CN114450990A - 经由非接触式卡为安全消息提供凭证的多因素认证 - Google Patents
经由非接触式卡为安全消息提供凭证的多因素认证 Download PDFInfo
- Publication number
- CN114450990A CN114450990A CN202080066951.2A CN202080066951A CN114450990A CN 114450990 A CN114450990 A CN 114450990A CN 202080066951 A CN202080066951 A CN 202080066951A CN 114450990 A CN114450990 A CN 114450990A
- Authority
- CN
- China
- Prior art keywords
- message
- sms
- computing device
- session
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/325—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
- G06Q20/3255—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks using mobile network messaging services for payment, e.g. SMS
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/352—Contactless payments by cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/02—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail using automatic reactions or user delegation, e.g. automatic replies or chatbot-generated messages
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
- H04W12/47—Security arrangements using identity modules using near field communication [NFC] or radio frequency identification [RFID] modules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
- H04W4/14—Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Finance (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Power Engineering (AREA)
- Telephonic Communication Services (AREA)
- Credit Cards Or The Like (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
示例性实施例可以使用非接触式卡作为多因素认证中用于安全消息服务的次级认证形式。发起消息服务会话的请求的接受方(诸如服务器计算设备)可以被编程为使用始发设备的电话号码来查询关于一方的身份及其相关的电话号码的记录作为主要凭证,然后可以需要源自非接触式卡的认证凭证作为发起方的次级凭证。在一些情况下,源自非接触式卡的凭证是仅对一时间段有效的一次性密码。接收方确定一次性密码是否有效。如果两个凭证都有效,则可以发起与发起方的安全消息会话。
Description
相关申请
该申请要求获得于2019年12月26日提交的题为“MULTI-FACTOR AUTHENTICATIONPROVIDING A CREDENTIAL VIA A CONTACTLESS CARD FOR SECURE MESSAGING”的美国专利申请序列号16/727,162(于2020年8月25日以美国专利号10,757,574发布)的优先权。上述专利申请的内容通过引用全部纳入本文。
背景技术
消息服务使多方能够以快速和方便的方式经由书面消息进行通信。消息服务越来越多地用于商业内容中。例如,客户能够与公司的客户服务代表进行消息服务会话。传统消息服务的一个限制是缺乏安全性。消息服务会话的一方能够在传统消息服务会话中伪造电话号码或假定虚假身份。因此,很难在不担心与冒名顶替者通信的情况下经由传统的消息服务传输潜在的敏感信息,诸如机密信息。
发明内容
根据示例性实施例,执行了一种计算设备实现的方法。根据这种方法,在所述计算设备处从具有相关的电话号码的短消息服务(SMS)功能设备接收消息。该消息指示希望发起SMS会话,并且该消息包含安全组件。对安全组件进行解密,以获得至少一次性密码和帐户标识符的散列。提取一次性密码和帐户标识符。确定一次性密码是否有效。确定与该帐户标识符关联的帐户,并确定与所确定帐户有关的电话号码。判断关联的电话号码是否匹配于与该帐号相关的电话号码。当发送SMS密码有效且关联的电话号码是匹配的电话号码时,通过向SMS功能设备发送SMS消息来发起安全SMS会话。当密码无效和/或关联的密码不是匹配的电话号码时,则拒绝发起与SMS功能设备的安全SMS会话。
解密可以使用对称解密算法。该方法可以包括以下附加步骤:检查支持SMS的设备的地理位置,以及使用所述地理位置作为确定是否发起所述安全SMS会话的另一个认证因素。所述接收消息可以包括接收SMS信息。一次性密码可以是基于时间的密码。计算设备可以维护计数器,并可以在确定密码是否已过期时使用所述计数器的值。由计算设备维护的计数器可以与由非接触式卡维护的计数器同步。
根据示例性实施例,执行了一种可用短消息服务(SMS)功能的设备实现的方法。根据这种方法,经由近场通信在所述SMS功能设备处从非接触式卡接收加密安全的一次性密码。该加密安全的一次性密码包括至少一次性密码和帐户标识符的加密散列。一次性密码由对称加密算法加密,且一次性密码仅对设定的时间段有效。从所述SMS功能设备向一方发送消息以请求发起安全SMS会话,其中所述消息包括所述加密安全的一次性密码,并且其中所述SMS功能设备具有相关的电话号码。当所述密码有效时并且当所述SMS功能设备的电话号码与由所述帐户标识符识别的帐户相关联时,在所述SMS功能设备处从所述一方接收SMS消息。在发起安全SMS会话时,聊天机器人可用于参与安全SMS会话。
从SMS功能设备发送消息可以包括发送初始SMS消息。从所述SMS功能设备发送消息包括向所述一方的网站发送消息或直接向所述一方发送消息之一。所述方法还可包括从SMS功能设备向所述一方发送地理位置信息。SMS消息可以从聊天机器人接收。
根据示例性实施例,一种方法由非接触式卡执行。根据这种方法,发起与计算设备的近场通信(NFC)会话。作为NFC会话的一部分,非接触式卡与运行在计算设备上的应用通信,并通过散列函数传递至少一次密码和帐户标识符,以创建散列值。加密所述散列值。将加密的散列值传递给运行在计算设备上的应用。提示所述应用向远程计算设备发送消息,以发起与所述远程计算设备的消息会话,其中所述消息包括所加密的散列值,作为希望发起所述消息会话的一方的身份的证据。
一次性密码可以是基于时间的密码。非接触式卡可维护计数器,该计数器的值可用于创建加密散列值。通过所述散列函数传递所述计数器的值。在一些情况下,与所述一次性密码和所述帐户标识符一起通过所述散列函数传递所述计数器的值。所述一次性密码仅对设定的时间段有效。所述NFC会话是响应于在所述计算设备中的读卡器上轻触所述非接触式卡而发起的。
附图说明
图1描述了适合实施示例性实施例的环境。
图2描述了一个流程图,说明了在示例性实施例中验证发起方可执行的步骤。
图3描述了一个框图,显示了在示例性实施例中非接触式卡和具有消息功能设备之间的交互。
图4描述了相对于服务器计算设备的消息流。
图5A描绘了非接触式卡的说明性的正面。
图5B描述了非接触式卡的硬件组件。
图5C描绘了消息功能计算设备的框图。
图5D描绘了服务器计算设备和存储的框图。
图6A描绘了说明了对输入进行散列以产生散列值的附图。
图6B描述了散列函数的不同类型的输入。
图7描述了加密操作以生成安全分组。
图8描述了说明了以验证发起方而可以执行的步骤的流程图。
图9描述了其他类型的认证因素。
具体实施方式
示例性实施例可以使用非接触式卡作为多因素认证中用于安全消息服务的次级认证形式。当用于安全消息服务的消息源自具有相关的电话号码的设备时,该电话号码可作为用于由消息服务接收方进行认证身份的主要凭证。发起消息服务会话的请求的接受方(诸如服务器计算设备)可被编程以使用始发设备的电话号码来查询关于一方的身份及其相关的电话号码的记录作为主要凭证,然后可以需要源自非接触式卡的认证凭证作为用于发起方的次级凭证。在一些情况下,源自非接触式卡的凭证是仅在时间段有效的一次性密码。接收方确定一次性密码是否有效。如果两个凭证都有效,则可以发起与发起方的安全消息会话。
消息服务可以采取不同的形式。例如,消息服务可以是短消息服务(SMS)服务。消息服务可以是即时消息服务、社交媒体消息服务、视频消息服务、聊天应用或虚拟助手应用等。
由于本文中描述的消息服务可以针对消息服务会话采用发起方的多因素认证,因此参与消息会话的非发起方对与经过认证的一方进行通信的信心得到增强。因此,冒名顶替者参与消息服务会话的风险大大降低。因此,本文公开的安全消息服务非常适合交换潜在的敏感信息,诸如财务信息、健康信息、业务信息、驾驶记录、犯罪记录和其他类型的机密信息。本文描述的安全消息服务非常适合于在客户和金融机构代表、患者和医疗保健提供者、被保险人和保险公司代表、客户和律师、客户和会计师以及公司雇员等之间的交流。加密和安全散列可用于保护经由安全消息服务交换的消息的内容。
一次性密码可以作为由发起安全消息会话的发起方传递给接收方的安全分组的一部分进行加密。安全分组可以包含用于发起方的识别信息,诸如帐户信息。在将一次性密码添加到分组并加密之前,可以使用计数器值对其进行散列处理。该计数器用作时间指标,并帮助定义密码的寿命。
作为认证的一部分,接收方解密安全分组。接收方可以维护自己的计数器值,该计数器值与由发起方维护的计数器值同步。如果安全分组中由发起方使用的计数器值与由接收方维护的计数器值在值上不匹配或差异太大,则其可以是一次性密码不再有效的指示。接收方检查一次性密码是否正确。此外,接收方可以使用帐户信息以检索与该帐户相关的一方的电话号码。接收方可以检查所检索到的电话号码是否与请求来源的设备的电话号码匹配。如果电话号码匹配且一次性密码正确且未过期,则通过提示非发起方向发起方发送消息,接收方可以发起消息服务。非发起方可以是人或聊天机器人,并且可以经由服务器或单独的客户端设备进行通信。如果发起方认证失败,则可以不会从非发起方发送任何消息,或从非发起方发送拒绝消息。
图1描述了适合实践示例性实施例的环境100。该环境包括由发行者向发起方101发行的非接触式卡102。发起方101持有非接触式卡102,并且鉴于非接触式卡102可以产生用于验证发起方身份的凭证,建议发起方101保持非接触式卡102的安全并且保存在他们手中。非接触式卡102可与消息功能计算设备104结合使用。消息功能计算设备104支持一个或多个消息服务,诸如上文描述的那些服务。消息功能计算设备104可以是智能手机,台式电脑,笔记本电脑,平板电脑,可穿戴计算设备或任何支持消息服务的计算设备,并且能够使发起方101参与本文所描述的安全信息服务的计算设备。
正如下面将更详细地描述的那样,通过首先与消息功能计算设备104对接,可将非接触式卡102用于发起方101的认证。消息功能计算设备104具有近场通信(NFC)读卡器,该读卡器可以读取非接触式卡102并与非接触式卡102进行双向通信。消息功能计算设备104与网络106对接。网络106可以包括有线网络和/或无线网络。网络106可以包括局域网(LAN)和/或广域网(WAN),包括因特网。服务器计算设备108与网络106相连。服务器计算设备108(例如,接收方)通过消息服务借助消息功能计算设备104从发起方101接收发起安全消息系统的请求,并负责执行认证。非发起方110可以是访问服务器计算设备108的一方,或是使用另一个计算设备参与聊天会话的服务器计算设备的客户端。非发起方110可以是人、聊天机器人或智能代理。
图2示出了在示例实施例中可执行的步骤的流程图,以对希望与非发起方发起安全消息服务会话的发起方进行认证。这些步骤在下文中相对于图3和图4进行描述。该过程可以从一方将非接触式卡302(见图3)轻触到消息功能计算设备306(202)中的读卡器307开始。在一些实施例中,非接触式卡302和读卡器307经由近场通信(NFC)协议进行通信。轻触发起在非接触式卡和消息功能计算设备306中的读卡器307之间的NFC通信。在其他情况下,非接触式卡302不需要轻触读卡器307,而是可以只需要足够接近读卡器307以发起NFC通信会话。在NFC通信会话中,将安全分组304从非接触式卡302发送到包括安全分组的消息功能计算设备306。非接触式卡302可以经由通信来提示在消息功能计算设备306上运行的应用,以生成给接收方的消息。在一种直接方法中,该应用是聊天程序,诸如SMS消息应用或用于其他各种消息服务之一的应用。如下所述,消息功能计算设备306生成认证以尝试发起安全消息会话。在一种间接方法中,非接触式卡302为服务器提供统一的资源定位符(URL),其包括从消息功能计算设备306联系的服务器的电话号码,以尝试发起安全消息服务。消息功能计算设备306生成封装安全分组310的消息308,该消息308作为发起安全消息系统的请求被发送到服务器计算设备406(见图4)(204)。
请求可以经由消息服务或经由另一个通道被发送到服务器计算设备406。如上所述,安全分组310可以包括一次性密码和用于发起方的识别信息。下面将更详细地讨论这些内容。服务器计算设备406接收消息402,并从安全分组404(206)中提取一次性密码和其他信息(诸如识别信息和计数器值)。基于所提取的信息,服务器计算设备406成功验证发起方,或不成功验证发起方(208)。当发起方被认证成功的情况下,经由消息服务将来自非发起方408的响应消息410发送给发起方(212)。响应消息410可以通知发起方他们已经被认证,或者,例如,可以只是简单地问候发起方,并可以询问发起方他们与非发起方408联系的内容。相反,如果发起方没有被成功认证,则将拒绝安全消息系统的请求的响应消息410发送给发起方(210)。在一些可替选的示例性实施例中,在这种情况下不会将任何消息发送回发起方。
图5A所示的非接触式卡500,其可以是由服务提供商505(显示在卡500的正面或背面)发行的支付卡,诸如信用卡、借记卡或礼品卡。在一些示例性实施例中,非接触式卡500与支付卡无关,并且可以包括但不限于标识卡。在一些情况下,支付卡可以包括双接口非接触式支付卡。所述非接触式卡500可包括基板510,基板510可包括由塑料、金属和其他材料组成的单层或层压层。典型的基材材料包括聚氯乙烯、聚氯乙烯醋酸酯、丙烯腈丁二烯苯乙烯、聚碳酸酯、聚酯、阳极化钛、钯、金、碳、纸和可生物降解材料。在一些示例中,非接触式卡500可以具有符合ISO/IEC 7810标准的ID-1格式的物理特性,以及非接触式卡500可以符合ISO/IEC 14443标准。但是,应当理解的是,根据本公开的非接触式卡500可以具有不同的特性,并且本公开不需要非接触式卡在支付卡中实现。
非接触式卡500还可以包括显示在卡正面和/或背面的标识信息515和接触垫520。接触垫520可被配置为与另一通信设备(诸如用户设备、智能手机、笔记本电脑、台式机或平板电脑)建立联系。非接触式卡500还可以包括处理电路、天线和图5A中没有显示的其他组件。这些组件可以位于接触垫520后面或基板510上的其他地方。非接触式卡500还可以包括位于卡片背面的磁条或磁带(图5A中未示出)。
如图5B所示,图5A的接触片520可包括用于存储和处理信息的处理电路525,包括微处理器530和存储器535。应当理解的是,处理电路525可以包含额外的组件,包括处理器、存储器、错误和奇偶校验/CRC校验器、数据编码器、防碰撞算法、控制器、命令解码器、安全原件和防篡改硬件,这些正如执行本文所述功能所必需的。
存储器535可以是只读存储器、一写多读存储器或读/写存储器,例如,RAM、ROM和EEPROM,而非接触式卡500可以包括这样的存储器中的一个或多个。只读存储器可以在工厂可被编程为只读或一次性可编程。一次性可编程性提供了一次写入然后多次读取的机会。可以在存储芯片离开工厂后的某个时间点对一写/多读存储器进行编程。一旦存储器被编程,它可以不会被重写,但它可以被多次读取。读/写存储器可以在出厂后被编程和重新编程许多次。它也可以被多次读取。
存储器535可以配置为存储一个或多个小程序540,一个或多个计数器545以及客户标识符550。一个或多个小程序540可包括一个或多个被配置为在一个或多个非接触式卡上执行的软件应用,诸如Java卡小程序。然而,应当理解的是,小程序540并不局限于Java卡小程序,而是可以是任何可在非接触式卡或其他具有有限存储器的设备上操作的软件应用。一个或多个计数器545可以包括足以存储整数的数字计数器。客户标识符550可包括分配给所述非接触式卡500用户的唯一字母数字标识符,且所述标识符可将所述非接触式卡的用户与其他非接触式卡用户区分开来。在一些示例中,客户标识符550可以同时识别客户和分配给该客户的帐户,并可以进一步识别与该客户帐户相关的非接触式卡。
上述示例性实施例的处理器和存储器元件是参照接触垫进行描述的,但本公开并不限于此。应当理解的是,这些元件可以在接触垫520之外实现,或完全与之分开,或作为位于接触垫520内的处理器530和存储器535元件之外的进一步元件。
在一些示例中,非接触式卡500可以包含一个或多个天线555。一个或多个天线555可以放置在非接触式卡500内和接触垫520的处理电路525周围。例如,一个或多个天线555可与处理电路525集成,以及一个或多个天线555可与外部升压线圈一起使用。作为另一个示例,一个或多个天线555可以位于接触垫520和处理电路525的外部。
在一个实施例中,非接触式卡500的线圈可以作为空芯变压器的次级。该终端可通过切断电源或调幅与非接触式卡500通信。非接触式卡500可以利用非接触式卡电源连接中的间隙推断从终端传输的数据,该电源连接可以通过一个或多个电容器进行功能性维护。该非接触式卡500可以通过在该非接触式卡的线圈上切换负载或负载调制进行反向通信。负载调制可以通过干扰在终端线圈中检测到。
如上所述,非接触式卡500可以构建在可在智能卡或具有有限存储器的其他设备(诸如Java卡)上操作的软件平台上,并且可以安全地执行一个或多个应用或小程序。小程序可以被添加到非接触式卡中,以便在各种基于移动应用的用例中为多因素认证(MFA)提供一次性密码(OTP)。小程序可以被配置为响应于一个或多个来自读卡器(诸如移动NFC读卡器)的请求,诸如近场数据交换请求,并产生包括编码为NDEF文本标签的加密安全OTP的NDEF消息。
图5C描绘了显示了消息功能计算设备540的说明性组件的框图。消息功能计算设备540可包括处理器542。处理器542可以是微处理器,诸如中央处理单元(CPU)、图形处理单元(GPU)等。处理器542可被实现为现场可编程门阵列(FPGA)、应用专用集成电路(ASIC)、控制器、电路,或为具有消息能力的计算设备540的处理器提供本文所描述的功能的类似物。消息功能计算设备540可包括存储器544。存储器544可以包括易失性存储器和/或非易失性存储器。存储器544可包括光学和/或磁性存储设备,并且可包括存储由处理器542执行的指令的非瞬态计算机可读存储介质。存储器544可以包括磁盘驱动器、光盘驱动器、固态存储、只读存储器、随机存取存储器、闪存和类似物。如图5C所描绘的,存储器544存储应用546,诸如消息应用或提供本文所述功能的应用。存储器544也可以存储用于NFC通信提供接近协议支持208的计算机可执行指令。此外,存储器544可储存网页浏览器551,用于方便网页访问。应当理解的是,存储204可以存储未描述的其他程序和数据。
消息功能计算设备540可包括用于参与NFC通信的NFC读卡器561。消息功能计算设备540还可以包括显示器552,诸如发光二极管(LED)显示器、液晶显示器(LCD)或视网膜显示器。消息功能计算设备540可包括用于通过无线网络(诸如蜂窝电话网络)进行通信的无线调制解调器554。具有信息传递功能的计算设备540可包括用于捕捉图像和/或视频的相机556。该相机556也可用于扫描光学代码。
图5D描绘了服务器计算设备560的框图。服务器计算设备560可以有多种形式,包括但不限于桌面计算机、工作站或服务器。服务器计算设备560可以包括处理器562。处理器562可以采用任意多种形式,如与图5C中的消息功能计算设备相关的所讨论的那些形式。服务器计算设备560可以包括或可以访问存储器564。存储器564可以包括与图5C中消息功能计算设备相关的各种存储形式。存储器564可以保存可由处理器562执行的程序、小程序和/或可执行代码。例如,存储器可以存储如下所述的同步计数器566。存储器564还可以存储解密软件568,用于解密安全分组和散列内容以及加密/解密密钥571。存储器564可以存储用于安全消息服务的消息服务软件573。存储器564可以存储用于网页服务器572和聊天机器人574的软件。存储器564可以存储用于客户端或客户的帐户信息576。在一些示例实施例中,该帐户信息576可存储在数据库中。
通常,服务器计算设备560(或另一计算设备)和非接触式卡500可以用相同的主密钥(也称为主对称密钥)进行配置。更具体地说,每个非接触式卡500都以不同的主密钥进行编程,该主密钥在服务器计算设备560中具有相应的配对。例如,当制造非接触式卡500时,可以将唯一的主密钥编程到非接触式卡500的存储器535中。类似地,唯一的主密钥可以存储在服务器计算设备560的帐户信息576中与非接触式卡500相关的客户记录中(和/或存储在不同的安全位置)。主密钥可以对除非接触式卡500和服务器计算设备560外的所有各方保密,从而提高了系统的安全性。
主密钥可以与计数器104结合使用,以使用密钥多样化来增强安全性。计数器545和566包含在非接触式卡500和服务器计算设备560之间同步的值。该计数器值可包括每次在非接触式卡500和服务器计算设备560(和/或非接触式卡500和消息功能计算设备540)之间交换数据时改变的数字。为了使NFC数据在非接触式卡500和消息功能计算设备540之间传输,当非接触式卡500足够接近消息功能计算设备540的NFC读卡器561时,应用546可以与非接触式卡500进行通信。NFC读卡器561可以被配置为从非接触式卡500读取和/或与非接触式卡500进行通信。
例如,用户可以将非接触式卡500轻触到消息功能计算设备540上,从而使非接触式卡500足够靠近消息功能计算设备540的NFC读卡器561,以使在消息功能计算设备540之间的NFC数据传输可以经由API调用触发NFC读卡器561。附加地和/或可替选地,消息功能计算设备540也可以基于周期性轮询NFC读卡器561来触发NFC读卡器561。更通常地,消息功能计算设备540可以使用任何可行的方法触发NFC读卡器561以进行通信。在消息功能计算设备540与非接触式卡500之间建立通信后,非接触式卡500可生成消息认证码(MAC)码文。在一些示例中,当非接触式卡500被应用546读取时可能会发生这种情况。特别是,这可以在近场数据交换(NDEF)标签的读取时发生,诸如NFC读取,其可以按照NFC数据交换格式创建。例如,读卡器(诸如应用546和/或NFC读卡器561)可以传输具有NDEF产生的小程序的小程序ID的消息(诸如小程序选择消息)。在确认选择后,可以传输一系列选择文件消息,随后是读取文件消息。例如,序列可以包括“选择能力文件”,“读取能力文件”和“选择NDEF文件”。此时,由非接触式卡500所维护的计数器值可以会被更新或递增,随后可以是“读取NDEF文件”。此时,可以会生成包含报头和共享秘密的消息。然后可以生成会话密钥。MAC码文可以从消息中创建,其可以包括报头和共享秘密。然后MAC码文可以与一个或多个随机数据块连接,并且MAC码文和随机数(RND)可以用会话密钥加密。此后,码文和报头可以被连接起来,并编码为ASCII十六进制,并以NDEF消息格式返回(响应于“读取NDEF文件”消息)。在一些示例中,MAC码文可以作为NDEF标签传输,并且在其他示例中,MAC码文可以包含统一的资源指示符(例如,作为格式化的字符串)。然后,非接触式卡500可以将MAC码文传输到消息功能计算设备540,然后该计算设备540可以将MAC码文转发给服务器计算设备560进行验证,如下文所解释的那样。然而,在一些实施例中,消息功能计算设备540可以验证MAC码文。
更通常地,当准备发送数据(例如,向服务器560和/或消息功能计算设备540)时,非接触式卡540可以递增计数器545。然后,非接触式卡500可以主密钥和计数器值作为输入提供给密码算法,该算法产生多样化的密钥作为输出。密码算法可以包括加密算法、基于散列的消息认证码(HMAC)算法、基于密码的消息认证码(CMAC)算法等。密码算法的非限制示例可包括对称加密算法,诸如3DES或AES128;对称HMAC算法,诸如HMAC-SHA-256;以及对称CMAC算法,诸如AES-CMAC。然后,非接触式卡500可以使用多样化的密钥加密数据(例如,客户标识符107和任何其他数据)。然后,非接触式卡500可以将加密数据传输到具有消息能力的计算设备546的应用546(例如,经由NFC连接、蓝牙连接等)。然后,具有消息能力的计算设备540的应用546可以经由网络106将加密数据传输到服务器计算设备560。在至少一个实施例中,非接触式卡500传输具有加密数据的计数器值。在这些实施例中,非接触式卡500可传输加密计数器值或未加密计数器值。
虽然以计数器为示例,但也可以使用其他数据来保护非接触式卡500、消息功能计算设备540和/或服务器计算设备560之间的通信。例如,计数器可以被替换为随机非授权码,每次需要生成新的多样化的密钥,从非接触式卡500和服务器计算设备560发送计数器值的全部值,从非接触式卡500和服务器计算设备560发送计数器值的一部分,由非接触式卡500和服务器计算设备560独立维护但不在两者之间发送的计数器,在非接触式卡500和服务器计算设备560之间交换的一次性密码以及数据的加密散列。在一些示例中,各方可以使用多样化的密钥的一个或多个部分来创建多个多样化的密钥。
安全分组404(图4)的生成可以采用加密散列函数,诸如MD5或SHA-1。图6A显示了框图600,框图600描述了如何在示例性实施例中使用加密散列函数。在图6A所示的示例中,三个输入602、604和606一起通过散列函数608传递。选择描述三个输入是为了说明而不是限制。在一些情况下可以会使用其他数量的输入。散列函数608产生输出散列值610。由于散列函数608的特性,在不知道由散列函数608使用的密钥607的情况下,从散列值610中导出输入602、604和606在计算上是困难的。钥匙609是保密的。密钥607可以为每个会话动态生成,并且可以特定于非接触式卡。因此,散列函数608为安全分组404中包含的内容(例如,输入602、604和606)提供了一层安全性。
在示例性实施例中,输入602、604和606可以会根据各方希望交换的信息和用于验证发起方的协议而有所不同。图6B显示了在示例实施例中可以被散列的输入642的可能类型的图640。在这些示例性实施例中,可包括由非接触式卡生成的一次性密码644作为输入。可以为发起方提供帐户标识符646。这可以是唯一识别发起方帐户的帐号或其他标识符。如上所述,帐户标识符可以是用于发起方的电话号码。在一些情况下,发起方的电话号码可以不包括在散列值610中,但可以来自从消息功能计算设备540发送的消息中导出。输入642可以包括发起方的名称650。
作为一种附加的安全性,散列值610可以被加密。图7显示了描述这种加密的框图700。如上所述生成的散列值702被传递给加密引擎704,该引擎使用加密密钥706加密散列值。得到的输出是安全分组708。加密引擎704可以使用多种加密算法中的任何一种,诸如DES、AES、RSA、DSA或类似的算法。这些可以是对称密码算法,诸如DES和AES,或非对称密码算法,诸如RSA和DSA。假定服务器计算设备406(图4)拥有合适的密钥来解密安全分组。虽然没有在图7中未示出,但是其他内容可以与散列值702一起被加密。
图8描述了一旦作为接收方的服务器计算设备接收到带有安全分组的认证消息,对发起方进行认证所执行的步骤800的流程图。最初,服务器计算设备使用解密密钥对安全分组进行解密。此外,解密密钥用于解密散列,以提取由散列函数散列在一起的输入(801)。所提取的密码和计数器值可以与有效的密码和有效的计数器值(802)进行比较。确定密码和计数器值是否匹配,或者所提取的计数器值是否指示密码尚未过期(804)。基于所提取的计数器值,如果密码匹配且所提取的密码未过期,则可以比较其他提取的信息(806)。
其他信息可以是其他认证因素902,诸如图9中的附图900所示。其他认证因素902可以包括消息功能计算设备的电话号码,可以将其与发起方所记录的电话号码进行比较。其他认证因素902可以包括用于发起方的地理位置906。地理位置906可以是诸如GPS信息、区号和交换前缀信息等的信息,这些信息可以与有关该方的居住地的信息相比较。其他认证因素902可以包括在被验证方和服务器计算设备之间共享的共享秘密。
如果其他信息是有效的(808),则发起方可以被验证(812)。如果不是,则发起方没有被认证(810)。类似地,如果所提取的计数器值指示密码不匹配或密码已经过期,则发起方没有被认证(810)。
虽然本发明已经通过参考本文的示例性实施例进行了描述,但应当理解的是,在不偏离所附权利要求书中定义的预期范围的情况下,可以对范围和细节进行各种变化。
Claims (20)
1.一种计算设备实现的方法,包括:
在所述计算设备处从具有相关的电话号码的短消息服务(SMS)功能设备接收消息,其中所述消息指示发起SMS会话的愿望,并且其中所述消息包括安全组件;
对所述安全组件进行解密,以获得至少一次性密码和帐户标识符的散列;
提取所述一次性密码和所述帐户标识符;
确定所述一次性密码是否有效;
确定与所述帐户标识符关联的帐户;
访问与所确定的帐号相连的电话号码;
确定所相关的电话号码是否匹配于与所述帐号相关的电话号码;
当所述密码有效且所相关的电话号码是匹配的电话号码时,通过向所述SMS功能设备发送SMS消息来发起安全SMS会话;以及
当所述密码无效和/或所相关的密码不是匹配的电话号码时,拒绝发起与所述SMS功能设备的安全SMS会话。
2.根据权利要求1所述的方法,其中,所述解密使用对称解密算法。
3.根据权利要求1所述的方法,还包括:
检查所述SMS功能设备的地理位置;以及
使用所述地理位置作为确定是否发起所述安全SMS会话的另一个认证因素。
4.根据权利要求1所述的方法,其中,所述接收消息包括接收SMS消息。
5.根据权利要求1所述的方法,还包括当发起所述安全SMS会话时,使用聊天机器人参与所述安全SMS会话。
6.根据权利要求1所述的方法,其中,所述一次性密码是基于时间的密码。
7.根据权利要求1所述的方法,其中,所述计算设备维护计数器,并且其中所述计算设备在确定密码是否已过期时使用所述计数器的值。
8.根据权利要求7所述的方法,其中,由所述计算设备维护的计数器与由所述非接触式卡维护的计数器同步。
9.一种短消息服务(SMS)功能设备实现的方法,包括:
经由近场通信在所述SMS功能设备处从非接触式卡接收加密安全的一次性密码,其中:
所述加密安全的一次性密码包括至少一次性密码和帐户标识符的加密散列,
所述一次性密码由对称加密算法进行加密,以及
所述一次性密码仅对设定的时间段有效;
从所述SMS功能设备向一方发送消息以请求发起安全SMS会话,其中所述消息包括所述加密安全的一次性密码,并且其中所述SMS功能设备具有相关的电话号码;以及
当所述密码有效时并且当所述SMS功能设备的电话号码与由所述帐户标识符识别的帐户相关联时,在所述SMS功能设备处从所述一方接收SMS消息。
10.根据权利要求9所述的方法,其中,从所述SMS功能设备发送消息包括发送初始SMS消息。
11.根据权利要求9所述的方法,其中,从所述SMS功能设备发送消息包括向所述一方的网站发送消息或直接向所述一方发送消息之一。
12.根据权利要求9所述的方法,还包括从所述SMS功能设备向所述一方发送地理位置信息。
13.根据权利要求9所述的方法,其中,所述SMS消息是从聊天机器人接收的。
14.一种由非接触式卡执行的方法,包括:
发起与计算设备的近场通信(NFC)会话;
作为所述NFC会话的一部分,
与运行在所述计算设备上的应用进行通信;
通过散列函数传递至少一次性密码和帐户标识符以创建散列值;
加密所述散列值;
将所加密的散列值传递给运行在所述计算设备上的应用;以及
提示所述应用向远程计算设备发送消息,以发起与所述远程计算设备的消息会话,其中所述消息包括所加密的散列值,作为希望发起所述消息会话的一方的身份的证据。
15.根据权利要求14所述的方法,其中,所述一次性密码是基于时间的密码。
16.根据权利要求15所述的方法,其中,所述非接触式卡维护计数器,并且所述计数器的值用于创建所加密的散列值。
17.根据权利要求16所述的方法,其中,通过所述散列函数传递所述计数器的值。
18.根据权利要求17所述的方法,其中,与所述一次性密码和所述帐户标识符一起通过所述散列函数传递所述计数器的值。
19.根据权利要求16所述的方法,其中,所述一次性密码仅对设定的时间段有效。
20.根据权利要求14所述的方法,其中,所述NFC会话是响应于在所述计算设备中的读卡器上轻触所述非接触式卡而发起的。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/727,162 US10757574B1 (en) | 2019-12-26 | 2019-12-26 | Multi-factor authentication providing a credential via a contactless card for secure messaging |
US16/727,162 | 2019-12-26 | ||
PCT/US2020/061960 WO2021133502A1 (en) | 2019-12-26 | 2020-11-24 | Multi-factor authentication providing a credential via a contactless card for secure messaging |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114450990A true CN114450990A (zh) | 2022-05-06 |
Family
ID=72140715
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202080066951.2A Pending CN114450990A (zh) | 2019-12-26 | 2020-11-24 | 经由非接触式卡为安全消息提供凭证的多因素认证 |
Country Status (8)
Country | Link |
---|---|
US (6) | US10757574B1 (zh) |
EP (1) | EP4082169A1 (zh) |
JP (1) | JP2023501021A (zh) |
KR (1) | KR20220115917A (zh) |
CN (1) | CN114450990A (zh) |
AU (2) | AU2020415282B2 (zh) |
CA (1) | CA3126092A1 (zh) |
WO (1) | WO2021133502A1 (zh) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
BR112021002463A2 (pt) * | 2018-08-10 | 2021-05-04 | Krafft Industries Llc | recipientes inteligentes |
WO2021055704A1 (en) * | 2019-09-19 | 2021-03-25 | Visa International Service Association | System and method for using dynamic tag content |
US11222339B2 (en) * | 2019-12-17 | 2022-01-11 | Capital One Services, Llc | Computer-based systems and methods configured for one or more technological applications for authorizing a credit card for use by a user |
US20230015789A1 (en) * | 2021-07-08 | 2023-01-19 | Vmware, Inc. | Aggregation of user authorizations from different providers in a hybrid cloud environment |
US20230046788A1 (en) * | 2021-08-16 | 2023-02-16 | Capital One Services, Llc | Systems and methods for resetting an authentication counter |
US20230083785A1 (en) * | 2021-09-16 | 2023-03-16 | Capital One Services, Llc | Use of a payment card to unlock a lock |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1921390A (zh) * | 2006-09-08 | 2007-02-28 | 网之易信息技术(北京)有限公司 | 一种用户身份识别方法及识别系统 |
CN101159551A (zh) * | 2007-08-23 | 2008-04-09 | 北京飞天诚信科技有限公司 | 多功能信息安全设备及其使用方法 |
EP2323308A1 (en) * | 2009-11-12 | 2011-05-18 | Sagem Orga GmbH | A method of assigning a secret to a security token, a method of operating a security token, storage medium and security token |
US20110131415A1 (en) * | 2009-11-30 | 2011-06-02 | James Paul Schneider | Multifactor username based authentication |
US20170201508A1 (en) * | 2006-04-11 | 2017-07-13 | Medox Technologies, Inc. | Relationship-Based Authorization |
US20170364911A1 (en) * | 2014-12-12 | 2017-12-21 | Cryptomathic Ltd | Systems and method for enabling secure transaction |
CN109063523A (zh) * | 2018-06-29 | 2018-12-21 | 浙江工商大学 | 一种射频识别安全认证方法及系统 |
US10489781B1 (en) * | 2018-10-02 | 2019-11-26 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10511443B1 (en) * | 2018-10-02 | 2019-12-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
Family Cites Families (554)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2523745B1 (fr) | 1982-03-18 | 1987-06-26 | Bull Sa | Procede et dispositif de protection d'un logiciel livre par un fournisseur a un utilisateur |
JPS6198476A (ja) | 1984-10-19 | 1986-05-16 | Casio Comput Co Ltd | カードターミナル |
FR2613565B1 (fr) | 1987-04-03 | 1989-06-23 | Bull Cps | Procede pour acheminer des cles secretes vers des modules de securite et des cartes utilisateurs, dans un reseau de traitement d'informations |
US5036461A (en) | 1990-05-16 | 1991-07-30 | Elliott John C | Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device |
FR2704341B1 (fr) | 1993-04-22 | 1995-06-02 | Bull Cp8 | Dispositif de protection des clés d'une carte à puce. |
US5363448A (en) | 1993-06-30 | 1994-11-08 | United Technologies Automotive, Inc. | Pseudorandom number generation and cryptographic authentication |
US5377270A (en) | 1993-06-30 | 1994-12-27 | United Technologies Automotive, Inc. | Cryptographic authentication of transmitted messages using pseudorandom numbers |
JP3053527B2 (ja) | 1993-07-30 | 2000-06-19 | インターナショナル・ビジネス・マシーンズ・コーポレイション | パスワードを有効化する方法及び装置、パスワードを生成し且つ予備的に有効化する方法及び装置、認証コードを使用して資源のアクセスを制御する方法及び装置 |
US5537314A (en) | 1994-04-18 | 1996-07-16 | First Marketrust Intl. | Referral recognition system for an incentive award program |
US7152045B2 (en) | 1994-11-28 | 2006-12-19 | Indivos Corporation | Tokenless identification system for authorization of electronic transactions and electronic transmissions |
US5764789A (en) | 1994-11-28 | 1998-06-09 | Smarttouch, Llc | Tokenless biometric ATM access system |
US5778072A (en) | 1995-07-07 | 1998-07-07 | Sun Microsystems, Inc. | System and method to transparently integrate private key operations from a smart card with host-based encryption services |
US5666415A (en) | 1995-07-28 | 1997-09-09 | Digital Equipment Corporation | Method and apparatus for cryptographic authentication |
US5832090A (en) | 1995-08-10 | 1998-11-03 | Hid Corporation | Radio frequency transponder stored value system employing a secure encryption protocol |
US5748740A (en) | 1995-09-29 | 1998-05-05 | Dallas Semiconductor Corporation | Method, apparatus, system and firmware for secure transactions |
US6049328A (en) | 1995-10-20 | 2000-04-11 | Wisconsin Alumni Research Foundation | Flexible access system for touch screen devices |
US5616901A (en) | 1995-12-19 | 1997-04-01 | Talking Signs, Inc. | Accessible automatic teller machines for sight-impaired persons and print-disabled persons |
DE69704684T2 (de) | 1996-02-23 | 2004-07-15 | Fuji Xerox Co., Ltd. | Vorrichtung und Verfahren zur Authentifizierung von Zugangsrechten eines Benutzers zu Betriebsmitteln nach dem Challenge-Response-Prinzip |
US6226383B1 (en) | 1996-04-17 | 2001-05-01 | Integrity Sciences, Inc. | Cryptographic methods for remote authentication |
US5768373A (en) | 1996-05-06 | 1998-06-16 | Symantec Corporation | Method for providing a secure non-reusable one-time password |
US5901874A (en) | 1996-05-07 | 1999-05-11 | Breakthrough Marketing, Inc. | Handicapped accessible dumpster |
US5763373A (en) | 1996-06-20 | 1998-06-09 | High Point Chemical Corp. | Method of preparing an alkaline earth metal tallate |
US6058373A (en) | 1996-10-16 | 2000-05-02 | Microsoft Corporation | System and method for processing electronic order forms |
US6483920B2 (en) | 1996-12-04 | 2002-11-19 | Bull, S.A. | Key recovery process used for strong encryption of messages |
US5796827A (en) | 1996-11-14 | 1998-08-18 | International Business Machines Corporation | System and method for near-field human-body coupling for encrypted communication with identification cards |
US6021203A (en) | 1996-12-11 | 2000-02-01 | Microsoft Corporation | Coercion resistant one-time-pad cryptosystem that facilitates transmission of messages having different levels of security |
US6061666A (en) | 1996-12-17 | 2000-05-09 | Citicorp Development Center | Automatic bank teller machine for the blind and visually impaired |
GB9626196D0 (en) | 1996-12-18 | 1997-02-05 | Ncr Int Inc | Self-service terminal (sst) and a method of oerating the sst to control movement of a card of the sst |
US6282522B1 (en) | 1997-04-30 | 2001-08-28 | Visa International Service Association | Internet payment system using smart card |
US7290288B2 (en) | 1997-06-11 | 2007-10-30 | Prism Technologies, L.L.C. | Method and system for controlling access, by an authentication server, to protected computer resources provided via an internet protocol network |
US5960411A (en) | 1997-09-12 | 1999-09-28 | Amazon.Com, Inc. | Method and system for placing a purchase order via a communications network |
US5983273A (en) | 1997-09-16 | 1999-11-09 | Webtv Networks, Inc. | Method and apparatus for providing physical security for a user account and providing access to the user's environment and preferences |
US5883810A (en) | 1997-09-24 | 1999-03-16 | Microsoft Corporation | Electronic online commerce card with transactionproxy number for online transactions |
DE69824437T2 (de) | 1997-10-14 | 2005-06-23 | Visa International Service Association, Foster City | Personalisieren von chipkarten |
IL122105A0 (en) | 1997-11-04 | 1998-04-05 | Rozin Alexander | A two-way radio-based electronic toll collection method and system for highway |
US6889198B2 (en) | 1998-01-30 | 2005-05-03 | Citicorp Development Center, Inc. | Method and system for tracking smart card loyalty points |
US7207477B1 (en) | 2004-03-08 | 2007-04-24 | Diebold, Incorporated | Wireless transfer of account data and signature from hand-held device to electronic check generator |
US6199762B1 (en) | 1998-05-06 | 2001-03-13 | American Express Travel Related Services Co., Inc. | Methods and apparatus for dynamic smartcard synchronization and personalization |
ATE282990T1 (de) | 1998-05-11 | 2004-12-15 | Citicorp Dev Ct Inc | System und verfahren zur biometrischen authentifizierung eines benutzers mit einer chipkarte |
JP3112076B2 (ja) | 1998-05-21 | 2000-11-27 | 豊 保倉 | ユーザ認証システム |
US6615189B1 (en) | 1998-06-22 | 2003-09-02 | Bank One, Delaware, National Association | Debit purchasing of stored value card for use by and/or delivery to others |
US6216227B1 (en) | 1998-06-29 | 2001-04-10 | Sun Microsystems, Inc. | Multi-venue ticketing using smart cards |
US6032136A (en) | 1998-11-17 | 2000-02-29 | First Usa Bank, N.A. | Customer activated multi-value (CAM) card |
US7660763B1 (en) | 1998-11-17 | 2010-02-09 | Jpmorgan Chase Bank, N.A. | Customer activated multi-value (CAM) card |
US6438550B1 (en) | 1998-12-10 | 2002-08-20 | International Business Machines Corporation | Method and apparatus for client authentication and application configuration via smart cards |
US6829711B1 (en) | 1999-01-26 | 2004-12-07 | International Business Machines Corporation | Personal website for electronic commerce on a smart java card with multiple security check points |
CA2363003A1 (en) | 1999-02-18 | 2000-08-24 | Orbis Patents Limited | Credit card system and method |
US6731778B1 (en) | 1999-03-31 | 2004-05-04 | Oki Electric Industry Co, Ltd. | Photographing apparatus and monitoring system using same |
US6402028B1 (en) | 1999-04-06 | 2002-06-11 | Visa International Service Association | Integrated production of smart cards |
US7127605B1 (en) | 1999-05-10 | 2006-10-24 | Axalto, Inc. | Secure sharing of application methods on a microcontroller |
US6227447B1 (en) | 1999-05-10 | 2001-05-08 | First Usa Bank, Na | Cardless payment system |
US6845498B1 (en) | 1999-05-11 | 2005-01-18 | Microsoft Corporation | Method and apparatus for sharing data files among run time environment applets in an integrated circuit card |
US6504945B1 (en) | 1999-07-13 | 2003-01-07 | Hewlett-Packard Company | System for promoting correct finger placement in a fingerprint reader |
US7908216B1 (en) | 1999-07-22 | 2011-03-15 | Visa International Service Association | Internet payment, authentication and loading system using virtual smart card |
US6324271B1 (en) | 1999-08-17 | 2001-11-27 | Nortel Networks Limited | System and method for authentication of caller identification |
SE515327C2 (sv) | 1999-08-27 | 2001-07-16 | Ericsson Telefon Ab L M | Anordning för att utföra säkra transaktioner i en kommunikationsanordning |
US7085931B1 (en) | 1999-09-03 | 2006-08-01 | Secure Computing Corporation | Virtual smart card system and method |
US6834271B1 (en) | 1999-09-24 | 2004-12-21 | Kryptosima | Apparatus for and method of secure ATM debit card and credit card payment transactions via the internet |
US7319986B2 (en) | 1999-09-28 | 2008-01-15 | Bank Of America Corporation | Dynamic payment cards and related management systems and associated methods |
US6910627B1 (en) | 1999-09-29 | 2005-06-28 | Canon Kabushiki Kaisha | Smart card systems and electronic ticketing methods |
JP2001195368A (ja) | 1999-11-01 | 2001-07-19 | Sony Corp | 認証情報通信システムおよび認証情報通信方法、携帯情報処理装置、並びにプログラム提供媒体 |
US8814039B2 (en) | 1999-11-05 | 2014-08-26 | Lead Core Fund, L.L.C. | Methods for processing a payment authorization request utilizing a network of point of sale devices |
US8794509B2 (en) | 1999-11-05 | 2014-08-05 | Lead Core Fund, L.L.C. | Systems and methods for processing a payment authorization request over disparate payment networks |
AU1431301A (en) | 1999-11-22 | 2001-06-04 | Intel Corporation | Integrity check values (icv) based on pseudorandom binary matrices |
AU3086101A (en) | 2000-01-05 | 2001-07-16 | American Express Travel Related Services Company, Inc. | Smartcard internet authorization system |
JP2003519879A (ja) | 2000-01-10 | 2003-06-24 | タリアン・エルエルシー | 認証および活性化のため組織病理学的・生理学的バイオメトリック・マーカを使用する装置 |
US20010034702A1 (en) | 2000-02-04 | 2001-10-25 | Mockett Gregory P. | System and method for dynamically issuing and processing transaction specific digital credit or debit cards |
EP1272954A4 (en) | 2000-02-16 | 2004-08-18 | Zipcar Inc | SYSTEMS AND METHODS FOR CONTROLLING VEHICLE ACCESS |
US8150767B2 (en) | 2000-02-16 | 2012-04-03 | Mastercard International Incorporated | System and method for conducting electronic commerce with a remote wallet server |
US6779115B1 (en) | 2000-02-18 | 2004-08-17 | Digital5, Inc. | Portable device using a smart card to receive and decrypt digital data |
US20010029485A1 (en) | 2000-02-29 | 2001-10-11 | E-Scoring, Inc. | Systems and methods enabling anonymous credit transactions |
US6852031B1 (en) | 2000-11-22 | 2005-02-08 | Igt | EZ pay smart card and tickets system |
US8046256B2 (en) | 2000-04-14 | 2011-10-25 | American Express Travel Related Services Company, Inc. | System and method for using loyalty rewards as currency |
AU2001257280C1 (en) | 2000-04-24 | 2009-01-15 | Visa International Service Association | Online payer authentication service |
US7933589B1 (en) | 2000-07-13 | 2011-04-26 | Aeritas, Llc | Method and system for facilitation of wireless e-commerce transactions |
US6631197B1 (en) | 2000-07-24 | 2003-10-07 | Gn Resound North America Corporation | Wide audio bandwidth transduction method and device |
AU2001286464A1 (en) | 2000-08-14 | 2002-02-25 | Peter H. Gien | System and method for secure smartcard issuance |
WO2002015117A2 (en) | 2000-08-17 | 2002-02-21 | Dexrad (Proprietary) Limited | The transfer of verification data |
AU2001288679A1 (en) | 2000-09-11 | 2002-03-26 | Sentrycom Ltd. | A biometric-based system and method for enabling authentication of electronic messages sent over a network |
US7006986B1 (en) | 2000-09-25 | 2006-02-28 | Ecardless Bancorp, Ltd. | Order file processes for purchasing on the internet using verified order information |
US6873260B2 (en) | 2000-09-29 | 2005-03-29 | Kenneth J. Lancos | System and method for selectively allowing the passage of a guest through a region within a coverage area |
US6877656B1 (en) | 2000-10-24 | 2005-04-12 | Capital One Financial Corporation | Systems, methods, and apparatus for instant issuance of a credit card |
US6721706B1 (en) | 2000-10-30 | 2004-04-13 | Koninklijke Philips Electronics N.V. | Environment-responsive user interface/entertainment device that simulates personal interaction |
US7069435B2 (en) | 2000-12-19 | 2006-06-27 | Tricipher, Inc. | System and method for authentication in a crypto-system utilizing symmetric and asymmetric crypto-keys |
US7606771B2 (en) | 2001-01-11 | 2009-10-20 | Cardinalcommerce Corporation | Dynamic number authentication for credit/debit cards |
EP1223565A1 (en) | 2001-01-12 | 2002-07-17 | Motorola, Inc. | Transaction system, portable device, terminal and methods of transaction |
US20020093530A1 (en) | 2001-01-17 | 2002-07-18 | Prasad Krothapalli | Automatic filling and submission of completed forms |
US20020152116A1 (en) | 2001-01-30 | 2002-10-17 | Yan Kent J. | Method and system for generating fixed and/or dynamic rebates in credit card type transactions |
US20020158123A1 (en) | 2001-01-30 | 2002-10-31 | Allen Rodney F. | Web-based smart card system and method for maintaining status information and verifying eligibility |
US7181017B1 (en) | 2001-03-23 | 2007-02-20 | David Felsher | System and method for secure three-party communications |
ATE364202T1 (de) | 2001-04-02 | 2007-06-15 | Motorola Inc | Aktivieren und deaktivieren von softwarefunktionen |
US7290709B2 (en) | 2001-04-10 | 2007-11-06 | Erica Tsai | Information card system |
US7044394B2 (en) | 2003-12-17 | 2006-05-16 | Kerry Dennis Brown | Programmable magnetic data storage card |
US20020153424A1 (en) | 2001-04-19 | 2002-10-24 | Chuan Li | Method and apparatus of secure credit card transaction |
US20040015958A1 (en) | 2001-05-15 | 2004-01-22 | Veil Leonard Scott | Method and system for conditional installation and execution of services in a secure computing environment |
US7206806B2 (en) | 2001-05-30 | 2007-04-17 | Pineau Richard A | Method and system for remote utilizing a mobile device to share data objects |
DE10127511A1 (de) | 2001-06-06 | 2003-01-02 | Wincor Nixdorf Gmbh & Co Kg | Schreib-/Lesegerät für eine Ausweis- oder Kreditkarte vom RFID-Typ |
US20030167350A1 (en) | 2001-06-07 | 2003-09-04 | Curl Corporation | Safe I/O through use of opaque I/O objects |
AUPR559201A0 (en) | 2001-06-08 | 2001-07-12 | Canon Kabushiki Kaisha | Card reading device for service access |
US6834795B1 (en) | 2001-06-29 | 2004-12-28 | Sun Microsystems, Inc. | Secure user authentication to computing resource via smart card |
US7762457B2 (en) | 2001-07-10 | 2010-07-27 | American Express Travel Related Services Company, Inc. | System and method for dynamic fob synchronization and personalization |
US7993197B2 (en) | 2001-08-10 | 2011-08-09 | Igt | Flexible loyalty points programs |
US8266451B2 (en) | 2001-08-31 | 2012-09-11 | Gemalto Sa | Voice activated smart card |
US20030055727A1 (en) | 2001-09-18 | 2003-03-20 | Walker Jay S. | Method and apparatus for facilitating the provision of a benefit to a customer of a retailer |
US7373515B2 (en) | 2001-10-09 | 2008-05-13 | Wireless Key Identification Systems, Inc. | Multi-factor authentication system |
JP3975720B2 (ja) | 2001-10-23 | 2007-09-12 | 株式会社日立製作所 | Icカード、顧客情報分析システムおよび顧客情報分析結果提供方法 |
US6641050B2 (en) | 2001-11-06 | 2003-11-04 | International Business Machines Corporation | Secure credit card |
US6934861B2 (en) | 2001-11-06 | 2005-08-23 | Crosscheck Identification Systems International, Inc. | National identification card system and biometric identity verification method for negotiating transactions |
US7243853B1 (en) | 2001-12-04 | 2007-07-17 | Visa U.S.A. Inc. | Method and system for facilitating memory and application management on a secured token |
US8108687B2 (en) | 2001-12-12 | 2012-01-31 | Valve Corporation | Method and system for granting access to system and content |
FR2834403B1 (fr) | 2001-12-27 | 2004-02-06 | France Telecom | Systeme cryptographique de signature de groupe |
JP3820999B2 (ja) | 2002-01-25 | 2006-09-13 | ソニー株式会社 | 近接通信システム及び近接通信方法、データ管理装置及びデータ管理方法、記憶媒体、並びにコンピュータ・プログラム |
SE524778C2 (sv) | 2002-02-19 | 2004-10-05 | Douglas Lundholm | Förfarande och arrangemang för att skydda mjukvara för otillbörlig användning eller kopiering |
US6905411B2 (en) | 2002-02-27 | 2005-06-14 | Igt | Player authentication for cashless gaming machine instruments |
US20030208449A1 (en) | 2002-05-06 | 2003-11-06 | Yuanan Diao | Credit card fraud prevention system and method using secure electronic credit card |
US7900048B2 (en) | 2002-05-07 | 2011-03-01 | Sony Ericsson Mobile Communications Ab | Method for loading an application in a device, device and smart card therefor |
CN100440195C (zh) | 2002-05-10 | 2008-12-03 | 斯伦贝谢(北京)智能卡科技有限公司 | 智能卡更换方法及其更换系统 |
US20040127256A1 (en) | 2002-07-30 | 2004-07-01 | Scott Goldthwaite | Mobile device equipped with a contactless smart card reader/writer |
US8010405B1 (en) | 2002-07-26 | 2011-08-30 | Visa Usa Inc. | Multi-application smart card device software solution for smart cardholder reward selection and redemption |
US7697920B1 (en) | 2006-05-05 | 2010-04-13 | Boojum Mobile | System and method for providing authentication and authorization utilizing a personal wireless communication device |
EP3547599A1 (en) | 2002-08-06 | 2019-10-02 | Apple Inc. | Methods for secure enrollment and backup of personal identity credentials into electronic devices |
JP4553565B2 (ja) | 2002-08-26 | 2010-09-29 | パナソニック株式会社 | 電子バリューの認証方式と認証システムと装置 |
CZ2005209A3 (cs) | 2002-09-10 | 2005-12-14 | Ivi Smart Technologies, Inc. | Bezpečné biometrické ověření identity |
US7306143B2 (en) | 2002-09-20 | 2007-12-11 | Cubic Corporation | Dynamic smart card/media imaging |
US9710804B2 (en) | 2012-10-07 | 2017-07-18 | Andrew H B Zhou | Virtual payment cards issued by banks for mobile and wearable devices |
US8985442B1 (en) | 2011-07-18 | 2015-03-24 | Tiger T G Zhou | One-touch payment using haptic control via a messaging and calling multimedia system on mobile device and wearable device, currency token interface, point of sale device, and electronic payment card |
WO2004036492A2 (en) | 2002-10-16 | 2004-04-29 | Sci-Tel Ltd. | Smart card network interface device |
US9251518B2 (en) | 2013-03-15 | 2016-02-02 | Live Nation Entertainment, Inc. | Centralized and device-aware ticket-transfer system and methods |
US9740988B1 (en) | 2002-12-09 | 2017-08-22 | Live Nation Entertainment, Inc. | System and method for using unique device indentifiers to enhance security |
EP1588318A1 (en) | 2003-01-14 | 2005-10-26 | Koninklijke Philips Electronics N.V. | Method and terminal for detecting fake and/or modified smart card |
US7453439B1 (en) | 2003-01-16 | 2008-11-18 | Forward Input Inc. | System and method for continuous stroke word-based text input |
US20050195975A1 (en) | 2003-01-21 | 2005-09-08 | Kevin Kawakita | Digital media distribution cryptography using media ticket smart cards |
US8589335B2 (en) | 2003-04-21 | 2013-11-19 | Visa International Service Association | Smart card personalization assistance tool |
EP1632091A4 (en) | 2003-05-12 | 2006-07-26 | Gtech Corp | METHOD AND SYSTEM FOR AUTHENTICATION |
US7949559B2 (en) | 2003-05-27 | 2011-05-24 | Citicorp Credit Services, Inc. | Credit card rewards program system and method |
US8200775B2 (en) | 2005-02-01 | 2012-06-12 | Newsilike Media Group, Inc | Enhanced syndication |
JP4744106B2 (ja) | 2003-08-06 | 2011-08-10 | パナソニック株式会社 | セキュアデバイス、情報処理端末、通信システム及び通信方法 |
US20050075985A1 (en) | 2003-10-03 | 2005-04-07 | Brian Cartmell | Voice authenticated credit card purchase verification |
FI20031482A (fi) | 2003-10-10 | 2005-04-11 | Open Bit Oy Ltd | Maksutapahtumatietojen prosessointi |
US7597250B2 (en) | 2003-11-17 | 2009-10-06 | Dpd Patent Trust Ltd. | RFID reader with multiple interfaces |
US20050138387A1 (en) | 2003-12-19 | 2005-06-23 | Lam Wai T. | System and method for authorizing software use |
US7357309B2 (en) | 2004-01-16 | 2008-04-15 | Telefonaktiebolaget Lm Ericsson (Publ) | EMV transactions in mobile terminals |
US7374099B2 (en) | 2004-02-24 | 2008-05-20 | Sun Microsystems, Inc. | Method and apparatus for processing an application identifier from a smart card |
US7165727B2 (en) | 2004-02-24 | 2007-01-23 | Sun Microsystems, Inc. | Method and apparatus for installing an application onto a smart card |
US7472829B2 (en) | 2004-12-10 | 2009-01-06 | Qsecure, Inc. | Payment card with internally generated virtual account numbers for its magnetic stripe encoder and user display |
US7584153B2 (en) | 2004-03-15 | 2009-09-01 | Qsecure, Inc. | Financial transactions with dynamic card verification values |
JP2007529797A (ja) | 2004-03-19 | 2007-10-25 | フンベル ローガー | 認証機能および支払い機能を備えた、無線自転車キー、自動車、家屋、rfidタグのための携帯電話におけるオールインワンキーまたは制御ソフトウェアカード |
US20140019352A1 (en) | 2011-02-22 | 2014-01-16 | Visa International Service Association | Multi-purpose virtual card transaction apparatuses, methods and systems |
US7748617B2 (en) | 2004-04-12 | 2010-07-06 | Gray R O'neal | Electronic identification system |
CN100549985C (zh) | 2004-05-03 | 2009-10-14 | 捷讯研究有限公司 | 用于应用认证的系统和方法 |
US8762283B2 (en) | 2004-05-03 | 2014-06-24 | Visa International Service Association | Multiple party benefit from an online authentication service |
US7703142B1 (en) | 2004-05-06 | 2010-04-20 | Sprint Communications Company L.P. | Software license authorization system |
US7660779B2 (en) | 2004-05-12 | 2010-02-09 | Microsoft Corporation | Intelligent autofill |
GB0411777D0 (en) | 2004-05-26 | 2004-06-30 | Crypomathic Ltd | Computationally asymmetric cryptographic systems |
US7314165B2 (en) | 2004-07-01 | 2008-01-01 | American Express Travel Related Services Company, Inc. | Method and system for smellprint recognition biometrics on a smartcard |
US7175076B1 (en) | 2004-07-07 | 2007-02-13 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Cash dispensing automated banking machine user interface system and method |
US8439271B2 (en) | 2004-07-15 | 2013-05-14 | Mastercard International Incorporated | Method and system using a bitmap for passing contactless payment card transaction variables in standardized data formats |
US7424977B2 (en) | 2004-07-15 | 2008-09-16 | Mastercard International Incorporated | Method and system for conducting contactless payment card transactions |
US7287692B1 (en) | 2004-07-28 | 2007-10-30 | Cisco Technology, Inc. | System and method for securing transactions in a contact center environment |
EP1630712A1 (en) | 2004-08-24 | 2006-03-01 | Sony Deutschland GmbH | Method for operating a near field communication system |
BRPI0514159A2 (pt) | 2004-08-27 | 2008-11-25 | Victorion Technology Co Ltd | dispositivo transmissor de comunicaÇço sem fio por conduÇço pelo osso nasal, sistema transmissor de comunicaÇço sem fio por conduÇço pelo osso nasal, e auxiliar auditivo de conduÇço pelo osso nasal |
US20060047954A1 (en) | 2004-08-30 | 2006-03-02 | Axalto Inc. | Data access security implementation using the public key mechanism |
US7375616B2 (en) | 2004-09-08 | 2008-05-20 | Nokia Corporation | Electronic near field communication enabled multifunctional device and method of its operation |
US7270276B2 (en) | 2004-09-29 | 2007-09-18 | Sap Ag | Multi-application smartcard |
US20060085848A1 (en) | 2004-10-19 | 2006-04-20 | Intel Corporation | Method and apparatus for securing communications between a smartcard and a terminal |
US7748636B2 (en) | 2004-11-16 | 2010-07-06 | Dpd Patent Trust Ltd. | Portable identity card reader system for physical and logical access |
GB2410113A (en) | 2004-11-29 | 2005-07-20 | Morse Group Ltd | A system and method of accessing banking services via a mobile telephone |
TW200642408A (en) | 2004-12-07 | 2006-12-01 | Farsheed Atef | System and method for identity verification and management |
US7232073B1 (en) | 2004-12-21 | 2007-06-19 | Sun Microsystems, Inc. | Smart card with multiple applications |
GB0428543D0 (en) | 2004-12-31 | 2005-02-09 | British Telecomm | Control of data exchange |
US8200700B2 (en) | 2005-02-01 | 2012-06-12 | Newsilike Media Group, Inc | Systems and methods for use of structured and unstructured distributed data |
US20130104251A1 (en) | 2005-02-01 | 2013-04-25 | Newsilike Media Group, Inc. | Security systems and methods for use with structured and unstructured data |
US8347088B2 (en) | 2005-02-01 | 2013-01-01 | Newsilike Media Group, Inc | Security systems and methods for use with structured and unstructured data |
DE102005004902A1 (de) | 2005-02-02 | 2006-08-10 | Utimaco Safeware Ag | Verfahren zur Anmeldung eines Nutzers an einem Computersystem |
US7581678B2 (en) | 2005-02-22 | 2009-09-01 | Tyfone, Inc. | Electronic transaction card |
CN101171604A (zh) | 2005-03-07 | 2008-04-30 | 诺基亚公司 | 包括智能卡模块和近场通信装置的方法和移动终端设备 |
US7628322B2 (en) | 2005-03-07 | 2009-12-08 | Nokia Corporation | Methods, system and mobile device capable of enabling credit card personalization using a wireless network |
US7128274B2 (en) | 2005-03-24 | 2006-10-31 | International Business Machines Corporation | Secure credit card with near field communications |
US8266441B2 (en) | 2005-04-22 | 2012-09-11 | Bank Of America Corporation | One-time password credit/debit card |
WO2006119184A2 (en) | 2005-05-04 | 2006-11-09 | Tricipher, Inc. | Protecting one-time-passwords against man-in-the-middle attacks |
US20080035738A1 (en) | 2005-05-09 | 2008-02-14 | Mullen Jeffrey D | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
US7793851B2 (en) | 2005-05-09 | 2010-09-14 | Dynamics Inc. | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
WO2006124808A2 (en) | 2005-05-16 | 2006-11-23 | Mastercard International Incorporated | Method and system for using contactless payment cards in a transit system |
US20060280338A1 (en) | 2005-06-08 | 2006-12-14 | Xerox Corporation | Systems and methods for the visually impared |
US8583454B2 (en) | 2005-07-28 | 2013-11-12 | Beraja Ip, Llc | Medical claims fraud prevention system including photograph records identification and associated methods |
US8762263B2 (en) | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
US20070067833A1 (en) | 2005-09-20 | 2007-03-22 | Colnot Vincent C | Methods and Apparatus for Enabling Secure Network-Based Transactions |
CA2624981C (en) | 2005-10-06 | 2017-06-13 | C-Sam, Inc. | Three-dimensional transaction authentication |
US8245292B2 (en) | 2005-11-16 | 2012-08-14 | Broadcom Corporation | Multi-factor authentication using a smartcard |
JP4435076B2 (ja) | 2005-11-18 | 2010-03-17 | フェリカネットワークス株式会社 | 携帯端末,データ通信方法,およびコンピュータプログラム |
US7568631B2 (en) | 2005-11-21 | 2009-08-04 | Sony Corporation | System, apparatus and method for obtaining one-time credit card numbers using a smart card |
US8511547B2 (en) | 2005-12-22 | 2013-08-20 | Mastercard International Incorporated | Methods and systems for two-factor authentication using contactless chip cards or devices and mobile devices or dedicated personal readers |
FR2895608B1 (fr) | 2005-12-23 | 2008-03-21 | Trusted Logic Sa | Procede pour la realisation d'un compteur securise sur un systeme informatique embarque disposant d'une carte a puce |
US8559987B1 (en) | 2005-12-31 | 2013-10-15 | Blaze Mobile, Inc. | Wireless bidirectional communications between a mobile device and associated secure element |
US7775427B2 (en) | 2005-12-31 | 2010-08-17 | Broadcom Corporation | System and method for binding a smartcard and a smartcard reader |
US8352323B2 (en) | 2007-11-30 | 2013-01-08 | Blaze Mobile, Inc. | Conducting an online payment transaction using an NFC enabled mobile communication device |
US8224018B2 (en) | 2006-01-23 | 2012-07-17 | Digimarc Corporation | Sensing data from physical objects |
US9137012B2 (en) | 2006-02-03 | 2015-09-15 | Emc Corporation | Wireless authentication methods and apparatus |
US20070224969A1 (en) | 2006-03-24 | 2007-09-27 | Rao Bindu R | Prepaid simcard for automatically enabling services |
US7380710B2 (en) | 2006-04-28 | 2008-06-03 | Qsecure, Inc. | Payment card preloaded with unique numbers |
US7571471B2 (en) | 2006-05-05 | 2009-08-04 | Tricipher, Inc. | Secure login using a multifactor split asymmetric crypto-key with persistent key security |
DE602007008313D1 (de) | 2006-05-10 | 2010-09-23 | Inside Contactless | Verfahren zur Weiterleitung von aus- und eingehenden Daten in ein NFC-Chipset |
EP1873962B1 (en) | 2006-06-29 | 2009-08-19 | Incard SA | Method for key diversification on an IC Card |
US9985950B2 (en) | 2006-08-09 | 2018-05-29 | Assa Abloy Ab | Method and apparatus for making a decision on a card |
GB0616331D0 (en) | 2006-08-16 | 2006-09-27 | Innovision Res & Tech Plc | Near Field RF Communicators And Near Field Communications Enabled Devices |
US20080072303A1 (en) | 2006-09-14 | 2008-03-20 | Schlumberger Technology Corporation | Method and system for one time password based authentication and integrated remote access |
US20080071681A1 (en) | 2006-09-15 | 2008-03-20 | Khalid Atm Shafiqul | Dynamic Credit and Check Card |
US8322624B2 (en) | 2007-04-10 | 2012-12-04 | Feinics Amatech Teoranta | Smart card with switchable matching antenna |
US8738485B2 (en) | 2007-12-28 | 2014-05-27 | Visa U.S.A. Inc. | Contactless prepaid product for transit fare collection |
US7962369B2 (en) | 2006-09-29 | 2011-06-14 | Einar Rosenberg | Apparatus and method using near field communications |
US8474028B2 (en) | 2006-10-06 | 2013-06-25 | Fmr Llc | Multi-party, secure multi-channel authentication |
GB2443234B8 (en) | 2006-10-24 | 2009-01-28 | Innovision Res & Tech Plc | Near field RF communicators and near field RF communications enabled devices |
WO2008054715A2 (en) | 2006-10-31 | 2008-05-08 | Solicore, Inc. | Powered print advertisements, product packaging, and trading cards |
US8267313B2 (en) | 2006-10-31 | 2012-09-18 | American Express Travel Related Services Company, Inc. | System and method for providing a gift card which affords benefits beyond what is purchased |
US8682791B2 (en) | 2006-10-31 | 2014-03-25 | Discover Financial Services | Redemption of credit card rewards at a point of sale |
US9251637B2 (en) | 2006-11-15 | 2016-02-02 | Bank Of America Corporation | Method and apparatus for using at least a portion of a one-time password as a dynamic card verification value |
US8365258B2 (en) | 2006-11-16 | 2013-01-29 | Phonefactor, Inc. | Multi factor authentication |
CN101192295A (zh) | 2006-11-30 | 2008-06-04 | 讯想科技股份有限公司 | 芯片信用卡网络交易系统与方法 |
US8041954B2 (en) | 2006-12-07 | 2011-10-18 | Paul Plesman | Method and system for providing a secure login solution using one-time passwords |
US20080162312A1 (en) | 2006-12-29 | 2008-07-03 | Motorola, Inc. | Method and system for monitoring secure applet events during contactless rfid/nfc communication |
US7594605B2 (en) | 2007-01-10 | 2009-09-29 | At&T Intellectual Property I, L.P. | Credit card transaction servers, methods and computer program products employing wireless terminal location and registered purchasing locations |
GB2442249B (en) | 2007-02-20 | 2008-09-10 | Cryptomathic As | Authentication device and method |
US8095974B2 (en) | 2007-02-23 | 2012-01-10 | At&T Intellectual Property I, L.P. | Methods, systems, and products for identity verification |
US8463711B2 (en) | 2007-02-27 | 2013-06-11 | Igt | Methods and architecture for cashless system security |
US9081948B2 (en) | 2007-03-13 | 2015-07-14 | Red Hat, Inc. | Configurable smartcard |
US20080223918A1 (en) | 2007-03-15 | 2008-09-18 | Microsoft Corporation | Payment tokens |
EP2135359A4 (en) | 2007-03-16 | 2011-07-27 | Lg Electronics Inc | APPLICATION EXECUTION, NON-CONTACT IN NON-BATTERY MODE |
US8285329B1 (en) | 2007-04-02 | 2012-10-09 | Sprint Communications Company L.P. | Mobile device-based control of smart card operation |
US8667285B2 (en) | 2007-05-31 | 2014-03-04 | Vasco Data Security, Inc. | Remote authentication and transaction signatures |
US7739169B2 (en) | 2007-06-25 | 2010-06-15 | Visa U.S.A. Inc. | Restricting access to compromised account information |
US20120252350A1 (en) | 2007-07-24 | 2012-10-04 | Allan Steinmetz | Vehicle safety device for reducing driver distractions |
US20090037275A1 (en) | 2007-08-03 | 2009-02-05 | Pollio Michael J | Consolidated membership/rewards card system |
US8235825B2 (en) | 2007-08-14 | 2012-08-07 | John B. French | Smart card holder for automated gaming system and gaming cards |
US20110101093A1 (en) | 2007-08-19 | 2011-05-05 | Yubico Ab | Device and method for generating dynamic credit card data |
US7748609B2 (en) | 2007-08-31 | 2010-07-06 | Gemalto Inc. | System and method for browser based access to smart cards |
US20090143104A1 (en) | 2007-09-21 | 2009-06-04 | Michael Loh | Wireless smart card and integrated personal area network, near field communication and contactless payment system |
US8249654B1 (en) | 2007-09-27 | 2012-08-21 | Sprint Communications Company L.P. | Dynamic smart card application loading |
US8095113B2 (en) | 2007-10-17 | 2012-01-10 | First Data Corporation | Onetime passwords for smart chip cards |
GB2457221A (en) | 2007-10-17 | 2009-08-12 | Vodafone Plc | Smart Card Web Server (SCWS) administration within a plurality of security domains |
FR2922701B1 (fr) | 2007-10-23 | 2009-11-20 | Inside Contacless | Procede de personnalisation securise d'un chipset nfc |
US7652578B2 (en) | 2007-10-29 | 2010-01-26 | Motorola, Inc. | Detection apparatus and method for near field communication devices |
US8135648B2 (en) | 2007-11-01 | 2012-03-13 | Gtech Corporation | Authentication of lottery tickets, game machine credit vouchers, and other items |
US20090132417A1 (en) | 2007-11-15 | 2009-05-21 | Ebay Inc. | System and method for selecting secure card numbers |
US20090159705A1 (en) | 2007-12-24 | 2009-06-25 | Dynamics Inc. | Payment cards and devices operable to receive point-of-sale actions before point-of-sale and forward actions at point-of-sale |
WO2009089099A1 (en) | 2008-01-04 | 2009-07-16 | M2 International Ltd. | Dynamic card verification value |
GB0801225D0 (en) | 2008-01-23 | 2008-02-27 | Innovision Res & Tech Plc | Near field RF communications |
US9558485B2 (en) | 2008-01-30 | 2017-01-31 | Paypal, Inc. | Two step near field communication transactions |
US8369960B2 (en) | 2008-02-12 | 2013-02-05 | Cardiac Pacemakers, Inc. | Systems and methods for controlling wireless signal transfers between ultrasound-enabled medical devices |
US9947002B2 (en) | 2008-02-15 | 2018-04-17 | First Data Corporation | Secure authorization of contactless transaction |
US8302167B2 (en) | 2008-03-11 | 2012-10-30 | Vasco Data Security, Inc. | Strong authentication token generating one-time passwords and signatures upon server credential verification |
ES2386164T3 (es) | 2008-03-27 | 2012-08-10 | Motorola Mobility, Inc. | Método y aparato para la selección automática de una aplicación de comunicación de campo cercano en un dispositivo electrónico |
ITMI20080536A1 (it) | 2008-03-28 | 2009-09-29 | Incard Sa | Metodo per proteggere un file cap per una carta a circuito integrato. |
US8024576B2 (en) | 2008-03-31 | 2011-09-20 | International Business Machines Corporation | Method and system for authenticating users with a one time password using an image reader |
US8365988B1 (en) | 2008-04-11 | 2013-02-05 | United Services Automobile Association (Usaa) | Dynamic credit card security code via mobile device |
US8347112B2 (en) | 2008-05-08 | 2013-01-01 | Texas Instruments Incorporated | Encryption/decryption engine with secure modes for key decryption and key derivation |
US9082117B2 (en) | 2008-05-17 | 2015-07-14 | David H. Chin | Gesture based authentication for wireless payment by a mobile electronic device |
US8099332B2 (en) | 2008-06-06 | 2012-01-17 | Apple Inc. | User interface for application management for a mobile device |
EP2139196A1 (en) | 2008-06-26 | 2009-12-30 | France Telecom | Method and system for remotely blocking/unblocking NFC applications on a terminal |
US8229853B2 (en) | 2008-07-24 | 2012-07-24 | International Business Machines Corporation | Dynamic itinerary-driven profiling for preventing unauthorized card transactions |
US8662401B2 (en) | 2008-07-25 | 2014-03-04 | First Data Corporation | Mobile payment adoption by adding a dedicated payment button to mobile device form factors |
US8740073B2 (en) | 2008-08-01 | 2014-06-03 | Mastercard International Incorporated | Methods, systems and computer readable media for storing and redeeming electronic certificates using a wireless smart card |
US8706622B2 (en) | 2008-08-05 | 2014-04-22 | Visa U.S.A. Inc. | Account holder demand account update |
US8438382B2 (en) | 2008-08-06 | 2013-05-07 | Symantec Corporation | Credential management system and method |
US20100033310A1 (en) | 2008-08-08 | 2010-02-11 | Narendra Siva G | Power negotation for small rfid card |
CA2733522C (en) | 2008-08-08 | 2013-10-01 | Assa Abloy Ab | Directional sensing mechanism and communications authentication |
CN102160061B (zh) | 2008-08-20 | 2014-04-09 | X卡控股有限公司 | 安全智能卡系统 |
US8103249B2 (en) | 2008-08-23 | 2012-01-24 | Visa U.S.A. Inc. | Credit card imaging for mobile payment and other applications |
US10970777B2 (en) | 2008-09-15 | 2021-04-06 | Mastercard International Incorporated | Apparatus and method for bill payment card enrollment |
US20100078471A1 (en) | 2008-09-30 | 2010-04-01 | Apple Inc. | System and method for processing peer-to-peer financial transactions |
US9037513B2 (en) | 2008-09-30 | 2015-05-19 | Apple Inc. | System and method for providing electronic event tickets |
US20100094754A1 (en) | 2008-10-13 | 2010-04-15 | Global Financial Passport, Llc | Smartcard based secure transaction systems and methods |
US20100095130A1 (en) | 2008-10-13 | 2010-04-15 | Global Financial Passport, Llc | Smartcards for secure transaction systems |
US8689013B2 (en) | 2008-10-21 | 2014-04-01 | G. Wouter Habraken | Dual-interface key management |
CN101729502B (zh) | 2008-10-23 | 2012-09-05 | 中兴通讯股份有限公司 | 密钥分发方法和系统 |
US8371501B1 (en) | 2008-10-27 | 2013-02-12 | United Services Automobile Association (Usaa) | Systems and methods for a wearable user authentication factor |
EP2182439A1 (en) | 2008-10-28 | 2010-05-05 | Gemalto SA | Method of managing data sent over the air to an applet having a restricted interface |
US20100114731A1 (en) | 2008-10-30 | 2010-05-06 | Kingston Tamara S | ELECTRONIC WALLET ("eWallet") |
WO2010069033A1 (en) | 2008-12-18 | 2010-06-24 | Bce Inc | Validation method and system for use in securing nomadic electronic transactions |
EP2199992A1 (en) | 2008-12-19 | 2010-06-23 | Gemalto SA | Secure activation before contactless banking smart card transaction |
US10354321B2 (en) | 2009-01-22 | 2019-07-16 | First Data Corporation | Processing transactions with an extended application ID and dynamic cryptograms |
US9065812B2 (en) | 2009-01-23 | 2015-06-23 | Microsoft Technology Licensing, Llc | Protecting transactions |
EP2852070B1 (en) | 2009-01-26 | 2019-01-23 | Google Technology Holdings LLC | Wireless communication device for providing at least one near field communication service |
US9509436B2 (en) | 2009-01-29 | 2016-11-29 | Cubic Corporation | Protection of near-field communication exchanges |
EP2219374A1 (en) | 2009-02-13 | 2010-08-18 | Irdeto Access B.V. | Securely providing a control word from a smartcard to a conditional access module |
CN103152080B (zh) | 2009-02-26 | 2015-12-23 | 中兴通讯股份有限公司 | 支持增强型近场通信的终端及其处理方法 |
US20100240413A1 (en) | 2009-03-21 | 2010-09-23 | Microsoft Corporation | Smart Card File System |
US8567670B2 (en) | 2009-03-27 | 2013-10-29 | Intersections Inc. | Dynamic card verification values and credit transactions |
EP2199965A1 (en) | 2009-04-22 | 2010-06-23 | Euro-Wallet B.V. | Payment transaction client, server and system |
US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
US8417231B2 (en) | 2009-05-17 | 2013-04-09 | Qualcomm Incorporated | Method and apparatus for programming a mobile device with multiple service accounts |
US8391719B2 (en) | 2009-05-22 | 2013-03-05 | Motorola Mobility Llc | Method and system for conducting communication between mobile devices |
US20100312635A1 (en) | 2009-06-08 | 2010-12-09 | Cervenka Karen L | Free sample coupon card |
US20100312634A1 (en) | 2009-06-08 | 2010-12-09 | Cervenka Karen L | Coupon card point of service terminal processing |
US9886696B2 (en) | 2009-07-29 | 2018-02-06 | Shopkick, Inc. | Method and system for presence detection |
US8186602B2 (en) | 2009-08-18 | 2012-05-29 | On Track Innovations, Ltd. | Multi-application contactless smart card |
US20110060631A1 (en) | 2009-09-04 | 2011-03-10 | Bank Of America | Redemption of customer benefit offers based on goods identification |
US8317094B2 (en) | 2009-09-23 | 2012-11-27 | Mastercard International Incorporated | Methods and systems for displaying loyalty program information on a payment card |
US9251538B1 (en) | 2009-09-23 | 2016-02-02 | Verient Inc | System and method for automatically filling webpage fields |
US8830866B2 (en) | 2009-09-30 | 2014-09-09 | Apple Inc. | Methods and apparatus for solicited activation for protected wireless networking |
US20110084132A1 (en) | 2009-10-08 | 2011-04-14 | At&T Intellectual Property I, L.P. | Devices, Systems and Methods for Secure Remote Medical Diagnostics |
US9307065B2 (en) | 2009-10-09 | 2016-04-05 | Panasonic Intellectual Property Management Co., Ltd. | Method and apparatus for processing E-mail and outgoing calls |
US8806592B2 (en) | 2011-01-21 | 2014-08-12 | Authentify, Inc. | Method for secure user and transaction authentication and risk management |
US8843757B2 (en) | 2009-11-12 | 2014-09-23 | Ca, Inc. | One time PIN generation |
US8799668B2 (en) | 2009-11-23 | 2014-08-05 | Fred Cheng | Rubbing encryption algorithm and security attack safe OTP token |
US9258715B2 (en) | 2009-12-14 | 2016-02-09 | Apple Inc. | Proactive security for mobile devices |
EP2336986A1 (en) | 2009-12-17 | 2011-06-22 | Gemalto SA | Method of personalizing an application embedded in a secured electronic token |
US10049356B2 (en) | 2009-12-18 | 2018-08-14 | First Data Corporation | Authentication of card-not-present transactions |
US9324066B2 (en) | 2009-12-21 | 2016-04-26 | Verizon Patent And Licensing Inc. | Method and system for providing virtual credit card services |
US8615468B2 (en) | 2010-01-27 | 2013-12-24 | Ca, Inc. | System and method for generating a dynamic card value |
CA2694500C (en) | 2010-02-24 | 2015-07-07 | Diversinet Corp. | Method and system for secure communication |
US10255601B2 (en) | 2010-02-25 | 2019-04-09 | Visa International Service Association | Multifactor authentication using a directory server |
US9129270B2 (en) | 2010-03-02 | 2015-09-08 | Gonow Technologies, Llc | Portable E-wallet and universal card |
US9317018B2 (en) | 2010-03-02 | 2016-04-19 | Gonow Technologies, Llc | Portable e-wallet and universal card |
SI23227A (sl) | 2010-03-10 | 2011-05-31 | Margento R&D D.O.O. | Brezžični mobilni transakcijski sistem in postopek izvedbe transakcije z mobilnim telefonom |
US20110238564A1 (en) | 2010-03-26 | 2011-09-29 | Kwang Hyun Lim | System and Method for Early Detection of Fraudulent Transactions |
US8811892B2 (en) | 2010-04-05 | 2014-08-19 | Mastercard International Incorporated | Systems, methods, and computer readable media for performing multiple transactions through a single near field communication (NFC) tap |
US8725880B2 (en) * | 2010-04-07 | 2014-05-13 | Apple, Inc. | Establishing online communication sessions between client computing devices |
US10304051B2 (en) | 2010-04-09 | 2019-05-28 | Paypal, Inc. | NFC mobile wallet processing systems and methods |
US20120109735A1 (en) | 2010-05-14 | 2012-05-03 | Mark Stanley Krawczewicz | Mobile Payment System with Thin Film Display |
US9122964B2 (en) | 2010-05-14 | 2015-09-01 | Mark Krawczewicz | Batteryless stored value card with display |
US9047531B2 (en) | 2010-05-21 | 2015-06-02 | Hand Held Products, Inc. | Interactive user interface for capturing a document in an image signal |
TWI504229B (zh) | 2010-05-27 | 2015-10-11 | Mstar Semiconductor Inc | 支援電子錢包功能之行動裝置 |
WO2011153505A1 (en) | 2010-06-04 | 2011-12-08 | Visa International Service Association | Payment tokenization apparatuses, methods and systems |
WO2012000091A1 (en) | 2010-06-28 | 2012-01-05 | Lionstone Capital Corporation | Systems and methods for diversification of encryption algorithms and obfuscation symbols, symbol spaces and/or schemas |
US8723941B1 (en) | 2010-06-29 | 2014-05-13 | Bank Of America Corporation | Handicap-accessible ATM |
CN103109259A (zh) | 2010-07-01 | 2013-05-15 | 以谢·白南斯托克 | 位置感知移动连接及信息交换系统 |
US8500031B2 (en) | 2010-07-29 | 2013-08-06 | Bank Of America Corporation | Wearable article having point of sale payment functionality |
US20120036076A1 (en) * | 2010-08-06 | 2012-02-09 | Jennifer Vanderwall | Prepaid distribution application and device |
US9916572B2 (en) | 2010-08-18 | 2018-03-13 | International Business Machines Corporation | Payment card processing system |
US8312519B1 (en) | 2010-09-30 | 2012-11-13 | Daniel V Bailey | Agile OTP generation |
US8799087B2 (en) | 2010-10-27 | 2014-08-05 | Mastercard International Incorporated | Systems, methods, and computer readable media for utilizing one or more preferred application lists in a wireless device reader |
US9965756B2 (en) | 2013-02-26 | 2018-05-08 | Digimarc Corporation | Methods and arrangements for smartphone payments |
WO2012071078A1 (en) | 2010-11-23 | 2012-05-31 | X-Card Holdings, Llc | One-time password card for secure transactions |
US20120143754A1 (en) | 2010-12-03 | 2012-06-07 | Narendra Patel | Enhanced credit card security apparatus and method |
US8807440B1 (en) | 2010-12-17 | 2014-08-19 | Google Inc. | Routing secure element payment requests to an alternate application |
US8726405B1 (en) | 2010-12-23 | 2014-05-13 | Emc Corporation | Techniques for providing security using a mobile wireless communications device having data loss prevention circuitry |
US8977195B2 (en) | 2011-01-06 | 2015-03-10 | Texas Insruments Incorporated | Multiple NFC card applications in multiple execution environments |
US8475367B1 (en) | 2011-01-09 | 2013-07-02 | Fitbit, Inc. | Biometric monitoring device having a body weight sensor, and methods of operating same |
US20140379361A1 (en) | 2011-01-14 | 2014-12-25 | Shilpak Mahadkar | Healthcare Prepaid Payment Platform Apparatuses, Methods And Systems |
WO2012104978A1 (ja) | 2011-01-31 | 2012-08-09 | 富士通株式会社 | 通信方法、ノード、およびネットワークシステム |
US10373160B2 (en) | 2011-02-10 | 2019-08-06 | Paypal, Inc. | Fraud alerting using mobile phone location |
EP2487629B1 (en) | 2011-02-10 | 2016-11-30 | Nxp B.V. | Secure smart poster |
US20130030828A1 (en) | 2011-03-04 | 2013-01-31 | Pourfallah Stacy S | Healthcare incentive apparatuses, methods and systems |
US20120238206A1 (en) | 2011-03-14 | 2012-09-20 | Research In Motion Limited | Communications device providing near field communication (nfc) secure element disabling features related methods |
WO2012125655A1 (en) | 2011-03-14 | 2012-09-20 | Conner Investments, Llc | Bluetooth enabled credit card with a large date storage volume |
US20120280790A1 (en) * | 2011-05-02 | 2012-11-08 | Apigy Inc. | Systems and methods for controlling a locking mechanism using a portable electronic device |
US20120284194A1 (en) | 2011-05-03 | 2012-11-08 | Microsoft Corporation | Secure card-based transactions using mobile phones or other mobile devices |
EP2707847A4 (en) | 2011-05-10 | 2015-04-01 | Dynamics Inc | SYSTEMS, APPARATUS AND METHOD FOR MOBILE PAYMENT RECEIVING, MOBILE AUTHORIZATIONS, MOBILE POCKETS AND CONTACTLESS COMMUNICATION MECHANISMS |
US20120296818A1 (en) | 2011-05-17 | 2012-11-22 | Ebay Inc. | Method for authorizing the activation of a spending card |
US8868902B1 (en) | 2013-07-01 | 2014-10-21 | Cryptite LLC | Characteristically shaped colorgram tokens in mobile transactions |
WO2013101297A1 (en) | 2011-06-07 | 2013-07-04 | Visa International Service Association | Payment privacy tokenization apparatuses, methods and systems |
WO2012170895A1 (en) | 2011-06-09 | 2012-12-13 | Yeager C Douglas | Systems and methods for authorizing a transaction |
EP2541458B1 (en) | 2011-06-27 | 2017-10-04 | Nxp B.V. | Resource management system and corresponding method |
US9042814B2 (en) | 2011-06-27 | 2015-05-26 | Broadcom Corporation | Measurement and reporting of received signal strength in NFC-enabled devices |
US9209867B2 (en) | 2011-06-28 | 2015-12-08 | Broadcom Corporation | Device for authenticating wanted NFC interactions |
US9026047B2 (en) | 2011-06-29 | 2015-05-05 | Broadcom Corporation | Systems and methods for providing NFC secure application support in battery-off mode when no nonvolatile memory write access is available |
US8620218B2 (en) | 2011-06-29 | 2013-12-31 | Broadcom Corporation | Power harvesting and use in a near field communications (NFC) device |
US9390411B2 (en) | 2011-07-27 | 2016-07-12 | Murray Jarman | System or method for storing credit on a value card or cellular phone rather than accepting coin change |
US9075979B1 (en) | 2011-08-11 | 2015-07-07 | Google Inc. | Authentication based on proximity to mobile device |
US20150220914A1 (en) * | 2011-08-18 | 2015-08-06 | Visa International Service Association | Electronic Wallet Management Apparatuses, Methods and Systems |
CN102956068B (zh) | 2011-08-25 | 2017-02-15 | 富泰华工业(深圳)有限公司 | 自动柜员机及其语音提示方法 |
BR112014004374B1 (pt) | 2011-08-30 | 2021-09-21 | Simplytapp, Inc | Método para participação com base em aplicação segura em um processo de autorização de transação de cartão de pagamento por um dispositivo móvel, sistema para participação com base em aplicação segura por um dispositivo móvel em interrogações de ponto de venda |
FR2980055B1 (fr) | 2011-09-12 | 2013-12-27 | Valeo Systemes Thermiques | Dispositif de transmission de puissance inductif |
WO2013039395A1 (en) | 2011-09-14 | 2013-03-21 | Ec Solution Group B.V. | Active matrix display smart card |
US10032036B2 (en) | 2011-09-14 | 2018-07-24 | Shahab Khan | Systems and methods of multidimensional encrypted data transfer |
US8977569B2 (en) | 2011-09-29 | 2015-03-10 | Raj Rao | System and method for providing smart electronic wallet and reconfigurable transaction card thereof |
US8577810B1 (en) | 2011-09-29 | 2013-11-05 | Intuit Inc. | Secure mobile payment authorization |
US9152832B2 (en) | 2011-09-30 | 2015-10-06 | Broadcom Corporation | Positioning guidance for increasing reliability of near-field communications |
US20140279479A1 (en) | 2011-10-12 | 2014-09-18 | C-Sam, Inc. | Nfc paired bluetooth e-commerce |
US9978058B2 (en) | 2011-10-17 | 2018-05-22 | Capital One Services, Llc | System, method, and apparatus for a dynamic transaction card |
US10332102B2 (en) | 2011-10-17 | 2019-06-25 | Capital One Services, Llc | System, method, and apparatus for a dynamic transaction card |
US9318257B2 (en) | 2011-10-18 | 2016-04-19 | Witricity Corporation | Wireless energy transfer for packaging |
CA2851691C (en) | 2011-10-31 | 2016-11-29 | Money And Data Protection Lizenz Gmbh & Co. Kg | Authentication method |
US9000892B2 (en) | 2011-10-31 | 2015-04-07 | Eastman Kodak Company | Detecting RFID tag and inhibiting skimming |
US8818867B2 (en) | 2011-11-14 | 2014-08-26 | At&T Intellectual Property I, L.P. | Security token for mobile near field communication transactions |
EP2780854B1 (en) | 2011-11-14 | 2017-04-12 | Vasco Data Security International GmbH | A smart card reader with a secure logging feature |
US9064253B2 (en) | 2011-12-01 | 2015-06-23 | Broadcom Corporation | Systems and methods for providing NFC secure application support in battery on and battery off modes |
US20140040139A1 (en) | 2011-12-19 | 2014-02-06 | Sequent Software, Inc. | System and method for dynamic temporary payment authorization in a portable communication device |
US9740342B2 (en) | 2011-12-23 | 2017-08-22 | Cirque Corporation | Method for preventing interference of contactless card reader and touch functions when they are physically and logically bound together for improved authentication security |
US9154903B2 (en) | 2011-12-28 | 2015-10-06 | Blackberry Limited | Mobile communications device providing near field communication (NFC) card issuance features and related methods |
US8880027B1 (en) | 2011-12-29 | 2014-11-04 | Emc Corporation | Authenticating to a computing device with a near-field communications card |
US20130179351A1 (en) | 2012-01-09 | 2013-07-11 | George Wallner | System and method for an authenticating and encrypting card reader |
US20130185772A1 (en) | 2012-01-12 | 2013-07-18 | Aventura Hq, Inc. | Dynamically updating a session based on location data from an authentication device |
US20130191279A1 (en) | 2012-01-20 | 2013-07-25 | Bank Of America Corporation | Mobile device with rewritable general purpose card |
US9218624B2 (en) | 2012-02-03 | 2015-12-22 | Paypal, Inc. | Adding card to mobile/cloud wallet using NFC |
KR101443960B1 (ko) | 2012-02-22 | 2014-11-03 | 주식회사 팬택 | 사용자 인증 전자 장치 및 방법 |
US8898088B2 (en) | 2012-02-29 | 2014-11-25 | Google Inc. | In-card access control and monotonic counters for offline payment processing system |
US9020858B2 (en) | 2012-02-29 | 2015-04-28 | Google Inc. | Presence-of-card code for offline payment processing system |
US20130232082A1 (en) | 2012-03-05 | 2013-09-05 | Mark Stanley Krawczewicz | Method And Apparatus For Secure Medical ID Card |
BR122016030290A2 (pt) | 2012-03-15 | 2019-08-27 | Intel Corp | dispositivo eletrônico portátil e dispositivo eletrônico para proporcionar detecção de proximidade e comunicação de campo de proximidade (nfc) |
WO2013155562A1 (en) | 2012-04-17 | 2013-10-24 | Secure Nfc Pty. Ltd. | Nfc card lock |
US20130282360A1 (en) | 2012-04-20 | 2013-10-24 | James A. Shimota | Method and Apparatus for Translating and Locating Services in Multiple Languages |
US9953310B2 (en) | 2012-05-10 | 2018-04-24 | Mastercard International Incorporated | Systems and method for providing multiple virtual secure elements in a single physical secure element of a mobile device |
US20130303085A1 (en) | 2012-05-11 | 2013-11-14 | Research In Motion Limited | Near field communication tag data management |
US9306626B2 (en) | 2012-05-16 | 2016-04-05 | Broadcom Corporation | NFC device context determination through proximity gestural movement detection |
US8681268B2 (en) | 2012-05-24 | 2014-03-25 | Abisee, Inc. | Vision assistive devices and user interfaces |
US8862113B2 (en) | 2012-06-20 | 2014-10-14 | Qualcomm Incorporated | Subscriber identity module activation during active data call |
US9589399B2 (en) | 2012-07-02 | 2017-03-07 | Synaptics Incorporated | Credential quality assessment engine systems and methods |
US20140032410A1 (en) | 2012-07-24 | 2014-01-30 | Ipay International, S.A. | Method and system for linking and controling of payment cards with a mobile |
KR101421568B1 (ko) | 2012-07-27 | 2014-07-22 | 주식회사 케이티 | 스마트카드, 스마트카드 서비스 단말 및 스마트카드 서비스 방법 |
US9530130B2 (en) | 2012-07-30 | 2016-12-27 | Mastercard International Incorporated | Systems and methods for correction of information in card-not-present account-on-file transactions |
KR101934293B1 (ko) | 2012-08-03 | 2019-01-02 | 엘지전자 주식회사 | 이동 단말기의 이동 단말기 및 그의 nfc결제 방법 |
US9361619B2 (en) | 2012-08-06 | 2016-06-07 | Ca, Inc. | Secure and convenient mobile authentication techniques |
EP2698756B1 (en) | 2012-08-13 | 2016-01-06 | Nxp B.V. | Local Trusted Service Manager |
US9332587B2 (en) | 2012-08-21 | 2016-05-03 | Blackberry Limited | Smart proximity priority pairing |
US20140074655A1 (en) | 2012-09-07 | 2014-03-13 | David Lim | System, apparatus and methods for online one-tap account addition and checkout |
AU2013315510B2 (en) | 2012-09-11 | 2019-08-22 | Visa International Service Association | Cloud-based Virtual Wallet NFC Apparatuses, methods and systems |
US9275218B1 (en) | 2012-09-12 | 2016-03-01 | Emc Corporation | Methods and apparatus for verification of a user at a first device based on input received from a second device |
US8888002B2 (en) | 2012-09-18 | 2014-11-18 | Sensormatic Electronics, LLC | Access control reader enabling remote applications |
US20140081720A1 (en) | 2012-09-19 | 2014-03-20 | Mastercard International Incorporated | Method and system for processing coupons in a near field transaction |
US9338622B2 (en) | 2012-10-04 | 2016-05-10 | Bernt Erik Bjontegard | Contextually intelligent communication systems and processes |
US9665858B1 (en) | 2012-10-11 | 2017-05-30 | Square, Inc. | Cardless payment transactions with multiple users |
US20160019536A1 (en) * | 2012-10-17 | 2016-01-21 | Royal Bank Of Canada | Secure processing of data |
US9230084B2 (en) * | 2012-10-23 | 2016-01-05 | Verizon Patent And Licensing Inc. | Method and system for enabling secure one-time password authentication |
US10075437B1 (en) | 2012-11-06 | 2018-09-11 | Behaviosec | Secure authentication of a user of a device during a session with a connected server |
US8584219B1 (en) | 2012-11-07 | 2013-11-12 | Fmr Llc | Risk adjusted, multifactor authentication |
WO2014075162A1 (en) | 2012-11-15 | 2014-05-22 | Behzad Malek | System and method for location-based financial transaction authentication |
EP3429250A1 (en) | 2012-11-19 | 2019-01-16 | Avery Dennison Corporation | Nfc security system and method for disabling unauthorized tags |
US9038894B2 (en) | 2012-11-20 | 2015-05-26 | Cellco Partnership | Payment or other transaction through mobile device using NFC to access a contactless transaction card |
CN103023643A (zh) | 2012-11-22 | 2013-04-03 | 天地融科技股份有限公司 | 一种动态口令牌及动态口令生成方法 |
US9224013B2 (en) | 2012-12-05 | 2015-12-29 | Broadcom Corporation | Secure processing sub-system that is hardware isolated from a peripheral processing sub-system |
US9064259B2 (en) | 2012-12-19 | 2015-06-23 | Genesys Telecomminucations Laboratories, Inc. | Customer care mobile application |
US10147086B2 (en) | 2012-12-19 | 2018-12-04 | Nxp B.V. | Digital wallet device for virtual wallet |
WO2014102721A1 (en) | 2012-12-24 | 2014-07-03 | Cell Buddy Network Ltd. | User authentication system |
US8934837B2 (en) | 2013-01-03 | 2015-01-13 | Blackberry Limited | Mobile wireless communications device including NFC antenna matching control circuit and associated methods |
US9942750B2 (en) | 2013-01-23 | 2018-04-10 | Qualcomm Incorporated | Providing an encrypted account credential from a first device to a second device |
US20140214674A1 (en) | 2013-01-29 | 2014-07-31 | Reliance Communications, Llc. | Method and system for conducting secure transactions with credit cards using a monitoring device |
US20140229375A1 (en) | 2013-02-11 | 2014-08-14 | Groupon, Inc. | Consumer device payment token management |
US9785946B2 (en) | 2013-03-07 | 2017-10-10 | Mastercard International Incorporated | Systems and methods for updating payment card expiration information |
US10152706B2 (en) | 2013-03-11 | 2018-12-11 | Cellco Partnership | Secure NFC data authentication |
US9307505B2 (en) | 2013-03-12 | 2016-04-05 | Blackberry Limited | System and method for adjusting a power transmission level for a communication device |
US9763097B2 (en) | 2013-03-13 | 2017-09-12 | Lookout, Inc. | Method for performing device security corrective actions based on loss of proximity to another device |
EP2973305A4 (en) | 2013-03-15 | 2016-08-17 | Intel Corp | MECHANISM FOR ENHANCING DYNAMIC AND TARGET ADVERTISING FOR COMPUTER SYSTEMS |
US20140339315A1 (en) | 2013-04-02 | 2014-11-20 | Tnt Partners, Llc | Programmable Electronic Card and Supporting Device |
WO2014170741A2 (en) | 2013-04-15 | 2014-10-23 | Pardhasarthy Mahesh Bhupathi | Payback payment system and method to facilitate the same |
JP6307593B2 (ja) | 2013-04-26 | 2018-04-04 | インターデイジタル パテント ホールディングス インコーポレイテッド | 必要とされる認証保証レベルを達成するための多要素認証 |
CA2851895C (en) | 2013-05-08 | 2023-09-26 | The Toronto-Dominion Bank | Person-to-person electronic payment processing |
US9104853B2 (en) | 2013-05-16 | 2015-08-11 | Symantec Corporation | Supporting proximity based security code transfer from mobile/tablet application to access device |
US10043164B2 (en) | 2013-05-20 | 2018-08-07 | Mastercard International Incorporated | System and method for facilitating a transaction between a merchant and a cardholder |
US20140365780A1 (en) | 2013-06-07 | 2014-12-11 | Safa Movassaghi | System and methods for one-time password generation on a mobile computing device |
US10475027B2 (en) | 2013-07-23 | 2019-11-12 | Capital One Services, Llc | System and method for exchanging data with smart cards |
US8994498B2 (en) | 2013-07-25 | 2015-03-31 | Bionym Inc. | Preauthorized wearable biometric device, system and method for use thereof |
GB2516861A (en) | 2013-08-01 | 2015-02-11 | Mastercard International Inc | Paired Wearable payment device |
CN103417202B (zh) | 2013-08-19 | 2015-11-18 | 赵蕴博 | 一种腕式生命体征监测装置及其监测方法 |
EP3050335B1 (en) | 2013-09-24 | 2019-12-04 | Intel Corporation | Systems and methods for nfc access control in a secure element centric nfc architecture |
EP2854332A1 (en) | 2013-09-27 | 2015-04-01 | Gemalto SA | Method for securing over-the-air communication between a mobile application and a gateway |
US11748746B2 (en) | 2013-09-30 | 2023-09-05 | Apple Inc. | Multi-path communication of electronic device secure element data for online payments |
US10878414B2 (en) | 2013-09-30 | 2020-12-29 | Apple Inc. | Multi-path communication of electronic device secure element data for online payments |
US20150118958A1 (en) * | 2013-10-25 | 2015-04-30 | Devicefidelity, Inc. | Switching between near-field communication systems |
EP3070602A4 (en) | 2013-11-15 | 2016-12-14 | Kuang-Chi Intelligent Photonic Tech Ltd | METHODS OF TRANSMITTING AND RECEIVING INSTRUCTION INFORMATION AND RELATED DEVICES |
CA2930149A1 (en) | 2013-11-19 | 2015-05-28 | Visa International Service Association | Automated account provisioning |
KR102103377B1 (ko) | 2013-12-02 | 2020-04-23 | 마스터카드 인터내셔날, 인코포레이티드 | 보안 요소 없이 모바일 장치들에게 원격 알림 서비스 메시지를 보안 전송하는 방법 및 시스템 |
KR102293822B1 (ko) | 2013-12-19 | 2021-08-26 | 비자 인터네셔널 서비스 어소시에이션 | 클라우드-기반 트랜잭션 방법 및 시스템 |
US20150205379A1 (en) | 2014-01-20 | 2015-07-23 | Apple Inc. | Motion-Detected Tap Input |
US9420496B1 (en) | 2014-01-24 | 2016-08-16 | Sprint Communications Company L.P. | Activation sequence using permission based connection to network |
US9773151B2 (en) | 2014-02-06 | 2017-09-26 | University Of Massachusetts | System and methods for contactless biometrics-based identification |
US20160012465A1 (en) | 2014-02-08 | 2016-01-14 | Jeffrey A. Sharp | System and method for distributing, receiving, and using funds or credits and apparatus thereof |
US20150371234A1 (en) | 2014-02-21 | 2015-12-24 | Looppay, Inc. | Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data |
EP2924914A1 (en) | 2014-03-25 | 2015-09-30 | Gemalto SA | Method to manage a one time password key |
US9251330B2 (en) | 2014-04-09 | 2016-02-02 | International Business Machines Corporation | Secure management of a smart card |
US20150317626A1 (en) | 2014-04-30 | 2015-11-05 | Intuit Inc. | Secure proximity exchange of payment information between mobile wallet and point-of-sale |
CA2946150A1 (en) | 2014-05-01 | 2015-11-05 | Visa International Service Association | Data verification using access device |
SG11201609220YA (en) | 2014-05-07 | 2016-12-29 | Visa Int Service Ass | Enhanced data interface for contactless communications |
US10475026B2 (en) | 2014-05-16 | 2019-11-12 | International Business Machines Corporation | Secure management of transactions using a smart/virtual card |
US20150339663A1 (en) | 2014-05-21 | 2015-11-26 | Mastercard International Incorporated | Methods of payment token lifecycle management on a mobile device |
US10043185B2 (en) | 2014-05-29 | 2018-08-07 | Apple Inc. | User interface for payments |
US9449239B2 (en) | 2014-05-30 | 2016-09-20 | Apple Inc. | Credit card auto-fill |
US9455968B1 (en) | 2014-12-19 | 2016-09-27 | Emc Corporation | Protection of a secret on a mobile device using a secret-splitting technique with a fixed user share |
KR101508320B1 (ko) | 2014-06-30 | 2015-04-07 | 주식회사 인포바인 | Nfc 카드를 이용한 otp 발급 장치, otp 생성 장치, 및 이를 이용한 방법 |
US9780953B2 (en) | 2014-07-23 | 2017-10-03 | Visa International Service Association | Systems and methods for secure detokenization |
US20160026997A1 (en) | 2014-07-25 | 2016-01-28 | XPressTap, Inc. | Mobile Communication Device with Proximity Based Communication Circuitry |
US9875347B2 (en) | 2014-07-31 | 2018-01-23 | Nok Nok Labs, Inc. | System and method for performing authentication using data analytics |
US20160048913A1 (en) | 2014-08-15 | 2016-02-18 | Mastercard International Incorporated | Systems and Methods for Assigning a Variable Length Bank Identification Number |
US9775029B2 (en) | 2014-08-22 | 2017-09-26 | Visa International Service Association | Embedding cloud-based functionalities in a communication device |
US10242356B2 (en) | 2014-08-25 | 2019-03-26 | Google Llc | Host-formatted select proximity payment system environment response |
AU2015308608B2 (en) | 2014-08-29 | 2019-07-04 | Visa International Service Association | Methods for secure cryptogram generation |
CN104239783A (zh) | 2014-09-19 | 2014-12-24 | 东软集团股份有限公司 | 一种特定信息安全输入系统及方法 |
US9953323B2 (en) | 2014-09-23 | 2018-04-24 | Sony Corporation | Limiting e-card transactions based on lack of proximity to associated CE device |
GB2530726B (en) | 2014-09-25 | 2016-11-02 | Ibm | Distributed single sign-on |
AU2015319804B2 (en) | 2014-09-26 | 2019-03-14 | Visa International Service Association | Remote server encrypted data provisioning system and methods |
US9473509B2 (en) | 2014-09-29 | 2016-10-18 | International Business Machines Corporation | Selectively permitting or denying usage of wearable device services |
US9432339B1 (en) | 2014-09-29 | 2016-08-30 | Emc Corporation | Automated token renewal using OTP-based authentication codes |
CN104463270A (zh) | 2014-11-12 | 2015-03-25 | 惠州Tcl移动通信有限公司 | 一种基于rfid的智能终端、金融卡以及金融管理系统 |
US9379841B2 (en) | 2014-11-17 | 2016-06-28 | Empire Technology Development Llc | Mobile device prevention of contactless card attacks |
US10223689B2 (en) | 2014-12-10 | 2019-03-05 | American Express Travel Related Services Company, Inc. | System and method for over the air provisioned wearable contactless payments |
GB2533333A (en) | 2014-12-16 | 2016-06-22 | Visa Europe Ltd | Transaction authorisation |
WO2016112290A1 (en) | 2015-01-09 | 2016-07-14 | Interdigital Technology Corporation | Scalable policy based execution of multi-factor authentication |
US10333696B2 (en) | 2015-01-12 | 2019-06-25 | X-Prime, Inc. | Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency |
US20170011406A1 (en) | 2015-02-10 | 2017-01-12 | NXT-ID, Inc. | Sound-Directed or Behavior-Directed Method and System for Authenticating a User and Executing a Transaction |
CN105930040A (zh) | 2015-02-27 | 2016-09-07 | 三星电子株式会社 | 包含电子支付系统的电子装置及其操作方法 |
US20160267486A1 (en) | 2015-03-13 | 2016-09-15 | Radiius Corp | Smartcard Payment System and Method |
US20160277383A1 (en) | 2015-03-16 | 2016-09-22 | Assa Abloy Ab | Binding to a user device |
US11736468B2 (en) | 2015-03-16 | 2023-08-22 | Assa Abloy Ab | Enhanced authorization |
US20170289127A1 (en) | 2016-03-29 | 2017-10-05 | Chaya Coleena Hendrick | Smart data cards that enable the performance of various functions upon activation/authentication by a user's fingerprint, oncard pin number entry, and/or by facial recognition of the user, or by facial recognition of a user alone, including an automated changing security number that is displayed on a screen on a card's surface following an authenticated biometric match |
WO2016160816A1 (en) | 2015-03-30 | 2016-10-06 | Hendrick Chaya Coleena | Smart data cards that enable the performance of various functions upon activation/authentication by a user's fingerprint, oncard pin number entry, and/or by facial recognition of the user, or by facial recognition of a user alone, including an automated changing security number that is displayed on a screen on a card's surface following an authenticated biometric match |
US10482453B2 (en) | 2015-04-14 | 2019-11-19 | Capital One Services, Llc | Dynamic transaction card protected by gesture and voice recognition |
US10360557B2 (en) | 2015-04-14 | 2019-07-23 | Capital One Services, Llc | Dynamic transaction card protected by dropped card detection |
CA2982764C (en) | 2015-04-14 | 2023-05-23 | Capital One Services, Llc | A system, method, and apparatus for a dynamic transaction card |
US9674705B2 (en) | 2015-04-22 | 2017-06-06 | Kenneth Hugh Rose | Method and system for secure peer-to-peer mobile communications |
US10007913B2 (en) | 2015-05-05 | 2018-06-26 | ShoCard, Inc. | Identity management service using a blockchain providing identity transactions between devices |
US20160335531A1 (en) | 2015-05-12 | 2016-11-17 | Dynamics Inc. | Dynamic security codes, tokens, displays, cards, devices, multi-card devices, systems and methods |
FR3038429B1 (fr) | 2015-07-03 | 2018-09-21 | Ingenico Group | Conteneur de paiement, procede de creation, procede de traitement, dispositifs et programmes correspondants |
US20170039566A1 (en) | 2015-07-10 | 2017-02-09 | Diamond Sun Labs, Inc. | Method and system for secured processing of a credit card |
US10108965B2 (en) | 2015-07-14 | 2018-10-23 | Ujet, Inc. | Customer communication system including service pipeline |
US11120436B2 (en) | 2015-07-17 | 2021-09-14 | Mastercard International Incorporated | Authentication system and method for server-based payments |
US20170024716A1 (en) | 2015-07-22 | 2017-01-26 | American Express Travel Related Services Company, Inc. | System and method for single page banner integration |
US10492163B2 (en) | 2015-08-03 | 2019-11-26 | Jpmorgan Chase Bank, N.A. | Systems and methods for leveraging micro-location devices for improved travel awareness |
KR20170028015A (ko) | 2015-09-03 | 2017-03-13 | 엔에이치엔엔터테인먼트 주식회사 | 휴대용 단말기를 이용한 온라인 신용카드 결제 시스템 및 결제 방법 |
FR3041195A1 (fr) | 2015-09-11 | 2017-03-17 | Dp Security Consulting | Procede d'acces a un service en ligne au moyen d'un microcircuit securise et de jetons de securite restreignant l'utilisation de ces jetons a leur detenteur legitime |
WO2017042400A1 (en) | 2015-09-11 | 2017-03-16 | Dp Security Consulting Sas | Access method to an on line service by means of access tokens and secure elements restricting the use of these access tokens to their legitimate owner |
ITUB20155318A1 (it) | 2015-10-26 | 2017-04-26 | St Microelectronics Srl | Tag, relativo procedimento e sistema per identificare e/o autenticare oggetti |
US20170140379A1 (en) | 2015-11-17 | 2017-05-18 | Bruce D. Deck | Credit card randomly generated pin |
CA2944935A1 (en) | 2015-11-27 | 2017-05-27 | The Toronto-Dominion Bank | System and method for remotely activating a pin-pad terminal |
EP3374740A4 (en) | 2015-12-07 | 2019-09-25 | Capital One Services, LLC | ELECTRONIC ACCESS CONTROL SYSTEM |
US9948467B2 (en) | 2015-12-21 | 2018-04-17 | Mastercard International Incorporated | Method and system for blockchain variant using digital signatures |
EP3394718A4 (en) * | 2015-12-23 | 2019-06-19 | Trusona, Inc. | SYSTEMS AND METHOD FOR REGISTERING CARD AUTHENTICATION READINGS |
KR101637863B1 (ko) | 2016-01-05 | 2016-07-08 | 주식회사 코인플러그 | 본인인증용 정보 보안 전송시스템 및 방법 |
WO2017134281A1 (en) | 2016-02-04 | 2017-08-10 | Nasdaq Technology Ab | Systems and methods for storing and sharing transactional data using distributed computer systems |
US10148135B2 (en) | 2016-02-16 | 2018-12-04 | Intel IP Corporation | System, apparatus and method for authenticating a device using a wireless charger |
US9619952B1 (en) | 2016-02-16 | 2017-04-11 | Honeywell International Inc. | Systems and methods of preventing access to users of an access control system |
FR3049083A1 (fr) | 2016-03-15 | 2017-09-22 | Dp Security Consulting Sas | Procede de duplication des donnees d'un microcircuit securise vers un autre microcircuit securise permettant, au plus, a un seul microcircuit securise d'etre operationnel a un instant donne |
US9961194B1 (en) | 2016-04-05 | 2018-05-01 | State Farm Mutual Automobile Insurance Company | Systems and methods for authenticating a caller at a call center |
EP3229397B1 (en) | 2016-04-07 | 2020-09-09 | ContactOffice Group | Method for fulfilling a cryptographic request requiring a value of a private key |
US10255816B2 (en) | 2016-04-27 | 2019-04-09 | Uber Technologies, Inc. | Transport vehicle configuration for impaired riders |
US10333705B2 (en) | 2016-04-30 | 2019-06-25 | Civic Technologies, Inc. | Methods and apparatus for providing attestation of information using a centralized or distributed ledger |
KR20170126688A (ko) | 2016-05-10 | 2017-11-20 | 엘지전자 주식회사 | 스마트 카드 및 그 스마트 카드의 제어 방법 |
US9635000B1 (en) | 2016-05-25 | 2017-04-25 | Sead Muftic | Blockchain identity management system based on public identities ledger |
GB201609460D0 (en) | 2016-05-30 | 2016-07-13 | Silverleap Technology Ltd | Increased security through ephemeral keys for software virtual contactless card in a mobile phone |
US10097544B2 (en) | 2016-06-01 | 2018-10-09 | International Business Machines Corporation | Protection and verification of user authentication credentials against server compromise |
US10680677B2 (en) | 2016-08-01 | 2020-06-09 | Nxp B.V. | NFC system wakeup with energy harvesting |
US20180039986A1 (en) | 2016-08-08 | 2018-02-08 | Ellipse World S.A. | Method for a Prepaid, Debit and Credit Card Security Code Generation System |
US10032169B2 (en) | 2016-08-08 | 2018-07-24 | Ellipse World, Inc. | Prepaid, debit and credit card security code generation system |
US10084762B2 (en) | 2016-09-01 | 2018-09-25 | Ca, Inc. | Publicly readable blockchain registry of personally identifiable information breaches |
US10748130B2 (en) | 2016-09-30 | 2020-08-18 | Square, Inc. | Sensor-enabled activation of payment instruments |
US10462128B2 (en) | 2016-10-11 | 2019-10-29 | Michael Arthur George | Verification of both identification and presence of objects over a network |
US10719771B2 (en) | 2016-11-09 | 2020-07-21 | Cognitive Scale, Inc. | Method for cognitive information processing using a cognitive blockchain architecture |
US20180160255A1 (en) | 2016-12-01 | 2018-06-07 | Youngsuck PARK | Nfc tag-based web service system and method using anti-simulation function |
US10133979B1 (en) | 2016-12-29 | 2018-11-20 | Wells Fargo Bank, N.A. | Wearable computing device-powered chip-enabled card |
US10237070B2 (en) | 2016-12-31 | 2019-03-19 | Nok Nok Labs, Inc. | System and method for sharing keys across authenticators |
JP2018116455A (ja) * | 2017-01-18 | 2018-07-26 | Aosテクノロジーズ株式会社 | メッセージ管理装置、メッセージ管理方法及びメッセージ管理プログラム |
DE102017000768A1 (de) | 2017-01-27 | 2018-08-02 | Giesecke+Devrient Mobile Security Gmbh | Verfahren zum Durchführen einer Zweifaktorauthentifizierung |
US20180240106A1 (en) | 2017-02-21 | 2018-08-23 | Legacy Ip Llc | Hand-held electronics device for aggregation of and management of personal electronic data |
US20180254909A1 (en) | 2017-03-06 | 2018-09-06 | Lamark Solutions, Inc. | Virtual Identity Credential Issuance and Verification Using Physical and Virtual Means |
US10764043B2 (en) | 2017-04-05 | 2020-09-01 | University Of Florida Research Foundation, Incorporated | Identity and content authentication for phone calls |
US10129648B1 (en) | 2017-05-11 | 2018-11-13 | Microsoft Technology Licensing, Llc | Hinged computing device for binaural recording |
US20190019375A1 (en) | 2017-07-14 | 2019-01-17 | Gamblit Gaming, Llc | Ad hoc customizable electronic gaming table |
US9940571B1 (en) | 2017-08-25 | 2018-04-10 | Capital One Services, Llc | Metal contactless transaction card |
US10019707B1 (en) | 2017-10-24 | 2018-07-10 | Capital One Services, Llc | Transaction card mode related to locating a transaction card |
US10963871B2 (en) * | 2017-11-22 | 2021-03-30 | Mastercard International Incorporated | Bin-conserving tokenization techniques generating tokens in reverse order and employing common device pan with differing pan sequence number values across token instances |
US11102180B2 (en) | 2018-01-31 | 2021-08-24 | The Toronto-Dominion Bank | Real-time authentication and authorization based on dynamically generated cryptographic data |
US10154371B1 (en) * | 2018-02-06 | 2018-12-11 | T-Mobile Usa, Inc. | Response at network terminal to initialization failure |
CN112074835A (zh) * | 2018-04-30 | 2020-12-11 | 维萨国际服务协会 | 执行安全操作的技术 |
US10733645B2 (en) * | 2018-10-02 | 2020-08-04 | Capital One Services, Llc | Systems and methods for establishing identity for order pick up |
US11521213B2 (en) * | 2019-07-18 | 2022-12-06 | Capital One Services, Llc | Continuous authentication for digital services based on contactless card positioning |
-
2019
- 2019-12-26 US US16/727,162 patent/US10757574B1/en active Active
-
2020
- 2020-07-17 US US16/931,530 patent/US11432146B2/en active Active
- 2020-11-24 EP EP20828422.4A patent/EP4082169A1/en active Pending
- 2020-11-24 AU AU2020415282A patent/AU2020415282B2/en active Active
- 2020-11-24 KR KR1020227007546A patent/KR20220115917A/ko active Search and Examination
- 2020-11-24 CN CN202080066951.2A patent/CN114450990A/zh active Pending
- 2020-11-24 JP JP2021543434A patent/JP2023501021A/ja active Pending
- 2020-11-24 CA CA3126092A patent/CA3126092A1/en active Pending
- 2020-11-24 WO PCT/US2020/061960 patent/WO2021133502A1/en unknown
-
2022
- 2022-07-20 US US17/869,432 patent/US11540127B2/en active Active
- 2022-07-20 US US17/869,465 patent/US11540128B2/en active Active
- 2022-11-23 US US17/993,052 patent/US11671828B2/en active Active
-
2023
- 2023-04-26 US US18/139,582 patent/US20230269584A1/en active Pending
- 2023-10-23 AU AU2023254864A patent/AU2023254864A1/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170201508A1 (en) * | 2006-04-11 | 2017-07-13 | Medox Technologies, Inc. | Relationship-Based Authorization |
CN1921390A (zh) * | 2006-09-08 | 2007-02-28 | 网之易信息技术(北京)有限公司 | 一种用户身份识别方法及识别系统 |
CN101159551A (zh) * | 2007-08-23 | 2008-04-09 | 北京飞天诚信科技有限公司 | 多功能信息安全设备及其使用方法 |
EP2323308A1 (en) * | 2009-11-12 | 2011-05-18 | Sagem Orga GmbH | A method of assigning a secret to a security token, a method of operating a security token, storage medium and security token |
US20110131415A1 (en) * | 2009-11-30 | 2011-06-02 | James Paul Schneider | Multifactor username based authentication |
US20170364911A1 (en) * | 2014-12-12 | 2017-12-21 | Cryptomathic Ltd | Systems and method for enabling secure transaction |
CN109063523A (zh) * | 2018-06-29 | 2018-12-21 | 浙江工商大学 | 一种射频识别安全认证方法及系统 |
US10489781B1 (en) * | 2018-10-02 | 2019-11-26 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10511443B1 (en) * | 2018-10-02 | 2019-12-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
Non-Patent Citations (1)
Title |
---|
S. INDU 等: ":A stand-alone and SMS based approach for authentication using mobile phone", IEEE * |
Also Published As
Publication number | Publication date |
---|---|
US11540127B2 (en) | 2022-12-27 |
JP2023501021A (ja) | 2023-01-18 |
CA3126092A1 (en) | 2021-07-01 |
US20230269584A1 (en) | 2023-08-24 |
AU2020415282A1 (en) | 2021-07-22 |
US10757574B1 (en) | 2020-08-25 |
US20220369107A1 (en) | 2022-11-17 |
US11432146B2 (en) | 2022-08-30 |
US20210204121A1 (en) | 2021-07-01 |
KR20220115917A (ko) | 2022-08-19 |
US20220360986A1 (en) | 2022-11-10 |
AU2020415282B2 (en) | 2023-07-27 |
AU2023254864A1 (en) | 2023-11-16 |
WO2021133502A1 (en) | 2021-07-01 |
EP4082169A1 (en) | 2022-11-02 |
US11540128B2 (en) | 2022-12-27 |
US11671828B2 (en) | 2023-06-06 |
US20230079943A1 (en) | 2023-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10595201B2 (en) | Secure short message service (SMS) communications | |
AU2020415282B2 (en) | Multi-factor authentication providing a credential via a contactless card for secure messaging | |
US11776348B2 (en) | Contactless card personal identification system | |
CN113170299A (zh) | 用于非接触式卡的密码认证的系统和方法 | |
CN112602104A (zh) | 用于非接触卡的密码认证的系统和方法 | |
US11165586B1 (en) | Call center web-based authentication using a contactless card | |
CN112639785A (zh) | 用于发信号通知非接触式卡上的潜在攻击的系统和方法 | |
US20230083785A1 (en) | Use of a payment card to unlock a lock | |
CN117121007A (zh) | 通过非接触式卡认证的经认证的消息传递会话 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40066201 Country of ref document: HK |