Systems and methods for data access control of secure memory using a short-range transceiver

1 - 20 . (canceled) 21 . A data access control system, comprising: a contactless card comprising a communications interface, a processor, and a memory, the memory storing a user token, wherein the user token comprises a user key; a client application comprising instructions for execution on a client device, the client application configured to: in response to a tap action between the contactless card and the client device, receive the user token from the contactless card, and transmit the user token and a request for a data storage key; receive, in response to the request, the data storage key, wherein the data storage key is generated from the user key; create a secure memory block in a memory of the client device; and encrypt the secure memory block using the data storage key. 22 . The data access control system of claim 21 , further comprising a server configured for data communication with the client device, wherein the server is configured to: receive from the client device the user token and the request for the data storage key, identify a user based on the user token, verify that the user is authorized to create the secure memory block in the client device, and transmit to the client device the data storage key. 23 . The data access control system of claim 22 , wherein the server is further configured to authenticate the user based on the user key. 24 . The data access control system of claim 22 , wherein the client application is further configured to: in response a tap action between the contactless card and the client device, transmit to the server the user token and a request for a data access key; receive from the server the data access key; and decrypt the secure memory block using the data access key. 25 . The data access control system of claim 24 , wherein the server is further configured to receive from the client device the user token and the request for the data access key; identify the user based on the user token; verify that the user is authorized to access the secure memory block in the client device; and transmit to the client device the data access key. 26 . The data access control system of claim 24 , wherein the client application is further configured to re-encrypt the secure memory block after a predetermined time period. 27 . The data access control system of claim 24 , wherein the user token comprises a user key, and the data access key is generated from the user key. 28 . The data access control system of claim 21 , wherein the client application is further configured to store personal user data in the secure memory block. 29 . The data access control system of claim 28 , wherein the personal user data comprises a digital driver's license. 30 . The data access control system of claim 28 , wherein the client application is further configured to permit a second application on the client device to access the personal user data. 31 . The data access control system of claim 21 , wherein the user token comprises a user key, and wherein the client application is further configured to: in response to a tap action between the contactless card and the client device, receive the user token from the contactless card; verify that a user associated with the user token is authorized to access the secure memory block in the client device; generate a data access key based on the user key; and decrypt the secure memory block using the data access key. 32 . The data access control system of claim 30 , wherein the user token further comprises a user identifier. 33 . A method for controlling data access, comprising: providing a contactless card comprising a communications interface, a processor, and a memory, the memory storing a user token, the user token comprising a user key; providing a client application comprising instructions for execution on a client device, the client device having an encrypted secure memory block storing personal user data, the client application configured to: in response to a tap action between the contactless card and the client device, receive the user token from the contactless card, and transmit the user token and a request for a data access key; receive the data access key, wherein the data access key is generated based on the user key; and decrypt the secure memory block using the data access key; receiving from the client device the user token and the request for the data access key; identifying the user based on the user token; verifying that the user is authorized to access the secure memory block in the client device; and transmitting to the client device the data access key. 34 . The method of claim 33 , wherein the client application is further configured to re-encrypt the secure memory block upon receipt of a re-encryption instruction. 35 . The method of claim 33 , wherein decrypt the secure memory block using the data access key comprises combining the data access key with data received from the contactless card to generate a new key used for performing the decryption. 36 . The method for controlling data access of claim 33 , further comprising providing a server, the server configured to: receive the user token and the request for the data access; identify a user based on the user token; verify that the user is authorized to access the secure memory block in the client device; and transmit to the client device the data access key. 37 . The method of claim 36 , wherein the server is further configured to authenticate the user based on the user key. 38 . The method of claim 33 , wherein the client application is further configured to receive biometric information prior to decrypting the secure memory block. 39 . A non-transitory machine-readable medium having stored thereon an application comprising program code for execution on a client device, the client device configured to communicate over a short-range communication field with a contactless card, the contactless card comprising memory storing a user token comprising a user key, the application configured to, when executed, perform procedures comprising: in response to a tap action between the contactless card and the client device, receiving the user token from the contactless card, and transmitting the user token and a request for a data storage key; receiving, in response to the request, the data storage key, wherein the data storage key is generated from the user key; creating a secure memory block in a memory of the client device; storing personal user data in the secure memory block; and encrypting the secure memory block using the data storage key. 40 . The non-transitory machine-readable medium of claim 39 , wherein the user token comprises a user key, and wherein the application is further configured to, when executed, perform procedures comprising: in response to a tap action between the contactless card and the client device, receiving the user token from the contactless card; verifying that a user associated with the user token is authorized to access the secure memory block in the client device; generating a data access key based on the user key; decrypting the secure memory block using the data access key; and re-encrypting the secure memory block using the data storage key.