Agile OTP generation
US-9118663-B1 · Aug 25, 2015 · US
Systems and methods for cryptographic authentication of contactless cards
US11728994B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11728994-B2 |
| Application number | US-202017103289-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 24, 2020 |
| Priority date | Oct 2, 2018 |
| Publication date | Aug 15, 2023 |
| Grant date | Aug 15, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Example embodiments of systems and methods for data transmission between contactless card and receiving devices are provided. In an embodiment, the contactless card may be configured to create a cryptogram based on a plurality of keys and a counter. The cryptogram may be transmitted to the receiving device. The contactless card may be configured to transmit a one-time password to the client device. The counter value may be adjusted each time the one-time password is generated, and the counter may be configured to increment in a non-monotonic sequence, the sequence associated with one or more cryptographic algorithms.
First claim
Opening claim text (preview).
What is claimed is: 1. A contactless card, comprising: a memory, the memory containing a counter; and a processor, wherein the processor: generates a one-time password, and transmits the one-time password for authentication; wherein the counter is adjusted at one or more intervals in a non-monotonic sequence; wherein the non-monotonic sequence is created by one or more cryptographic algorithms; and wherein the counter determines the number of cryptographic operations performed to generate the one time-password. 2. The contactless card of claim 1 , wherein the counter is incremented by a first value for a first account and decremented by a second value for a second account. 3. The contactless card of claim 1 , wherein the counter is decremented at the one or more intervals in the non-monotonic sequence. 4. The contactless card of claim 1 , wherein the one or more cryptographic algorithms are selected to avoid wrapping of the counter. 5. The contactless card of claim 1 , wherein the processor performs one or more cryptographic hashes to generate the counter. 6. The contactless card of claim 1 , wherein the counter is decremented by a first value for a first account and incremented by a second value for a second account. 7. The contactless card of claim 1 , wherein the one or more cryptographic algorithms encrypt a starting value to obtain one or more additional counters. 8. The contactless card of claim 7 , wherein an output of the encryption is truncated to derive the counter. 9. The contactless card of claim 8 , wherein the truncated output is incremented and encrypted to obtain one or more additional counters. 10. A method for authentication, comprising: generating, by a processor, a one-time password; transmitting, by the processor, the one-time password for authentication; wherein the counter is adjusted at one or more intervals in a non-monotonic sequence; wherein the non-monotonic sequence is created by one or more cryptographic algorithms; and wherein the counter determines the number of cryptographic operations performed to generate the one time-password. 11. The method of claim 10 , wherein the counter is incremented by a first value for a first account and decremented by a second value for a second account. 12. The method of claim 10 , wherein the counter is incremented at the one or more intervals in the non-monotonic sequence. 13. The method of claim 10 , wherein the counter is decremented at the one or more intervals in the non-monotonic sequence. 14. The method of claim 10 , further comprising performing, by the processor, one or more cryptographic hashes to generate the counter. 15. The method of claim 10 , wherein the one or more cryptographic algorithms encrypt a starting value to obtain one or more additional counters. 16. The method of claim 15 , wherein an output of the encryption is truncated to derive the counter. 17. The method of claim 16 , wherein the truncated output is incremented and encrypted to obtain one or more additional counters. 18. A computer readable non-transitory medium comprising computer executable instructions that, when executed on a processor, perform procedures comprising the steps of: generating a one-time password; transmitting the one-time password for authentication; wherein the counter is adjusted at one or more intervals in a non-monotonic sequence; wherein the non-monotonic sequence is created by one or more cryptographic algorithms; and wherein the counter determines the number of cryptographic operations performed to generate the one time-password. 19. The computer readable non-transitory medium of claim 18 , wherein the counter is incremented at the one or more intervals in the non-monotonic sequence. 20. The computer readable non-transitory medium of claim 18 , wherein the counter is decremented at the one or more intervals in the non-monotonic sequence.
Assignees
Inventors
Classifications
- H04L9/3234Primary
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
using a plurality of keys or algorithms · CPC title
using tickets or tokens, e.g. Kerberos (network architectures or network communication protocols for entities authentication using tickets in a packet data network H04L63/0807) · CPC title
- H04L9/3228Primary
One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key · CPC title
Financial cryptography, e.g. electronic payment or e-cash · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11728994B2 cover?
- Example embodiments of systems and methods for data transmission between contactless card and receiving devices are provided. In an embodiment, the contactless card may be configured to create a cryptogram based on a plurality of keys and a counter. The cryptogram may be transmitted to the receiving device. The contactless card may be configured to transmit a one-time password to the client dev…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3234. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 15 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).