Agile OTP generation
US-9118663-B1 · Aug 25, 2015 · US
Client device authentication using contactless legacy magnetic stripe data
US11638148B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11638148-B2 |
| Application number | US-202016867736-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 6, 2020 |
| Priority date | Oct 2, 2019 |
| Publication date | Apr 25, 2023 |
| Grant date | Apr 25, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A technique for generating a diversified encryption key for a contactless legacy magnetic stripe card is disclosed. The diversified key can be generated using a master key, a key diversification value and an encryption algorithm. In one example embodiment, the key diversification value can be provided by the user as a fingerprint, numeric code or photo. The user can provide the key diversification value to the card or a cellphone. The card can generate the diversified key using the user provided key diversification value. The card or the cellphone can transmit the user provided diversification value to the server and the server can regenerate the diversified key using the user provided diversification value.
First claim
Opening claim text (preview).
The invention claimed is: 1. A contactless card comprising: a memory, a processor and a transmitter, wherein: the memory stores a master key, transmission data and a counter value; using the transmitter, the contactless card is configured to be in data communication with a client device; and the contactless card is an MSD compliant contactless card; wherein the contactless card is configured to: receive a key diversification value from the client device, wherein the key diversification value includes a biometric input; generate a diversified key using the master key, the counter value, the key diversification value and a cryptographic algorithm; encrypt the transmission data using the cryptographic algorithm and the diversified key to yield the encrypted transmission data; and transmit the encrypted transmission data to the client device. 2. The contactless card of claim 1 , wherein the transmitter is configured to transmit the encrypted transmission data in compliance with one or more of the following standards: ISO/IEC 7810, ISO/IEC 7811, ISO/IEC 7812, ISO/IEC 7813, ISO 8583, or ISO/IEC 4909. 3. The contactless card of claim 1 , wherein the biometric input includes data associated with a photo. 4. The contactless card of claim 1 , wherein the biometric input includes data associated with a fingerprint. 5. The contactless card of claim 1 , wherein the biometric input includes an alphanumeric code. 6. The contactless card of claim 1 , wherein the transmission data includes an account number. 7. A contactless card comprising: a memory, a processor and a transmitter, wherein: the memory stores a master key, transmission data and a counter value; using the transmitter, the contactless card is configured to be in data communication with a client device; and the contactless card is an MSD compliant contactless card; wherein the contactless card is configured to: receive a key diversification value and an algorithm selection value from the client device, wherein the key diversification value includes a biometric input; select a cryptographic algorithm using the algorithm selection value; generate a diversified key using the master key, the counter value, the key diversification value and the cryptographic algorithm; encrypt the transmission data using the cryptographic algorithm and the diversified key to yield the encrypted transmission data; and transmit the encrypted transmission data to the client device. 8. The contactless card of claim 7 , wherein the transmitter is configured to transmit the encrypted transmission data in compliance with one or more of the following standards: ISO/IEC 7810, ISO/IEC 7811, ISO/IEC 7812, ISO/IEC 7813, ISO 8583, or ISO/IEC 4909. 9. The contactless card of claim 7 , wherein the biometric input includes data associated with a photo, data associated with a fingerprint or an alphanumeric code. 10. A computer readable non-transitory medium comprising computer-executable instructions that are executed on a client device comprising a processor, a memory, and a transmitter, the instructions comprising the steps of: receiving a first input and, based on the first input, derive a key diversification value; receiving a second input and, based on the second input, derive an algorithm selection value; transmitting the key diversification value and the algorithm selection value to a contactless card; receiving encrypted transmission data from the contactless card, wherein the encrypted transmission data represents transmission data encrypted by a cryptographic algorithm and a diversified key which is generated using a master key, a counter value, the key diversification value and the cryptographic algorithm associated with the algorithm selection value; and transmitting the encrypted transmission data, the key diversification value and the algorithm selection value to a server. 11. The computer-readable medium of claim 10 , wherein the encrypted transmission data received from the contactless card is in compliance with one or more of the following standards: ISO/IEC 7810, ISO/IEC 7811, ISO/IEC 7812, ISO/IEC 7813, ISO 8583, or ISO/IEC 4909. 12. The computer-readable medium of claim 10 , wherein the first input is a fingerprint value received from a scanner of the client device and the second input is an alphanumeric value received from a touchscreen of the client device. 13. The computer-readable medium of claim 12 , wherein the memory respectively stores a plurality of key diversification values in association with a plurality of fingerprint values. 14. The computer-readable medium of claim 13 , wherein the instructions further comprise the steps of: transmitting the key diversification value associated with the fingerprint value received from the scanner of the client device to the contactless card and the server; and transmitting the alphanumeric value as the algorithm selection value to the contactless card and the server. 15. The computer-readable medium of claim 10 , wherein the first input is a photo received through a camera of the client device. 16. The computer-readable medium of claim 15 , further comprising the step of transmitting the photo to the server. 17. The computer-readable medium of claim 10 , wherein the memory respectively stores a plurality of key diversification values in association with a plurality of fingerprint values. 18. A computer readable non-transitory medium comprising computer-executable instructions that are executed on a client device comprising a processor, a memory, and a transmitter, the instructions comprising the steps of: receiving a first input and, based on the first input, derive a key diversification value; receiving a second input and, based on the second input, derive an algorithm selection value; transmitting the key diversification value and the algorithm selection value to a contactless card; receiving encrypted transmission data from the contactless card, wherein the encrypted transmission data represents transmission data encrypted by a cryptographic algorithm and a diversified key which is generated using a master key, a counter value, the key diversification value and the cryptographic algorithm associated with the algorithm selection value; and transmitting the encrypted transmission data, the key diversification value and the algorithm selection value to a server; wherein the memory respectively stores a plurality of algorithm selection values in association with a plurality of fingerprint values. 19. The computer-readable medium of claim 18 , wherein the memory respectively stores a plurality of key diversification values in association with a plurality of alphanumeric values. 20. The computer-readable medium of claim 18 , wherein the memory respectively stores a plurality of algorithm selection values in association with a plurality of alphanumeric values.
Assignees
Inventors
Classifications
Monitoring of device authentication · CPC title
Aspects of commerce using mobile devices [M-devices] · CPC title
Classification, e.g. identification · CPC title
Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists · CPC title
Matching; Classification · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11638148B2 cover?
- A technique for generating a diversified encryption key for a contactless legacy magnetic stripe card is disclosed. The diversified key can be generated using a master key, a key diversification value and an encryption algorithm. In one example embodiment, the key diversification value can be provided by the user as a fingerprint, numeric code or photo. The user can provide the key diversificat…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/0866. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 25 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).