CA2933336C - Procede et systeme pour generer une cle de stockage evoluee dans un dispositif mobile sans elements securises - Google Patents
Procede et systeme pour generer une cle de stockage evoluee dans un dispositif mobile sans elements securises Download PDFInfo
- Publication number
- CA2933336C CA2933336C CA2933336A CA2933336A CA2933336C CA 2933336 C CA2933336 C CA 2933336C CA 2933336 A CA2933336 A CA 2933336A CA 2933336 A CA2933336 A CA 2933336A CA 2933336 C CA2933336 C CA 2933336C
- Authority
- CA
- Canada
- Prior art keywords
- mobile device
- application program
- key
- payment
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Storage Device Security (AREA)
- Cash Registers Or Receiving Machines (AREA)
- Telephone Function (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
L'invention concerne un procédé de création de clé de stockage évoluée consistant à stocker, dans la mémoire d'un dispositif mobile, au moins (i) des informations de dispositif associées au dispositif mobile, (ii) un code de programme associé à un premier programme, le code incluant un identifiant d'instance, et (iii) un code de programme associé à un second programme, le code incluant une première clé ; à générer une empreinte de dispositif associée au dispositif mobile basée sur les informations de dispositif par l'intermédiaire de l'exécution du code associé au premier programme ; à générer une valeur aléatoire par exécution du code associé au premier programme ; à créer une valeur de diversifiant basée sur l'empreinte de dispositif générée, la valeur aléatoire générée et l'identifiant d'instance étant inclus dans le code associé au premier programme ; et à décrypter la valeur du diversifiant créée au moyen de la première clé stockée dans le code associé au second programme par exécution du code associé au second programme afin d'obtenir une clé de stockage.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201461979113P | 2014-04-14 | 2014-04-14 | |
US61/979,113 | 2014-04-14 | ||
PCT/US2014/068000 WO2015160385A1 (fr) | 2014-04-14 | 2014-12-02 | Procédé et système pour générer une clé de stockage évoluée dans un dispositif mobile sans éléments sécurisés |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2933336A1 CA2933336A1 (fr) | 2015-10-22 |
CA2933336C true CA2933336C (fr) | 2018-09-04 |
Family
ID=54324415
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2933336A Active CA2933336C (fr) | 2014-04-14 | 2014-12-02 | Procede et systeme pour generer une cle de stockage evoluee dans un dispositif mobile sans elements securises |
Country Status (14)
Country | Link |
---|---|
EP (1) | EP3132406A4 (fr) |
JP (3) | JP6224254B2 (fr) |
KR (3) | KR102151579B1 (fr) |
CN (2) | CN106104605B (fr) |
AU (3) | AU2014391256B2 (fr) |
CA (1) | CA2933336C (fr) |
IL (1) | IL246109B (fr) |
MX (1) | MX356939B (fr) |
NZ (1) | NZ721223A (fr) |
RU (2) | RU2653290C1 (fr) |
SG (2) | SG11201604876YA (fr) |
UA (1) | UA117951C2 (fr) |
WO (1) | WO2015160385A1 (fr) |
ZA (1) | ZA201603938B (fr) |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10270748B2 (en) | 2013-03-22 | 2019-04-23 | Nok Nok Labs, Inc. | Advanced authentication techniques and applications |
US11521203B2 (en) * | 2015-07-09 | 2022-12-06 | Cryptography Research, Inc. | Generating a cryptographic key based on transaction data of mobile payments |
JP2017175226A (ja) * | 2016-03-18 | 2017-09-28 | 株式会社インテック | 公開鍵証明書を発行するためのプログラム、方法およびシステム |
US10769635B2 (en) | 2016-08-05 | 2020-09-08 | Nok Nok Labs, Inc. | Authentication techniques including speech and/or lip movement analysis |
EP3340094B1 (fr) * | 2016-12-22 | 2021-04-28 | Mastercard International Incorporated | Procede de renouvellement de whitebox cryptographique en vertu de la nouvelle cle publique et de l'ancien identificateur |
EP3364329B1 (fr) * | 2017-02-21 | 2023-07-26 | Mastercard International Incorporated | Architecture de sécurité pour des applications de dispositif |
CN108804908B (zh) * | 2017-05-04 | 2023-05-09 | 腾讯科技(深圳)有限公司 | 一种设备指纹生成方法、装置及计算设备 |
CN107908948B (zh) * | 2017-11-01 | 2019-11-19 | 中国移动通信集团江苏有限公司 | 一种应用于安全风险控制的安卓app设备指纹生成方法 |
US11868995B2 (en) | 2017-11-27 | 2024-01-09 | Nok Nok Labs, Inc. | Extending a secure key storage for transaction confirmation and cryptocurrency |
US11831409B2 (en) | 2018-01-12 | 2023-11-28 | Nok Nok Labs, Inc. | System and method for binding verifiable claims |
CN109068304A (zh) * | 2018-08-07 | 2018-12-21 | 佛山市苔藓云链科技有限公司 | 一种使用近场通信验证物联网设备真实的方法 |
US11258604B2 (en) * | 2018-10-19 | 2022-02-22 | Oracle International Corporation | Rewiring cryptographic key management system service instances |
KR20210133985A (ko) * | 2019-02-28 | 2021-11-08 | 노크 노크 랩스, 인코포레이티드 | 새로운 인증기를 보증하기 위한 시스템 및 방법 |
JP7127585B2 (ja) * | 2019-03-12 | 2022-08-30 | オムロン株式会社 | セーフティシステムおよびメンテナンス方法 |
US11792024B2 (en) | 2019-03-29 | 2023-10-17 | Nok Nok Labs, Inc. | System and method for efficient challenge-response authentication |
US11783332B2 (en) | 2020-02-14 | 2023-10-10 | Mastercard International Incorporated | Method and system for facilitating secure card-based transactions |
EP3933731A1 (fr) * | 2020-06-30 | 2022-01-05 | Mastercard International Incorporated | Traitement des données d'autorisation pour plusieurs émetteurs |
US11784798B2 (en) | 2021-03-30 | 2023-10-10 | Visa International Service Association | System, method, and computer program product for data security |
CN115396103B (zh) * | 2022-10-26 | 2023-03-24 | 杭州海康威视数字技术股份有限公司 | 基于白盒密钥的ai数据共享方法、系统和装置 |
Family Cites Families (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7606771B2 (en) * | 2001-01-11 | 2009-10-20 | Cardinalcommerce Corporation | Dynamic number authentication for credit/debit cards |
EP1839083B1 (fr) * | 2005-01-07 | 2010-09-08 | LIMO Patentverwaltung GmbH & Co. KG | Dispositif d'homogeneisation de la lumiere |
KR100842267B1 (ko) * | 2006-12-01 | 2008-06-30 | 한국전자통신연구원 | 다중 인증 수단을 가지는 시스템의 통합 사용자 인증 서버,클라이언트 및 방법 |
JP2009284231A (ja) * | 2008-05-22 | 2009-12-03 | Panasonic Corp | 鍵生成装置、鍵生成方法及び鍵生成プログラム、並びに、電子機器 |
US8555089B2 (en) * | 2009-01-08 | 2013-10-08 | Panasonic Corporation | Program execution apparatus, control method, control program, and integrated circuit |
US8893967B2 (en) * | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
AU2011237715B2 (en) * | 2010-04-09 | 2014-12-18 | Visa International Service Association | System and method for securely validating transactions |
US8380177B2 (en) * | 2010-04-09 | 2013-02-19 | Paydiant, Inc. | Mobile phone payment processing methods and systems |
SG10201506319WA (en) * | 2010-08-12 | 2015-09-29 | Mastercard International Inc | Multi-commerce channel wallet for authenticated transactions |
US20120151223A1 (en) * | 2010-09-20 | 2012-06-14 | Conde Marques Ricardo Nuno De Pinho Coelho | Method for securing a computing device with a trusted platform module-tpm |
US8746553B2 (en) * | 2010-09-27 | 2014-06-10 | Mastercard International Incorporated Purchase | Payment device updates using an authentication process |
EP3226465A1 (fr) * | 2010-11-10 | 2017-10-04 | Einnovations Holdings Pte. Ltd. | Dispositif comprenant une carte pour fournir les fonctionnalités sim et psam |
GB201105765D0 (en) * | 2011-04-05 | 2011-05-18 | Visa Europe Ltd | Payment system |
WO2012170895A1 (fr) * | 2011-06-09 | 2012-12-13 | Yeager C Douglas | Systèmes et procédés conçus pour autoriser une transaction |
US9473295B2 (en) * | 2011-09-26 | 2016-10-18 | Cubic Corporation | Virtual transportation point of sale |
US10515359B2 (en) * | 2012-04-02 | 2019-12-24 | Mastercard International Incorporated | Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements |
US9171302B2 (en) * | 2012-04-18 | 2015-10-27 | Google Inc. | Processing payment transactions without a secure element |
WO2013159110A1 (fr) * | 2012-04-20 | 2013-10-24 | Conductiv Software, Inc. | Authentification de transaction mobile multi-facteur |
KR20130140948A (ko) * | 2012-05-17 | 2013-12-26 | 삼성전자주식회사 | 저장 장치의 식별자에 기반한 컨텐츠의 암복호화 장치 및 방법 |
US8738454B2 (en) * | 2012-07-23 | 2014-05-27 | Wal-Mart Stores, Inc. | Transferring digital receipt data to mobile devices |
CN105684010B (zh) * | 2013-08-15 | 2021-04-20 | 维萨国际服务协会 | 使用安全元件的安全远程支付交易处理 |
KR101809221B1 (ko) * | 2013-12-02 | 2017-12-14 | 마스터카드 인터내셔날, 인코포레이티드 | 보안 요소 없이 사용자 및 모바일 장치를 보안 인증하는 방법 및 시스템 |
-
2014
- 2014-12-02 WO PCT/US2014/068000 patent/WO2015160385A1/fr active Application Filing
- 2014-12-02 JP JP2016541581A patent/JP6224254B2/ja active Active
- 2014-12-02 KR KR1020207004059A patent/KR102151579B1/ko active IP Right Grant
- 2014-12-02 AU AU2014391256A patent/AU2014391256B2/en active Active
- 2014-12-02 MX MX2016010086A patent/MX356939B/es active IP Right Grant
- 2014-12-02 EP EP14889340.7A patent/EP3132406A4/fr not_active Ceased
- 2014-12-02 SG SG11201604876YA patent/SG11201604876YA/en unknown
- 2014-12-02 KR KR1020187027712A patent/KR102150722B1/ko active IP Right Grant
- 2014-12-02 KR KR1020167028484A patent/KR101903709B1/ko active IP Right Grant
- 2014-12-02 RU RU2016136503A patent/RU2653290C1/ru not_active IP Right Cessation
- 2014-12-02 CN CN201480074686.7A patent/CN106104605B/zh active Active
- 2014-12-02 RU RU2018113732A patent/RU2682840C2/ru not_active IP Right Cessation
- 2014-12-02 SG SG10201801008SA patent/SG10201801008SA/en unknown
- 2014-12-02 UA UAA201609401A patent/UA117951C2/uk unknown
- 2014-12-02 CN CN202010102477.6A patent/CN111523884B/zh active Active
- 2014-12-02 NZ NZ721223A patent/NZ721223A/en not_active IP Right Cessation
- 2014-12-02 CA CA2933336A patent/CA2933336C/fr active Active
-
2016
- 2016-06-08 IL IL246109A patent/IL246109B/en active IP Right Grant
- 2016-06-09 ZA ZA2016/03938A patent/ZA201603938B/en unknown
-
2017
- 2017-10-04 JP JP2017194490A patent/JP6703510B2/ja active Active
- 2017-10-12 AU AU2017245412A patent/AU2017245412A1/en not_active Abandoned
-
2019
- 2019-10-18 AU AU2019250276A patent/AU2019250276B2/en active Active
-
2020
- 2020-01-15 JP JP2020004636A patent/JP6889967B2/ja active Active
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220292499A1 (en) | Method and system for generating an advanced storage key in a mobile device without secure elements | |
AU2019250276B2 (en) | Method and system for generating an advanced storage key in a mobile device without secure elements | |
CA2932346C (fr) | Procede et systeme d'authentification securisee d'un utilisateur et d'un dispositif mobile sans elements securises |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request |
Effective date: 20160609 |