MX2016007217A - Method and system for secure authentication of user and mobile device without secure elements. - Google Patents

Method and system for secure authentication of user and mobile device without secure elements.

Info

Publication number
MX2016007217A
MX2016007217A MX2016007217A MX2016007217A MX2016007217A MX 2016007217 A MX2016007217 A MX 2016007217A MX 2016007217 A MX2016007217 A MX 2016007217A MX 2016007217 A MX2016007217 A MX 2016007217A MX 2016007217 A MX2016007217 A MX 2016007217A
Authority
MX
Mexico
Prior art keywords
secure
generating
processing device
session key
application cryptogram
Prior art date
Application number
MX2016007217A
Other languages
Spanish (es)
Other versions
MX361793B (en
Inventor
Collinge Mehdi
Smets Patrik
Emile Jean Charles Cateland Axel
Original Assignee
Mastercard International Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastercard International Inc filed Critical Mastercard International Inc
Publication of MX2016007217A publication Critical patent/MX2016007217A/en
Publication of MX361793B publication Critical patent/MX361793B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Computer And Data Communications (AREA)

Abstract

A method for generating payment credentials in a payment transaction includes: storing, in a memory, at least a single use key associated with a transaction account; receiving, by a receiving device, a personal identification number; identifying, by a processing device, a first session key; generating, by the processing device, a second session key based on at least the stored single use key and the received personal identification number; generating, by the processing device, a first application cryptogram based on at least the first session key; generating, by the processing device, a second application cryptogram based on at least the second session key; and transmitting, by a transmitting device, at least the first application cryptogram and second application cryptogram for use in a payment transaction.
MX2016007217A 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements. MX361793B (en)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US201361910819P 2013-12-02 2013-12-02
US201461951842P 2014-03-12 2014-03-12
US201461955716P 2014-03-19 2014-03-19
US201461979132P 2014-04-14 2014-04-14
US201461980784P 2014-04-17 2014-04-17
PCT/US2014/067992 WO2015084755A1 (en) 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements

Publications (2)

Publication Number Publication Date
MX2016007217A true MX2016007217A (en) 2016-12-09
MX361793B MX361793B (en) 2018-12-17

Family

ID=53274011

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2016007217A MX361793B (en) 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements.

Country Status (16)

Country Link
EP (1) EP3077972A4 (en)
JP (2) JP6353537B2 (en)
KR (2) KR102025816B1 (en)
CN (1) CN106062799B (en)
AU (1) AU2014357381B2 (en)
BR (1) BR112016012527A2 (en)
CA (1) CA2932346C (en)
CL (1) CL2016001353A1 (en)
HK (1) HK1227146A1 (en)
IL (1) IL245965B (en)
MX (1) MX361793B (en)
NZ (1) NZ720688A (en)
RU (1) RU2663319C2 (en)
SG (1) SG10201800179UA (en)
UA (1) UA115500C2 (en)
WO (1) WO2015084755A1 (en)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
MX361684B (en) 2013-12-02 2018-12-13 Mastercard International Inc Method and system for secure tranmission of remote notification service messages to mobile devices without secure elements.
KR102151579B1 (en) * 2014-04-14 2020-09-03 마스터카드 인터내셔날, 인코포레이티드 Method and system for generating an advanced storage key in a mobile device without secure elements
US10614442B2 (en) 2014-12-03 2020-04-07 Mastercard International Incorporated System and method of facilitating cash transactions at an ATM system without an ATM card using mobile
US10248947B2 (en) * 2015-06-29 2019-04-02 Oberthur Technologies of America Corp. Method of generating a bank transaction request for a mobile terminal having a secure module
US11120436B2 (en) 2015-07-17 2021-09-14 Mastercard International Incorporated Authentication system and method for server-based payments
SG10201508945YA (en) 2015-10-29 2017-05-30 Mastercard International Inc Method and system for cardless use of an automated teller machine (atm)
US10496982B2 (en) * 2016-02-03 2019-12-03 Accenture Global Solutions Limited Secure contactless card emulation
EP4177810A1 (en) * 2016-04-18 2023-05-10 Bancontact Payconiq Company Method and device for authorizing mobile transactions
WO2017184840A1 (en) * 2016-04-21 2017-10-26 Mastercard International Incorporated Method and system for contactless transactions without user credentials
AU2017318589B2 (en) 2016-09-04 2020-04-09 Mastercard International Incorporated Method and system for cardless ATM transaction via mobile device
EP3340094B1 (en) * 2016-12-22 2021-04-28 Mastercard International Incorporated Method for renewal of cryptographic whiteboxes under binding of new public key and old identifier
CA3051246A1 (en) * 2017-01-23 2018-07-26 Mastercard International Incorporated Method and system for authentication via a trusted execution environment
EP3364352A1 (en) 2017-02-21 2018-08-22 Mastercard International Incorporated Determining legitimate conditions at a computing device
EP3364363A1 (en) 2017-02-21 2018-08-22 Mastercard International Incorporated Transaction cryptogram
EP3364329B1 (en) 2017-02-21 2023-07-26 Mastercard International Incorporated Security architecture for device applications
CN107274183B (en) * 2017-03-21 2020-05-22 中国银联股份有限公司 Transaction verification method and system
US11468444B2 (en) * 2017-12-18 2022-10-11 Mastercard International Incorporated Method and system for bypassing merchant systems to increase data security in conveyance of credentials
KR101972599B1 (en) * 2018-06-19 2019-04-25 김승훈 Apparatus and Method for Processing Session Key and Recording Medium Recording Program thereof
US10581611B1 (en) * 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
EP3640878B1 (en) * 2018-10-17 2023-06-21 Swatch Ag Method and system for activating a portable contactless payment object
US11803827B2 (en) 2019-11-01 2023-10-31 Mastercard International Incorporated Method and system for enabling cardless transactions at an ATM for any institutional entity
CN111901109B (en) * 2020-08-04 2022-10-04 华人运通(上海)云计算科技有限公司 White-box-based communication method, device, equipment and storage medium
CN113421084B (en) * 2021-05-26 2023-03-24 歌尔股份有限公司 Bus card processing method, device, equipment and readable storage medium

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4183823B2 (en) * 1999-02-10 2008-11-19 富士通株式会社 Data verification device, data verification system, and data verification program storage medium
US7249093B1 (en) * 1999-09-07 2007-07-24 Rysix Holdings, Llc Method of and system for making purchases over a computer network
JP2004086599A (en) * 2002-08-27 2004-03-18 Toppan Printing Co Ltd Credit card information management device, management method, and program thereof
US7873572B2 (en) * 2004-02-26 2011-01-18 Reardon David C Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages
PT2011301E (en) * 2006-04-10 2011-09-23 Trust Integration Services B V Arrangement of and method for secure data transmission.
US8713655B2 (en) * 2008-04-21 2014-04-29 Indian Institute Of Technology Method and system for using personal devices for authentication and service access at service outlets
BR112013003369A2 (en) * 2010-08-12 2020-08-04 Mastercard International, Inc. multiple trade channel wallet for authenticated transactions
US8746553B2 (en) * 2010-09-27 2014-06-10 Mastercard International Incorporated Purchase Payment device updates using an authentication process
KR20120110926A (en) * 2011-03-30 2012-10-10 주식회사 비즈모델라인 Method and system for card payment using program identity, smart phone
WO2012170895A1 (en) * 2011-06-09 2012-12-13 Yeager C Douglas Systems and methods for authorizing a transaction
US10515359B2 (en) * 2012-04-02 2019-12-24 Mastercard International Incorporated Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements
KR20140140079A (en) * 2012-04-18 2014-12-08 구글 인코포레이티드 Processing payment transactions without a secure element

Also Published As

Publication number Publication date
JP2017504871A (en) 2017-02-09
IL245965B (en) 2022-05-01
KR102025816B1 (en) 2019-09-26
HK1227146A1 (en) 2017-10-13
KR20160091418A (en) 2016-08-02
MX361793B (en) 2018-12-17
NZ720688A (en) 2017-09-29
CN106062799B (en) 2022-04-29
AU2014357381A1 (en) 2016-06-16
JP2018164281A (en) 2018-10-18
CA2932346A1 (en) 2015-06-11
KR101809221B1 (en) 2017-12-14
EP3077972A4 (en) 2017-08-09
IL245965A0 (en) 2016-07-31
CN106062799A (en) 2016-10-26
RU2663319C2 (en) 2018-08-03
AU2014357381B2 (en) 2017-03-23
JP6353537B2 (en) 2018-07-04
KR20170139689A (en) 2017-12-19
CL2016001353A1 (en) 2017-05-12
UA115500C2 (en) 2017-11-10
WO2015084755A1 (en) 2015-06-11
CA2932346C (en) 2018-09-04
BR112016012527A2 (en) 2017-08-08
SG10201800179UA (en) 2018-02-27
EP3077972A1 (en) 2016-10-12

Similar Documents

Publication Publication Date Title
MX361793B (en) Method and system for secure authentication of user and mobile device without secure elements.
PH12018502545A1 (en) Increased security through ephemeral keys for software virtual contactless card in mobile phone
NZ629125A (en) Credential management system
MX2019006226A (en) Mobile payment system.
MX2018000737A (en) Multi-mode payment systems and methods.
NZ628971A (en) Transaction processing system and method
MX2018005593A (en) Method and system for processing of a blockchain transaction in a transaction processing network.
EP4325806A3 (en) Geo-fence authorization provisioning
MX2015009491A (en) User authentication method and apparatus based on audio and video data.
SG11201806344VA (en) Credit payment method and apparatus based on mobile terminal p2p
MX368548B (en) Methods and systems for authenticating a transaction with the use of a portable electronic device.
WO2015025282A3 (en) Methods and systems for transferring electronic money
MY190913A (en) Device and method for secure connection
MX2017012298A (en) Payment processing system using encrypted payment information, and method therefor.
MX2017008188A (en) Facilitating sending and receiving of peer-to-business payments.
MX2019005359A (en) Scan and pay method and device utilized in mobile apparatus.
WO2016190918A3 (en) Multiple protocol transaction encryption
MX345061B (en) Method, one or more computer-readable non-transitory storage media and a device, in particular relating to computing resources and/or mobile-device-based trust computing.
SG2013042429A (en) Method for receiving an electronic receipt of an electronic payment transaction into a mobile device
IN2014KN02931A (en)
MX2020014235A (en) Systems and methods for secure read-only authentication.
PH12018501541A1 (en) Credit payment method and apparatus based on mobile terminal ese
MX2014002399A (en) Method and system for authorizing an action at a site.
TW201612812A (en) Apparatus and method for self-service payment
WO2013192564A3 (en) Aggregating online activities

Legal Events

Date Code Title Description
FG Grant or registration