AU2014357381B2 - Method and system for secure authentication of user and mobile device without secure elements - Google Patents
Method and system for secure authentication of user and mobile device without secure elements Download PDFInfo
- Publication number
- AU2014357381B2 AU2014357381B2 AU2014357381A AU2014357381A AU2014357381B2 AU 2014357381 B2 AU2014357381 B2 AU 2014357381B2 AU 2014357381 A AU2014357381 A AU 2014357381A AU 2014357381 A AU2014357381 A AU 2014357381A AU 2014357381 B2 AU2014357381 B2 AU 2014357381B2
- Authority
- AU
- Australia
- Prior art keywords
- transaction
- payment
- session key
- mobile device
- application cryptogram
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 106
- 238000012545 processing Methods 0.000 claims abstract description 176
- 230000015654 memory Effects 0.000 claims abstract description 94
- 238000010200 validation analysis Methods 0.000 claims description 63
- 238000010295 mobile communication Methods 0.000 claims description 18
- 238000007726 management method Methods 0.000 description 106
- 230000006870 function Effects 0.000 description 36
- 230000008569 process Effects 0.000 description 28
- 238000004891 communication Methods 0.000 description 23
- 238000010586 diagram Methods 0.000 description 13
- 230000009471 action Effects 0.000 description 10
- 230000005540 biological transmission Effects 0.000 description 9
- 238000004590 computer program Methods 0.000 description 9
- 238000012790 confirmation Methods 0.000 description 9
- 238000012795 verification Methods 0.000 description 5
- 238000013475 authorization Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 4
- 230000009977 dual effect Effects 0.000 description 4
- 238000012546 transfer Methods 0.000 description 4
- 230000010267 cellular communication Effects 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000004044 response Effects 0.000 description 3
- 238000013500 data storage Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 239000010409 thin film Substances 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 230000002730 additional effect Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 239000011449 brick Substances 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- VJYFKVYYMZPMAB-UHFFFAOYSA-N ethoprophos Chemical compound CCCSP(=O)(OCC)SCCC VJYFKVYYMZPMAB-UHFFFAOYSA-N 0.000 description 1
- 230000007717 exclusion Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 206010063344 microscopic polyangiitis Diseases 0.000 description 1
- 239000004570 mortar (masonry) Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3274—Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/204—Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Computer And Data Communications (AREA)
Applications Claiming Priority (11)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US201361910819P | 2013-12-02 | 2013-12-02 | |
| US61/910,819 | 2013-12-02 | ||
| US201461951842P | 2014-03-12 | 2014-03-12 | |
| US61/951,842 | 2014-03-12 | ||
| US201461955716P | 2014-03-19 | 2014-03-19 | |
| US61/955,716 | 2014-03-19 | ||
| US201461979132P | 2014-04-14 | 2014-04-14 | |
| US61/979,132 | 2014-04-14 | ||
| US201461980784P | 2014-04-17 | 2014-04-17 | |
| US61/980,784 | 2014-04-17 | ||
| PCT/US2014/067992 WO2015084755A1 (en) | 2013-12-02 | 2014-12-02 | Method and system for secure authentication of user and mobile device without secure elements |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| AU2014357381A1 AU2014357381A1 (en) | 2016-06-16 |
| AU2014357381B2 true AU2014357381B2 (en) | 2017-03-23 |
Family
ID=53274011
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU2014357381A Active AU2014357381B2 (en) | 2013-12-02 | 2014-12-02 | Method and system for secure authentication of user and mobile device without secure elements |
Country Status (16)
| Country | Link |
|---|---|
| EP (1) | EP3077972A4 (de) |
| JP (2) | JP6353537B2 (de) |
| KR (2) | KR102025816B1 (de) |
| CN (1) | CN106062799B (de) |
| AU (1) | AU2014357381B2 (de) |
| BR (1) | BR112016012527A2 (de) |
| CA (1) | CA2932346C (de) |
| CL (1) | CL2016001353A1 (de) |
| HK (1) | HK1227146A1 (de) |
| IL (1) | IL245965B (de) |
| MX (1) | MX361793B (de) |
| NZ (1) | NZ720688A (de) |
| RU (1) | RU2663319C2 (de) |
| SG (1) | SG10201800179UA (de) |
| UA (1) | UA115500C2 (de) |
| WO (1) | WO2015084755A1 (de) |
Families Citing this family (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6438027B2 (ja) | 2013-12-02 | 2018-12-12 | マスターカード インターナショナル インコーポレーテッド | セキュアエレメントを用いずに移動装置に対する遠隔通知サービスメッセージをセキュアに送信するための方法およびシステム |
| SG11201604876YA (en) * | 2014-04-14 | 2016-07-28 | Mastercard International Inc | Method and system for generating an advanced storage key in a mobile device without secure elements |
| US10614442B2 (en) | 2014-12-03 | 2020-04-07 | Mastercard International Incorporated | System and method of facilitating cash transactions at an ATM system without an ATM card using mobile |
| US10248947B2 (en) * | 2015-06-29 | 2019-04-02 | Oberthur Technologies of America Corp. | Method of generating a bank transaction request for a mobile terminal having a secure module |
| US11120436B2 (en) | 2015-07-17 | 2021-09-14 | Mastercard International Incorporated | Authentication system and method for server-based payments |
| SG10201508945YA (en) | 2015-10-29 | 2017-05-30 | Mastercard International Inc | Method and system for cardless use of an automated teller machine (atm) |
| US10496982B2 (en) | 2016-02-03 | 2019-12-03 | Accenture Global Solutions Limited | Secure contactless card emulation |
| EP3446274A1 (de) * | 2016-04-18 | 2019-02-27 | Bancontact Payconiq Company | Verfahren und vorrichtung zur autorisierung von mobilen transaktionen |
| WO2017184840A1 (en) | 2016-04-21 | 2017-10-26 | Mastercard International Incorporated | Method and system for contactless transactions without user credentials |
| WO2018045134A1 (en) * | 2016-09-04 | 2018-03-08 | Mastercard International Incorporated | Method and system for cardless atm transaction via mobile device |
| EP3340094B1 (de) * | 2016-12-22 | 2021-04-28 | Mastercard International Incorporated | Verfahren zur verlängerung von kryptographischen weissboxen unter verbindung von neuem öffentlichen schlüssel und alten identifieren |
| CN110199309B (zh) * | 2017-01-23 | 2023-06-16 | 万事达卡国际公司 | 经由可信执行环境进行认证的方法和系统 |
| EP3364352A1 (de) | 2017-02-21 | 2018-08-22 | Mastercard International Incorporated | Bestimmung legitimer bedingungen an einer rechenvorrichtung |
| EP3364329B1 (de) | 2017-02-21 | 2023-07-26 | Mastercard International Incorporated | Sicherheitsarchitektur für vorrichtungsanwendungen |
| EP3364363A1 (de) | 2017-02-21 | 2018-08-22 | Mastercard International Incorporated | Transaktionskryptogramm |
| CN107274183B (zh) * | 2017-03-21 | 2020-05-22 | 中国银联股份有限公司 | 交易验证方法及系统 |
| US11468444B2 (en) * | 2017-12-18 | 2022-10-11 | Mastercard International Incorporated | Method and system for bypassing merchant systems to increase data security in conveyance of credentials |
| KR101972599B1 (ko) * | 2018-06-19 | 2019-04-25 | 김승훈 | 세션키 처리장치, 처리 방법 및 이를 위한 프로그램을 기록한 컴퓨터 판독 가능한 기록매체 |
| US10581611B1 (en) * | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| EP3640878B1 (de) * | 2018-10-17 | 2023-06-21 | Swatch Ag | Verfahren und system zur aktivierung eines kontaktlosen tragbaren zahlungsobjekts |
| US10984416B2 (en) * | 2019-03-20 | 2021-04-20 | Capital One Services, Llc | NFC mobile currency transfer |
| US11803827B2 (en) | 2019-11-01 | 2023-10-31 | Mastercard International Incorporated | Method and system for enabling cardless transactions at an ATM for any institutional entity |
| CN111901109B (zh) * | 2020-08-04 | 2022-10-04 | 华人运通(上海)云计算科技有限公司 | 基于白盒的通信方法、装置、设备和存储介质 |
| CN113421084B (zh) * | 2021-05-26 | 2023-03-24 | 歌尔股份有限公司 | 公交卡处理方法、装置、设备及可读存储介质 |
Family Cites Families (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4183823B2 (ja) * | 1999-02-10 | 2008-11-19 | 富士通株式会社 | データ照合装置、データ照合システムおよびデータ照合プログラム記憶媒体 |
| US7249093B1 (en) * | 1999-09-07 | 2007-07-24 | Rysix Holdings, Llc | Method of and system for making purchases over a computer network |
| JP2004086599A (ja) * | 2002-08-27 | 2004-03-18 | Toppan Printing Co Ltd | クレジットカード情報管理装置および管理方法並びにそのプログラム |
| US7873572B2 (en) * | 2004-02-26 | 2011-01-18 | Reardon David C | Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages |
| SI2011301T1 (sl) * | 2006-04-10 | 2011-10-28 | Trust Integration Services B V | Sklop in postopek za varen prenos podatkov |
| US8713655B2 (en) * | 2008-04-21 | 2014-04-29 | Indian Institute Of Technology | Method and system for using personal devices for authentication and service access at service outlets |
| SG187832A1 (en) * | 2010-08-12 | 2013-03-28 | Mastercard International Inc | Multi-commerce channel wallet for authenticated transactions |
| US8746553B2 (en) * | 2010-09-27 | 2014-06-10 | Mastercard International Incorporated Purchase | Payment device updates using an authentication process |
| KR20120110926A (ko) * | 2011-03-30 | 2012-10-10 | 주식회사 비즈모델라인 | 프로그램 식별을 통한 카드 결제 방법 및 시스템과 이를 위한 스마트폰 |
| GB201105765D0 (en) * | 2011-04-05 | 2011-05-18 | Visa Europe Ltd | Payment system |
| US20120317628A1 (en) * | 2011-06-09 | 2012-12-13 | Yeager C Douglas | Systems and methods for authorizing a transaction |
| US10515359B2 (en) * | 2012-04-02 | 2019-12-24 | Mastercard International Incorporated | Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements |
| JP5795453B2 (ja) * | 2012-04-18 | 2015-10-14 | グーグル・インコーポレーテッド | セキュア要素を用いない支払取引処理 |
-
2014
- 2014-12-02 NZ NZ720688A patent/NZ720688A/en not_active IP Right Cessation
- 2014-12-02 AU AU2014357381A patent/AU2014357381B2/en active Active
- 2014-12-02 KR KR1020177035338A patent/KR102025816B1/ko active IP Right Grant
- 2014-12-02 CA CA2932346A patent/CA2932346C/en active Active
- 2014-12-02 EP EP14868126.5A patent/EP3077972A4/de not_active Ceased
- 2014-12-02 KR KR1020167017367A patent/KR101809221B1/ko active IP Right Grant
- 2014-12-02 CN CN201480074679.7A patent/CN106062799B/zh active Active
- 2014-12-02 RU RU2016126401A patent/RU2663319C2/ru not_active IP Right Cessation
- 2014-12-02 BR BR112016012527A patent/BR112016012527A2/pt not_active IP Right Cessation
- 2014-12-02 WO PCT/US2014/067992 patent/WO2015084755A1/en active Application Filing
- 2014-12-02 MX MX2016007217A patent/MX361793B/es active IP Right Grant
- 2014-12-02 UA UAA201607123A patent/UA115500C2/uk unknown
- 2014-12-02 SG SG10201800179UA patent/SG10201800179UA/en unknown
- 2014-12-02 JP JP2016535719A patent/JP6353537B2/ja active Active
-
2016
- 2016-06-01 IL IL245965A patent/IL245965B/en unknown
- 2016-06-02 CL CL2016001353A patent/CL2016001353A1/es unknown
- 2016-12-15 HK HK16114270A patent/HK1227146A1/zh unknown
-
2018
- 2018-06-08 JP JP2018110433A patent/JP2018164281A/ja active Pending
Also Published As
| Publication number | Publication date |
|---|---|
| CN106062799A (zh) | 2016-10-26 |
| EP3077972A4 (de) | 2017-08-09 |
| CN106062799B (zh) | 2022-04-29 |
| UA115500C2 (uk) | 2017-11-10 |
| MX2016007217A (es) | 2016-12-09 |
| JP2018164281A (ja) | 2018-10-18 |
| JP6353537B2 (ja) | 2018-07-04 |
| WO2015084755A1 (en) | 2015-06-11 |
| KR102025816B1 (ko) | 2019-09-26 |
| EP3077972A1 (de) | 2016-10-12 |
| BR112016012527A2 (pt) | 2017-08-08 |
| IL245965A0 (en) | 2016-07-31 |
| CA2932346A1 (en) | 2015-06-11 |
| NZ720688A (en) | 2017-09-29 |
| KR20160091418A (ko) | 2016-08-02 |
| CA2932346C (en) | 2018-09-04 |
| KR20170139689A (ko) | 2017-12-19 |
| MX361793B (es) | 2018-12-17 |
| AU2014357381A1 (en) | 2016-06-16 |
| RU2663319C2 (ru) | 2018-08-03 |
| SG10201800179UA (en) | 2018-02-27 |
| IL245965B (en) | 2022-05-01 |
| KR101809221B1 (ko) | 2017-12-14 |
| HK1227146A1 (zh) | 2017-10-13 |
| JP2017504871A (ja) | 2017-02-09 |
| CL2016001353A1 (es) | 2017-05-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12100003B2 (en) | Method and system for generating an advanced storage key in a mobile device without secure elements | |
| AU2019250276B2 (en) | Method and system for generating an advanced storage key in a mobile device without secure elements | |
| AU2014357381B2 (en) | Method and system for secure authentication of user and mobile device without secure elements |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FGA | Letters patent sealed or granted (standard patent) |