Systems and methods for cryptographic authentication of contactless cards
US-10581611-B1 · Mar 3, 2020 · US
Systems and methods for cryptographic authentication of contactless cards
US12106294B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12106294-B2 |
| Application number | US-202117361816-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 29, 2021 |
| Priority date | Oct 2, 2018 |
| Publication date | Oct 1, 2024 |
| Grant date | Oct 1, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.
First claim
Opening claim text (preview).
What is claimed is: 1. A contactless card configured to enable authentication of a user to perform transactions and access one or more spaces, comprising: a contactless interface; a memory configured to store instructions; and processing circuitry coupled with the memory and the contactless interface, the processing circuitry configured to process the instructions, the instructions when processed by the processing circuitry cause the processing circuitry to perform one or more operations to authenticate the user to perform transactions and authenticate the user to gain access to one or more spaces, the one or more operations comprising: generating a first diversified key based on a counter value; encrypting identification data of the user using the first diversified key to create encrypted identification data; generating a second diversified key; concatenating the encrypted identification data with one or more blocks of random data to create a concatenated encrypted identification data; enciphering the concatenated encrypted identification data with the second diversified key to create enciphered encrypted identification data; and transmitting the enciphered encrypted identification data to authenticate the user. 2. The contactless card of claim 1 , wherein the instructions are further configured to cause the processing circuitry to: detect, via the contactless interface, an initiation to exchange data with a first receiving device; determine the first receiving device; and provide, based on the first receiving device, first data to the first receiving device. 3. The contactless card of claim 2 , wherein the first receiving device is associated with permitting or denying access to a space of the one or more spaces, and the processing circuitry to provide the first data comprising authentication data to authenticate the user to gain access to the space. 4. The contactless card of claim 2 , wherein the instructions are further configured to cause the processing circuitry to: detect, via the contactless interface, an initiation to exchange data with a second receiving device; determine the second receiving device; and provide, based on the second receiving device, second data to the second receiving device. 5. The contactless card of claim 4 , wherein the second receiving device is associated with processing a transaction, and the processing circuitry to generate the second data comprising second authentication data and payment data. 6. The contactless card of claim 4 , wherein the instructions are further configured to cause the processing circuitry to determine the first receiving device based on information received while exchanging data. 7. The contactless card of claim 4 , wherein the instructions are further configured to cause the processing circuitry to determine the second receiving device based on information received in the exchange with the second receiving device. 8. The contactless card of claim 1 , wherein the processing circuitry is further caused to: based on authenticating the user, send a notification to a second user, the notification requesting the second user to provide permission to the user to access the one or more spaces; and enable the user to access the one or more spaces based on the permission from the second user. 9. The contactless card of claim 1 , wherein the user is granted access to the one or more spaces in response to an authentication of a third user within a predetermined duration of authenticating the user. 10. At least one computer-readable medium comprising a set of instructions that, in response to being executed on processing circuitry of a contactless card, cause the processing circuitry to: detect, via a contactless interface, a first request from a first receiving device; determine the first request is to authenticate a user based on the first receiving device; generate first data by encrypting authentication data with a first diversified session key to create a cryptogram, concatenate the cryptogram with one or more blocks of random data to create a concatenated cryptogram, and encipher the concatenated cryptogram to create an enciphered cryptogram; communicate, via the contactless interface, the first data to the first receiving device; detect, via the contactless interface, a second request from a second receiving device; determine the second request is to provide payment data based on the second receiving device; and communicate, via the contactless interface, second data comprising at least the payment data to the second receiving device. 11. The at least one computer-readable medium of claim 10 , wherein the first receiving device is associated with permitting or denying access to a space of one or more spaces, and the processing circuitry to provide the first data comprising the authentication data to authenticate the user to gain access to the space. 12. The at least one computer-readable medium of claim 10 , wherein the first data and the second data are different. 13. The at least one computer-readable medium of claim 10 , wherein the second receiving device is associated with processing a transaction, and the processing circuitry to generate the second data comprising second authentication data and the payment data. 14. The at least one computer-readable medium of claim 10 , wherein the set of instructions are further configured to cause the processing circuitry to determine the first receiving device based on information received from the first receiving device. 15. The at least one computer-readable medium of claim 10 , wherein the set of instructions are further configured to cause the processing circuitry to determine the second receiving device based on information received from the second receiving device. 16. A computer-implemented method, comprising: detecting, via a contactless interface, a first request from a first receiving device; determining the first request is to authenticate a user based on the first receiving device; generating first data by encrypting authentication data with a first diversified session key to create a cryptogram, concatenating the cryptogram with one or more blocks of random data to create a concatenated cryptogram, and enciphering the concatenated cryptogram to create an enciphered cryptogram; communicating, via the contactless interface, the first data to the first receiving device; detecting, via the contactless interface, a second request from a second receiving device; determining the second request is to provide payment data based on the second receiving device; and communicating, via the contactless interface, second data comprising at least the payment data to the second receiving device. 17. The computer-implemented method of claim 16 , wherein the first receiving device is associated with permitting or denying access to a space of one or more spaces, and the method comprising generating the first data comprising the authentication data to authenticate the user to gain access to the space. 18. The computer-implemented method of claim 16 , wherein the second receiving device is associated with processing a transaction, and the method comprising generating the second data comprising second authentication data and the payment data. 19. The computer-implemented method of claim 16 , comprising determining the first receiving device based information received from the first receiving device. 20. The computer-implemented method of claim 16 , comprising determining the second receiving
Assignees
Inventors
Classifications
Use of certificates or encrypted proofs of transaction rights · CPC title
Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these (network architectures or network communication protocols for key exchange in a packet data network H04L63/061) · CPC title
involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics · CPC title
Financial cryptography, e.g. electronic payment or e-cash · CPC title
Contactless payments by cards · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12106294B2 cover?
- Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can ge…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/002. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 01 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).