Systems and methods for cryptographic authentication of contactless cards
US-10565587-B1 · Feb 18, 2020 · US
Systems and methods for performing transactions with contactless cards
US2022020012A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2022020012-A1 |
| Application number | US-202117488012-A |
| Country | US |
| Kind code | A1 |
| Filing date | Sep 28, 2021 |
| Priority date | Oct 2, 2018 |
| Publication date | Jan 20, 2022 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.
First claim
Opening claim text (preview).
1 .- 45 . (canceled) 46 . A method for transmitting data by a contactless card having a processor and a memory, the memory containing a card key, the method comprising: generating a cryptogram; encrypting the cryptogram using the card key; transmitting the encrypted cryptogram; and transmitting a tap password, wherein the tap password comprises a plurality of taps of the contactless card on a receiving device. 47 . The method of claim 46 , further comprising, prior to the transmission of the tap password, receiving a request for the tap password from an application comprising instructions for execution on the receiving device. 48 . The method of claim 46 , wherein the plurality of taps comprises a sequence of taps. 49 . The method of claim 46 , wherein the plurality of taps comprises a two short taps and one long tap. 50 . The method of claim 49 , wherein each of the two short taps last less than one second. 51 . The method of claim 49 , wherein the long tap lasts more than one second. 52 . The method of claim 49 , wherein the two short taps and the one long tap may occur in any order. 53 . The method of claim 46 , wherein the tap password specifies an order for the plurality of taps. 54 . A data transmission system comprising: a contactless card comprising: a processor; and a memory, the memory of the contactless card containing a card key, wherein the contactless card is configured to: generate a cryptogram, encrypt the cryptogram, transmit the encrypted cryptogram, and transmit a tap password, wherein the tap password comprises a plurality of taps of the contactless card on a receiving device. 55 . The data transmission system of claim 54 , wherein the taps comprising the plurality of taps are at least one selected from the group of a tap directly on the receiving device and a tap directly on an intermediary device that is transmitted to the receiving device. 56 . The data transmission system of claim 54 , wherein the receiving device comprises at least one selected from the group of a mobile device, a smart device, a terminal, a server, and a wearable device. 57 . The data transmission system of claim 54 , wherein the tap password is associated with a sequence of at least one selected from the group of a first set of taps and a second set of taps. 58 . The data transmission system of claim 57 , wherein the first set of taps comprises one or more taps having a first duration and the set second of taps comprises one or more taps having a second duration. 59 . The data transmission system of claim 54 , wherein the plurality of taps comprises a sequence of taps. 60 . The data transmission system of claim 54 , wherein the plurality of taps comprises a two short taps and one long tap. 61 . The data transmission system of claim 60 , wherein each of the two short taps have a duration less than a duration of the long tap. 62 . The data transmission system of claim 54 , further comprising an application comprising instructions for execution on the receiving device, wherein: the application is configured to request a tap password from the contactless card, and p 1 the contactless card is configured to transmit the tap password in response to the request. 63 . The data transmission system of claim 62 , wherein application is configured to validate the tap password by comparison with a reference tap password. 64 . The data transmission system of claim 63 , wherein, upon validation of the tap password, the application is configured to approve a transaction that exceeds a threshold value. 65 . A server, comprising: a processor, and a memory, the memory containing a key, a reference tap password, and an application comprising instructions for execution by the processor, wherein, the application is configured to: receive an encrypted cryptogram, decrypt the encrypted cryptogram using the key, request a tap password, the tap password comprising a plurality of taps of a contactless card, receive a tap password, compare the tap password to the reference password, and upon determining that the tap password matches the reference password, authorize a transaction.
Assignees
Inventors
Classifications
Gesture-dependent or behaviour-dependent · CPC title
Financial cryptography, e.g. electronic payment or e-cash · CPC title
Device specific authentication in transaction processing · CPC title
involving authentication · CPC title
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2022020012A1 cover?
- Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can ge…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3226. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jan 20 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).