Motion-Detected Tap Input
US-2015205379-A1 · Jul 23, 2015 · US
Systems and methods for user authorization and access to services using contactless cards
US12112322B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12112322-B2 |
| Application number | US-202117501884-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 14, 2021 |
| Priority date | Oct 2, 2018 |
| Publication date | Oct 8, 2024 |
| Grant date | Oct 8, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.
First claim
Opening claim text (preview).
What is claimed is: 1. A system, comprising: a contactless card having a processor and memory, the memory of the contactless card containing a card key and transmission data; an application comprising instructions for execution on a receiving device having a processor and memory, the memory of the receiving device containing an application key; wherein the contactless card is configured to: encrypt the transmission data using a cryptographic algorithm and the card key to yield encrypted transmission data, and transmit the encrypted transmission data to the application; and wherein the application is configured to: decrypt the encrypted transmission data using the cryptographic algorithm and the application key; authenticate a user identity associated with a user; record information comprising at least one selected from the group of a time of authentication, a location of authentication, a type of contactless card, a type of receiving device, a movement of one or more entries into a communication field, and a timing of one or more entries into a communication field; and after authenticating the user identity, access sensitive information. 2. The system of claim 1 , wherein the sensitive information comprises at least one selected from the group of academic information, financial information, and medical information. 3. The system of claim 1 , wherein: the sensitive information comprises insurance information, and the application is further configured to transmit the insurance information to a device associated with a medical provider. 4. The system of claim 1 , wherein the application is further configured to, after authenticating the user identity and prior to accessing sensitive information, transmit a one-time passcode to a second device associated with the user. 5. The system of claim 4 , wherein the one-time passcode is time-limited. 6. The system of claim 1 , wherein: the receiving device comprises a server, and the contactless card is configured to transmit the encrypted transmission data to the application via one or more intermediary devices. 7. The system of claim 1 , wherein the application is further configured to: analyze the recorded information, and generate a user behavior profile. 8. The system of claim 7 , wherein: the application is further configured to: determine a threshold of variation for the user behavior profile, and detect an indicator of fraud based on the user behavior profile, and the indicator of fraud includes behavior outside of the user behavior profile and beyond the threshold of variation. 9. A method, comprising: encrypting, by a contactless card comprising a processor and a memory, the memory of the contactless card containing a card key and transmission data the transmission data using a cryptographic algorithm and the card key to yield encrypted transmission data, and transmitting, by the contactless card, the encrypted transmission data to an application comprising instructions for execution on a receiving device having a processor and a memory, the memory of the receiving device containing an application key; decrypting, by the application, the encrypted transmission data using the cryptographic algorithm and the application key; authenticating, by the application, a user identity associated with a user; recording, by the application, information comprising at least one selected from the group of time of authentication, location of authentication, type of contactless card, type of receiving device, movement of one or more entries into a communication field, and timing of one or more entries into a communication field; and accessing, by the application after authenticating the user identity, sensitive information. 10. The method of claim 9 , further comprising: analyzing, by the application, the recorded information; and generating, by the application, a user behavior profile. 11. The method of claim 10 , further comprising: determining, by the application, a threshold of variation for the user behavior profile; and detecting, by the application, an indicator of fraud based on the user behavior profile. 12. The method of claim 11 , wherein the indicator of fraud includes behavior outside of the user behavior profile and beyond the threshold of variation. 13. The method of the claim 9 , wherein: the sensitive information comprises financial information relating to an asset, and the method further comprises, by the application, at least one selected from the group of buying the asset, selling the asset, and transferring the asset. 14. The method of claim 9 , wherein the method further comprises destroying, by the application, the sensitive information. 15. A non-transitory computer-readable medium containing instructions for execution by the processor, wherein, upon execution by the processor, the instructions configure the processor to perform procedures comprising: receiving, from a contactless card, encrypted transmission data; decrypting, using a cryptographic algorithm and an application key, the transmission data; authenticating a user identity associated with a user; recording information comprising at least one selected from the group of time of authentication, location of authentication, type of contactless card, type of receiving device, movement of one or more entries into a communication field, and timing of one or more entries into a communication field; and after authenticating the user identity, accessing sensitive information. 16. The non-transitory computer-readable medium of claim 15 , wherein the sensitive information comprises at least one selected from the group of academic information, financial information, and medical information. 17. The non-transitory computer-readable medium of claim 15 , wherein the procedures further comprise, after authenticating the user identity and prior to accessing sensitive information, transmitting, by the application, a one-time passcode to a smartphone associated with the user. 18. The non-transitory computer-readable medium of claim 15 , wherein the procedures further comprise modifying the sensitive information. 19. The system of claim 1 , wherein the application is further configured to modify the sensitive information. 20. The method of claim 9 , wherein the sensitive information comprises at least one selected from the group of historical information and technical information.
Assignees
Inventors
Classifications
Use of certificates or encrypted proofs of transaction rights · CPC title
Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these (network architectures or network communication protocols for key exchange in a packet data network H04L63/061) · CPC title
involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics · CPC title
Financial cryptography, e.g. electronic payment or e-cash · CPC title
Contactless payments by cards · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12112322B2 cover?
- Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can ge…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/002. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 08 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).