Using a contactless card to securely share personal data stored in a blockchain
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06Q-020/34
G06Q-020/36
G06Q-020/38
G06Q-020/40
H04L-009/32
H04L-009/06
출원번호
16359980
(2019-03-20)
등록번호
10535062
(2020-01-14)
발명자
/ 주소
Rule, Jeffrey
Ilincic, Rajko
Newman, Kaitlin
출원인 / 주소
CAPITAL ONE SERVICES, LLC
인용정보
피인용 횟수 :
0인용 특허 :
0
초록▼
Systems, methods, and articles of manufacture to securely share data stored in a blockchain. A contactless card may receive a request to provide a data element from a device. An applet of the contactless card may encrypt the data element and a wallet address. The applet may generate a signature for
Systems, methods, and articles of manufacture to securely share data stored in a blockchain. A contactless card may receive a request to provide a data element from a device. An applet of the contactless card may encrypt the data element and a wallet address. The applet may generate a signature for the request, and transmit, to a mobile device, the signature and the encrypted data. The mobile device may transmit, to a verification service, the signature and encrypted data. The verification service may verify the signature based on a public key. A node in a blockchain may generate a block in the blockchain, the block comprising indications of the verification of the signature, the requested data element, and the wallet address. An encrypted data element corresponding to the data element may be decrypted using a public key. The device may receive the decrypted data element from the wallet address.
대표청구항▼
1. A method for providing a user data element to a merchant device during a transaction between a user and a merchant, comprising: receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet addr
1. A method for providing a user data element to a merchant device during a transaction between a user and a merchant, comprising: receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant and a type of the user data element;generating an encrypted request by encrypting, by an applet executing in a memory of the contactless card based on a private key stored in the memory of the contactless card, the wallet address of the merchant and the type of the user data element;generating, by the applet based on the private key, a digital signature for the first request;transmitting, to a card reader of a mobile device by the communications interface of the contactless card, the digital signature and the encrypted request;receiving, by a verification service executing on a server from the mobile device, the digital signature, the encrypted request, and a wallet address of the user;verifying, by the verification service, the digital signature based on a public key associated with the private key of the contactless card;decrypting, by the verification service based on verifying the digital signature, the encrypted request using the private key and selecting, by the verification service, the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user;encrypting, by the verification service, the selected user data element using the public key to produce an encrypted user data element;transmitting, by the verification service to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user;responsive to receiving the second request, generating, by the node, a block in the blockchain corresponding to the first request, the block comprising the indication of the verification of the digital signature, the encrypted user data element, and the public key, the wallet address of the merchant, and the wallet address of the user;responsive to generation of the block, reading, by the merchant device, the block in the blockchain;decrypting, by the merchant device based on the public key, the encrypted user data element; andauthorizing, by the merchant device, the transaction based on the decrypted user data element. 2. The method of claim 1, the private key corresponding to a request to read the user data element, a transaction key corresponding to a request to perform a transaction in the blockchain, the method further comprising: determining, by the applet, a type of the first request; andselecting, by the applet, one of the private key and the transaction key based on the determined type of the first request. 3. The method of claim 1, wherein the digital signature comprises a hash value. 4. The method of claim 1, wherein the block in the blockchain further comprises an indication of a request token associated with the first request. 5. The method of claim 1, wherein the user data element is one of a plurality of user data elements, each user data element corresponding to one or more personally identifiable attributes describing the user, the personally identifiable attributes comprising: (i) an age, (ii) a name, (iii) an address, (iv) an identification number, (v) one or more biometric identifiers, (vi) one or more account numbers, and (vii) an email address. 6. The method of claim 1, further comprising: decrypting, by the verification service based on the public key, the encrypted user data element and the wallet address to validate an identity of the user. 7. The method of claim 1, further comprising: identifying, by the verification service, a plurality of blocks of the blockchain associated with a plurality of prior requests, the plurality of prior requests validated and fulfilled to provide user data elements of the user. 8. A system to provide a user data element to a merchant device during a transaction between a user and a merchant, comprising: a contactless card, comprising: a communications interface, wherein the communications interface is configured to receive a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant, and a type of the user data element;a processor; anda memory storing an applet which when executed by the processor causes the processor to:generate an encrypted request by encrypting the wallet address of the merchant and the type of the user data element based on a private key stored in the memory of the contactless card;generate a digital signature for the first request; andtransmit the digital signature and the encrypted request to a card reader of a mobile device;a server executing a verification service, the verification service programmed to: receive the digital signature, the encrypted request, and a wallet address of the user from the mobile device;verify the digital signature received from the mobile device based on a public key associated with the private key of the contactless card;based on the verification of the digital signature, decrypt the encrypted request received from the mobile device using the private key;select the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user;encrypt the selected user data element using the public key to produce an encrypted user data element; andtransmit, to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user; anda node of a blockchain programmed to: generate a block in the blockchain corresponding to the first request in response to receiving the second request from the verification service, the block comprising the indication of the verification of the digital signature, the encrypted user data element, the public key, the wallet address of the merchant, and the wallet address of the user, wherein the merchant device is programmed to read the block in the blockchain, decrypt the encrypted user data element from the block based on the public key, and authorize the transaction based on the decrypted user data element. 9. The system of claim 8, the private key corresponding to a request to read the user data element, a transaction key corresponding to a request to perform a transaction in the blockchain, the applet further configured to: determine a type of the first request; andselect one of the private key and the transaction key based on the determined type of the first request. 10. The system of claim 8, wherein the digital signature comprises a hash value. 11. The system of claim 8, wherein the block in the blockchain further comprises an indication of a request token associated with the first request. 12. The system of claim 8, wherein the user data element is one of a plurality of user data elements, each user data element corresponding to one or more personally identifiable attributes describing the user, the personally identifiable attributes comprising: (i) an age, (ii) a name, (iii) an address, (iv) an identification number, (v) one or more biometric identifiers, (vi) one or more account numbers, and (vii) an email address. 13. The system of claim 8, wherein the verification service is configured to decrypt, based on the public key, the encrypted user data element and the wallet address to validate an identity of the user. 14. The system of claim 8, wherein the verification service is configured to identify a plurality of blocks of the blockchain associated with a plurality of prior requests, the plurality of prior requests validated and fulfilled to provide user data elements of the user. 15. A non-transitory computer-readable storage medium storing computer-readable instructions that when executed by a processor cause the processor to perform operations to provide a user data element to a merchant device during a transaction between a user and a merchant, the operations comprising: receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant and a type of the user data element;generating an encrypted request by encrypting, by an applet executing in a memory of the contactless card based on a private key stored in the memory of the contactless card, the wallet address of the merchant and the type of the user data element;generating, by the applet based on the private key, a digital signature for the first request;transmitting, to a card reader of a mobile device by the communications interface of the contactless card, the digital signature and the encrypted request;receiving, by a verification service executing on a server from the mobile device, the digital signature, the encrypted request, and a wallet address of the user;verifying, by the verification service, the digital signature based on a public key associated with the private key of the contactless card;based on the verifying the digital signature, decrypting, by the verification service, the encrypted request using the private key and selecting, by the verification service, the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user;encrypting, by the verification service, the selected user data element using the public key to produce an encrypted user data element;transmitting, by the verification service to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user;in response to receiving the second request, generating, by the node of the blockchain, a block in the blockchain corresponding to the first request, the block comprising the indication of the verification of the digital signature, the encrypted one or more user data element, the public key, the wallet address of the merchant, and the wallet address of the user;in responsive to generation of the block, reading, by the merchant device, the block in the blockchain;decrypting, by the merchant device based on the public key, the encrypted user data element; andauthorizing, by the merchant device, the transaction based on the decrypted user data element. 16. The non-transitory computer-readable storage medium of claim 15, the private key corresponding to a request to read the user data element, a transaction key corresponding to a request to perform a transaction in the blockchain, wherein the applet is further configured to: determine a type of the first request; andselect one of the private key and the transaction key based on the determined type of the first request. 17. The non-transitory computer-readable storage medium of claim 15, wherein the digital signature comprises a hash value. 18. The non-transitory computer-readable storage medium of claim 15, wherein the block in the blockchain further comprises an indication of a request token associated with the first request. 19. The non-transitory computer-readable storage medium of claim 15, wherein the user data element is one of a plurality of user data elements, each user data element corresponding to one or more personally identifiable attributes describing the user, the personally identifiable attributes comprising: (i) an age, (ii) a name, (iii) an address, (iv) an identification number, (v) one or more biometric identifiers, (vi) one or more account numbers, and (vii) an email address. 20. The non-transitory computer-readable storage medium of claim 15, wherein the verification service is configured to decrypt, based on the public key, the encrypted user data element and the wallet address to validate an identity of the user.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.