What technology area does this patent fall under?

Primary CPC classification G07F7/1008. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Contactless card and personal identification system

US10657754B1 · US · B1

Patent metadata
Field	Value
Publication number	US-10657754-B1
Application number	US-201916725133-A
Country	US
Kind code	B1
Filing date	Dec 23, 2019
Priority date	Dec 23, 2019
Publication date	May 19, 2020
Grant date	May 19, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A dual-factor PIN based authentication system and method uses a cryptogram provided by a contactless card associated with the client in association with a PIN stored by the contactless card to authenticate the client. In some embodiments, cryptogram authentication may be preconditioned upon a PIN match determination by the contactless card. In other embodiments, the cryptogram may be formed at least in part using the personal identification number (PIN) stored on the contactless card encoded using a dynamic key stored by the contactless card and uniquely associated with the client. Authentication may be achieved by comparing the cryptogram formed using the PIN against an expected cryptogram generated an expected PIN and an expected dynamic key.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for dual factor authentication of a request for access to an account associated with a client includes the steps of: receiving an input personal identification number (PIN) from a user interface; engaging a contactless card, the contactless card storing a PIN associated with the client; communicating the input PIN to the contactless card; receiving, in response to a match of the input PIN with the stored PIN, a cryptogram from the contactless card, the cryptogram formed using a dynamic key of the contactless card, the dynamic key formed using a counter value maintained by the contactless card, wherein the cryptogram comprises contactless card data that is encoded using the dynamic key; communicating the cryptogram to an authenticating device; and authorizing the request in response to authentication of the cryptogram by the authenticating device. 2. The method of claim 1 wherein the authenticating device maintains a copy of the contactless card data and a copy of the counter value, and authenticates the cryptogram by: encoding the copy of the contactless card data using an expected dynamic key formed from the copy of the counter to generate an expected cryptogram; and comparing the expected cryptogram to the forwarded cryptogram. 3. The method of claim 2 wherein the counter value and the copy of the counter value are each updated according to a predetermined protocol followed by the authenticating device and the contactless card. 4. The method of claim 3 wherein the dynamic key is further formed using a master key that is stored on the contactless card, and wherein the authenticating device stores a copy of the master key and uses the master key copy together with the counter to provide the expected dynamic key. 5. The method of claim 4 wherein the contactless card and the authenticating device each use the same cryptographic hash algorithm to generate the dynamic key and expected dynamic key. 6. The method of claim 5 wherein the contactless card data that is encoded using the dynamic key to form the cryptogram includes the PIN stored on the contactless card, a shared secret, the counter value, or a combination thereof. 7. The method of claim 1 including the step of encoding the contactless card data includes applying a cryptographic hash function to the contactless card data. 8. The method of claim 7 wherein the cryptographic hash function is selected from a group of functions including a 3DES (Triple Data Encryption Algorithm), Advanced Encryption Standard (AES) 128, a symmetric Hash-Based Message Authentication (HMAC) algorithm, and a symmetric cypher-based message authentication code (CMAC) algorithm such as AES-CMAC. 9. The method of claim 1 , wherein the authenticating device comprises a client device, a merchant device, an authentication server or a combination thereof. 10. A method for dual factor authentication of a request for access to an account associated with a client includes the steps of: receiving an input personal identification number (PIN) from a user interface; engaging a contactless card, the contactless card storing a PIN associated with the client; receiving a cryptogram from the contactless card, the cryptogram formed using a dynamic key of the contactless card, the dynamic key formed using a counter maintained by the contactless card, wherein the cryptogram comprises contactless card data including the PIN and is encoded using the dynamic key; communicating the input PIN and the cryptogram to an authenticating device, the request including a cryptogram; and authorizing the request in response to authentication of the input PIN and cryptogram by the authenticating device. 11. The method of claim 10 wherein the authenticating device maintains a copy of the contactless card data and a copy of the counter, and authenticates the cryptogram by: encoding the copy of the contactless card data and the input PIN using an expected dynamic key formed from the copy of the counter to generate an expected cryptogram; and comparing the expected cryptogram to the forwarded cryptogram. 12. The method of claim 11 wherein the counter value and the copy of the counter value are each updated according to a predetermined protocol followed by the authenticating device and the contactless card. 13. The method of claim 12 wherein the dynamic key is further formed using a master key that is stored on the contactless card, and wherein the authenticating device stores a copy of the master key and uses the master key copy together with the counter to provide the expected dynamic key. 14. The method of claim 13 wherein the contactless card and the authenticating device each use the same cryptographic hash algorithm to generate the dynamic key and expected dynamic key. 15. The method of claim 14 wherein the contactless card data that is encoded using the dynamic key to form the cryptogram includes the PIN stored on the contactless card, a shared secret, the counter value, or a combination thereof. 16. The method of claim 11 including the step of encoding the contactless card data includes applying a cryptographic hash function to the contactless card data. 17. The method of claim 16 wherein the cryptographic hash function is selected from a group of functions including a 3DES (Triple Data Encryption Algorithm), Advanced Encryption Standard (AES) 128, a symmetric Hash-Based Message Authentication (HMAC) algorithm, and a symmetric cypher-based message authentication code (CMAC) algorithm such as AES-CMAC. 18. The method of claim 11 , wherein the authenticating device comprises a client device, a merchant device, an authentication server or a combination thereof. 19. A device comprising: a contactless card interface configured to communicate with a contactless card associated with a client, the contactless card comprising a stored peronal identification number (PIN); a user interface; a processor; a non-volatile memory having program code stored thereon for authenticating a request by the client, the program code operable when executed upon by the processor to: communicate an input PIN received by the user interface to the contactless card; receive, in response to a match of the input PIN with the stored PIN, a cryptogram from the contactless card, the cryptogram formed using a dynamic key of the contactless card, the dynamic key formed using a counter value maintained by the contactless card, wherein the cryptogram comprises contactless card data that is encoded using the dynamic key; communicate the cryptogram to an authenticating device; and authorize the request in response to authentication of the cryptogram by the authenticating device. 20. The device of claim 19 wherein the authenticating device maintains a copy of the contactless card data and a copy of the counter value, and authenticates the cryptogram by: encoding the copy of the contactless card data using an expected dynamic key formed from the copy of the counter to generate an expected cryptogram; and comparing the expected cryptogram to the forwarded cryptogram, wherein the counter value and the copy of the counter value are each updated according to a predetermined protocol followed by the authenticating device and the contactless card.

Assignees

Capital One Services Llc

Inventors

Classifications

G07F7/1008Primary
Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system · CPC title
G06K19/07749
the record carrier being capable of non-contact communication, e.g. constructional details of the antenna of a non-contact smart card · CPC title
G06K19/0723
the record carrier comprising an arrangement for non-contact communication, e.g. wireless communication circuits on transponder cards, non-contact smart cards or RFIDs · CPC title
H04L63/0853Primary
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
H04L63/067
using one-time keys (cryptographic mechanisms or cryptographic arrangements for generation of one-time passwords H04L9/0863) · CPC title

Patent family

Related publications grouped by family.

View patent family 70736367

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10657754B1 cover?: A dual-factor PIN based authentication system and method uses a cryptogram provided by a contactless card associated with the client in association with a PIN stored by the contactless card to authenticate the client. In some embodiments, cryptogram authentication may be preconditioned upon a PIN match determination by the contactless card. In other embodiments, the cryptogram may be formed at …
Who is the assignee on this patent?: Capital One Services Llc
What technology area does this patent fall under?: Primary CPC classification G07F7/1008. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).