.; Shyam,Bharat; Partovi,Hadi; Berman,Eric R.; Freedman,Steven J.; Allard,James E.; Chang,Frank Z.; Proteau,Stephen P.; Jorgenson,Clint C., System and method for populating forms with previously used data values.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C R; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C. R.; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Chien, Emily; Sanchez, Trish; Saunders, Daniela; Wiseman, Jill; Balagopal, C. R.; Kinderknecht, Al; Parson, Jon W.; Preston, Ray, System and method for using loyalty rewards as currency.
Hughes Thomas S. (31310 Eagle Haven Cir. ; Ste. 100 Rancho Palos Verdes CA 90274) Molina Gustavo (24292 Rhona Dr. Laguna Niguel CA 92656), System for remote purchase payment transactions and remote bill payments.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Saunders, Peter D.; Leggatt, Lesley; Chuang, I-Hsin; Oh, John J., Systems, methods and computer program products for performing mass transit merchant transactions.
Hoffman Ned (Berkeley CA) Pare ; Jr. David F. (Berkeley CA) Lee Jonathan A. (Berkeley CA), Tokenless identification system for authorization of electronic transactions and electronic transmissions.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M.; Weber, Robert P., Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management.
Abraham Dennis G. (Concord NC) Henningsmeyer Daniela (Stuttgart VA DEX) Hudson John M. (Manassas VA) Johnson Donald B. (Manassas VA) Le An V. (Manassas VA) Matyas Stephen M. (Manassas VA) Stevens Jam, User defined function facility.
von Behren, Rob; Wall, Jonathan; Muehlberg, Alexej; Meyn, Hauke, Wallet application for interacting with a secure element application without a trusted server for authentication.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.