Method and device for implementing password-free emv contact transaction
US-2021166217-A1 · Jun 3, 2021 · US
Systems and methods for providing online and hybridcard interactions
US12511639B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12511639-B2 |
| Application number | US-202217839740-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 14, 2022 |
| Priority date | Jul 3, 2019 |
| Publication date | Dec 30, 2025 |
| Grant date | Dec 30, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Various embodiments are generally directed to authenticating a user for non-payment purposes utilizing a payment protocol, a computer device and a contactless card. The payment protocol may be consistent with an EMV standard. An application may determine that authorization or verification of a user may be required to access non-payment features of another application associated with the user and the computer device. The application may then receive and/or facilitate transmission of encrypted data from a communications interface of a contactless card associated with an account and utilizing either an offline or online technique to do so. The offline or online technique may involve one or more operations that can verify the identity of the user and/or otherwise authorize the user to have access to various aspects of the other application.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: receiving, by an application executing on a processor, an application transaction counter (ATC), a digital signature, and a public key from a contactless card; verifying, by the application, the digital signature based on the public key; receiving, by the application, a request comprising a non-payment event; transmitting, by the application, a message comprising the request and a cryptogram to an authentication server, wherein the cryptogram is based at least in part on the ATC and a key associated with the card; receiving, by the application, a response from the authentication server verifying the cryptogram, wherein the response is based on the payment protocol and conforms to the payment format, wherein the response reflects the performance of the non-payment event, wherein the authentication server authorizes the non-payment event using the payment protocol based at least in part on the indication to request authorization of the non-payment event using the payment protocol; receiving, by the application, an ATC of the authentication server and determining a difference between the ATC of the authentication server and the ATC of the contactless card; responsive to the difference indicating the ATC of the authentication server and the ATC of the contactless card are out of synch by an amount greater than zero but less than a first threshold, incrementing, by the application, the ATC of the contactless card based on the verification of the cryptogram; and responsive to the difference being equal to or greater than the first threshold, synchronizing, by the application, the updated ATC of the contactless card with the ATC of the authentication server. 2 . The method of claim 1 , wherein the non-payment event comprises one or more of: (i) activating the contactless card, (ii) modifying a personal identification number (PIN) of the contactless card, or (iii) modifying an address associated with the contactless card. 3 . The method of claim 2 , wherein the response from the authentication server reflects one or more of: (i) the activation of the contactless card, (ii) the modification of the PIN of the contactless card, or (iii) the modification of the address associated with the contactless card. 4 . The method of claim 1 , wherein the ATC, the digital signature, and the public key are received using near field communication (NFC). 5 . The method of claim 1 , wherein the cryptogram is generated by one of the contactless card or the application, wherein the ATC is updated by incrementing the ATC by a predefined value associated with the card. 6 . The method of claim 5 , wherein the generation of the cryptogram is based on the payment protocol, wherein the cryptogram is an authorization request cryptogram (ARQC). 7 . The method of claim 1 , wherein the message includes a predefined transaction value to mimic the payment protocol to verify contactless card perform the non-payment event without completing a payment, wherein the payment protocol comprises the Europay, Mastercard, and Visa (EMV) protocol. 8 . A non-transitory computer-readable storage medium, the computer-readable storage medium including instructions that when executed by a processor, cause the processor to: receive, by an application, an application transaction counter (ATC), a digital signature, and a public key from a contactless card; verify, by the application, the digital signature based on the public key; receive, by the application, a request comprising a non-payment event; transmit, by the application, a message comprising the request and a cryptogram to an authentication server, wherein the cryptogram is based at least in part on the ATC and a key associated with the card; receive, by the application, a response from the authentication server verifying the cryptogram, wherein the response is based on the payment protocol and conforms to the payment format, wherein the response reflects the performance of the non-payment event, wherein the authentication server authorizes the non-payment event using the payment protocol based at least in part on the indication to request authorization of the non-payment event using the payment protocol; receive, by the application, an ATC of the authentication server and determine a difference between the ATC of the authentication server and the ATC of the contactless card; responsive to the difference indicating the ATC of the authentication server and the ATC of the contactless card are out of synch by an amount greater than zero but less than a first threshold, increment, by the application, the ATC of the contactless card based on the verification of the cryptogram; and responsive to the difference being equal to or greater than the first threshold, synchronize, by the application, the updated ATC of the contactless card with the ATC of the authentication server. 9 . The computer-readable storage medium of claim 8 , wherein the non-payment event comprises one or more of: (i) activating the contactless card, (ii) modifying a personal identification number (PIN) of the contactless card, or (iii) modifying an address associated with the contactless card. 10 . The computer-readable storage medium of claim 9 , wherein the response from the authentication server reflects one or more of: (i) the activation of the contactless card, (ii) the modification of the PIN of the contactless card, or (iii) the modification of the address associated with the contactless card. 11 . The computer-readable storage medium of claim 8 , wherein the ATC, the digital signature, and the public key are received using near field communication (NFC). 12 . The computer-readable storage medium of claim 8 , wherein the cryptogram is generated by one of the contactless card or the application, wherein the ATC is updated by incrementing the ATC by a predefined value associated with the card. 13 . The computer-readable storage medium of claim 12 , wherein the generation of the cryptogram is based on the payment protocol, wherein the cryptogram is an authorization request cryptogram (ARQC). 14 . The computer-readable storage medium of claim 8 , wherein the message includes a predefined transaction value to mimic the payment protocol to verify contactless card perform the non-payment event without completing a payment, wherein the payment protocol comprises the Europay, Mastercard, and Visa (EMV) protocol.
Assignees
Inventors
Classifications
Authentication · CPC title
involving digital signatures · CPC title
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing · CPC title
using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12511639B2 cover?
- Various embodiments are generally directed to authenticating a user for non-payment purposes utilizing a payment protocol, a computer device and a contactless card. The payment protocol may be consistent with an EMV standard. An application may determine that authorization or verification of a user may be required to access non-payment features of another application associated with the user an…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/352. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Dec 30 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).