Method and system for enhancing the security of a transaction
US-2019005493-A1 · Jan 3, 2019 · US
Method and system for contactless transactions without user credentials
US11182779B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11182779-B2 |
| Application number | US-201715493759-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 21, 2017 |
| Priority date | Apr 21, 2016 |
| Publication date | Nov 23, 2021 |
| Grant date | Nov 23, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for generation of an application cryptogram for use in a payment transaction includes: storing, in a first memory, a single use key associated with a transaction account; electronically transmitting the single use key to a processing server; receiving an encrypted session key and a server encryption key from the processing server; executing a first query to store the encrypted session key in the first memory and a second query to store the server encryption key in a second memory; decrypting the encrypted session key using the server encryption key; generating an application cryptogram based on the decrypted session key; and electronically transmitting the generated application cryptogram for use in a payment transaction.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for generation of an application cryptogram for use in a payment transaction without requiring input of a personal identification number (PIN), said method comprising: receiving, by a receiving device of a computing device, from a processing server, a single use key associated with a transaction account, wherein said single use key is a payment token; storing, in a first memory of a plurality of memories of the computing device, the single use key associated with the transaction account; evaluating, by the computing device, an integrity of the plurality of memories of the computing device that is configured to store single use keys, encrypted session keys, and server encryption keys; in response to a received instruction, electronically transmitting, by a transmitting device of the computing device, to the processing server, a session key request including the single use key stored in the first memory, along with a result of the integrity evaluation of each of the plurality of memories; receiving, by a receiving device of the computing device, from the processing server, an encrypted session key and a server encryption key, said encrypted session key having been generated by the processing server on a basis of the single use key; executing, by a processing device, of the computing device, (i) a first query and storing the encrypted session key in the first memory and (ii) a second query, and storing the server encryption key in a second memory of the computing device; receiving, by the computing device, an instruction to generate payment credentials; in response to receiving the instruction to generate payment credentials, decrypting, by the processing device, of the computing device, the encrypted session key read from the first memory using the server encryption key read from the second memory; using the decrypted session key, generating, by the processing device, of the computing device, an application cryptogram; electronically transmitting, by the transmitting device of the computing device, the generated application cryptogram to a point of sale system associated with a merchant involved in an initiated payment transaction; and in response to receiving an instruction from the processing server, deleting, by the computing device, the decrypted session key. 2. The method of claim 1 , further comprising: receiving, by an input device of the computing device, an instruction to initiate a payment transaction prior to decrypting the encrypted session key. 3. The method of claim 1 , further comprising: verifying, by the processing device, of the computing device, device integrity of the computing device prior to at least receiving the encrypted session key and server encryption key. 4. The method of claim 1 , wherein the second memory further includes payment credentials, the method further comprising: transmitting, by the transmitting device, the payment credentials with the generated application cryptogram to the point of sale system associated with the merchant. 5. The method of claim 1 , wherein the second memory is random access memory. 6. A system for generation of an application cryptogram for use in a payment transaction without requiring input of a personal identification number (PIN), the said system comprising: a receiver, of a computing device, configured to receive, from a processing server, a single use key associated with a transaction account, wherein said single use key is a payment token; a first memory of a plurality of memories of the computing device configured to store the single use key associated with the transaction account; a processor of the computing device configured to evaluate an integrity of memory of the plurality of memories that are configured to store single use keys, encrypted session keys, and server encryption keys, and a transmitter of the computing device configured to electronically transmit, to the processing server, in response to a received instructions, a session key request including the single use key stored in the first memory, along with a result of the integrity evaluation of each of the plurality of memories; wherein the receiver, of the computing device, is further configured to receive an encrypted session key and a server encryption key from the processing server, said encrypted session key having been generated by the processing server on a basis of the single use key; wherein the processor, of the computing device, is configured to execute (i) a first query and store the encrypted session key in the first memory, and (ii) a second query and store the server encryption key in a second memory of the computing device; decrypt, in response to receiving an instructions to generate payment credentials, the encrypted session key, read from the first memory, using the server encryption key read from the second memory; and generate, using the decrypted session key, an application cryptogram, wherein the transmitter, of the computing device, is further configured to electronically transmit the generated application cryptogram to a point of sale system associated with a merchant involved in an initiated payment transaction, and wherein, in response to receiving an instruction from the processing server, the computing device is further configured to delete the decrypted session key. 7. The system of claim 6 , further comprising: an input device, of the computing device, configured to receive an instruction to initiate a payment transaction prior to decrypting the encrypted session key. 8. The system of claim 6 , wherein the processor, of the computing device, is further configured to verify device integrity of the computing device prior to at least receiving the encrypted session key and server encryption key. 9. The system of claim 6 , wherein the second memory further includes payment credentials, and the transmitter is further configured to electronically transmit the payment credentials with the generated application cryptogram to the point of sale system associated with a merchant. 10. The system of claim 6 , wherein the second memory is random access memory.
Assignees
Inventors
Classifications
using wearable devices · CPC title
Financial cryptography, e.g. electronic payment or e-cash · CPC title
applying encryption of the keys · CPC title
using one-time keys (cryptographic mechanisms or cryptographic arrangements for generation of one-time passwords H04L9/0863) · CPC title
of the user plane, e.g. user's traffic · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11182779B2 cover?
- A method for generation of an application cryptogram for use in a payment transaction includes: storing, in a first memory, a single use key associated with a transaction account; electronically transmitting the single use key to a processing server; receiving an encrypted session key and a server encryption key from the processing server; executing a first query to store the encrypted session …
- Who is the assignee on this patent?
- Mastercard International Inc
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/3829. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 23 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).