Method and system for computing code management platform
US-9218479-B2 · Dec 22, 2015 · US
Payment system
US11989727B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11989727-B2 |
| Application number | US-202318320103-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 18, 2023 |
| Priority date | Apr 5, 2011 |
| Publication date | May 21, 2024 |
| Grant date | May 21, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods, apparatus and computer software are provided for authorizing an EMV transaction between a user device and a point of sale terminal, particularly, but not exclusively, in situations where a secure element is not made available for the deployment of a payment application on the user device. The payment application is instead deployed to a processing environment that is outside of any secure element on the user device. An ICC Master Key corresponding to the payment application is held by a trusted authority, such as the issuing bank. The trusted authority is adapted generate time-limited session keys on the basis of the ICC Master Key and distribute session keys to the payment application. Receipt of a session key by the payment application enables the payment application to conduct an EMV payment transaction. The session key is used to authorize a single EMV payment transaction.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: generating, by a server computer, a session key based on a Master Key; transmitting, by the server computer, the session key to a user device comprising a payment application, the payment application having a first state wherein the payment application is enabled to conduct a payment transaction, and a second state, different to the first state, wherein the user device generates an application cryptogram on the basis of the received session key, and provides the application cryptogram to a terminal after the terminal sends a cryptogram request to the user device; receiving, by the server computer, from the terminal, the application cryptogram in an authorization request for a transaction; verifying, by the server computer, the application cryptogram by identifying the session key using the identified session key to verify the application cryptogram; and responsive verifying the cryptogram, transmitting, by the server computer to the terminal, an authorization response. 2. The method of claim 1 , wherein the server computer is an issuing bank server. 3. The method of claim 1 , wherein verifying the cryptogram also comprises determining if a time since the session key was sent to the user device by the server computer exceeds a threshold. 4. The method of claim 1 , wherein the user device if a mobile phone. 5. The method of claim 1 , wherein the Master Key is an ICC Master Key. 6. The method of claim 1 , wherein the terminal is a POS terminal. 7. A server computer comprising: a processor; and a non-transitory computer readable medium, the non-transitory computer readable medium comprising code executable by the processor, for performing a method comprising: generating a session key based on a Master Key; transmitting the session key to a user device comprising a payment application, the payment application having a first state wherein the payment application is enabled to conduct a payment transaction, and a second state, different to the first state, wherein the user device generates an application cryptogram on the basis of the received session key, and provides the application cryptogram to a terminal after the terminal sends a cryptogram request to the user device; receiving from the terminal, the application cryptogram in an authorization request for a transaction; verifying the cryptogram by identifying the session key using the identified session key to verify the cryptogram; and responsive verifying the cryptogram, transmitting to the terminal, an authorization response. 8. The server computer of claim 7 , wherein the server computer is an issuing bank server computer. 9. The server computer of claim 7 , wherein verifying the cryptogram also comprises determining if a time since the session key was sent to the user device by the server computer exceeds a threshold. 10. The server computer of claim 7 , wherein the application cryptogram is an ARQC. 11. The server computer of claim 7 , wherein the method comprises: transmitting another session key derived from the Master Key after transmitting the authorization response. 12. A method comprising: generating, by a terminal in a transaction, a request for an application cryptogram; transmitting, by the terminal to a user device, the request for the application cryptogram, wherein the user device comprises a payment application, the payment application having a first state wherein the payment application is enabled to conduct a payment transaction, and a second state, different to the first state, and wherein the payment application stores a session key generated using a Master Key; receiving, by the terminal, the application cryptogram from the user device, the application cryptogram generated by the user device using the session key; analyzing the application cryptogram to determine a cryptogram type; and responsive to determining the cryptogram type, transmitting an authorization request comprising the application cryptogram to a server computer, wherein the server computer verifies the cryptogram by identifying the session key using the identified session key to verify the cryptogram. 13. The method of claim 12 , wherein the user device is a mobile phone. 14. The method of claim 12 , wherein the terminal is a POS terminal. 15. The method of claim 12 , therein the Master Key is an ICC Master Key. 16. The method of claim 12 , further comprising: performing, by the terminal, a terminal action analysis, and then determining that that the transaction requires the application cryptogram. 17. The method of claim 12 , wherein the second state is that the payment application is inoperative. 18. The method of claim 12 , wherein the server computer verifies the cryptogram also by determining if a time since the session key was sent to the user device by the server computer exceeds a threshold. 19. The method of claim 12 , wherein the server computer is an issuing bank server. 20. The method of claim 12 , wherein the session key is usable to create only one application cryptogram for one transaction.
Assignees
Inventors
Classifications
- G06Q20/3829Primary
involving key management · CPC title
Aspects of commerce using mobile devices [M-devices] · CPC title
RFID or NFC payments by means of M-devices · CPC title
in which both online and offline card verification can take place · CPC title
involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11989727B2 cover?
- Methods, apparatus and computer software are provided for authorizing an EMV transaction between a user device and a point of sale terminal, particularly, but not exclusively, in situations where a secure element is not made available for the deployment of a payment application on the user device. The payment application is instead deployed to a processing environment that is outside of any sec…
- Who is the assignee on this patent?
- Visa Europe Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/3829. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 21 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).