System and method for securing communications between a card reader device and a remote server

1 . A method for securing a transaction between an unsecure card reader connected to a mobile device and a remote server through an unsecure network, wherein when a validation step of the transaction is initiated, the method comprising: operating the card reader to send to the remote server a request to establish a secure communication through the mobile device, operating the remote server to increment a predictable value, operating the remote server to derive a session encryption key and session integrity key from a random value generated by the server and the incremented predictable value, operating the remote server to send a request of authentication to the card reader through the mobile device, this request of authentication comprises the random value and a Mac value computed from the session integrity keys and at least one part of the random value, operating the card reader to increment a current predictable value and to compute the session encryption key and session integrity key from the received random value and the incremented current predictable value, operating the card reader to compute a Mac value from the computed session integrity key and the received random value and to authenticate the remote server by comparing the computed Mac value with the received Mac value, when the authentication of the remote server is successful, operating the card reader to update its current predictable value with the incremented current predictable value in its database, operating the card reader to send a request of authentication to the remote server through the mobile device, this request of authentication comprises the updated current predictable value and a Mac value computed from the session integrity keys and at least one part over the updated current predictable value, operating the remote server to compute a Mac value from the computed session integrity key and the received updated current predictable value and to authenticate the card reader by comparing the computed Mac value with the received Mac value, when the authentication of the remote server is successful, a secure session channel between the card reader and the remote server is set up wherein the session encryption key and the session integrity key protect the confidentially and the integrity of messages exchanged between the card reader and the remote server. 2 . The method according to claim 1 , wherein when the authentication of the remote server and the card reader are successful: operating the remote server to send commands to a smart card connected to the card reader via the secure session channel, operating the remote server to receive commands responses from the smart card through the card reader via the secure channel. 3 . The method according to claim 1 , wherein the request to establish a secure communication, sent by the card reader to the remote server through the mobile device, comprises an identifier of the card reader. 4 . The method according to claim 3 wherein the session encryption key and session integrity key are derived from a reader master key, the random value generated by the server, the identifier of the card reader and the incremented predictable value. 5 . The method according to claim 1 , wherein the predictable value is generated by a counter of the card reader. 6 . The method according to claim 1 , wherein the predictable value incremented by the server is provided by: the card reader which adds to the request to establish a secure communication sent to the remote server, its current updated predictable value, or—a sequence number counter of the server. 7 . The method according to claim 1 , wherein the authentication of the card reader by the server comprises the following steps: operating the remote server to check if the update predictable value comprised into the card reader authentication request corresponds to its incremented predictable value, if the verification is successful, operating the remote server to verify the MAC value comprised into the card reader authentication request to authenticate said card reader. 8 . The method according to claim 1 , wherein the random value is three bytes long. 9 . The method according to claim 1 , wherein when the updated predictable value reached a predefined maximum predictable value, the card reader is locked or in standby until a new predefined maximum value is defined. 10 . The method according to claim 1 , wherein incrementing a disabling-counter of the card reader when the authentication of the server by the card reader fails, if the disabling-counter value reached a predefined maximum error, the card reader de-activates itself. 11 . The method according to claim 1 , wherein after the establishment of the secure channel, incrementing an errorcounter of the card reader when an invalid incoming message is received, if the errorcounter value reached a predefined maximum error, the card reader closes the session of the validation step transaction, when the validation step transaction session is completed and the errorcounter value is less than the predefined maximum error, the errorcounter is cleared. 12 . The method according to claim 1 , wherein the identifier of the card reader is a serial number unique at each card reader. 13 . The method according to claim 1 , wherein: the session encryption key and the session integrity key comprise four symmetric keys unique for each transaction session, transmission encryption key TENC used by the server to encrypt the command to the smart card connected to the card reader, the transmission encryption key TENC is used by the card reader to decrypt the commands, transmission integrity key TMAC used by the server to compute a MAC value from the command, the transmission integrity key TMAC is used by the card reader to check the received MAC value, reception encryption key RENC used by the card reader to encrypt the responses of the command, the reception encryption key RENC is used by the server to decrypt the received responses, reception integrity key RMAC used by the card reader to compute a MAC value from the command responses, the reception integrity key RMAC is used by the server to check the received MAC value. 14 . (canceled) 15 . (canceled)