WO2014051961A3 - Secure entry of pin using a smart card - Google Patents

Secure entry of pin using a smart card Download PDF

Info

Publication number
WO2014051961A3
WO2014051961A3 PCT/US2013/058321 US2013058321W WO2014051961A3 WO 2014051961 A3 WO2014051961 A3 WO 2014051961A3 US 2013058321 W US2013058321 W US 2013058321W WO 2014051961 A3 WO2014051961 A3 WO 2014051961A3
Authority
WO
WIPO (PCT)
Prior art keywords
pin
smart card
display unit
initial state
secure entry
Prior art date
Application number
PCT/US2013/058321
Other languages
French (fr)
Other versions
WO2014051961A2 (en
Inventor
Bjorn Markus Jakobsson
James Roy Palmer
William Leddy
Original Assignee
Ebay Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/826,570 external-priority patent/US9390256B2/en
Application filed by Ebay Inc. filed Critical Ebay Inc.
Priority to AU2013324127A priority Critical patent/AU2013324127B2/en
Priority to EP13841562.5A priority patent/EP2904558A4/en
Priority to CA2884617A priority patent/CA2884617C/en
Publication of WO2014051961A2 publication Critical patent/WO2014051961A2/en
Publication of WO2014051961A3 publication Critical patent/WO2014051961A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/306Payment architectures, schemes or protocols characterised by the use of specific devices or networks using TV related infrastructures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/321Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wearable devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1033Details of the PIN pad
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1091Use of an encrypted form of the PIN

Abstract

A system for conducting mobile transactions with a personal identification number (PIN) is provided. The system includes a display unit configured to generate and display an initial state of the PIN and a mobile device in communication with the display unit. The mobile device includes a user interface for modifying the initial state of the PIN and indicating a final state of the PIN, and is configured to transmit signals corresponding to modifying the initial state of the PIN and indicating the final state of the PIN to the display unit. A method for inputting a PIN is also provided.
PCT/US2013/058321 2012-09-27 2013-09-05 System and methods for secure entry of a personal identification number (pin) WO2014051961A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
AU2013324127A AU2013324127B2 (en) 2012-09-27 2013-09-05 Secure entry of PIN using a smart card
EP13841562.5A EP2904558A4 (en) 2012-09-27 2013-09-05 Secure entry of pin using a smart card
CA2884617A CA2884617C (en) 2012-09-27 2013-09-05 System and methods for secure entry of a personal identification number (pin)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201261706691P 2012-09-27 2012-09-27
US61/706,691 2012-09-27
US13/826,570 2013-03-14
US13/826,570 US9390256B2 (en) 2012-03-06 2013-03-14 System and methods for secure entry of a personal identification number (PIN)

Publications (2)

Publication Number Publication Date
WO2014051961A2 WO2014051961A2 (en) 2014-04-03
WO2014051961A3 true WO2014051961A3 (en) 2014-05-08

Family

ID=50389113

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2013/058321 WO2014051961A2 (en) 2012-09-27 2013-09-05 System and methods for secure entry of a personal identification number (pin)

Country Status (4)

Country Link
EP (1) EP2904558A4 (en)
AU (1) AU2013324127B2 (en)
CA (1) CA2884617C (en)
WO (1) WO2014051961A2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9779225B2 (en) 2015-04-08 2017-10-03 Google Inc. Method and system to provide access to secure features of a device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000048076A1 (en) * 1999-02-12 2000-08-17 Arcot Systems, Inc. Method and apparatus for secure entry of access codes in a computer environment
WO2008081452A2 (en) * 2007-01-03 2008-07-10 Ron Gal-Ezer Article authentication system and method
US20100191653A1 (en) * 2005-04-21 2010-07-29 Securedpay Solutions, Inc., An Alabama Corporation Portable handheld device for wireless order entry and real time payment authorization and related methods
US20110072375A1 (en) * 2009-09-22 2011-03-24 Victor B Michael Device, Method, and Graphical User Interface for Manipulating User Interface Objects
WO2012004395A1 (en) * 2010-07-09 2012-01-12 Izettle Hardware Ab Stand-alone secure pin entry device for enabling emv card transactions with separate card reader

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2258972T3 (en) * 2000-05-16 2006-09-16 Swisscom Mobile Ag PROCEDURE AND TERMINAL TO ENTER INSTRUCTIONS.
US10095276B2 (en) * 2009-11-25 2018-10-09 Visa International Service Association Information access device and data transfer
CN103348353B (en) * 2010-10-06 2016-07-06 西里克斯系统公司 Resource access is carried out intermediary's adjustment by the physical location based on mobile equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000048076A1 (en) * 1999-02-12 2000-08-17 Arcot Systems, Inc. Method and apparatus for secure entry of access codes in a computer environment
US20100191653A1 (en) * 2005-04-21 2010-07-29 Securedpay Solutions, Inc., An Alabama Corporation Portable handheld device for wireless order entry and real time payment authorization and related methods
WO2008081452A2 (en) * 2007-01-03 2008-07-10 Ron Gal-Ezer Article authentication system and method
US20110072375A1 (en) * 2009-09-22 2011-03-24 Victor B Michael Device, Method, and Graphical User Interface for Manipulating User Interface Objects
WO2012004395A1 (en) * 2010-07-09 2012-01-12 Izettle Hardware Ab Stand-alone secure pin entry device for enabling emv card transactions with separate card reader

Also Published As

Publication number Publication date
EP2904558A2 (en) 2015-08-12
AU2013324127A1 (en) 2015-03-19
EP2904558A4 (en) 2016-04-13
CA2884617A1 (en) 2014-04-03
CA2884617C (en) 2022-10-04
WO2014051961A2 (en) 2014-04-03
AU2013324127B2 (en) 2016-04-28

Similar Documents

Publication Publication Date Title
WO2011119389A3 (en) Cardless atm transaction method and system
GB2520175A (en) Apparatus and methods for multi-mode asynchronous communication
WO2011089423A3 (en) An apparatus and a method for secure authentication
AU2019268113A1 (en) Cards, devices, systems and methods for advanced payment functionality selection
WO2014076584A3 (en) System and method for secure mobile contactless payment
MX2014010699A (en) Methods and systems for performing a financial transaction using a mobile communication device.
WO2014058798A3 (en) System and method for payment using a mobile device
WO2012138665A3 (en) Integrated contact card communication
WO2011082394A3 (en) Interactive id system using mobile devices
NZ628971A (en) Transaction processing system and method
MX2013000279A (en) System for secure payment over a wireless communication network.
WO2012151226A3 (en) Magnetic stripe-based transactions using mobile communication devices
WO2012012746A3 (en) Multimodal brain computer interface
WO2012171032A3 (en) Determinative processes for wearable devices
WO2013010070A3 (en) Systems and methods to communicate with transaction terminals
EP2564308A4 (en) Secure and efficient login and transaction authentication using iphones and other smart mobile communication devices
GB2516589A (en) User dependent functions and data in a mobile communication device
WO2014099340A3 (en) Methods and apparatus for transmitting data between different peer-to-peer communication groups
WO2011157243A3 (en) Hand held device, usb charger, and method for hand held device to identify usb charger
NZ736945A (en) Taximeter, system and method for a taxi
HK1199667A1 (en) Method of communication between a dual contact and contactless interface nfc card inserted in an nfc terminal, and an nfc device nfc nfc nfc
MY182752A (en) Method, computer program, transaction terminal system, mobile communication device, and mobile application
MX2014008472A (en) Financial card method, device and system utilizing bar codes to identify transaction details.
IN2014DN01624A (en)
EP2657877A3 (en) Methods and systems for conducting smart card transactions

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2884617

Country of ref document: CA

ENP Entry into the national phase

Ref document number: 2013324127

Country of ref document: AU

Date of ref document: 20130905

Kind code of ref document: A

REEP Request for entry into the european phase

Ref document number: 2013841562

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2013841562

Country of ref document: EP

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13841562

Country of ref document: EP

Kind code of ref document: A2