CN117203655A - 通过非接触式卡利用资源定位符执行一系列操作的技术 - Google Patents
通过非接触式卡利用资源定位符执行一系列操作的技术 Download PDFInfo
- Publication number
- CN117203655A CN117203655A CN202280029834.8A CN202280029834A CN117203655A CN 117203655 A CN117203655 A CN 117203655A CN 202280029834 A CN202280029834 A CN 202280029834A CN 117203655 A CN117203655 A CN 117203655A
- Authority
- CN
- China
- Prior art keywords
- contactless card
- mobile device
- url
- card
- response
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 64
- 230000015654 memory Effects 0.000 claims description 64
- 230000004044 response Effects 0.000 claims description 41
- 230000004913 activation Effects 0.000 claims description 38
- 238000004891 communication Methods 0.000 claims description 18
- 230000003213 activating effect Effects 0.000 claims description 6
- 238000001994 activation Methods 0.000 description 42
- 230000008569 process Effects 0.000 description 22
- 238000004422 calculation algorithm Methods 0.000 description 19
- 230000009471 action Effects 0.000 description 17
- 238000012795 verification Methods 0.000 description 10
- 238000012545 processing Methods 0.000 description 9
- 239000000758 substrate Substances 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 239000010410 layer Substances 0.000 description 3
- 239000000463 material Substances 0.000 description 3
- 230000003068 static effect Effects 0.000 description 3
- KDLHZDBZIXYQEI-UHFFFAOYSA-N Palladium Chemical compound [Pd] KDLHZDBZIXYQEI-UHFFFAOYSA-N 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000009795 derivation Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000010079 rubber tapping Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 1
- RTAQQCXQSZGOHL-UHFFFAOYSA-N Titanium Chemical compound [Ti] RTAQQCXQSZGOHL-UHFFFAOYSA-N 0.000 description 1
- XECAHXYUAAWDEL-UHFFFAOYSA-N acrylonitrile butadiene styrene Chemical compound C=CC=C.C=CC#N.C=CC1=CC=CC=C1 XECAHXYUAAWDEL-UHFFFAOYSA-N 0.000 description 1
- 229920000122 acrylonitrile butadiene styrene Polymers 0.000 description 1
- 239000004676 acrylonitrile butadiene styrene Substances 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 239000003990 capacitor Substances 0.000 description 1
- 229910052799 carbon Inorganic materials 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 1
- 229910052737 gold Inorganic materials 0.000 description 1
- 239000010931 gold Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000011900 installation process Methods 0.000 description 1
- 238000005184 irreversible process Methods 0.000 description 1
- 229910052751 metal Inorganic materials 0.000 description 1
- 239000002184 metal Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 229910052763 palladium Inorganic materials 0.000 description 1
- 229920003023 plastic Polymers 0.000 description 1
- 239000004033 plastic Substances 0.000 description 1
- 229920000515 polycarbonate Polymers 0.000 description 1
- 239000004417 polycarbonate Substances 0.000 description 1
- 229920000728 polyester Polymers 0.000 description 1
- 229920002689 polyvinyl acetate Polymers 0.000 description 1
- 239000011118 polyvinyl acetate Substances 0.000 description 1
- 239000004800 polyvinyl chloride Substances 0.000 description 1
- 229920000915 polyvinyl chloride Polymers 0.000 description 1
- 238000010926 purge Methods 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 239000002356 single layer Substances 0.000 description 1
- 229910052719 titanium Inorganic materials 0.000 description 1
- 239000010936 titanium Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
- H04W12/47—Security arrangements using identity modules using near field communication [NFC] or radio frequency identification [RFID] modules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/354—Card activation or deactivation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3221—Access to banking information through M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3223—Realising banking transactions through M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/353—Payments by cards read by M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4012—Verifying personal identification numbers [PIN]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/01—Customer relationship services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/352—Contactless payments by cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/102—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- Databases & Information Systems (AREA)
- Marketing (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Telephone Function (AREA)
- Time Recorders, Dirve Recorders, Access Control (AREA)
- Coupling Device And Connection With Printed Circuit (AREA)
- Devices For Checking Fares Or Tickets At Control Points (AREA)
Abstract
实施例可以总体上针对利用非接触式卡来执行一系列操作的方法、技术和设备。
Description
相关申请的交叉引用
本申请要求于2021年4月20日提交的题为“TECHNIQUES TO UTILIZE RESOURCELOCATORS BY A CONTACTLESS CARD TO PERFORM A SEQUENCE OF OPERATIONS”的美国专利申请序列号17/235,112的优先权。上述申请的内容通过引用整体并入本文。
背景技术
数百万个人享受着使用信用卡、签帐卡、借记卡或“智能”卡作为购买商品和/或服务的便捷方式的便利。通过使用这些类型的卡,个人可以进行交易,而不必手头有现金或货币或者其他。在信用卡、签帐卡和借记卡的情况下,个人实际上获得了购买和/或进行交易所需资金的即时贷款。
要使用这些卡,客户通常必须经过激活过程来激活卡。激活卡通常涉及持卡人拨打电话号码或访问网站并输入或以其他方式提供卡信息的耗时过程。然而,目前的解决方案是有问题的,并且容易出现人为错误。因为它们要求客户输入信息,并且容易出错。因此,存在一种激活卡的改进方法。
发明内容
实施例可以总体上针对系统、设备和技术,包括经由移动设备执行非接触式卡的激活的计算机实施方法。该技术可以包括经由无线接口从非接触式卡接收用于应用的第一统一资源定位符(URL),该应用被配置为执行激活,并且响应于接收到第一URL而启动该应用。该技术可以包括经由无线接口将用于条件的第二URL写入非接触式卡,经由无线接口从非接触式卡接收条件的第二URL,以及在移动设备的显示器上呈现条件。该技术还可以包括编写用于第一唯一标识符的第三URL,以识别与非接触式卡相关联的客户,接收第三URL以确认条件;以及确定至少部分地响应于条件被确认而使非接触式卡被激活。
实施例也可以总体上针对技术和系统,包括与非接触式卡交换通用资源定位符的装置,包括处理器和存储器,存储器包括可以由处理器执行的指令。处理器在执行指令时可以经由无线接口从非接触式卡接收用于应用的第一统一资源定位符(URL),该应用被配置为执行非接触式卡的操作,响应于接收到第一URL而启动应用,以及经由无线接口将用于条件的第二URL写入非接触式卡。处理器还可以经由无线接口从非接触式卡接收条件的第二URL,在显示器上呈现条件,编写用于第一唯一标识符的第三URL以识别与非接触式卡相关联的客户,并且从非接触式卡接收第三URL来确认条件。
实施例还可以包括非暂时性计算机可读介质,包括一组指令,指令响应于由非接触式卡的处理器电路执行,使得处理器电路响应于第一无线读取,经由无线接口向移动设备发送用于应用的第一统一资源定位符(URL),第一URL存储在非接触式卡的存储器中,以及在存储器中存储与非接触式卡有关的条件的第二URL,第二URL从移动设备接收。实施例还包括处理器电路,该处理器电路被配置为响应于第二无线读取向移动设备发送条件的第二URL,在存储器中存储用于唯一标识符的第三URL以识别与非接触式卡相关联的客户,以及响应于第三无线读取发送第三URL以确认条件。
附图说明
为了容易识别对任何特定元素或动作的讨论,参考编号中的一个或多个最高有效数字指代该元素被首次引入的图号。
图1示出了根据实施例的非接触式卡100。
图2示出了根据实施例的非接触式卡组件200。
图3示出了根据实施例的主题的一个方面。
图4示出了根据实施例的例程400。
图5示出了根据实施例的例程500。
图6示出了根据实施例的例程600。
图7示出了根据实施例的序列流程700。
图8示出了根据实施例的数据结构800。
图9是根据示例实施例的密钥系统的图。
图10是根据示例实施例的生成密码的方法的流程图。
图11示出了根据实施例的主题的一个方面。
图12示出了根据实施例的主题的一个方面。
具体实施方式
实施例总体上针对执行非接触式卡(诸如信用卡和借记卡)的激活的方法、设备和系统。通常,客户可能在邮件中或者从处于非激活状态的银行分行接收到非接触式卡。要激活卡,客户必须经过一个过程,通常包括拨打电话号码和/或访问网站。然后,客户被要求输入信息(诸如卡面上的账号),并且由银行操作和/或控制的后端激活系统执行激活序列来激活卡。然而,这些当前的解决方案是有问题的,因为它们需要客户输入信息,并且容易出错。例如,客户在经由电话小键盘或键盘输入号码时,可能会错误地输入帐号的数字。在这些情况下,出于安全目的,激活系统通常不会告诉客户他们的错误,而只是停止激活尝试,例如,挂断客户的电话或声明激活无法完成。
本文讨论的实施例针对这些问题以及在一个或多个技术领域或技术范畴(例如,非接触式卡的电子激活)提供了改进。所讨论的实施例包括客户用最少的指令从发卡机构接收非接触式卡。例如,指令可以仅仅告诉客户打开他们的移动设备上的近场通信(near-field communication,NFC)接口。然后客户可以被指令在移动设备上和/或附近用卡执行一系列轻敲,以完成激活卡所需的步骤。将卡轻敲在移动设备上确保了客户将非接触式卡带到设备的操作范围内,并且可以发生信息的无线交换。在一个示例中,客户可以被指令将非接触式卡轻敲在在移动设备的表面上,诸如在显示器上。将非接触式卡带到移动设备的范围内可能导致动作或一系列动作发生以执行操作,诸如激活非接触式卡。
在一个具体示例中,非接触式卡可以被发送给使用资源定位符(诸如统一资源定位符(uniform resource locator,URL)、统一资源标识符(uniform resourceidentifier,URI)、统一资源名称(uniform resource name,URN)等)编程的用户。例如,资源定位符可以被存储在非接触式卡的存储器中,并且可以在非接触式卡被带到范围时作为移动设备执行的读取操作的一部分被通信到移动设备。移动设备可以基于接收到资源定位符来执行动作。例如,资源定位符可以是启动应用(app)商店或银行app的链接或指令。移动设备在接收到资源定位符后,可以启动app商店来下载应用(诸如与非接触式卡相关的银行app)。在某些实例中,app可能已经被安装在移动设备上,并且资源定位符可能会导致银行app启动。包括app的移动设备可以让客户经历一系列动作,其中当卡被带到移动设备的无线通信范围时发起下一个动作。例如,一旦应用在移动设备上被安装/启动,客户就可以被指令再次轻敲非接触式卡,以启动一组条款和条件来通读。客户可以提供另一次轻敲以接受非接触式卡的服务条款,并授权移动设备通过与激活服务器通信来激活卡。一旦激活,卡就可能处于激活状态,并且然后每次额外的轻敲都可能导致相同的动作发生,例如,银行app被启动到登录页面,该登录页面可以示出与账户相关的详细信息。
本文讨论的实施例不限于执行激活过程。例如,本文所讨论的操作可以被用于引起任何数量的操作或一系列动作被执行,并且非接触式卡可以被用作状态机,以保存用于执行操作的一系列步骤中的下一步骤的指令。如在以下描述中将变得更加明显的,当非接触式卡被带到设备的无线操作范围时,设备和卡之间可能发生通信交换,例如读/写操作。例如,设备可以从卡读取资源定位符,并且m将新的指令或资源定位符写入卡的存储器。指令或资源定位符可以由非接触式卡用来保持状态或一系列步骤中的步骤以执行操作。在下一次读取操作时,非接触式卡可以向读取设备提供指令或资源定位符以引起下一步骤。这些和其他细节将在以下描述中变得更加明显。
现在参考附图,其中类似的参考标记始终被用于指代类似的元素。在以下描述中,出于解释的目的,阐述了许多具体细节,以便提供对其的透彻理解。然而,可能明显的是,可以在没有这些具体细节的情况下实践新颖的实施例。在其他实例中,以框图的形式示出公知的结构和设备,以便于其的描述。意图是覆盖权利要求的范围内的所有修改、等效物和替代物。
图1示出了非接触式卡100的示例配置,其可以包括交易卡、支付卡,诸如信用卡、借记卡或礼品卡,其由服务提供商(如显示为在非接触式卡100的正面或背面上的服务提供商标记102)发行。在一些示例中,非接触式卡100与支付卡无关,并且可以包括但不限于识别卡。在一些示例中,交易卡可以包括双接口非接触式支付卡、奖励卡等等。非接触式卡100可以包括基板108,基板108可以包括单层,或者由塑料、金属和其他材料组成的一个或多个层压层。示例性基板材料包括聚氯乙烯、聚氯乙烯乙酸酯、丙烯腈丁二烯苯乙烯、聚碳酸酯、聚酯、阳极化钛、钯、金、碳、纸和可生物降解材料。在一些示例中,并且非接触式卡100可以具有符合ISO/IEC 7816标准的ID-1格式的物理特性,并且交易卡可以另外符合ISO/IEC14443标准。然而,应当理解,根据本公开的非接触式卡100可以具有不同的特性,并且本公开不要求在支付卡中实施交易卡。
非接触式卡100还可以包括显示在卡的正面和/或背面上的标识信息106以及接触垫104。接触垫104可以包括一个或多个垫,并且被配置为经由交易卡与另一客户端设备(诸如ATM、用户设备、智能手机、膝上型电脑、台式机或平板电脑)建立接触。接触垫可以根据一个或多个标准(诸如ISO/IEC 7816标准)被设计,并且使能根据EMV协议的通信。非接触式卡100还可以包括处理电路、天线和其他组件,如将在图2中被进一步讨论的。这些组件可以位于接触垫104后面或基板108上的其他地方,例如在基板108的不同层内,并且可以与接触垫104电气耦合和物理耦合。非接触式卡100还可以包括磁条或磁带,其可以位于卡的背面(图1中未示出)。非接触式卡100还可以包括与天线耦合的NFC设备,天线能够经由NFC协议进行通信。实施例不以这种方式被限制。
如图2所示,非接触式卡100的接触垫104可以包括用于存储、处理和通信信息的处理电路216,包括处理器202、存储器204和一个或多个接口206。应当理解,处理电路216可以包含如执行本文所述功能所需的附加组件,包括处理器、存储器、错误和奇偶/CRC校验器、数据编码器、防冲突算法、控制器、命令解码器、安全原语和防篡改硬件。
存储器204可以是只读存储器、一次写入多次读取存储器或读/写存储器(例如RAM、ROM和EEPROM),并且非接触式卡100可以包括这些存储器中的一个或多个。只读存储器可以在工厂可编程为只读或一次性可编程。一次性可编程性提供了一次写入然后多次读取的机会。一次写入/多次读取存储器可以在存储器芯片出厂后的某个时间点被编程。一旦存储器被编程,它就可能不会被重写,但可能会被多次读取。读/写存储器可能在出厂后多次被编程和重新编程。读/写存储器也可以在出厂后多次被读取。在一些实例中,存储器204可以是利用由处理器202执行的加密算法来加密数据的加密存储器。
存储器204可以被配置为存储一个或多个小应用程序208、一个或多个计数器210、客户标识符214和账号212,它们可以是虚拟账号。一个或多个小应用程序208可以包括被配置为在一个或多个非接触式卡上执行的一个或多个软件应用,诸如卡小应用程序。然而,应当理解,小应用程序208不限于Java卡小应用程序,并且代之可以是在非接触式卡或具有有限存储器的其他设备上可操作的任何软件应用。一个或多个计数器210可以包括足以存储整数的数字计数器。客户标识符214可以包括分配给非接触式卡100的用户的唯一字母数字标识符,并且该标识符可以将非接触式卡的用户与其他非接触式卡用户区分开来。在一些示例中,客户标识符214可以标识客户和分配给该客户的账户,并且可以进一步标识与该客户的账户相关联的非接触式卡100。如所陈述的,账号212可以包括与非接触式卡100相关联的数千个一次性使用虚拟账号。非接触式卡100的小应用程序208可以被配置为管理账号212(例如,选择账号212,将所选账号212标记为已使用),并将账号212传输到移动设备以通过自动填充服务进行自动填充。
前述示例性实施例的处理器202和存储器元件参考接触垫104被描述,但本公开不限于此。应当理解,这些元件可以在接触垫104之外被实施或与接触垫104完全分离,或者作为位于接触垫104内的进一步元件(除了处理器202和存储器204元件之外)。
在一些示例中,非接触式卡100可以包括一个或多个天线218。一个或多个天线218可以被放置在非接触式卡100内并围绕接触垫104的处理电路216。例如,一个或多个天线218可以与处理电路216集成,并且一个或多个天线218可以与外部升压线圈一起使用。作为另一示例,一个或多个天线218可以在接触垫104和处理电路216的外部。
在实施例中,非接触式卡100的线圈可以充当空心变压器的次级。终端可以通过切断功率或幅度调制与非接触式卡100进行通信。非接触式卡101可以使用非接触式卡的功率连接中的间隙来推断从终端传输的数据,该功率连接可以通过一个或多个电容器在功能上保持。非接触式卡100可以通过切换非接触式卡的线圈上的负载或负载调制来反向通信。负载调制可能通过干扰在终端的线圈中被检测到。更一般地,使用天线218、处理器202和/或存储器204,非接触式卡101提供通信接口以经由NFC、蓝牙和/或Wi-Fi通信进行通信。
如上所解释的,非接触式卡100可以被构建在可在智能卡或具有有限存储器的其他设备(诸如JavaCard)上操作的软件平台上,并且一个或多个或多个应用或小应用程序可以被安全地执行。小应用程序208可以被添加到非接触式卡,以在各种基于移动应用的用例中提供用于多因素认证(multifactor authentication,MFA)的一次性密码或通行码(one-time password or passcode,OTP)。小应用程序208可以被配置为响应来自读取器(诸如移动NFC读取器(例如,移动设备或销售点终端的))的一个或多个请求(诸如近场数据交换请求),并且产生NDEF消息,该NDEF消息包括编码为NDEF文本标签的密码安全OTP。
NDEF OTP的一个示例是NDEF短记录布局(SR=1)。在这种示例中,一个或多个小应用程序208可以被配置为将OTP编码为NDEF类型4公知类型文本标签。在一些示例中,NDEF消息可以包括一个或多个记录。小应用程序208可以被配置为除了OTP记录之外还添加一个或多个静态标签记录。
在一些示例中,一个或多个小应用程序208可以被配置为模拟RFID标签。RFID标签可以包括一个或多个多态标签。在一些示例中,每次读取标签时,都会呈现不同的密码数据,这些数据可能指示非接触式卡的真实性。基于一个或多个小应用程序208,标签的NFC读取可以被处理,数据可以被传输到服务器(诸如银行系统的服务器),并且数据可以在服务器处被验证。
在一些示例中,非接触式卡100和服务器可以包括某些数据,使得卡可以被正确识别。非接触式卡100可以包括一个或多个唯一标识符(未示出)。每次发生读取操作时,计数器210可以被配置为递增。在一些示例中,每次来自非接触式卡100的数据被读取(例如,通过移动设备)时,计数器210被传输到服务器以进行验证,并且确定计数器210是否等于(作为验证的一部分)服务器的计数器。
一个或多个计数器210可以被配置为防止重放攻击。例如,如果密码已被获得并重放,则如果计数器210已经被读取或使用或以其他方式传递,则该密码立即被拒绝。如果计数器210尚未被使用,则其可以被重放。在一些示例中,卡上递增的计数器与对于交易递增的计数器不同。由于非接触式卡100上的小应用程序208之间没有通信,因此非接触式卡101不能确定应用交易计数器210。
在一些示例中,计数器210可能不同步。在一些示例中,为了考虑启动交易的意外读取(诸如以某个角度读取),计数器210可以递增,但应用不处理计数器210。在一些示例中,当移动设备10被唤醒时,NFC可以被启用,并且设备110可以被配置为读取可用标签,但是不采取响应于读取的动作。
为了保持计数器210同步,可以执行应用(诸如后台应用),该应用将被配置为检测移动设备110何时唤醒并与银行系统的服务器同步,指示由于检测而发生的读取,然后向前移动计数器104。在其他示例中,可以利用散列的一次性密码,使得可以接受错误同步的窗口。例如,如果在阈值10内,则计数器210可以被配置为向前移动。但是,如果在不同的阈值数内,例如在10或1000内,则可以处理用于执行重新同步的请求,该请求经由一个或多个应用请求:用户经由用户的设备轻敲、手势或以其他方式指示一次或多次。如果计数器210以适当的顺序增加,则可以知道用户已经这样做了。
本文中参考计数器210、主密钥和多样化密钥描述的密钥多样化技术是加密和/或解密密钥多样化技术的一个示例。该示例密钥多样化技术不应被认为是对本公开的限制,因为本公开同样适用于其他类型的密钥多样化技术。
在非接触式卡100的创建过程期间,每个卡可以唯一地分配两个密码密钥。密码密钥可以包括对称密钥,对称密钥可以被用于数据的加密和解密。三重DES(3DES)算法可以由EMV使用,并且其由非接触式卡100中的硬件实施。通过使用密钥多样化过程,一个或多个密钥可以基于需要密钥的每个实体的唯一可识别信息从主密钥导出。
在一些示例中,为了克服3DES算法的缺陷(其可能容易受到漏洞的影响),可以导出会话密钥(诸如每个会话的唯一密钥),但不是使用主密钥,唯一卡导出的密钥和计数器可以被用作多样化数据。例如,每次在操作中使用非接触式卡101时,可以使用不同的密钥来创建消息认证码(message authentication code,MAC)和执行加密。这会产生三层密码。会话密钥可以由一个或多个小应用程序生成,并通过使用应用交易计数器与一个或多个算法(如EMV 4.3Book 2A1.3.1通用会话密钥导出中所定义)来导出。
此外,每张卡的增量可以是唯一的,并且或者通过个性化来分配,或者通过一些标识信息来算法分配。例如,奇数编号的卡可以递增2,以及偶数编号的卡可以递增5。在一些示例中,增量也可以在顺序读取中变化,使得一张卡可以按顺序递增1、3、5、2、2、…重复。特定顺序或算法顺序可以在个性化时定义,或者从源自唯一标识符的一个或多个过程定义。这会使重放攻击者更难从少量卡实例中进行概括。
认证消息可以作为十六进制ASCII格式的文本NDEF记录的内容被递送。在另一示例中,NDEF记录可以以十六进制格式被编码。
在实施例中,非接触式卡100可以在存储器204中存储资源定位符220。例如,在创建过程期间,用于启动激活过程的资源定位符220可以被写入存储器204。在激活过程期间,设备(诸如移动设备)可以执行NDEF读取操作以读取资源定位符220。在一个示例中,非接触式卡可以用资源定位符220发起,资源定位符220指向app商店以下载与非接触式卡相关的app。例如,资源定位符220可以是“https://play.google.com/store/apps/details?id=<package_name>,”其中package_name可以参考app。在另一示例中,资源定位符220可以是“http://apps.apple.com/<country>/app/<app–name>/id<store-ID>,”其中app-name和id是下载app的参考。在实施例中,存储器204可以包括两个资源定位符,使得客户可以使用具有操作系统或/>操作系统的任何设备来激活非接触式卡。在一些实例中,app可能已经被安装在移动设备上,并且资源定位符220可以使移动设备的操作系统来启动app。例如,在接收到资源定位符220时,移动设备可以检查app是否被安装,如果是,则操作系统将跳过安装过程并启动app。
在实施例中,包括资源定位符220的非接触式卡100可以被用作“状态机”,其中一系列操作中的下一个操作可以被存储在资源定位符220中,直到其准备好由外部设备(移动设备)执行/处理。存储器204中的资源定位符220可以用该系列操作的新指令或定位符更新,直到该系列完成为止。
设备(诸如移动设备)可以使用NDEF编写或重写指令向存储器204编写,以更新资源定位符220。例如,在激活过程期间,移动设备可以读取资源定位符220,以安装和/或启动与非接触式卡相关的app。移动设备还可以执行编写操作以将新的资源定位符220写入存储器204以用于要执行的下一操作。在一些实施例中,下一操作可能要求客户审阅与非接触式卡相关联的条款和条件,并且移动设备可以在存储器204中编写到资源定位符220的条款和条件的链接。在一个示例中,该链接可以是到移动设备上的app内的本地位置的深度链接。在另一示例中,该链接可以是外部链接(在app之外),以在移动设备上的网络浏览器中启动网站。实施例不限于这些示例。
在实施例中,一旦设备从非接触式卡100接收到资源定位符,设备就可以将下一操作作为资源定位符写入卡。例如,设备可以编写唯一标识符,该唯一标识符可以被客户用来接受条款和条件。具体地,当客户已经通读并准备接受条款和条件时,客户可以将非接触式卡100带到设备的范围内,并且设备可以执行NFC读取操作以读取包括唯一标识符的资源定位符。设备可以确定条款和条件被接受,并且用激活服务器/系统执行激活。
在激活序列期间,非接触式卡组件200(包括存储器204)可以用一个或多个资源定位符220更新。每次,非接触式卡100被带到范围(NFC范围)内时,资源定位符220可以用不同/新的资源定位符或指令来更新,以在移动设备上执行激活序列的下一操作。移动设备可以执行NDEF编写操作以将新的资源定位符220写入存储器204。不同的资源定位符220中的每一个可以使得移动设备执行不同的操作,诸如下载/启动app、呈现条款和条件以及接受条款和条件,如先前所讨论的。一旦被激活,资源定位符220就可以存储指令或资源定位符,以使移动设备上的app发起到登录页面。例如,资源定位符220可以使app发起到示出账户信息(与非接触式卡相关联)(例如,账户余额、支付活动、交易、奖金/奖励等)的页面。非接触式卡200可以存储资源定位符220,并且使app启动到登录页面,直到资源定位符220用新指令更新以执行另一操作为止。
图3示出了可以被用于执行非接触式卡的激活的示例系统300。在图示的示例中,系统300包括非接触式卡100、移动设备302和激活系统304。系统300的组件可以被配置为经由一个或多个有线和/或无线互连与每个组件通信。例如,非接触式卡100可以被配置为根据无线协议(诸如无线保真(WiFi)等)经由无线互连与移动设备302通信。移动设备302还可以被配置为根据无线和/或有线协议与激活系统304通信。
在实施例中,系统300可以由客户利用,以经由移动设备302激活非接触式卡100。例如,非接触式卡100可以在创建期间被配置有资源定位符,该资源定位符使得移动设备302上的操作系统安装或启动与非接触式卡100相关联的app。在操作中,非接触式卡100可以被提供给客户有指令,以打开移动设备302上的短程无线电(诸如NFC接口),并且将非接触式卡100带到移动设备302的范围内。该范围可以是通过将卡轻敲在移动设备302上而满足的短程无线电的操作范围。在一个示例中,该范围可以是根据NFC标准的操作范围。移动设备302可以检测非接触式卡100并且执行与非接触式卡100的交换以建立通信,例如NFC交换。
与非接触式卡100通信的移动设备302可以执行读取操作(NFC读取)以从非接触式卡100的存储器读取数据。在实施例中,读取操作可以参考存储器位置或另一标识符来读取存储在存储器中的资源定位符。包括电路的非接触式卡100可以处理读取操作,从存储器检索资源定位符,并且将资源定位符提供给移动设备302。移动设备302可以处理从非接触式卡100接收的包括资源定位符的数据。在该示例中,移动设备302的操作系统可以启动app商店以下载银行app,或者如果该app已被安装在移动设备302上则发起该银行app。
在一些实例中,客户可能被要求执行多个步骤来执行非接触式卡100的激活。移动设备302可以将新的资源定位符写入非接触式卡100的存储器中以执行每个新的操作。例如,响应于发起移动设备302的app,包括该app的移动设备302可以向非接触式卡100的存储器编写(NFC编写操作)新的资源定位符。新的资源定位符可以是指向与非接触式卡100相关联的条款和条件的指令或链接(深度链接)。因此,下次非接触式卡100被带到移动设备302的通信范围时,移动设备302可以执行另一NFC读取操作,从非接触式卡100接收更新的资源定位符,并且执行一个或多个操作来处理资源定位符。例如,移动设备302可以处理资源定位符,这可以使app在银行app的显示器或移动设备302的网络浏览器上的图形用户界面(graphical user interface,GUI)中呈现条款和条件。
在实施例中,非接触式卡100可以被用于认证用户并接受条款和条件。例如,移动设备302可以获得与客户相关联的唯一标识符。移动设备302可以要求客户输入凭证(诸如密码、唯一图案、生物特征、通行码等),并且移动设备302可以基于所输入的凭证来获得和/或生成用于客户的唯一标识符。在一些实例中,移动设备302可以生成用于唯一标识符的随机字母数字序列。实施例不以这种方式被限制。
移动设备302可以执行编写操作,以编写包括唯一标识符的新资源定位符。一旦客户准备好接受条款和条件,移动设备302就可以指令客户将卡带到范围内。移动设备302可以执行读取操作以读取包括唯一标识符的资源定位符并激活非接触式卡100。
为了执行激活,移动设备302可以与激活系统304通信数据。数据可以包括识别客户、识别非接触式卡100、确认条款和条件被接受等的信息。激活系统304可以处理数据并向移动设备302确认非接触式卡100被激活或激活失败。移动设备302可以在app GUI中显示信息,指示非接触式卡100是否被激活。
在一些实例中,非接触式卡100可以生成唯一标识符并将其与OTP通信以执行认证操作。例如,为了接受条款和条件和/或将银行app启动到具有敏感信息的登录页面,移动设备302可以指令客户将非接触式卡100带到移动设备302的范围内。一旦在范围内,非接触式卡100和移动设备302就可以执行NFC交换。例如,包括指令的非接触式卡100可以被配置为响应来自移动设备302的移动NFC读取器的一个或多个请求(诸如近场数据交换请求),并且产生NDEF消息,该NDEF消息包括被编码为具有唯一标识符的NDEF文本标签的密码安全OTP。NDEF OTP的一个示例是NDEF短记录布局(SR=1)。在这种示例中,一个或多个卡指令可以被配置为将OTP编码为NDEF类型4众所周知的类型文本标签。在一些示例中,NDEF消息可能包括一个或多个记录。指令可以被配置为除了OTP记录之外还添加一个或多个静态标签记录。
在实施例中,非接触式卡100可以被激活,并且资源定位符可以被设置有唯一标识符,以与OTP一起使用,以对每个读取操作执行认证。例如,每次非接触式卡100被带到移动设备302的范围时,移动设备302可以接收具有加密的唯一标识符的OTP,并执行认证操作。如果被认证,则移动设备302可以使动作发生,诸如将app启动到登录页面(包括账户余额和/或与银行账户有关的其他信息)。
图4示出了可以由移动设备302执行以激活非接触式卡100的示例例程400。在框402中,例程400包括经由无线接口从非接触式卡接收用于应用的第一统一资源定位符(URL)。在实施例中,应用可以是银行app,并且被配置为执行激活。第一URL可以被存储在非接触式卡100的存储器中,并且作为包括NDEF读取的NDEF交换的一部分被通信到移动设备302。第一URL可以由移动设备302的操作系统处理并引起一个或多个事件。具体地,在框404处,例程400包括响应于接收到第一URL而启动应用。在一些实例中,app可以被安装在移动设备302上,并且在接收到第一URL时,操作系统可以使app执行。在其他实例中,app可以不被安装在移动设备302上。在这些实例中,操作系统可以使app商店启动,并且第一URL可以包括将app商店引导到银行app的下载页面的信息。实施例不以这种方式被限制。
在框406中,例程400包括将用于条件的第二URL写入非接触式卡。在实施例中,第二URL可以包括指向位置的链接(诸如深度链接或网络链接),以使得条款和条件在移动设备302的显示器上呈现给用户。移动设备302可以从app确定第二URL,该第二URL可以是本地存储在app的文件内的深度链接。该app在被启动以执行非接触式卡的激活时,可以提供到操作系统的深度链接,并且操作系统可以生成消息,诸如“编写NDEFMessage消息”,包括深度链接作为第二URL写入非接触式卡。在其他实例中,app可以提供指向网站,或者可以通过网络浏览器访问的网站页面的链接。操作系统可以使用NDEF消息将网站/页面链接写入非接触式卡。非接触式卡可以将第二URL存储在存储器中,直到为激活序列准备好执行下一操作(例如,客户准备好通过再次将卡带到移动设备的范围内来查看条款和条件)为止。
在框408中,例程400包括从非接触式卡接收条件的第二URL。在一些实例中,app可以在移动设备302的显示器上的GUI中呈现用于用户将非接触式卡带到移动设备302的范围内以读取条款和条件的指令,例如用于客户将非接触式卡轻敲在显示器上的指令。移动设备302可以执行读取操作。响应于读取操作,移动设备302可以在NDEF消息中从非接触式卡接收第二URL。移动设备302的操作系统可以处理第二URL,包括使app或网络浏览器打开并显示条款和条件。如所提到的,第二URL可以是指向app本身内的位置或指向网站/页面的链接。此外,并且在框410处,例程400包括在移动设备的显示器上呈现条件。条款和条件可以在GUI中被呈现,并且可以由客户阅读。然后,客户可以阅读条款和条件。
在框412中,例程400包括编写用于唯一标识符的第三URL,以识别与非接触式卡相关联的客户。包括唯一标识符的第三URL可以由移动设备302使用,以在客户接受条款和条件时识别客户并激活卡。唯一标识符可以是字母数字符号的任何组合。在一些实例中,唯一标识符可以基于与非接触式卡有关的信息(例如,账号、邮政编码、地址等)和/或客户输入的凭证。然而,在其他实例中,唯一标识符可以是完全随机的,并且由app和/或操作系统生成。
在框414中,例程400包括接收第三URL以确认条件。在一些实例中,app可以在显示器中向客户呈现条款和条件,并且包括用于客户将非接触式卡带到移动设备302的范围内以接受条款和条件的指令。在一个示例中,指令可以指令客户将非接触式卡轻敲在移动设备302上。当非接触式卡在范围内时,移动设备302可以执行读取操作。包括app的移动设备302可以接收包括唯一标识符的第三URL,以确保同一客户/卡正被用于接受条款和条件。如果接收到的唯一标识符与先前编写(框412)的唯一标识符匹配,则app可以确定客户接受了条款和条件。
在实施例中,一旦客户接受条款和条件,移动设备302就可以激活非接触式卡。例如,包括app的移动设备302可以与激活系统304通信以激活非接触式卡。在一些示例中,移动设备302可以向激活系统304通信指示客户接受条款和条件的信息以及识别正被激活的非接触式卡的信息。识别卡的信息可以包括与客户相关联的标识符(用户名)、非接触式卡的账号或其他识别信息。激活系统304可以利用该信息并激活非接触式卡以用于执行交易。在框416处,例程400包括确定非接触式卡至少部分地响应于条件被确认而被激活。在一个示例中,移动设备302可以从激活系统304接收指示,其指示非接触式卡已经被激活或者激活失败。移动设备302可以例如通过在显示器上呈现信息(关于非接触式卡是否被激活)来通知客户。在一些实例中,当激活失败时,app可能会向客户呈现如何修复失败的激活尝试的指令。
在实施例中,一旦卡被激活,客户可以利用非接触式卡与移动设备302将app启动到登录页面或执行另一动作。例如,对于卡被带到移动设备302的范围内的每个附加实例,操作系统可以进行检测并启动app。移动设备302还可以执行读取操作,并且非接触式卡可以向移动设备302发送信息。在一个示例中,非接触式卡可以生成密码,该密码可以包括唯一标识符和OTP,并且在密码中通信到移动设备302。移动设备302可以使用唯一标识符和OTP来认证用户,并且使得包括敏感信息的登录页被呈现给用户。
图5示出了可以由非接触式卡100执行以经由移动设备302激活非接触式卡100的示例例程500。在框502中,例程500包括向移动设备发送用于应用的第一统一资源定位符(URL)。在实施例中,非接触式卡可以响应于读取操作,经由无线接口(诸如NFC接口)将第一URL发送到移动设备302。第一URL可以被存储在非接触式卡的存储器中。包括电路的非接触式卡可以从存储器中检索第一URL,并且在NDEF消息中将其通信到移动设备302。在一些实例中,第一URL可以是启动移动设备302上的app的链接。在一些实例中,当app未安装在移动设备302上时,移动设备302可以响应于接收到第一URL而启动app商店。
在框504中,例程500包括接收与激活非接触式卡有关的条件的第二URL。第二URL可以由非接触式卡从移动设备302接收。在一些实例中,移动设备302可以执行NFC编写操作以将第二URL写入非接触式卡的存储器。第二URL可以包括与非接触式卡相关联的条款和条件的链接,并且可以被包括在NDEF消息中。在框506处,例程500包括通过非接触式卡将第二URL存储在存储器中。
在框508中,例程500包括向移动设备发送第二URL。在实施例中,第二URL可以由非接触式卡响应于移动设备302执行的另一读取操作来进行通信。非接触式卡可以在NDEF消息中向移动设备302发送第二URL。在实施例中,当非接触式卡被带到移动设备302的无线操作范围时,可以执行读取操作,如先前所讨论的。
在框510中,例程500接收用于唯一标识符的第三URL,以识别与非接触式卡相关联的客户。响应于由移动设备302执行的编写操作,第三URL可以由非接触式卡接收。类似于读取操作,当非接触式卡被带到移动设备302的无线范围时,可以执行编写操作。在一些实施例中,读和写操作可以在同一实例期间作为交换的一部分被执行。例如,客户可以将非接触式卡带到移动设备302的范围内,并且移动设备302可以执行读取操作,如框508中所讨论的,以读取第二URL。移动设备302可以确定资源定位符220需要被更新,并且可以执行编写操作以将第三URL写入非接触式卡的存储器。当客户将非接触式卡带到无线范围内时,交换可能在单个实例期间发生。此外,并且在框512处,例程500包括在非接触式卡的存储器中存储第三URL。
在框514处,例程500包括向移动设备发送第三URL。在实施例中,非接触式卡可以响应于非接触式卡被带到移动设备302的无线范围而发送第三URL,如先前那样。在这种实例中,客户可以响应于在移动设备302上呈现给客户的指令并接受或确认条款和条件,将非接触式卡带到移动设备302的范围内。第三URL可以包括唯一标识符,该唯一标识符可以由移动设备302使用以确认正确的卡/客户正在确认条款和条件。第三URL可以作为读取操作的一部分并且在NDEF消息中被通信到移动设备302。
本文所讨论的技术不限于执行非接触式卡的激活序列,并且可以通过将非接触式卡用作“状态机”来执行不同的操作或一系列动作。例如,具有NFC读和写能力的设备可以利用非接触式卡的存储器来存储数据,诸如指令或指令块,作为资源定位符。例如,该设备可以将数据作为资源定位符写入非接触式卡的存储器,以存储要执行的一系列动作或操作中的状态。当要执行下一个动作时,设备可以读取资源定位符并且基于被存储在存储器中的内容来执行下一动作。该设备可以将包括下一指令的数据作为资源定位符写入非接触式卡的存储器。该过程可以重复,直到该系列动作完成为止。在一些实例中,非接触式卡在其被读取时可以包括具有资源定位符的OTP,使得设备可以确认和/或认证用户。在非接触式卡和设备之间通信的数据可以在NDEF消息中以原始格式或加密格式被通信。
图6示出了示例例程600,其通过非接触式卡将数据存储为资源定位符以执行一系列动作或操作中的操作,并且非接触式卡可以被用作状态机来执行操作被执行。在框602处,例程600包括将指令或数据存储在非接触式卡的存储器中。例如,设备(诸如移动设备或销售点(POS)终端)可以将包括指令的数据作为资源定位符写入非接触式卡的存储器中。数据可以是执行一个或多个操作以完成一系列操作的指令。该设备可以执行NFC编写操作,以利用短程无线电(诸如NFC和in以及NDEF消息)将数据写入存储器。非接触式卡可以将数据存储在存储器中,直到下一次读取操作为止和/或直到数据被重写为止。资源定位符中的数据或指令可以包括可以由计算设备执行的任何操作。在示例中,数据可以是指向位置的链接,例如,网络链接或指向存储器位置的链接/指针。在另一示例中,数据可以是可以在设备上实施和/或执行的计算机指令。指令可以是可以由设备执行的高级指令,诸如脚本语言中使用的指令,或者是低级指令,诸如C代码、JAVA代码、汇编代码等。实施例不以这种方式被限制。
在框604处,例程600包括向设备提供数据。例如,设备可以执行NFC读取操作,并且非接触式卡可以生成NDEF消息以将数据通信到设备。在一些实施例中,数据可以以密码被通信,如本文所讨论的。该数据可以由该设备使用并且使得操作被执行。
在框606处,例程600包括确定是否接收到包括指令的新数据。例如,非接触式卡可以检测由设备发起的编写操作,以编写包括该系列动作的下一指令的新数据。如果检测到新数据,则非接触式卡可以将数据存储在存储器中,如例程600所指示的。如果没有检测到新数据,则例程600可以结束,直到执行另一编写操作为止。
例程600可以被用于由设备执行任何类型的一系列操作,诸如通过POS终端和/或在移动设备上完成交易、经由银行app进行支付、改变银行app上的设置等。实施例不限于这些示例。
图7是示出根据本公开的一个或多个实施例的用于提供经认证的访问的示例序列的时序图。序列流700可以包括非接触式卡100和客户端设备702,客户端设备702可以包括应用704和处理器706。在一些实施例中,客户端设备702可以是移动设备302。在一些实例中,可以在移动设备302和非接触式卡100之间执行以下序列,以执行激活步骤中的一个或多个和/或认证客户以将app启动到移动设备302上的登录页面,如先前关于图3所讨论的。
在线710处,应用704与非接触式卡100通信(例如,在被带到非接触式卡100附近之后)。应用704和非接触式卡100之间的通信可以涉及非接触式卡100足够靠近客户端设备702的读卡器(未示出),以使能应用704与非接触式卡100之间的NFC数据传递。
在线708处,在客户端设备702和非接触式卡100之间建立通信之后,非接触式卡100生成消息认证码(MAC)密码。在一些示例中,这可能在非接触式卡100被应用704读取时发生。特别地,这可能发生在近场数据交换(near field data exchange,NDEF)标签的读取(诸如NFC读取)时,该标签可以根据NFC数据交换格式被创建。例如,读取器应用(诸如应用704)可以传输具有NDEF产生小应用程序的小应用程序ID的消息(诸如小应用程序选择消息)。在确认选择后,可以传输选择文件消息的顺序,随后是读取文件消息。例如,顺序可能包括“选择能力文件”、“读取能力文件”和“选择NDEF文件”。在这一点上,由非接触式卡100维护的计数器值可以被更新或递增,其后面可以是“读取NDEF文件”。在这一点上,可以生成消息,该消息可以包括报头和共享秘密。然后可以生成会话密钥。MAC密码可以从消息被创建,该消息可以包括报头和共享秘密。然后,MAC密码可以与一个或多个随机数据块串联,并且MAC密码和随机数(random number,RND)可以用会话密钥被加密。此后,密码和报头可以被串联,并且被编码为ASCII十六进制,并以NDEF消息格式返回(响应于“读取NDEF文件”消息)。
在一些示例中,MAC密码可以作为NDEF标签被传输,并且在其他示例中,该MAC密码可以被包括有统一资源指示符或定位符(例如,作为格式化的字符串)。例如,MAC密码可以包括资源定位符(包括唯一标识符)。在一些示例中,应用704可以被配置为向非接触式卡100传输请求,该请求包括生成MAC密码的指令。
在线712处,非接触式卡100向应用704发送MAC密码。在一些示例中,MAC密码的传输经由NFC发生,然而,本公开不限于此。在其他示例中,这种通信可以经由蓝牙、Wi-Fi或无线数据通信的其他手段发生。在线714处,应用704将MAC密码通信到处理器706。
在线716处,处理器706根据来自应用122的指令验证MAC密码。例如,可以验证MAC密码,如下面所解释的。在一些示例中,验证MAC密码可以由除客户端设备702以外的设备执行,诸如与客户端设备702进行数据通信的银行系统的服务器。例如,处理器706可以输出MAC密码以传输到银行系统的服务器,该服务器可以验证MAC密码。在一些示例中,MAC密码可以用作用于验证目的的数字签名。其他数字签名算法,诸如公钥非对称算法,例如数字签名算法和RSA算法,或者零知识协议,可以被用于执行该验证。
图8示出了根据示例实施例的NDEF短记录布局(SR=1)数据结构800。一个或多个小应用程序可以被配置为将OTP编码为NDEF类型4公知类型文本标签。在一些示例中,NDEF消息可以包括一个或多个记录。小应用程序可以被配置为除了OTP记录之外还添加一个或多个静态标签记录。示例性标签包括但不限于标签类型:公知类型、文本、编码英语(en);小应用程序ID:D2760000850101;能力:只读访问;编码:认证消息可以被编码为ASCII十六进制;类型-长度-值(type-length-value,TLV)数据可以被提供作为个性化参数,其可以被用于生成NDEF消息。在实施例中,认证模板可以包括第一记录,具有公知索引,用于提供实际动态认证数据。
图9示出了被配置为实施本公开的一个或多个实施例的系统900的图。如下面所解释的,在非接触式卡创建过程期间,可以为每个卡唯一地分配两个密码密钥。密码密钥可以包括对称密钥,对称密钥可以被用于数据的加密和解密。三重DES(3DES)算法可以由EMV使用,并且它由非接触式卡中的硬件来实施。通过使用密钥多样化过程,一个或多个密钥可以基于每个需要密钥的实体的唯一可识别信息从主密钥导出。
关于主密钥管理,对于发行一个或多个小应用程序的投资组合的每个部分,可能需要两个发行方主密钥902、926。例如,第一主密钥902可以包括发行方密码生成/认证密钥(Iss-Key-Auth),以及第二主密钥926可以包括发行方数据加密密钥(Iss-Key-DEK)。如本文进一步解释的,两个发行方主密钥902、926被多样化为卡主密钥908、920,其对于每个卡是唯一的。在一些示例中,网络简档记录ID(pNPR)522和导出密钥索引(pDKI)924(作为后台数据)可以被用于标识哪个发行方主密钥902、926在用于认证的密码过程中使用。执行认证的系统可以被配置为在认证时检索非接触式卡的pNPR 922和pDKI 924的值。
在一些示例中,为了提高解决方案的安全性,会话密钥可以被导出(诸如每个会话的唯一密钥),但不是使用主密钥,唯一卡导出的密钥和计数器可以被用作多样化数据,如上面所解释的。例如,每次在操作中使用卡时,可以使用不同的密钥来创建消息验证码(MAC)和执行加密。关于会话密钥生成,用于生成密码并密码化一个或多个小应用程序中的数据的密钥可以包括基于卡唯一密钥的会话密钥(Card-Key-Auth 908和Card-Key-Dek920)。会话密钥(Aut-Session-Key 932和DEK-Session-Key 910)可以由一个或多个小应用程序生成,并且通过使用应用交易计数器(pATC)904与一个或多个算法来导出。为了将数据拟合到一个或多个算法中,仅使用4字节pATC 904的2个低阶字节。在一些示例中,四字节会话密钥导出方法可以包括:F1:=PATC(较低2字节)∥'F0'∥'00'∥PATC(四字节)F1:=PATC(较低2字节)∥'0F'∥'00'∥PATC(四字节)SK:={(ALG(MK)[F1])∥ALG(MK)[F2]};其中ALG可以包括3DES ECB,并且MK可以包括卡唯一导出主密钥。
如本文所述,一个或多个MAC会话密钥可以使用pATC 904计数器的较低两个字节被导出。在非接触式卡的每次轻敲时,pATC 904被配置为被更新,并且卡主密钥Card-Key-AUTH 508和Card-Key-DEK 920被进一步多样化为会话密钥Aut-Session-Key 932和DEK-Session-KEY 910。pATC 904可以在个性化或小应用程序初始化时间被初始化为零。在一些示例中,pATC计数器904可以在个性化时或个性化之前被初始化,并且可以被配置为在每次NDEF读取时递增一。
此外,每张卡的更新可以是唯一的,并且或者通过个性化来分配,或者通过pUID或其他标识信息来算法分配。例如,奇数编号的卡可以递增或递减2,以及偶数编号的卡可以递增或递减5。在一些示例中,更新也可以在顺序读取中变化,使得一张卡可以按顺序递增1、3、5、2、2、…重复。特定顺序或算法顺序可以在个性化时定义,或者从源自唯一标识符的一个或多个过程定义。这会使重放攻击者更难从少量卡实例中进行概括。
认证消息可以作为十六进制ASCII格式的文本NDEF记录的内容被递送。在一些示例中,可以仅包括认证数据和8字节随机数(后跟认证数据的MAC)。在一些示例中,随机数可以在密码A之前,并且可以是一个块长。在其他示例中,可以对随机数的长度没有限制。在进一步的示例中,总数据(即,随机数加上密码)可以是块大小的倍数。在这些示例中,可以添加附加的8字节块以匹配MAC算法产生的块。作为另一示例,如果所采用的算法使用16字节块,则该块大小的偶数倍数可以被使用,或者输出可以自动地或手动地被填充到该块大小的倍数。
MAC可以通过功能密钥(AUT-Session-Key)932来执行。密码中指定的数据可以用javacard签名方法被处理:ALG_DES_MAC8_IS09797_1_M2_ALG3与EMV ARQC验证方法相关。用于该计算的密钥可以包括会话密钥AUT-Session-Key 932,如上面所解释的。如上面所解释的,计数器的低阶两个字节可以用于使一个或多个MAC会话密钥多样化。如下所述,AUT会话密钥932可以被用于MAC数据906,并且得到的数据或密码A914和随机数RND可以使用DEK-Session-Key 910被加密,以创建在消息中发送的密码B或输出918。
在一些示例中,一个或多个HSM命令可以被处理用于解密,使得最后的16个(二进制,32个十六进制)字节可以包括使用CBC模式的3DES对称加密,其中随机数的零IV后跟MAC认证数据。用于该加密的密钥可以包括从Card-Key-DEK 920导出的会话密钥DEK-Session-Key 910。在这种情况下,会话密钥导出的ATC值是计数器pATC 904的最低有效字节。
下面的格式表示二进制版本的示例实施例。此外,在一些示例中,第一字节可以被设置为ASCII‘A’。
/>
下面显示了另一种示例性格式。在该示例中,标签可以以十六进制格式被编码。
/>
接收到的消息的UID字段可以被提取,以从主密钥Iss-Key-AUTH 502和Iss-Key-DEK 926导出该特定卡的卡主密钥(Card-Key-Auth 908和Card-Key-DEK 920)。使用卡主密钥(Card-Key-Auth 508和Card-Key-DEK 920),接收到的消息的计数器(pATC)字段可以被用于导出该特定卡的会话密钥(Aut-Session-Key 932和DEK-Session-Key 910)。密码B918可以使用DEK-Session-Key被解密,该密钥产生密码A914和RND,并且RND可以被丢弃。UID字段可以被用于查找非接触式卡的共享秘密,该共享秘密与消息的Ver、UID和pATC字段一起,可以使用重新创建的Aut-Session-Key通过密码MAC被处理,以创建MAC输出,诸如MAC’。如果MAC’与密码A914相同,则这指示消息解密和MAC检查都已通过。然后pATC可以被读取以确定其是否有效。
在认证会话期间,一个或多个密码可以一个或多个应用生成。例如,一个或多个密码可以使用ISO 9797-1算法3用方法2填充经由一个或多个会话密钥(诸如Aut-Session-Key 932)被生成为3DES MAC。输入数据906可以采用以下形式:版本(2)、pUID(8)、pATC(4)、共享秘密(4)。在一些示例中,括号中的数字可以包括以字节为单位的长度。在一些示例中,共享秘密可以由一个或多个随机数生成器生成,该随机数生成器可以被配置为通过一个或多个安全过程来确保随机数是不可预测的。在一些示例中,共享秘密可以包括在认证服务已知的个性化时间注入卡中的随机4字节二进制数。在认证会话期间,可以不将共享秘密从一个或多个小应用程序提供给移动应用。方法2填充可以包括将强制0x’80’字节添加到输入数据的末尾,并且0x’00’字节可以被添加到结果数据的末尾,直到8字节边界。所得到的密码可以包括8个字节的长度。
在一些示例中,用MAC密码加密非共享随机数作为第一块的一个好处是,它在使用对称加密算法的CBC(块链)模式时充当初始化向量。这允许从块到块的“加扰”,而不必预先建立固定或动态IV。
通过包括应用交易计数器(pATC)作为包括在MAC密码中数据的一部分,认证服务可以被配置为确定清除数据中传达的值是否被篡改。此外,通过将版本包括在一个或多个密码中,攻击者很难有目的地歪曲应用版本,尝试降级密码解的强度。在一些示例中,pATC可以在零处开始,并且在每次一个或多个应用生成认证数据时被更新1。认证服务可以被配置为跟踪在认证会话期间使用的pATC。在一些示例中,当认证数据使用等于或低于认证服务接收到的先前值的pATC时,这可以被解释为尝试重放旧消息,并且经认证的消息可以被拒绝。在一些示例中,在pATC大于先前接收到的值的情况下,这可以被评估以确定其是否在可接受的范围或阈值内,并且如果其超过或在范围或阈值之外,则验证可以被视为失败或不可靠。在MAC操作912中,数据906通过MAC使用Aut-Session-Key 932被处理,以产生MAC输出(密码A)914,其被加密。
为了提供附加的保护,防止暴露卡上密钥的暴力攻击,期望MAC密码914被密码化。在一些示例中,要被包括在密文中的数据或密码A914可以包括:随机数(8)、密码(8)。在一些示例中,括号中的数字可以包括以字节为单位的长度。在一些示例中,随机数可以由一个或多个随机数生成器生成,该随机数生成器可以被配置为通过一个或多个安全过程来确保随机数是不可预测的。用于密码化该数据的密钥可以包括会话密钥。例如,会话密钥可以包括DEK-Session-Key 910。在加密操作916中,数据或密码A914和RND使用DEK-Session-Key510被处理,以产生加密数据,密码B 918。数据914可以在密码块链接模式下使用3DES被密码化,以确保攻击者必须对所有密文进行任何攻击。作为非限制性示例,其他算法(诸如高级加密标准(Advanced Encryption Standard,AES))可以被使用。在一些示例中,0x’0000000000000000’的初始化向量可以被使用。试图暴力破解用于密码化该数据的密钥的任何攻击者都将无法确定何时正确的密钥被使用,因为正确解密的数据将由于其随机出现而与不正确解密的数据无法区分。
为了使认证服务验证由一个或多个小应用程序提供的一个或多个密码,以下数据必须在认证会话期间从一个或多个小应用程序以明文被传达到移动设备:版本号,以确定所使用的密码方法和用于验证密码的消息格式,这使该方法能够在未来发生变化;pUID,以检索密码资产并导出卡密钥;以及pATC,以导出用于密码的会话密钥。
图10示出了用于生成密码的方法1000。例如,在框1002处,网络简档记录ID(pNPR)和导出密钥索引(pDKI)可以被用于标识哪个发行方主密钥在用于认证的密码过程中使用。在一些示例中,该方法可以包括执行认证以在认证时检索非接触式卡的pNPR和pDKI的值。
在框1004处,发行方主密钥可以通过将它们与卡的唯一ID号(pUID)和一个或多个小应用程序(例如支付小应用程序)的PAN序列号(PSN)组合被多样化。
在框1006处,Card-Key-Auth和Card-Key-DEK(唯一卡密钥)可以通过使发行方主密钥多样化来创建,以生成会话密钥,该会话密钥可以被用于生成MAC密码。
在框1008处,用于生成密码并密码化一个或多个小应用程序中的数据的密钥可以包括基于卡唯一密钥(Card-Key-Auth和Card-Key-DEK)的框1030的会话密钥。在一些示例中,这些会话密钥可以由一个或多个小应用程序生成,并通过使用pATC导出,从而产生会话密钥Aut-Session-Key和DEK-Session-Key。
图11描绘了根据一个示例的示出密钥多样化的示例性过程1100。最初,发送方和接收方可以被提供有两个不同的主密钥。例如,第一主密钥可以包括数据加密主密钥,以及第二主密钥可以包含数据完整性主密钥。发送方具有计数器值(其可以在框1102处被更新)和其他数据(诸如要保护的数据),其可以安全地与接收方共享。
在框1104处,计数器值可以由发送方使用数据加密主密钥加密,以产生数据加密导出的会话密钥,并且计数器值也可以由发送方使用数据完整性主密钥加密,以产生数据完整性导出的会话密钥。在一些示例中,整个计数器值或计数器值的一部分可以在两次加密期间被使用。
在一些示例中,计数器值可能未被加密。在这些示例中,计数器可以在发送方和接收方之间以明文被传输,即不加密。
在框1106处,要保护的数据由发送方使用数据完整性会话密钥和密码MAC算法通过密码MAC操作被处理。受保护的数据(包括明文和共享秘密)可以被用于使用会话密钥之一(AUT-Session-Key)来产生MAC。
在框1108处,要保护的数据可以由发送方结合对称加密算法使用数据加密导出的会话密钥来加密。在一些示例中,MAC与等量的随机数据组合,例如每个8字节长,以及然后使用第二会话密钥(DEK-Session-Key)加密。
在框1110处,加密的MAC被从发送方传输到接收方,具有足够的信息来识别附加的秘密信息(诸如共享秘密、主密钥等),用于验证密码。
在框1112处,接收方使用接收到的计数器值来从两个主密钥独立地导出两个导出的会话密钥,如上面所解释的。
在框1114处,数据加密导出的会话密钥结合对称解密操作被使用来解密受保护的数据。然后将发生对交换的数据的附加处理。在一些示例中,在MAC被提取之后,期望再现并匹配MAC。例如,当验证密码时,其可以使用适当生成的会话密钥被解密。受保护的数据可以被重建以进行验证。MAC操作可以使用适当生成的会话密钥被执行,以确定其是否与解密的MAC匹配。由于MAC操作是不可逆的过程,因此验证的唯一方法是尝试从源数据中重新创建它。
在框1116处,数据完整性导出的会话密钥结合密码MAC操作被使用,以验证受保护的数据未被修改。
本文描述的方法的一些示例可以有利地确认在满足以下条件时,确定成功的认证。首先,验证MAC的能力示出导出的会话密钥是正确的。只有当解密成功并产生正确的MAC值时,MAC才可能是正确的。成功的解密可以示出正确导出的加密密钥被用于解密加密的MAC。由于导出的会话密钥使用仅发送方(例如,传输设备)和接收方(例如,接收设备)已知的主密钥被创建,因此可以相信最初创建MAC并加密MAC的非接触式卡确实是真实的。此外,用于导出第一会话密钥和第二会话密钥的计数器值可以被示出为有效的,并且可以被用于执行认证操作。
此后,两个导出的会话密钥可以被丢弃,并且数据交换的下一次迭代将更新计数器值(返回到框1102处),并且新的一组会话密钥可以被创建(在框1110处)。在一些示例中,组合的随机数据可以被丢弃。
图12示出了根据示例实施例的用于卡激活的方法800。例如,卡激活可以由包括卡、设备和一个或多个服务器的系统来完成。非接触式卡、设备和一个或多个服务器可以参考是先前解释的诸如非接触式卡100、客户端设备702和服务器的相同或相似的组件。
在框1202中,卡可以被配置为动态生成数据。在一些示例中,该数据可以包括诸如账号、卡标识符、卡验证值或电话号码的信息,这些信息可以从卡被传输到设备。在一些示例中,数据的一个或多个部分可以经由本文公开的系统和方法被加密。
在框1204中,动态生成的数据的一个或多个部分可以经由NFC或其他无线通信被通信到设备的应用。例如,卡靠近设备的轻敲可以允许设备的应用读取与非接触式卡相关联的数据的一个或多个部分。在一些示例中,如果设备不包括帮助激活卡的应用,则卡的轻敲可以引导设备或提示客户到软件应用商店下载相关联的应用以激活卡。在一些示例中,用户可以被提示朝向设备的表面充分地手势、放置或定向卡,诸如以一定角度或平坦地放置在设备的表面上、附近或邻近。响应于卡的充分的手势、放置和/或定向,设备可以继续将从卡接收到的数据的一个或多个加密部分传输到一个或多个服务器。
在框1206中,数据的一个或多个部分可以被通信到一个或多个服务器,诸如发行方服务器。例如,数据的一个或多个加密部分可以从设备被传输到卡发行方服务器,用于激活卡。
在框1208中,一个或多个服务器可以经由本文公开的系统和方法解密数据的一个或多个加密部分。例如,一个或多个服务器可以从设备接收加密的数据,并且可以解密它,以便将接收到的数据与一个或多个服务器可访问的记录数据进行比较。如果由一个或多个服务器对数据的一个或多个解密部分的结果比较产生了成功的匹配,则卡可以被激活。如果由一个或多个服务器对数据的一个或多个解密部分的结果比较产生不成功的匹配,则可能发生一个或多个过程。例如,响应于不成功匹配的确定,用户可以被提示再次轻敲、滑动或挥动示意卡。在这种情况下,可能存在预先确定的阈值,包括用户被允许激活卡的尝试次数。可替代地,用户可以接收通知,诸如他或她的设备上指示卡验证的不成功的尝试的消息,并且向相关联的服务呼叫、发电子邮件或发短信以获得帮助来激活卡,或者另一通知,诸如在他或她的设备上指示卡验证的不成功的尝试的电话呼叫,并且向相关联的服务呼叫、发电子邮件或发短信以获得帮助来激活卡,或者另一通知,诸如指示卡验证的不成功的尝试的电子邮件,并且向相关联的服务呼叫、发电子邮件或发短信以获得帮助来激活卡。
在框1210中,一个或多个服务器可以基于卡的成功激活来传输返回消息。例如,该设备可以被配置为从一个或多个服务器接收输出,该输出指示由一个或多个服务器成功激活卡。设备可以被配置为显示指示卡的成功激活的消息。一旦卡已被激活,卡可以被配置为停止动态生成数据,以避免欺诈性使用。以这种方式,此后卡可以不被激活,并且一个或多个服务器被通知卡已经被激活。
Claims (20)
1.一种经由移动设备执行非接触式卡的激活的计算机实施的方法,包括:
由所述移动设备经由无线接口从所述非接触式卡接收用于应用的第一统一资源定位符(URL),所述应用被配置为执行所述激活;
由所述移动设备响应于接收到所述第一URL而启动所述应用;
由所述移动设备经由所述无线接口将用于条件的第二URL写入所述非接触式卡;
由所述移动设备经由所述无线接口从所述非接触式卡接收所述条件的第二URL;
由所述移动设备在所述移动设备的显示器上呈现所述条件;
由所述移动设备编写用于第一唯一标识符的第三URL,以识别与所述非接触式卡相关联的客户;
由所述移动设备接收所述第三URL以确认所述条件;以及
由所述移动设备确定至少部分地响应于所述条件被确认而使所述非接触式卡被激活。
2.根据权利要求1所述的计算机实施的方法,包括:
由所述移动设备经由所述无线接口向所述非接触式卡发送指令,所述指令指示所述非接触式卡的小应用程序生成密码;以及
由所述移动设备至少部分地基于所述第一唯一标识符来接收所述密码。
3.根据权利要求2所述的计算实施的方法,包括:
由所述移动设备向服务器发送所述密码;以及
由所述移动设备接收指示所述非接触式卡被激活或未被激活的响应。
4.根据权利要求1所述的计算机实施的方法,其中,所述无线接口是近场通信(NFC)接口或蓝牙接口之一。
5.根据权利要求1所述的计算机实施的方法,包括:由所述移动设备经由所述无线接口将第四URL写入所述非接触式卡,所述第四URL包括所述非接触式卡的第二唯一标识符和一次性密码。
6.根据权利要求5所述的计算机实施的方法,包括:
由所述移动设备经由所述无线接口从所述非接触式卡接收所述第四URL;
由所述移动设备向服务器至少发送所述一次性密码;以及
由所述移动设备响应于发送所述一次性密码接收响应,所述响应包括与所述非接触式卡相关联的账户余额。
7.根据权利要求6所述的计算机实施的方法,其中,经由短消息服务消息或所述应用中的应用消息来接收所述响应。
8.根据权利要求1所述的计算机实施的方法,其中,所述应用由所述移动设备的操作系统响应于接收到所述第一URL而启动。
9.根据权利要求1所述的计算机实施的方法,其中,所述条件的第二URL是指向所述应用内的位置的深度链接。
10.一种与非接触式卡交换通用资源定位符的装置,包括:
处理器;和
存储器,包括指令,所述指令在由所述处理器执行时使所述处理器:
经由无线接口从所述非接触式卡接收用于应用的第一统一资源定位符(URL),所述应用被配置为执行所述非接触式卡的操作;
响应于接收到所述第一URL而启动所述应用;
经由所述无线接口将用于条件的第二URL写入所述非接触式卡;
经由所述无线接口从所述非接触式卡接收所述条件的第二URL;
在显示器上呈现所述条件;
编写用于第一唯一标识符的第三URL,以识别与所述非接触式卡相关联的客户;以及
从所述非接触式卡接收所述第三URL以确认所述条件。
11.根据权利要求10所述的装置,所述处理器:
经由所述无线接口向所述非接触式卡发送小应用程序指令,所述小应用程序指令指示所述非触式卡的小应用程序生成密码;以及
至少部分地基于所述第一唯一标识符来接收所述密码。
12.根据权利要求11所述的装置,所述处理器:
向服务器发送所述密码;以及
至少部分地基于所述密码接收指示所述非接触式卡被激活或未被激活的响应。
13.根据权利要求10所述的装置,其中,所述无线接口是近场通信(NFC)接口或蓝牙接口之一。
14.根据权利要求10所述的装置,所述处理器经由所述无线接口将第四URL写入所述非接触式卡,所述第四URL包括所述非接触式卡的第二唯一标识符和一次性密码。
15.根据权利要求14所述的装置,所述处理器:
经由所述无线接口从所述非接触式卡接收所述第四URL;
向服务器至少发送所述一次性密码;以及
响应于发送所述一次性密码接收响应,所述响应包括与所述非接触式卡相关联的数据。
16.根据权利要求15所述的装置,其中,经由短消息服务消息或所述应用中的应用消息来接收所述响应。
17.根据权利要求10所述的装置,其中,所述应用由移动设备的操作系统响应于接收到所述第一URL而启动。
18.根据权利要求10所述的装置,其中,所述条件的第二URL是指向所述应用内的位置的深度链接。
19.一种非暂时性计算机可读介质,包括一组指令,所述指令响应于由非接触式卡的处理器电路执行,使得所述处理器电路:
响应于第一无线读取,经由无线接口向移动设备发送用于应用的第一统一资源定位符(URL),所述第一URL存储在非接触式卡的存储器中;
在所述存储器中存储与所述非接触式卡有关的条件的第二URL,所述第二URL从所述移动设备接收;
响应于第二无线读取,向所述移动设备发送所述条件的第二URL;
在所述存储器中存储用于唯一标识符的第三URL,以识别与所述非接触式卡相关联的客户;以及
响应于第三无线读取,发送所述第三URL以确认所述条件。
20.根据权利要求19所述的非暂时性计算机可读介质,所述处理器:
基于从所述移动设备接收的指令执行小应用程序,所述小应用程序生成密码;以及
响应于第四查询,向所述移动设备发送所述密码,所述密码包括从所述唯一标识符生成的加密的唯一标识符。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/235,112 US11935035B2 (en) | 2021-04-20 | 2021-04-20 | Techniques to utilize resource locators by a contactless card to perform a sequence of operations |
US17/235,112 | 2021-04-20 | ||
PCT/US2022/021096 WO2022225630A1 (en) | 2021-04-20 | 2022-03-21 | Techniques to utilize resource locators by a contactless card to perform a sequence of operations |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117203655A true CN117203655A (zh) | 2023-12-08 |
Family
ID=81389112
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202280029834.8A Pending CN117203655A (zh) | 2021-04-20 | 2022-03-21 | 通过非接触式卡利用资源定位符执行一系列操作的技术 |
Country Status (8)
Country | Link |
---|---|
US (1) | US11935035B2 (zh) |
EP (1) | EP4327262A1 (zh) |
JP (1) | JP2024514925A (zh) |
KR (1) | KR20230174217A (zh) |
CN (1) | CN117203655A (zh) |
AU (1) | AU2022260655A1 (zh) |
CA (1) | CA3213859A1 (zh) |
WO (1) | WO2022225630A1 (zh) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11681787B1 (en) * | 2021-10-15 | 2023-06-20 | T Stamp Inc. | Ownership validation for cryptographic asset contracts using irreversibly transformed identity tokens |
Family Cites Families (554)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2523745B1 (fr) | 1982-03-18 | 1987-06-26 | Bull Sa | Procede et dispositif de protection d'un logiciel livre par un fournisseur a un utilisateur |
JPS6198476A (ja) | 1984-10-19 | 1986-05-16 | Casio Comput Co Ltd | カードターミナル |
FR2613565B1 (fr) | 1987-04-03 | 1989-06-23 | Bull Cps | Procede pour acheminer des cles secretes vers des modules de securite et des cartes utilisateurs, dans un reseau de traitement d'informations |
US5036461A (en) | 1990-05-16 | 1991-07-30 | Elliott John C | Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device |
FR2704341B1 (fr) | 1993-04-22 | 1995-06-02 | Bull Cp8 | Dispositif de protection des clés d'une carte à puce. |
US5377270A (en) | 1993-06-30 | 1994-12-27 | United Technologies Automotive, Inc. | Cryptographic authentication of transmitted messages using pseudorandom numbers |
US5363448A (en) | 1993-06-30 | 1994-11-08 | United Technologies Automotive, Inc. | Pseudorandom number generation and cryptographic authentication |
JP3053527B2 (ja) | 1993-07-30 | 2000-06-19 | インターナショナル・ビジネス・マシーンズ・コーポレイション | パスワードを有効化する方法及び装置、パスワードを生成し且つ予備的に有効化する方法及び装置、認証コードを使用して資源のアクセスを制御する方法及び装置 |
US5537314A (en) | 1994-04-18 | 1996-07-16 | First Marketrust Intl. | Referral recognition system for an incentive award program |
US7152045B2 (en) | 1994-11-28 | 2006-12-19 | Indivos Corporation | Tokenless identification system for authorization of electronic transactions and electronic transmissions |
US5764789A (en) | 1994-11-28 | 1998-06-09 | Smarttouch, Llc | Tokenless biometric ATM access system |
US5778072A (en) | 1995-07-07 | 1998-07-07 | Sun Microsystems, Inc. | System and method to transparently integrate private key operations from a smart card with host-based encryption services |
US5666415A (en) | 1995-07-28 | 1997-09-09 | Digital Equipment Corporation | Method and apparatus for cryptographic authentication |
US5832090A (en) | 1995-08-10 | 1998-11-03 | Hid Corporation | Radio frequency transponder stored value system employing a secure encryption protocol |
US5748740A (en) | 1995-09-29 | 1998-05-05 | Dallas Semiconductor Corporation | Method, apparatus, system and firmware for secure transactions |
US6049328A (en) | 1995-10-20 | 2000-04-11 | Wisconsin Alumni Research Foundation | Flexible access system for touch screen devices |
US5616901A (en) | 1995-12-19 | 1997-04-01 | Talking Signs, Inc. | Accessible automatic teller machines for sight-impaired persons and print-disabled persons |
DE69704684T2 (de) | 1996-02-23 | 2004-07-15 | Fuji Xerox Co., Ltd. | Vorrichtung und Verfahren zur Authentifizierung von Zugangsrechten eines Benutzers zu Betriebsmitteln nach dem Challenge-Response-Prinzip |
US6226383B1 (en) | 1996-04-17 | 2001-05-01 | Integrity Sciences, Inc. | Cryptographic methods for remote authentication |
US5768373A (en) | 1996-05-06 | 1998-06-16 | Symantec Corporation | Method for providing a secure non-reusable one-time password |
US5901874A (en) | 1996-05-07 | 1999-05-11 | Breakthrough Marketing, Inc. | Handicapped accessible dumpster |
US5763373A (en) | 1996-06-20 | 1998-06-09 | High Point Chemical Corp. | Method of preparing an alkaline earth metal tallate |
US6058373A (en) | 1996-10-16 | 2000-05-02 | Microsoft Corporation | System and method for processing electronic order forms |
US6483920B2 (en) | 1996-12-04 | 2002-11-19 | Bull, S.A. | Key recovery process used for strong encryption of messages |
US5796827A (en) | 1996-11-14 | 1998-08-18 | International Business Machines Corporation | System and method for near-field human-body coupling for encrypted communication with identification cards |
US6021203A (en) | 1996-12-11 | 2000-02-01 | Microsoft Corporation | Coercion resistant one-time-pad cryptosystem that facilitates transmission of messages having different levels of security |
US6061666A (en) | 1996-12-17 | 2000-05-09 | Citicorp Development Center | Automatic bank teller machine for the blind and visually impaired |
GB9626196D0 (en) | 1996-12-18 | 1997-02-05 | Ncr Int Inc | Self-service terminal (sst) and a method of oerating the sst to control movement of a card of the sst |
US6282522B1 (en) | 1997-04-30 | 2001-08-28 | Visa International Service Association | Internet payment system using smart card |
US7290288B2 (en) | 1997-06-11 | 2007-10-30 | Prism Technologies, L.L.C. | Method and system for controlling access, by an authentication server, to protected computer resources provided via an internet protocol network |
US5960411A (en) | 1997-09-12 | 1999-09-28 | Amazon.Com, Inc. | Method and system for placing a purchase order via a communications network |
US5983273A (en) | 1997-09-16 | 1999-11-09 | Webtv Networks, Inc. | Method and apparatus for providing physical security for a user account and providing access to the user's environment and preferences |
US5883810A (en) | 1997-09-24 | 1999-03-16 | Microsoft Corporation | Electronic online commerce card with transactionproxy number for online transactions |
US6367011B1 (en) | 1997-10-14 | 2002-04-02 | Visa International Service Association | Personalization of smart cards |
IL122105A0 (en) | 1997-11-04 | 1998-04-05 | Rozin Alexander | A two-way radio-based electronic toll collection method and system for highway |
US6889198B2 (en) | 1998-01-30 | 2005-05-03 | Citicorp Development Center, Inc. | Method and system for tracking smart card loyalty points |
EP0980569A1 (en) * | 1998-03-09 | 2000-02-23 | SCHLUMBERGER Systèmes | Ic card system for a game machine |
US7207477B1 (en) | 2004-03-08 | 2007-04-24 | Diebold, Incorporated | Wireless transfer of account data and signature from hand-held device to electronic check generator |
US6108789A (en) * | 1998-05-05 | 2000-08-22 | Liberate Technologies | Mechanism for users with internet service provider smart cards to roam among geographically disparate authorized network computer client devices without mediation of a central authority |
US6199762B1 (en) | 1998-05-06 | 2001-03-13 | American Express Travel Related Services Co., Inc. | Methods and apparatus for dynamic smartcard synchronization and personalization |
ES2234203T3 (es) | 1998-05-11 | 2005-06-16 | Citicorp Development Center, Inc. | Sistema y metodo de autenticacion biometrica de un usuario de tarjeta inteligente. |
JP3112076B2 (ja) | 1998-05-21 | 2000-11-27 | 豊 保倉 | ユーザ認証システム |
US6615189B1 (en) | 1998-06-22 | 2003-09-02 | Bank One, Delaware, National Association | Debit purchasing of stored value card for use by and/or delivery to others |
US6216227B1 (en) | 1998-06-29 | 2001-04-10 | Sun Microsystems, Inc. | Multi-venue ticketing using smart cards |
US7660763B1 (en) | 1998-11-17 | 2010-02-09 | Jpmorgan Chase Bank, N.A. | Customer activated multi-value (CAM) card |
US6032136A (en) | 1998-11-17 | 2000-02-29 | First Usa Bank, N.A. | Customer activated multi-value (CAM) card |
US6438550B1 (en) | 1998-12-10 | 2002-08-20 | International Business Machines Corporation | Method and apparatus for client authentication and application configuration via smart cards |
US6829711B1 (en) | 1999-01-26 | 2004-12-07 | International Business Machines Corporation | Personal website for electronic commerce on a smart java card with multiple security check points |
JP2002537619A (ja) | 1999-02-18 | 2002-11-05 | オービス・パテンツ・リミテッド | クレジットカードシステム及び方法 |
US6731778B1 (en) | 1999-03-31 | 2004-05-04 | Oki Electric Industry Co, Ltd. | Photographing apparatus and monitoring system using same |
US6402028B1 (en) | 1999-04-06 | 2002-06-11 | Visa International Service Association | Integrated production of smart cards |
US7127605B1 (en) | 1999-05-10 | 2006-10-24 | Axalto, Inc. | Secure sharing of application methods on a microcontroller |
US6227447B1 (en) | 1999-05-10 | 2001-05-08 | First Usa Bank, Na | Cardless payment system |
US6845498B1 (en) | 1999-05-11 | 2005-01-18 | Microsoft Corporation | Method and apparatus for sharing data files among run time environment applets in an integrated circuit card |
US6504945B1 (en) | 1999-07-13 | 2003-01-07 | Hewlett-Packard Company | System for promoting correct finger placement in a fingerprint reader |
US7908216B1 (en) | 1999-07-22 | 2011-03-15 | Visa International Service Association | Internet payment, authentication and loading system using virtual smart card |
US6324271B1 (en) | 1999-08-17 | 2001-11-27 | Nortel Networks Limited | System and method for authentication of caller identification |
SE515327C2 (sv) | 1999-08-27 | 2001-07-16 | Ericsson Telefon Ab L M | Anordning för att utföra säkra transaktioner i en kommunikationsanordning |
US7085931B1 (en) | 1999-09-03 | 2006-08-01 | Secure Computing Corporation | Virtual smart card system and method |
US6834271B1 (en) | 1999-09-24 | 2004-12-21 | Kryptosima | Apparatus for and method of secure ATM debit card and credit card payment transactions via the internet |
US7319986B2 (en) | 1999-09-28 | 2008-01-15 | Bank Of America Corporation | Dynamic payment cards and related management systems and associated methods |
US6910627B1 (en) | 1999-09-29 | 2005-06-28 | Canon Kabushiki Kaisha | Smart card systems and electronic ticketing methods |
JP2001195368A (ja) | 1999-11-01 | 2001-07-19 | Sony Corp | 認証情報通信システムおよび認証情報通信方法、携帯情報処理装置、並びにプログラム提供媒体 |
US8794509B2 (en) | 1999-11-05 | 2014-08-05 | Lead Core Fund, L.L.C. | Systems and methods for processing a payment authorization request over disparate payment networks |
US8814039B2 (en) | 1999-11-05 | 2014-08-26 | Lead Core Fund, L.L.C. | Methods for processing a payment authorization request utilizing a network of point of sale devices |
WO2001039429A1 (en) | 1999-11-22 | 2001-05-31 | Intel Corporation | Integrity check values (icv) based on pseudorandom binary matrices |
WO2001050429A1 (en) | 2000-01-05 | 2001-07-12 | American Express Travel Related Services Company, Inc. | Smartcard internet authorization system |
WO2001052180A1 (en) | 2000-01-10 | 2001-07-19 | Tarian, Llc | Device using histological and physiological biometric marker for authentication and activation |
US20010034702A1 (en) | 2000-02-04 | 2001-10-25 | Mockett Gregory P. | System and method for dynamically issuing and processing transaction specific digital credit or debit cards |
US8150767B2 (en) | 2000-02-16 | 2012-04-03 | Mastercard International Incorporated | System and method for conducting electronic commerce with a remote wallet server |
EP1272954A4 (en) | 2000-02-16 | 2004-08-18 | Zipcar Inc | SYSTEMS AND METHODS FOR CONTROLLING VEHICLE ACCESS |
US6779115B1 (en) | 2000-02-18 | 2004-08-17 | Digital5, Inc. | Portable device using a smart card to receive and decrypt digital data |
US20010029485A1 (en) | 2000-02-29 | 2001-10-11 | E-Scoring, Inc. | Systems and methods enabling anonymous credit transactions |
US6852031B1 (en) | 2000-11-22 | 2005-02-08 | Igt | EZ pay smart card and tickets system |
CA2406001A1 (en) | 2000-04-14 | 2001-10-25 | American Express Travel Related Services Company, Inc. | A system and method for using loyalty points |
JP5025875B2 (ja) | 2000-04-24 | 2012-09-12 | ビザ・インターナショナル・サービス・アソシエーション | オンラインの支払人認証サービスの方法 |
US7933589B1 (en) | 2000-07-13 | 2011-04-26 | Aeritas, Llc | Method and system for facilitation of wireless e-commerce transactions |
US6631197B1 (en) | 2000-07-24 | 2003-10-07 | Gn Resound North America Corporation | Wide audio bandwidth transduction method and device |
AU2001284882A1 (en) | 2000-08-14 | 2002-02-25 | Peter H. Gien | System and method for facilitating signing by buyers in electronic commerce |
BR0113327A (pt) | 2000-08-17 | 2003-07-08 | Dexrad Pty Ltd | Método e sistema para transferir dados de verificação de um primeiro suporte para um segundo suporte |
US7689832B2 (en) | 2000-09-11 | 2010-03-30 | Sentrycom Ltd. | Biometric-based system and method for enabling authentication of electronic messages sent over a network |
US7006986B1 (en) | 2000-09-25 | 2006-02-28 | Ecardless Bancorp, Ltd. | Order file processes for purchasing on the internet using verified order information |
US6873260B2 (en) | 2000-09-29 | 2005-03-29 | Kenneth J. Lancos | System and method for selectively allowing the passage of a guest through a region within a coverage area |
US6877656B1 (en) | 2000-10-24 | 2005-04-12 | Capital One Financial Corporation | Systems, methods, and apparatus for instant issuance of a credit card |
US6721706B1 (en) | 2000-10-30 | 2004-04-13 | Koninklijke Philips Electronics N.V. | Environment-responsive user interface/entertainment device that simulates personal interaction |
US7069435B2 (en) | 2000-12-19 | 2006-06-27 | Tricipher, Inc. | System and method for authentication in a crypto-system utilizing symmetric and asymmetric crypto-keys |
US7606771B2 (en) | 2001-01-11 | 2009-10-20 | Cardinalcommerce Corporation | Dynamic number authentication for credit/debit cards |
EP1223565A1 (en) | 2001-01-12 | 2002-07-17 | Motorola, Inc. | Transaction system, portable device, terminal and methods of transaction |
US20020093530A1 (en) | 2001-01-17 | 2002-07-18 | Prasad Krothapalli | Automatic filling and submission of completed forms |
US20070198432A1 (en) | 2001-01-19 | 2007-08-23 | Pitroda Satyan G | Transactional services |
US20020158123A1 (en) | 2001-01-30 | 2002-10-31 | Allen Rodney F. | Web-based smart card system and method for maintaining status information and verifying eligibility |
US20020152116A1 (en) | 2001-01-30 | 2002-10-17 | Yan Kent J. | Method and system for generating fixed and/or dynamic rebates in credit card type transactions |
US7181017B1 (en) | 2001-03-23 | 2007-02-20 | David Felsher | System and method for secure three-party communications |
DE60128785T2 (de) | 2001-04-02 | 2008-01-31 | Motorola, Inc., Schaumburg | Aktivieren und Deaktivieren von Softwarefunktionen |
US7290709B2 (en) | 2001-04-10 | 2007-11-06 | Erica Tsai | Information card system |
US7044394B2 (en) | 2003-12-17 | 2006-05-16 | Kerry Dennis Brown | Programmable magnetic data storage card |
US20020153424A1 (en) | 2001-04-19 | 2002-10-24 | Chuan Li | Method and apparatus of secure credit card transaction |
US20040015958A1 (en) | 2001-05-15 | 2004-01-22 | Veil Leonard Scott | Method and system for conditional installation and execution of services in a secure computing environment |
US7206806B2 (en) | 2001-05-30 | 2007-04-17 | Pineau Richard A | Method and system for remote utilizing a mobile device to share data objects |
DE10127511A1 (de) | 2001-06-06 | 2003-01-02 | Wincor Nixdorf Gmbh & Co Kg | Schreib-/Lesegerät für eine Ausweis- oder Kreditkarte vom RFID-Typ |
US20030167350A1 (en) | 2001-06-07 | 2003-09-04 | Curl Corporation | Safe I/O through use of opaque I/O objects |
AUPR559201A0 (en) | 2001-06-08 | 2001-07-12 | Canon Kabushiki Kaisha | Card reading device for service access |
US6834795B1 (en) | 2001-06-29 | 2004-12-28 | Sun Microsystems, Inc. | Secure user authentication to computing resource via smart card |
US7762457B2 (en) | 2001-07-10 | 2010-07-27 | American Express Travel Related Services Company, Inc. | System and method for dynamic fob synchronization and personalization |
US7993197B2 (en) | 2001-08-10 | 2011-08-09 | Igt | Flexible loyalty points programs |
US8266451B2 (en) | 2001-08-31 | 2012-09-11 | Gemalto Sa | Voice activated smart card |
US20030055727A1 (en) | 2001-09-18 | 2003-03-20 | Walker Jay S. | Method and apparatus for facilitating the provision of a benefit to a customer of a retailer |
US7373515B2 (en) | 2001-10-09 | 2008-05-13 | Wireless Key Identification Systems, Inc. | Multi-factor authentication system |
JP3975720B2 (ja) | 2001-10-23 | 2007-09-12 | 株式会社日立製作所 | Icカード、顧客情報分析システムおよび顧客情報分析結果提供方法 |
US6934861B2 (en) | 2001-11-06 | 2005-08-23 | Crosscheck Identification Systems International, Inc. | National identification card system and biometric identity verification method for negotiating transactions |
US6641050B2 (en) | 2001-11-06 | 2003-11-04 | International Business Machines Corporation | Secure credit card |
US7243853B1 (en) | 2001-12-04 | 2007-07-17 | Visa U.S.A. Inc. | Method and system for facilitating memory and application management on a secured token |
US8108687B2 (en) | 2001-12-12 | 2012-01-31 | Valve Corporation | Method and system for granting access to system and content |
FR2834403B1 (fr) | 2001-12-27 | 2004-02-06 | France Telecom | Systeme cryptographique de signature de groupe |
JP3820999B2 (ja) | 2002-01-25 | 2006-09-13 | ソニー株式会社 | 近接通信システム及び近接通信方法、データ管理装置及びデータ管理方法、記憶媒体、並びにコンピュータ・プログラム |
SE524778C2 (sv) | 2002-02-19 | 2004-10-05 | Douglas Lundholm | Förfarande och arrangemang för att skydda mjukvara för otillbörlig användning eller kopiering |
US6905411B2 (en) | 2002-02-27 | 2005-06-14 | Igt | Player authentication for cashless gaming machine instruments |
US20030208449A1 (en) | 2002-05-06 | 2003-11-06 | Yuanan Diao | Credit card fraud prevention system and method using secure electronic credit card |
US7900048B2 (en) | 2002-05-07 | 2011-03-01 | Sony Ericsson Mobile Communications Ab | Method for loading an application in a device, device and smart card therefor |
CN100440195C (zh) | 2002-05-10 | 2008-12-03 | 斯伦贝谢(北京)智能卡科技有限公司 | 智能卡更换方法及其更换系统 |
US20040127256A1 (en) | 2002-07-30 | 2004-07-01 | Scott Goldthwaite | Mobile device equipped with a contactless smart card reader/writer |
US8010405B1 (en) | 2002-07-26 | 2011-08-30 | Visa Usa Inc. | Multi-application smart card device software solution for smart cardholder reward selection and redemption |
US7697920B1 (en) | 2006-05-05 | 2010-04-13 | Boojum Mobile | System and method for providing authentication and authorization utilizing a personal wireless communication device |
CA2494299C (en) | 2002-08-06 | 2013-10-08 | Privaris, Inc. | Methods for secure enrollment and backup of personal identity credentials into electronic devices |
JP4553565B2 (ja) | 2002-08-26 | 2010-09-29 | パナソニック株式会社 | 電子バリューの認証方式と認証システムと装置 |
CZ2005209A3 (cs) | 2002-09-10 | 2005-12-14 | Ivi Smart Technologies, Inc. | Bezpečné biometrické ověření identity |
US7306143B2 (en) | 2002-09-20 | 2007-12-11 | Cubic Corporation | Dynamic smart card/media imaging |
US8985442B1 (en) | 2011-07-18 | 2015-03-24 | Tiger T G Zhou | One-touch payment using haptic control via a messaging and calling multimedia system on mobile device and wearable device, currency token interface, point of sale device, and electronic payment card |
US9710804B2 (en) | 2012-10-07 | 2017-07-18 | Andrew H B Zhou | Virtual payment cards issued by banks for mobile and wearable devices |
AU2003272066A1 (en) | 2002-10-16 | 2004-05-04 | Alon Bear | Smart card network interface device |
US9251518B2 (en) | 2013-03-15 | 2016-02-02 | Live Nation Entertainment, Inc. | Centralized and device-aware ticket-transfer system and methods |
US9740988B1 (en) | 2002-12-09 | 2017-08-22 | Live Nation Entertainment, Inc. | System and method for using unique device indentifiers to enhance security |
EP1588318A1 (en) | 2003-01-14 | 2005-10-26 | Koninklijke Philips Electronics N.V. | Method and terminal for detecting fake and/or modified smart card |
US7453439B1 (en) | 2003-01-16 | 2008-11-18 | Forward Input Inc. | System and method for continuous stroke word-based text input |
US20050195975A1 (en) | 2003-01-21 | 2005-09-08 | Kevin Kawakita | Digital media distribution cryptography using media ticket smart cards |
US8589335B2 (en) | 2003-04-21 | 2013-11-19 | Visa International Service Association | Smart card personalization assistance tool |
WO2004102353A2 (en) | 2003-05-12 | 2004-11-25 | Gtech Rhode Island Corporation | Method and system for authentication |
US7949559B2 (en) | 2003-05-27 | 2011-05-24 | Citicorp Credit Services, Inc. | Credit card rewards program system and method |
US8200775B2 (en) | 2005-02-01 | 2012-06-12 | Newsilike Media Group, Inc | Enhanced syndication |
JP4744106B2 (ja) | 2003-08-06 | 2011-08-10 | パナソニック株式会社 | セキュアデバイス、情報処理端末、通信システム及び通信方法 |
US20050075985A1 (en) | 2003-10-03 | 2005-04-07 | Brian Cartmell | Voice authenticated credit card purchase verification |
FI20031482A (fi) | 2003-10-10 | 2005-04-11 | Open Bit Oy Ltd | Maksutapahtumatietojen prosessointi |
US7597250B2 (en) | 2003-11-17 | 2009-10-06 | Dpd Patent Trust Ltd. | RFID reader with multiple interfaces |
US20050138387A1 (en) | 2003-12-19 | 2005-06-23 | Lam Wai T. | System and method for authorizing software use |
US7357309B2 (en) | 2004-01-16 | 2008-04-15 | Telefonaktiebolaget Lm Ericsson (Publ) | EMV transactions in mobile terminals |
US7374099B2 (en) | 2004-02-24 | 2008-05-20 | Sun Microsystems, Inc. | Method and apparatus for processing an application identifier from a smart card |
US7165727B2 (en) | 2004-02-24 | 2007-01-23 | Sun Microsystems, Inc. | Method and apparatus for installing an application onto a smart card |
US7584153B2 (en) | 2004-03-15 | 2009-09-01 | Qsecure, Inc. | Financial transactions with dynamic card verification values |
US7472829B2 (en) | 2004-12-10 | 2009-01-06 | Qsecure, Inc. | Payment card with internally generated virtual account numbers for its magnetic stripe encoder and user display |
JP2007529797A (ja) | 2004-03-19 | 2007-10-25 | フンベル ローガー | 認証機能および支払い機能を備えた、無線自転車キー、自動車、家屋、rfidタグのための携帯電話におけるオールインワンキーまたは制御ソフトウェアカード |
US20140019352A1 (en) | 2011-02-22 | 2014-01-16 | Visa International Service Association | Multi-purpose virtual card transaction apparatuses, methods and systems |
US7748617B2 (en) | 2004-04-12 | 2010-07-06 | Gray R O'neal | Electronic identification system |
US8762283B2 (en) | 2004-05-03 | 2014-06-24 | Visa International Service Association | Multiple party benefit from an online authentication service |
US7805755B2 (en) | 2004-05-03 | 2010-09-28 | Research In Motion Limited | System and method for application authorization |
US7703142B1 (en) | 2004-05-06 | 2010-04-20 | Sprint Communications Company L.P. | Software license authorization system |
US7660779B2 (en) | 2004-05-12 | 2010-02-09 | Microsoft Corporation | Intelligent autofill |
GB0411777D0 (en) | 2004-05-26 | 2004-06-30 | Crypomathic Ltd | Computationally asymmetric cryptographic systems |
US7314165B2 (en) | 2004-07-01 | 2008-01-01 | American Express Travel Related Services Company, Inc. | Method and system for smellprint recognition biometrics on a smartcard |
US7175076B1 (en) | 2004-07-07 | 2007-02-13 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Cash dispensing automated banking machine user interface system and method |
US8439271B2 (en) | 2004-07-15 | 2013-05-14 | Mastercard International Incorporated | Method and system using a bitmap for passing contactless payment card transaction variables in standardized data formats |
CN101305381A (zh) | 2004-07-15 | 2008-11-12 | 万事达卡国际股份有限公司 | 支付卡信号表征方法及电路 |
US7287692B1 (en) | 2004-07-28 | 2007-10-30 | Cisco Technology, Inc. | System and method for securing transactions in a contact center environment |
EP1630712A1 (en) | 2004-08-24 | 2006-03-01 | Sony Deutschland GmbH | Method for operating a near field communication system |
WO2006021133A1 (en) | 2004-08-27 | 2006-03-02 | Victorion Technology Co., Ltd. | The nasal bone conduction wireless communication transmission equipment |
US20060047954A1 (en) | 2004-08-30 | 2006-03-02 | Axalto Inc. | Data access security implementation using the public key mechanism |
US7375616B2 (en) | 2004-09-08 | 2008-05-20 | Nokia Corporation | Electronic near field communication enabled multifunctional device and method of its operation |
US7270276B2 (en) | 2004-09-29 | 2007-09-18 | Sap Ag | Multi-application smartcard |
US20060085848A1 (en) | 2004-10-19 | 2006-04-20 | Intel Corporation | Method and apparatus for securing communications between a smartcard and a terminal |
US7748636B2 (en) | 2004-11-16 | 2010-07-06 | Dpd Patent Trust Ltd. | Portable identity card reader system for physical and logical access |
GB2410113A (en) | 2004-11-29 | 2005-07-20 | Morse Group Ltd | A system and method of accessing banking services via a mobile telephone |
WO2006062998A2 (en) | 2004-12-07 | 2006-06-15 | Farsheed Atef | System and method for identity verification and management |
US7232073B1 (en) | 2004-12-21 | 2007-06-19 | Sun Microsystems, Inc. | Smart card with multiple applications |
GB0428543D0 (en) | 2004-12-31 | 2005-02-09 | British Telecomm | Control of data exchange |
US20130104251A1 (en) | 2005-02-01 | 2013-04-25 | Newsilike Media Group, Inc. | Security systems and methods for use with structured and unstructured data |
US8347088B2 (en) | 2005-02-01 | 2013-01-01 | Newsilike Media Group, Inc | Security systems and methods for use with structured and unstructured data |
US8200700B2 (en) | 2005-02-01 | 2012-06-12 | Newsilike Media Group, Inc | Systems and methods for use of structured and unstructured distributed data |
DE102005004902A1 (de) | 2005-02-02 | 2006-08-10 | Utimaco Safeware Ag | Verfahren zur Anmeldung eines Nutzers an einem Computersystem |
US7581678B2 (en) | 2005-02-22 | 2009-09-01 | Tyfone, Inc. | Electronic transaction card |
ES2714179T3 (es) | 2005-03-07 | 2019-05-27 | Nokia Technologies Oy | Método y dispositivo de terminal móvil que incluye módulo de tarjeta inteligente y medios de comunicaciones de campo cercano |
US7628322B2 (en) | 2005-03-07 | 2009-12-08 | Nokia Corporation | Methods, system and mobile device capable of enabling credit card personalization using a wireless network |
US7128274B2 (en) | 2005-03-24 | 2006-10-31 | International Business Machines Corporation | Secure credit card with near field communications |
US8266441B2 (en) | 2005-04-22 | 2012-09-11 | Bank Of America Corporation | One-time password credit/debit card |
WO2006119184A2 (en) | 2005-05-04 | 2006-11-09 | Tricipher, Inc. | Protecting one-time-passwords against man-in-the-middle attacks |
US7793851B2 (en) | 2005-05-09 | 2010-09-14 | Dynamics Inc. | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
US20080035738A1 (en) | 2005-05-09 | 2008-02-14 | Mullen Jeffrey D | Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card |
KR20080014035A (ko) | 2005-05-16 | 2008-02-13 | 마스터카드 인터내셔날, 인코포레이티드 | 교통 시스템에서 비접촉식 지불 카드를 사용하는 방법 및시스템 |
US20060280338A1 (en) | 2005-06-08 | 2006-12-14 | Xerox Corporation | Systems and methods for the visually impared |
US8583454B2 (en) | 2005-07-28 | 2013-11-12 | Beraja Ip, Llc | Medical claims fraud prevention system including photograph records identification and associated methods |
US8762263B2 (en) | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
US20070067833A1 (en) | 2005-09-20 | 2007-03-22 | Colnot Vincent C | Methods and Apparatus for Enabling Secure Network-Based Transactions |
US8245292B2 (en) | 2005-11-16 | 2012-08-14 | Broadcom Corporation | Multi-factor authentication using a smartcard |
JP4435076B2 (ja) | 2005-11-18 | 2010-03-17 | フェリカネットワークス株式会社 | 携帯端末,データ通信方法,およびコンピュータプログラム |
US7568631B2 (en) | 2005-11-21 | 2009-08-04 | Sony Corporation | System, apparatus and method for obtaining one-time credit card numbers using a smart card |
US8511547B2 (en) | 2005-12-22 | 2013-08-20 | Mastercard International Incorporated | Methods and systems for two-factor authentication using contactless chip cards or devices and mobile devices or dedicated personal readers |
FR2895608B1 (fr) | 2005-12-23 | 2008-03-21 | Trusted Logic Sa | Procede pour la realisation d'un compteur securise sur un systeme informatique embarque disposant d'une carte a puce |
US7775427B2 (en) | 2005-12-31 | 2010-08-17 | Broadcom Corporation | System and method for binding a smartcard and a smartcard reader |
US8352323B2 (en) | 2007-11-30 | 2013-01-08 | Blaze Mobile, Inc. | Conducting an online payment transaction using an NFC enabled mobile communication device |
US8559987B1 (en) | 2005-12-31 | 2013-10-15 | Blaze Mobile, Inc. | Wireless bidirectional communications between a mobile device and associated secure element |
US8224018B2 (en) | 2006-01-23 | 2012-07-17 | Digimarc Corporation | Sensing data from physical objects |
US9137012B2 (en) | 2006-02-03 | 2015-09-15 | Emc Corporation | Wireless authentication methods and apparatus |
US20070224969A1 (en) | 2006-03-24 | 2007-09-27 | Rao Bindu R | Prepaid simcard for automatically enabling services |
US7380710B2 (en) | 2006-04-28 | 2008-06-03 | Qsecure, Inc. | Payment card preloaded with unique numbers |
US7571471B2 (en) | 2006-05-05 | 2009-08-04 | Tricipher, Inc. | Secure login using a multifactor split asymmetric crypto-key with persistent key security |
EP1855229B1 (fr) | 2006-05-10 | 2010-08-11 | Inside Contactless | Procédé de routage de données sortantes et entrantes dans un chipset NFC |
ATE440417T1 (de) | 2006-06-29 | 2009-09-15 | Incard Sa | Verfahren zur diversifizierung eines schlüssels auf einer chipkarte |
US9985950B2 (en) | 2006-08-09 | 2018-05-29 | Assa Abloy Ab | Method and apparatus for making a decision on a card |
GB0616331D0 (en) | 2006-08-16 | 2006-09-27 | Innovision Res & Tech Plc | Near Field RF Communicators And Near Field Communications Enabled Devices |
US20080072303A1 (en) | 2006-09-14 | 2008-03-20 | Schlumberger Technology Corporation | Method and system for one time password based authentication and integrated remote access |
US20080071681A1 (en) | 2006-09-15 | 2008-03-20 | Khalid Atm Shafiqul | Dynamic Credit and Check Card |
US8322624B2 (en) | 2007-04-10 | 2012-12-04 | Feinics Amatech Teoranta | Smart card with switchable matching antenna |
US8738485B2 (en) | 2007-12-28 | 2014-05-27 | Visa U.S.A. Inc. | Contactless prepaid product for transit fare collection |
WO2008042302A2 (en) | 2006-09-29 | 2008-04-10 | Narian Technologies Corp. | Apparatus and method using near field communications |
US8474028B2 (en) | 2006-10-06 | 2013-06-25 | Fmr Llc | Multi-party, secure multi-channel authentication |
GB2443234B8 (en) | 2006-10-24 | 2009-01-28 | Innovision Res & Tech Plc | Near field RF communicators and near field RF communications enabled devices |
US20080109309A1 (en) | 2006-10-31 | 2008-05-08 | Steven Landau | Powered Print Advertisements, Product Packaging, and Trading Cards |
US8682791B2 (en) | 2006-10-31 | 2014-03-25 | Discover Financial Services | Redemption of credit card rewards at a point of sale |
US8267313B2 (en) | 2006-10-31 | 2012-09-18 | American Express Travel Related Services Company, Inc. | System and method for providing a gift card which affords benefits beyond what is purchased |
US9251637B2 (en) | 2006-11-15 | 2016-02-02 | Bank Of America Corporation | Method and apparatus for using at least a portion of a one-time password as a dynamic card verification value |
US8365258B2 (en) | 2006-11-16 | 2013-01-29 | Phonefactor, Inc. | Multi factor authentication |
CN101192295A (zh) | 2006-11-30 | 2008-06-04 | 讯想科技股份有限公司 | 芯片信用卡网络交易系统与方法 |
US8041954B2 (en) | 2006-12-07 | 2011-10-18 | Paul Plesman | Method and system for providing a secure login solution using one-time passwords |
US20080162312A1 (en) | 2006-12-29 | 2008-07-03 | Motorola, Inc. | Method and system for monitoring secure applet events during contactless rfid/nfc communication |
US7594605B2 (en) | 2007-01-10 | 2009-09-29 | At&T Intellectual Property I, L.P. | Credit card transaction servers, methods and computer program products employing wireless terminal location and registered purchasing locations |
GB2442249B (en) | 2007-02-20 | 2008-09-10 | Cryptomathic As | Authentication device and method |
US8095974B2 (en) | 2007-02-23 | 2012-01-10 | At&T Intellectual Property I, L.P. | Methods, systems, and products for identity verification |
US8463711B2 (en) | 2007-02-27 | 2013-06-11 | Igt | Methods and architecture for cashless system security |
US9081948B2 (en) | 2007-03-13 | 2015-07-14 | Red Hat, Inc. | Configurable smartcard |
US20080223918A1 (en) | 2007-03-15 | 2008-09-18 | Microsoft Corporation | Payment tokens |
WO2008114931A1 (en) | 2007-03-16 | 2008-09-25 | Lg Electronics Inc. | Performing contactless applications in battery off mode |
US8285329B1 (en) | 2007-04-02 | 2012-10-09 | Sprint Communications Company L.P. | Mobile device-based control of smart card operation |
US8667285B2 (en) | 2007-05-31 | 2014-03-04 | Vasco Data Security, Inc. | Remote authentication and transaction signatures |
US7739169B2 (en) | 2007-06-25 | 2010-06-15 | Visa U.S.A. Inc. | Restricting access to compromised account information |
US20120252350A1 (en) | 2007-07-24 | 2012-10-04 | Allan Steinmetz | Vehicle safety device for reducing driver distractions |
US20090037275A1 (en) | 2007-08-03 | 2009-02-05 | Pollio Michael J | Consolidated membership/rewards card system |
US8235825B2 (en) | 2007-08-14 | 2012-08-07 | John B. French | Smart card holder for automated gaming system and gaming cards |
US20110101093A1 (en) | 2007-08-19 | 2011-05-05 | Yubico Ab | Device and method for generating dynamic credit card data |
US7748609B2 (en) | 2007-08-31 | 2010-07-06 | Gemalto Inc. | System and method for browser based access to smart cards |
EP2201543A1 (en) | 2007-09-21 | 2010-06-30 | Wireless Dynamics, Inc. | Wireless smart card and integrated personal area network, near field communication and contactless payment system |
US8249654B1 (en) | 2007-09-27 | 2012-08-21 | Sprint Communications Company L.P. | Dynamic smart card application loading |
GB2457221A (en) | 2007-10-17 | 2009-08-12 | Vodafone Plc | Smart Card Web Server (SCWS) administration within a plurality of security domains |
US8095113B2 (en) | 2007-10-17 | 2012-01-10 | First Data Corporation | Onetime passwords for smart chip cards |
FR2922701B1 (fr) | 2007-10-23 | 2009-11-20 | Inside Contacless | Procede de personnalisation securise d'un chipset nfc |
US7652578B2 (en) | 2007-10-29 | 2010-01-26 | Motorola, Inc. | Detection apparatus and method for near field communication devices |
US8135648B2 (en) | 2007-11-01 | 2012-03-13 | Gtech Corporation | Authentication of lottery tickets, game machine credit vouchers, and other items |
US20090132405A1 (en) | 2007-11-15 | 2009-05-21 | German Scipioni | System and method for auto-filling information |
US8413892B2 (en) | 2007-12-24 | 2013-04-09 | Dynamics Inc. | Payment cards and devices with displays, chips, RFIDs, magnetic emulators, magnetic encoders, and other components |
US7922082B2 (en) | 2008-01-04 | 2011-04-12 | M2 International Ltd. | Dynamic card validation value |
GB0801225D0 (en) | 2008-01-23 | 2008-02-27 | Innovision Res & Tech Plc | Near field RF communications |
US20090192912A1 (en) | 2008-01-30 | 2009-07-30 | Kent Griffin | Charge-for-service near field communication transactions |
WO2009102640A1 (en) | 2008-02-12 | 2009-08-20 | Cardiac Pacemakers, Inc. | Systems and methods for controlling wireless signal transfers between ultrasound-enabled medical devices |
US9947002B2 (en) | 2008-02-15 | 2018-04-17 | First Data Corporation | Secure authorization of contactless transaction |
US8302167B2 (en) | 2008-03-11 | 2012-10-30 | Vasco Data Security, Inc. | Strong authentication token generating one-time passwords and signatures upon server credential verification |
EP2106107B1 (en) | 2008-03-27 | 2012-04-18 | Motorola Mobility, Inc. | Method and apparatus for automatic near field communication application selection in an electronic device |
ITMI20080536A1 (it) | 2008-03-28 | 2009-09-29 | Incard Sa | Metodo per proteggere un file cap per una carta a circuito integrato. |
US8024576B2 (en) | 2008-03-31 | 2011-09-20 | International Business Machines Corporation | Method and system for authenticating users with a one time password using an image reader |
US8365988B1 (en) | 2008-04-11 | 2013-02-05 | United Services Automobile Association (Usaa) | Dynamic credit card security code via mobile device |
US8347112B2 (en) | 2008-05-08 | 2013-01-01 | Texas Instruments Incorporated | Encryption/decryption engine with secure modes for key decryption and key derivation |
US9082117B2 (en) | 2008-05-17 | 2015-07-14 | David H. Chin | Gesture based authentication for wireless payment by a mobile electronic device |
US8099332B2 (en) | 2008-06-06 | 2012-01-17 | Apple Inc. | User interface for application management for a mobile device |
EP2139196A1 (en) | 2008-06-26 | 2009-12-30 | France Telecom | Method and system for remotely blocking/unblocking NFC applications on a terminal |
US8229853B2 (en) | 2008-07-24 | 2012-07-24 | International Business Machines Corporation | Dynamic itinerary-driven profiling for preventing unauthorized card transactions |
US8662401B2 (en) | 2008-07-25 | 2014-03-04 | First Data Corporation | Mobile payment adoption by adding a dedicated payment button to mobile device form factors |
US8740073B2 (en) | 2008-08-01 | 2014-06-03 | Mastercard International Incorporated | Methods, systems and computer readable media for storing and redeeming electronic certificates using a wireless smart card |
US8706622B2 (en) | 2008-08-05 | 2014-04-22 | Visa U.S.A. Inc. | Account holder demand account update |
US8438382B2 (en) | 2008-08-06 | 2013-05-07 | Symantec Corporation | Credential management system and method |
US8232879B2 (en) | 2008-08-08 | 2012-07-31 | Assa Abloy Ab | Directional sensing mechanism and communications authentication |
US20100033310A1 (en) | 2008-08-08 | 2010-02-11 | Narendra Siva G | Power negotation for small rfid card |
US8814052B2 (en) | 2008-08-20 | 2014-08-26 | X-Card Holdings, Llc | Secure smart card system |
US8103249B2 (en) | 2008-08-23 | 2012-01-24 | Visa U.S.A. Inc. | Credit card imaging for mobile payment and other applications |
US10970777B2 (en) | 2008-09-15 | 2021-04-06 | Mastercard International Incorporated | Apparatus and method for bill payment card enrollment |
US9037513B2 (en) | 2008-09-30 | 2015-05-19 | Apple Inc. | System and method for providing electronic event tickets |
US20100078471A1 (en) | 2008-09-30 | 2010-04-01 | Apple Inc. | System and method for processing peer-to-peer financial transactions |
US20100094754A1 (en) | 2008-10-13 | 2010-04-15 | Global Financial Passport, Llc | Smartcard based secure transaction systems and methods |
US20100095130A1 (en) | 2008-10-13 | 2010-04-15 | Global Financial Passport, Llc | Smartcards for secure transaction systems |
US8689013B2 (en) | 2008-10-21 | 2014-04-01 | G. Wouter Habraken | Dual-interface key management |
CN101729502B (zh) | 2008-10-23 | 2012-09-05 | 中兴通讯股份有限公司 | 密钥分发方法和系统 |
US8371501B1 (en) | 2008-10-27 | 2013-02-12 | United Services Automobile Association (Usaa) | Systems and methods for a wearable user authentication factor |
EP2182439A1 (en) | 2008-10-28 | 2010-05-05 | Gemalto SA | Method of managing data sent over the air to an applet having a restricted interface |
US20100114731A1 (en) | 2008-10-30 | 2010-05-06 | Kingston Tamara S | ELECTRONIC WALLET ("eWallet") |
WO2010069033A1 (en) | 2008-12-18 | 2010-06-24 | Bce Inc | Validation method and system for use in securing nomadic electronic transactions |
EP2199992A1 (en) | 2008-12-19 | 2010-06-23 | Gemalto SA | Secure activation before contactless banking smart card transaction |
US10354321B2 (en) | 2009-01-22 | 2019-07-16 | First Data Corporation | Processing transactions with an extended application ID and dynamic cryptograms |
US9065812B2 (en) | 2009-01-23 | 2015-06-23 | Microsoft Technology Licensing, Llc | Protecting transactions |
EP2211481B1 (en) | 2009-01-26 | 2014-09-10 | Motorola Mobility LLC | Wireless communication device for providing at least one near field communication service |
US9509436B2 (en) | 2009-01-29 | 2016-11-29 | Cubic Corporation | Protection of near-field communication exchanges |
EP2219374A1 (en) | 2009-02-13 | 2010-08-18 | Irdeto Access B.V. | Securely providing a control word from a smartcard to a conditional access module |
CN103152080B (zh) | 2009-02-26 | 2015-12-23 | 中兴通讯股份有限公司 | 支持增强型近场通信的终端及其处理方法 |
US20100240413A1 (en) | 2009-03-21 | 2010-09-23 | Microsoft Corporation | Smart Card File System |
US8567670B2 (en) | 2009-03-27 | 2013-10-29 | Intersections Inc. | Dynamic card verification values and credit transactions |
EP2199965A1 (en) | 2009-04-22 | 2010-06-23 | Euro-Wallet B.V. | Payment transaction client, server and system |
US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
US8417231B2 (en) | 2009-05-17 | 2013-04-09 | Qualcomm Incorporated | Method and apparatus for programming a mobile device with multiple service accounts |
US8391719B2 (en) | 2009-05-22 | 2013-03-05 | Motorola Mobility Llc | Method and system for conducting communication between mobile devices |
US20100312634A1 (en) | 2009-06-08 | 2010-12-09 | Cervenka Karen L | Coupon card point of service terminal processing |
US20100312635A1 (en) | 2009-06-08 | 2010-12-09 | Cervenka Karen L | Free sample coupon card |
US10304069B2 (en) | 2009-07-29 | 2019-05-28 | Shopkick, Inc. | Method and system for presentment and redemption of personalized discounts |
US8186602B2 (en) | 2009-08-18 | 2012-05-29 | On Track Innovations, Ltd. | Multi-application contactless smart card |
US20110060631A1 (en) | 2009-09-04 | 2011-03-10 | Bank Of America | Redemption of customer benefit offers based on goods identification |
US8317094B2 (en) | 2009-09-23 | 2012-11-27 | Mastercard International Incorporated | Methods and systems for displaying loyalty program information on a payment card |
US9251538B1 (en) | 2009-09-23 | 2016-02-02 | Verient Inc | System and method for automatically filling webpage fields |
US8830866B2 (en) | 2009-09-30 | 2014-09-09 | Apple Inc. | Methods and apparatus for solicited activation for protected wireless networking |
US20110084132A1 (en) | 2009-10-08 | 2011-04-14 | At&T Intellectual Property I, L.P. | Devices, Systems and Methods for Secure Remote Medical Diagnostics |
US9307065B2 (en) | 2009-10-09 | 2016-04-05 | Panasonic Intellectual Property Management Co., Ltd. | Method and apparatus for processing E-mail and outgoing calls |
US8806592B2 (en) | 2011-01-21 | 2014-08-12 | Authentify, Inc. | Method for secure user and transaction authentication and risk management |
US8843757B2 (en) | 2009-11-12 | 2014-09-23 | Ca, Inc. | One time PIN generation |
US8799668B2 (en) | 2009-11-23 | 2014-08-05 | Fred Cheng | Rubbing encryption algorithm and security attack safe OTP token |
US9225526B2 (en) | 2009-11-30 | 2015-12-29 | Red Hat, Inc. | Multifactor username based authentication |
US9258715B2 (en) | 2009-12-14 | 2016-02-09 | Apple Inc. | Proactive security for mobile devices |
EP2336986A1 (en) | 2009-12-17 | 2011-06-22 | Gemalto SA | Method of personalizing an application embedded in a secured electronic token |
US10049356B2 (en) | 2009-12-18 | 2018-08-14 | First Data Corporation | Authentication of card-not-present transactions |
US9324066B2 (en) | 2009-12-21 | 2016-04-26 | Verizon Patent And Licensing Inc. | Method and system for providing virtual credit card services |
US8615468B2 (en) | 2010-01-27 | 2013-12-24 | Ca, Inc. | System and method for generating a dynamic card value |
CA2694500C (en) | 2010-02-24 | 2015-07-07 | Diversinet Corp. | Method and system for secure communication |
US10255601B2 (en) | 2010-02-25 | 2019-04-09 | Visa International Service Association | Multifactor authentication using a directory server |
US9129270B2 (en) | 2010-03-02 | 2015-09-08 | Gonow Technologies, Llc | Portable E-wallet and universal card |
US9317018B2 (en) | 2010-03-02 | 2016-04-19 | Gonow Technologies, Llc | Portable e-wallet and universal card |
SI23227A (sl) | 2010-03-10 | 2011-05-31 | Margento R&D D.O.O. | Brezžični mobilni transakcijski sistem in postopek izvedbe transakcije z mobilnim telefonom |
US20110238564A1 (en) | 2010-03-26 | 2011-09-29 | Kwang Hyun Lim | System and Method for Early Detection of Fraudulent Transactions |
US8811892B2 (en) | 2010-04-05 | 2014-08-19 | Mastercard International Incorporated | Systems, methods, and computer readable media for performing multiple transactions through a single near field communication (NFC) tap |
US10304051B2 (en) | 2010-04-09 | 2019-05-28 | Paypal, Inc. | NFC mobile wallet processing systems and methods |
US9122964B2 (en) | 2010-05-14 | 2015-09-01 | Mark Krawczewicz | Batteryless stored value card with display |
US20120109735A1 (en) | 2010-05-14 | 2012-05-03 | Mark Stanley Krawczewicz | Mobile Payment System with Thin Film Display |
US9047531B2 (en) | 2010-05-21 | 2015-06-02 | Hand Held Products, Inc. | Interactive user interface for capturing a document in an image signal |
TWI504229B (zh) | 2010-05-27 | 2015-10-11 | Mstar Semiconductor Inc | 支援電子錢包功能之行動裝置 |
AU2011261259B2 (en) | 2010-06-04 | 2015-05-14 | Visa International Service Association | Payment tokenization apparatuses, methods and systems |
WO2012000091A1 (en) | 2010-06-28 | 2012-01-05 | Lionstone Capital Corporation | Systems and methods for diversification of encryption algorithms and obfuscation symbols, symbol spaces and/or schemas |
US8723941B1 (en) | 2010-06-29 | 2014-05-13 | Bank Of America Corporation | Handicap-accessible ATM |
CN103109259A (zh) | 2010-07-01 | 2013-05-15 | 以谢·白南斯托克 | 位置感知移动连接及信息交换系统 |
US8500031B2 (en) | 2010-07-29 | 2013-08-06 | Bank Of America Corporation | Wearable article having point of sale payment functionality |
US9916572B2 (en) | 2010-08-18 | 2018-03-13 | International Business Machines Corporation | Payment card processing system |
US8312519B1 (en) | 2010-09-30 | 2012-11-13 | Daniel V Bailey | Agile OTP generation |
US8799087B2 (en) | 2010-10-27 | 2014-08-05 | Mastercard International Incorporated | Systems, methods, and computer readable media for utilizing one or more preferred application lists in a wireless device reader |
US9965756B2 (en) | 2013-02-26 | 2018-05-08 | Digimarc Corporation | Methods and arrangements for smartphone payments |
WO2012071078A1 (en) | 2010-11-23 | 2012-05-31 | X-Card Holdings, Llc | One-time password card for secure transactions |
US20120143754A1 (en) | 2010-12-03 | 2012-06-07 | Narendra Patel | Enhanced credit card security apparatus and method |
US8807440B1 (en) | 2010-12-17 | 2014-08-19 | Google Inc. | Routing secure element payment requests to an alternate application |
US8726405B1 (en) | 2010-12-23 | 2014-05-13 | Emc Corporation | Techniques for providing security using a mobile wireless communications device having data loss prevention circuitry |
US8843125B2 (en) * | 2010-12-30 | 2014-09-23 | Sk C&C | System and method for managing mobile wallet and its related credentials |
US8977195B2 (en) | 2011-01-06 | 2015-03-10 | Texas Insruments Incorporated | Multiple NFC card applications in multiple execution environments |
US8475367B1 (en) | 2011-01-09 | 2013-07-02 | Fitbit, Inc. | Biometric monitoring device having a body weight sensor, and methods of operating same |
WO2012097310A1 (en) | 2011-01-14 | 2012-07-19 | Visa International Service Association | Healthcare prepaid payment platform apparatuses, methods and systems |
JP5692244B2 (ja) | 2011-01-31 | 2015-04-01 | 富士通株式会社 | 通信方法、ノード、およびネットワークシステム |
US10373160B2 (en) | 2011-02-10 | 2019-08-06 | Paypal, Inc. | Fraud alerting using mobile phone location |
EP2487629B1 (en) | 2011-02-10 | 2016-11-30 | Nxp B.V. | Secure smart poster |
US20120239560A1 (en) | 2011-03-04 | 2012-09-20 | Pourfallah Stacy S | Healthcare payment collection portal apparatuses, methods and systems |
US20120238206A1 (en) | 2011-03-14 | 2012-09-20 | Research In Motion Limited | Communications device providing near field communication (nfc) secure element disabling features related methods |
US8811959B2 (en) | 2011-03-14 | 2014-08-19 | Conner Investments, Llc | Bluetooth enabled credit card with a large data storage volume |
US20120284194A1 (en) | 2011-05-03 | 2012-11-08 | Microsoft Corporation | Secure card-based transactions using mobile phones or other mobile devices |
EP3869443A1 (en) | 2011-05-10 | 2021-08-25 | Dynamics Inc. | Systems, devices, and methods for mobile payment acceptance, mobile authorizations, mobile wallets, and contactless communication mechanisms |
US20120296818A1 (en) | 2011-05-17 | 2012-11-22 | Ebay Inc. | Method for authorizing the activation of a spending card |
US8868902B1 (en) | 2013-07-01 | 2014-10-21 | Cryptite LLC | Characteristically shaped colorgram tokens in mobile transactions |
AU2012363110A1 (en) | 2011-06-07 | 2013-12-12 | Visa International Service Association | Payment Privacy Tokenization apparatuses, methods and systems |
WO2012170895A1 (en) | 2011-06-09 | 2012-12-13 | Yeager C Douglas | Systems and methods for authorizing a transaction |
US9042814B2 (en) | 2011-06-27 | 2015-05-26 | Broadcom Corporation | Measurement and reporting of received signal strength in NFC-enabled devices |
EP2541458B1 (en) | 2011-06-27 | 2017-10-04 | Nxp B.V. | Resource management system and corresponding method |
US9209867B2 (en) | 2011-06-28 | 2015-12-08 | Broadcom Corporation | Device for authenticating wanted NFC interactions |
US9026047B2 (en) | 2011-06-29 | 2015-05-05 | Broadcom Corporation | Systems and methods for providing NFC secure application support in battery-off mode when no nonvolatile memory write access is available |
US8620218B2 (en) | 2011-06-29 | 2013-12-31 | Broadcom Corporation | Power harvesting and use in a near field communications (NFC) device |
US9390411B2 (en) | 2011-07-27 | 2016-07-12 | Murray Jarman | System or method for storing credit on a value card or cellular phone rather than accepting coin change |
US9075979B1 (en) | 2011-08-11 | 2015-07-07 | Google Inc. | Authentication based on proximity to mobile device |
CN102956068B (zh) | 2011-08-25 | 2017-02-15 | 富泰华工业(深圳)有限公司 | 自动柜员机及其语音提示方法 |
EP3754577A1 (en) | 2011-08-30 | 2020-12-23 | SimplyTapp, Inc. | Systems and methods for authorizing a transaction with an unexpected cryptogram |
FR2980055B1 (fr) | 2011-09-12 | 2013-12-27 | Valeo Systemes Thermiques | Dispositif de transmission de puissance inductif |
US10032036B2 (en) | 2011-09-14 | 2018-07-24 | Shahab Khan | Systems and methods of multidimensional encrypted data transfer |
WO2013039395A1 (en) | 2011-09-14 | 2013-03-21 | Ec Solution Group B.V. | Active matrix display smart card |
US8577810B1 (en) | 2011-09-29 | 2013-11-05 | Intuit Inc. | Secure mobile payment authorization |
US8977569B2 (en) | 2011-09-29 | 2015-03-10 | Raj Rao | System and method for providing smart electronic wallet and reconfigurable transaction card thereof |
US9152832B2 (en) | 2011-09-30 | 2015-10-06 | Broadcom Corporation | Positioning guidance for increasing reliability of near-field communications |
US20140279479A1 (en) | 2011-10-12 | 2014-09-18 | C-Sam, Inc. | Nfc paired bluetooth e-commerce |
US10332102B2 (en) | 2011-10-17 | 2019-06-25 | Capital One Services, Llc | System, method, and apparatus for a dynamic transaction card |
US9978058B2 (en) | 2011-10-17 | 2018-05-22 | Capital One Services, Llc | System, method, and apparatus for a dynamic transaction card |
US9318257B2 (en) | 2011-10-18 | 2016-04-19 | Witricity Corporation | Wireless energy transfer for packaging |
US9246903B2 (en) | 2011-10-31 | 2016-01-26 | Money And Data Protection Lizenz Gmbh & Co. Kg | Authentication method |
US9000892B2 (en) | 2011-10-31 | 2015-04-07 | Eastman Kodak Company | Detecting RFID tag and inhibiting skimming |
US8818867B2 (en) | 2011-11-14 | 2014-08-26 | At&T Intellectual Property I, L.P. | Security token for mobile near field communication transactions |
CN104040555B (zh) | 2011-11-14 | 2017-02-22 | 威斯科数据安全国际有限公司 | 具有安全记录特征的智能卡读取器 |
US9064253B2 (en) | 2011-12-01 | 2015-06-23 | Broadcom Corporation | Systems and methods for providing NFC secure application support in battery on and battery off modes |
US20140040139A1 (en) | 2011-12-19 | 2014-02-06 | Sequent Software, Inc. | System and method for dynamic temporary payment authorization in a portable communication device |
US9740342B2 (en) | 2011-12-23 | 2017-08-22 | Cirque Corporation | Method for preventing interference of contactless card reader and touch functions when they are physically and logically bound together for improved authentication security |
US9154903B2 (en) | 2011-12-28 | 2015-10-06 | Blackberry Limited | Mobile communications device providing near field communication (NFC) card issuance features and related methods |
US8880027B1 (en) | 2011-12-29 | 2014-11-04 | Emc Corporation | Authenticating to a computing device with a near-field communications card |
US20130179351A1 (en) | 2012-01-09 | 2013-07-11 | George Wallner | System and method for an authenticating and encrypting card reader |
US20130185772A1 (en) | 2012-01-12 | 2013-07-18 | Aventura Hq, Inc. | Dynamically updating a session based on location data from an authentication device |
US20130191279A1 (en) | 2012-01-20 | 2013-07-25 | Bank Of America Corporation | Mobile device with rewritable general purpose card |
US9218624B2 (en) | 2012-02-03 | 2015-12-22 | Paypal, Inc. | Adding card to mobile/cloud wallet using NFC |
KR101443960B1 (ko) | 2012-02-22 | 2014-11-03 | 주식회사 팬택 | 사용자 인증 전자 장치 및 방법 |
US8898088B2 (en) | 2012-02-29 | 2014-11-25 | Google Inc. | In-card access control and monotonic counters for offline payment processing system |
US9020858B2 (en) | 2012-02-29 | 2015-04-28 | Google Inc. | Presence-of-card code for offline payment processing system |
US20130232082A1 (en) | 2012-03-05 | 2013-09-05 | Mark Stanley Krawczewicz | Method And Apparatus For Secure Medical ID Card |
WO2013137892A1 (en) | 2012-03-15 | 2013-09-19 | Intel Corporation | Near field co (nfc) and proximity sensor for portable devices |
AU2013248935A1 (en) | 2012-04-17 | 2014-08-28 | Secure Nfc Pty. Ltd. | NFC card lock |
US20130282360A1 (en) | 2012-04-20 | 2013-10-24 | James A. Shimota | Method and Apparatus for Translating and Locating Services in Multiple Languages |
US9953310B2 (en) | 2012-05-10 | 2018-04-24 | Mastercard International Incorporated | Systems and method for providing multiple virtual secure elements in a single physical secure element of a mobile device |
US20130303085A1 (en) | 2012-05-11 | 2013-11-14 | Research In Motion Limited | Near field communication tag data management |
US9306626B2 (en) | 2012-05-16 | 2016-04-05 | Broadcom Corporation | NFC device context determination through proximity gestural movement detection |
US8681268B2 (en) | 2012-05-24 | 2014-03-25 | Abisee, Inc. | Vision assistive devices and user interfaces |
US8862113B2 (en) | 2012-06-20 | 2014-10-14 | Qualcomm Incorporated | Subscriber identity module activation during active data call |
US9589399B2 (en) | 2012-07-02 | 2017-03-07 | Synaptics Incorporated | Credential quality assessment engine systems and methods |
WO2014011453A2 (en) * | 2012-07-09 | 2014-01-16 | Jvl Ventures, Llc | Systems, methods, and computer program products for integrating third party services with a mobile wallet |
US20140032410A1 (en) | 2012-07-24 | 2014-01-30 | Ipay International, S.A. | Method and system for linking and controling of payment cards with a mobile |
KR101421568B1 (ko) | 2012-07-27 | 2014-07-22 | 주식회사 케이티 | 스마트카드, 스마트카드 서비스 단말 및 스마트카드 서비스 방법 |
US9530130B2 (en) | 2012-07-30 | 2016-12-27 | Mastercard International Incorporated | Systems and methods for correction of information in card-not-present account-on-file transactions |
KR101934293B1 (ko) | 2012-08-03 | 2019-01-02 | 엘지전자 주식회사 | 이동 단말기의 이동 단말기 및 그의 nfc결제 방법 |
US9361619B2 (en) | 2012-08-06 | 2016-06-07 | Ca, Inc. | Secure and convenient mobile authentication techniques |
EP2698756B1 (en) | 2012-08-13 | 2016-01-06 | Nxp B.V. | Local Trusted Service Manager |
US9332587B2 (en) | 2012-08-21 | 2016-05-03 | Blackberry Limited | Smart proximity priority pairing |
US20140074655A1 (en) | 2012-09-07 | 2014-03-13 | David Lim | System, apparatus and methods for online one-tap account addition and checkout |
US10192216B2 (en) | 2012-09-11 | 2019-01-29 | Visa International Service Association | Cloud-based virtual wallet NFC apparatuses, methods and systems |
US9426132B1 (en) | 2012-09-12 | 2016-08-23 | Emc Corporation | Methods and apparatus for rules-based multi-factor verification |
US8888002B2 (en) | 2012-09-18 | 2014-11-18 | Sensormatic Electronics, LLC | Access control reader enabling remote applications |
US20140081720A1 (en) | 2012-09-19 | 2014-03-20 | Mastercard International Incorporated | Method and system for processing coupons in a near field transaction |
US9338622B2 (en) | 2012-10-04 | 2016-05-10 | Bernt Erik Bjontegard | Contextually intelligent communication systems and processes |
US9665858B1 (en) | 2012-10-11 | 2017-05-30 | Square, Inc. | Cardless payment transactions with multiple users |
US10075437B1 (en) | 2012-11-06 | 2018-09-11 | Behaviosec | Secure authentication of a user of a device during a session with a connected server |
US8584219B1 (en) | 2012-11-07 | 2013-11-12 | Fmr Llc | Risk adjusted, multifactor authentication |
CA2930752A1 (en) | 2012-11-15 | 2014-05-22 | Behzad Malek | System and method for location-based financial transaction authentication |
EP2795950B1 (en) | 2012-11-19 | 2018-09-05 | Avery Dennison Corporation | Nfc security system and method for disabling unauthorized tags |
AU2013348020B2 (en) * | 2012-11-20 | 2019-09-19 | Blackhawk Network, Inc. | System and method for using intelligent codes in conjunction with stored-value cards |
US9038894B2 (en) | 2012-11-20 | 2015-05-26 | Cellco Partnership | Payment or other transaction through mobile device using NFC to access a contactless transaction card |
CN103023643A (zh) | 2012-11-22 | 2013-04-03 | 天地融科技股份有限公司 | 一种动态口令牌及动态口令生成方法 |
US9224013B2 (en) | 2012-12-05 | 2015-12-29 | Broadcom Corporation | Secure processing sub-system that is hardware isolated from a peripheral processing sub-system |
US9064259B2 (en) | 2012-12-19 | 2015-06-23 | Genesys Telecomminucations Laboratories, Inc. | Customer care mobile application |
US10147086B2 (en) | 2012-12-19 | 2018-12-04 | Nxp B.V. | Digital wallet device for virtual wallet |
US20150339474A1 (en) | 2012-12-24 | 2015-11-26 | Cell Buddy Network Ltd. | User authentication system |
US8934837B2 (en) | 2013-01-03 | 2015-01-13 | Blackberry Limited | Mobile wireless communications device including NFC antenna matching control circuit and associated methods |
US9942750B2 (en) | 2013-01-23 | 2018-04-10 | Qualcomm Incorporated | Providing an encrypted account credential from a first device to a second device |
US20140214674A1 (en) | 2013-01-29 | 2014-07-31 | Reliance Communications, Llc. | Method and system for conducting secure transactions with credit cards using a monitoring device |
US20140229375A1 (en) | 2013-02-11 | 2014-08-14 | Groupon, Inc. | Consumer device payment token management |
US9785946B2 (en) | 2013-03-07 | 2017-10-10 | Mastercard International Incorporated | Systems and methods for updating payment card expiration information |
US10152706B2 (en) | 2013-03-11 | 2018-12-11 | Cellco Partnership | Secure NFC data authentication |
US9307505B2 (en) | 2013-03-12 | 2016-04-05 | Blackberry Limited | System and method for adjusting a power transmission level for a communication device |
US9763097B2 (en) | 2013-03-13 | 2017-09-12 | Lookout, Inc. | Method for performing device security corrective actions based on loss of proximity to another device |
WO2014143054A1 (en) | 2013-03-15 | 2014-09-18 | Intel Corporation | Mechanism for facilitating dynamic and targeted advertisements for computing systems |
US20140339315A1 (en) | 2013-04-02 | 2014-11-20 | Tnt Partners, Llc | Programmable Electronic Card and Supporting Device |
WO2014170741A2 (en) | 2013-04-15 | 2014-10-23 | Pardhasarthy Mahesh Bhupathi | Payback payment system and method to facilitate the same |
KR101924683B1 (ko) | 2013-04-26 | 2018-12-03 | 인터디지탈 패튼 홀딩스, 인크 | 요구된 인증 보증 레벨을 달성하기 위한 다중요소 인증 |
US20140337235A1 (en) | 2013-05-08 | 2014-11-13 | The Toronto-Dominion Bank | Person-to-person electronic payment processing |
US9104853B2 (en) | 2013-05-16 | 2015-08-11 | Symantec Corporation | Supporting proximity based security code transfer from mobile/tablet application to access device |
US10043164B2 (en) | 2013-05-20 | 2018-08-07 | Mastercard International Incorporated | System and method for facilitating a transaction between a merchant and a cardholder |
US20140365780A1 (en) | 2013-06-07 | 2014-12-11 | Safa Movassaghi | System and methods for one-time password generation on a mobile computing device |
US10475027B2 (en) | 2013-07-23 | 2019-11-12 | Capital One Services, Llc | System and method for exchanging data with smart cards |
EP3025270A1 (en) | 2013-07-25 | 2016-06-01 | Nymi inc. | Preauthorized wearable biometric device, system and method for use thereof |
GB2516861A (en) | 2013-08-01 | 2015-02-11 | Mastercard International Inc | Paired Wearable payment device |
CN103417202B (zh) | 2013-08-19 | 2015-11-18 | 赵蕴博 | 一种腕式生命体征监测装置及其监测方法 |
WO2015047224A1 (en) | 2013-09-24 | 2015-04-02 | Intel Corporation | Systems and methods for nfc access control in a secure element centric nfc architecture |
EP2854332A1 (en) | 2013-09-27 | 2015-04-01 | Gemalto SA | Method for securing over-the-air communication between a mobile application and a gateway |
US10878414B2 (en) | 2013-09-30 | 2020-12-29 | Apple Inc. | Multi-path communication of electronic device secure element data for online payments |
US11748746B2 (en) | 2013-09-30 | 2023-09-05 | Apple Inc. | Multi-path communication of electronic device secure element data for online payments |
EP3070602A4 (en) | 2013-11-15 | 2016-12-14 | Kuang-Chi Intelligent Photonic Tech Ltd | METHODS OF TRANSMITTING AND RECEIVING INSTRUCTION INFORMATION AND RELATED DEVICES |
SG10201900029SA (en) | 2013-11-19 | 2019-02-27 | Visa Int Service Ass | Automated account provisioning |
MX361684B (es) | 2013-12-02 | 2018-12-13 | Mastercard International Inc | Método y sistema para la transmisión segura de mensajes del servicio de notificación a distancia a dispositivos móviles sin elementos de seguridad. |
CN105830107A (zh) | 2013-12-19 | 2016-08-03 | 维萨国际服务协会 | 基于云的交易方法和系统 |
US20150205379A1 (en) | 2014-01-20 | 2015-07-23 | Apple Inc. | Motion-Detected Tap Input |
US9420496B1 (en) | 2014-01-24 | 2016-08-16 | Sprint Communications Company L.P. | Activation sequence using permission based connection to network |
US9773151B2 (en) | 2014-02-06 | 2017-09-26 | University Of Massachusetts | System and methods for contactless biometrics-based identification |
US20160012465A1 (en) | 2014-02-08 | 2016-01-14 | Jeffrey A. Sharp | System and method for distributing, receiving, and using funds or credits and apparatus thereof |
US20150371234A1 (en) | 2014-02-21 | 2015-12-24 | Looppay, Inc. | Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data |
EP2924914A1 (en) | 2014-03-25 | 2015-09-30 | Gemalto SA | Method to manage a one time password key |
US9251330B2 (en) | 2014-04-09 | 2016-02-02 | International Business Machines Corporation | Secure management of a smart card |
US20150317626A1 (en) | 2014-04-30 | 2015-11-05 | Intuit Inc. | Secure proximity exchange of payment information between mobile wallet and point-of-sale |
US9680942B2 (en) | 2014-05-01 | 2017-06-13 | Visa International Service Association | Data verification using access device |
AU2015255887A1 (en) | 2014-05-07 | 2016-10-13 | Visa International Service Association | Enhanced data interface for contactless communications |
US10475026B2 (en) | 2014-05-16 | 2019-11-12 | International Business Machines Corporation | Secure management of transactions using a smart/virtual card |
US20150339663A1 (en) | 2014-05-21 | 2015-11-26 | Mastercard International Incorporated | Methods of payment token lifecycle management on a mobile device |
US10482461B2 (en) | 2014-05-29 | 2019-11-19 | Apple Inc. | User interface for payments |
US9449239B2 (en) | 2014-05-30 | 2016-09-20 | Apple Inc. | Credit card auto-fill |
US9455968B1 (en) | 2014-12-19 | 2016-09-27 | Emc Corporation | Protection of a secret on a mobile device using a secret-splitting technique with a fixed user share |
KR101508320B1 (ko) | 2014-06-30 | 2015-04-07 | 주식회사 인포바인 | Nfc 카드를 이용한 otp 발급 장치, otp 생성 장치, 및 이를 이용한 방법 |
US9780953B2 (en) | 2014-07-23 | 2017-10-03 | Visa International Service Association | Systems and methods for secure detokenization |
US20160026997A1 (en) | 2014-07-25 | 2016-01-28 | XPressTap, Inc. | Mobile Communication Device with Proximity Based Communication Circuitry |
US9875347B2 (en) | 2014-07-31 | 2018-01-23 | Nok Nok Labs, Inc. | System and method for performing authentication using data analytics |
US20160048913A1 (en) | 2014-08-15 | 2016-02-18 | Mastercard International Incorporated | Systems and Methods for Assigning a Variable Length Bank Identification Number |
US9775029B2 (en) | 2014-08-22 | 2017-09-26 | Visa International Service Association | Embedding cloud-based functionalities in a communication device |
US10242356B2 (en) | 2014-08-25 | 2019-03-26 | Google Llc | Host-formatted select proximity payment system environment response |
CN111756533B (zh) | 2014-08-29 | 2023-07-04 | 维萨国际服务协会 | 用于安全密码生成的系统、方法和存储介质 |
CN104239783A (zh) | 2014-09-19 | 2014-12-24 | 东软集团股份有限公司 | 一种特定信息安全输入系统及方法 |
US9953323B2 (en) | 2014-09-23 | 2018-04-24 | Sony Corporation | Limiting e-card transactions based on lack of proximity to associated CE device |
GB2530726B (en) | 2014-09-25 | 2016-11-02 | Ibm | Distributed single sign-on |
CN111866873B (zh) | 2014-09-26 | 2023-09-05 | 维萨国际服务协会 | 远程服务器加密的数据的储备系统和方法 |
US9432339B1 (en) | 2014-09-29 | 2016-08-30 | Emc Corporation | Automated token renewal using OTP-based authentication codes |
US9473509B2 (en) | 2014-09-29 | 2016-10-18 | International Business Machines Corporation | Selectively permitting or denying usage of wearable device services |
CN104463270A (zh) | 2014-11-12 | 2015-03-25 | 惠州Tcl移动通信有限公司 | 一种基于rfid的智能终端、金融卡以及金融管理系统 |
US9379841B2 (en) | 2014-11-17 | 2016-06-28 | Empire Technology Development Llc | Mobile device prevention of contactless card attacks |
US9589264B2 (en) | 2014-12-10 | 2017-03-07 | American Express Travel Related Services Company, Inc. | System and method for pre-provisioned wearable contactless payments |
GB2533333A (en) | 2014-12-16 | 2016-06-22 | Visa Europe Ltd | Transaction authorisation |
WO2016112290A1 (en) | 2015-01-09 | 2016-07-14 | Interdigital Technology Corporation | Scalable policy based execution of multi-factor authentication |
US10333696B2 (en) | 2015-01-12 | 2019-06-25 | X-Prime, Inc. | Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency |
US20170011406A1 (en) | 2015-02-10 | 2017-01-12 | NXT-ID, Inc. | Sound-Directed or Behavior-Directed Method and System for Authenticating a User and Executing a Transaction |
CN105930040A (zh) | 2015-02-27 | 2016-09-07 | 三星电子株式会社 | 包含电子支付系统的电子装置及其操作方法 |
US20160267486A1 (en) | 2015-03-13 | 2016-09-15 | Radiius Corp | Smartcard Payment System and Method |
US20160277383A1 (en) | 2015-03-16 | 2016-09-22 | Assa Abloy Ab | Binding to a user device |
US11736468B2 (en) | 2015-03-16 | 2023-08-22 | Assa Abloy Ab | Enhanced authorization |
US20170289127A1 (en) | 2016-03-29 | 2017-10-05 | Chaya Coleena Hendrick | Smart data cards that enable the performance of various functions upon activation/authentication by a user's fingerprint, oncard pin number entry, and/or by facial recognition of the user, or by facial recognition of a user alone, including an automated changing security number that is displayed on a screen on a card's surface following an authenticated biometric match |
WO2016160816A1 (en) | 2015-03-30 | 2016-10-06 | Hendrick Chaya Coleena | Smart data cards that enable the performance of various functions upon activation/authentication by a user's fingerprint, oncard pin number entry, and/or by facial recognition of the user, or by facial recognition of a user alone, including an automated changing security number that is displayed on a screen on a card's surface following an authenticated biometric match |
US10360557B2 (en) | 2015-04-14 | 2019-07-23 | Capital One Services, Llc | Dynamic transaction card protected by dropped card detection |
CN107924513A (zh) | 2015-04-14 | 2018-04-17 | 第资本服务公司 | 用于动态交易卡的系统、方法和设备 |
US10482453B2 (en) * | 2015-04-14 | 2019-11-19 | Capital One Services, Llc | Dynamic transaction card protected by gesture and voice recognition |
US9674705B2 (en) | 2015-04-22 | 2017-06-06 | Kenneth Hugh Rose | Method and system for secure peer-to-peer mobile communications |
EP3292484B1 (en) | 2015-05-05 | 2021-07-07 | Ping Identity Corporation | Identity management service using a block chain |
US20160335531A1 (en) | 2015-05-12 | 2016-11-17 | Dynamics Inc. | Dynamic security codes, tokens, displays, cards, devices, multi-card devices, systems and methods |
US10074231B2 (en) * | 2015-06-09 | 2018-09-11 | Stmicroelectronics S.R.L. | Method for the activation of a payment card, corresponding system and computer program |
FR3038429B1 (fr) | 2015-07-03 | 2018-09-21 | Ingenico Group | Conteneur de paiement, procede de creation, procede de traitement, dispositifs et programmes correspondants |
US20170039566A1 (en) | 2015-07-10 | 2017-02-09 | Diamond Sun Labs, Inc. | Method and system for secured processing of a credit card |
US10108965B2 (en) | 2015-07-14 | 2018-10-23 | Ujet, Inc. | Customer communication system including service pipeline |
US11120436B2 (en) | 2015-07-17 | 2021-09-14 | Mastercard International Incorporated | Authentication system and method for server-based payments |
US20170024716A1 (en) | 2015-07-22 | 2017-01-26 | American Express Travel Related Services Company, Inc. | System and method for single page banner integration |
US10492163B2 (en) | 2015-08-03 | 2019-11-26 | Jpmorgan Chase Bank, N.A. | Systems and methods for leveraging micro-location devices for improved travel awareness |
KR20170028015A (ko) | 2015-09-03 | 2017-03-13 | 엔에이치엔엔터테인먼트 주식회사 | 휴대용 단말기를 이용한 온라인 신용카드 결제 시스템 및 결제 방법 |
WO2017042400A1 (en) | 2015-09-11 | 2017-03-16 | Dp Security Consulting Sas | Access method to an on line service by means of access tokens and secure elements restricting the use of these access tokens to their legitimate owner |
FR3041195A1 (fr) | 2015-09-11 | 2017-03-17 | Dp Security Consulting | Procede d'acces a un service en ligne au moyen d'un microcircuit securise et de jetons de securite restreignant l'utilisation de ces jetons a leur detenteur legitime |
ITUB20155318A1 (it) | 2015-10-26 | 2017-04-26 | St Microelectronics Srl | Tag, relativo procedimento e sistema per identificare e/o autenticare oggetti |
US20170140379A1 (en) | 2015-11-17 | 2017-05-18 | Bruce D. Deck | Credit card randomly generated pin |
US11328298B2 (en) | 2015-11-27 | 2022-05-10 | The Toronto-Dominion Bank | System and method for remotely activating a pin-pad terminal |
CA3007504A1 (en) | 2015-12-07 | 2017-06-15 | Capital One Services, Llc | Electronic access control system |
US9948467B2 (en) | 2015-12-21 | 2018-04-17 | Mastercard International Incorporated | Method and system for blockchain variant using digital signatures |
KR101637863B1 (ko) | 2016-01-05 | 2016-07-08 | 주식회사 코인플러그 | 본인인증용 정보 보안 전송시스템 및 방법 |
US10628821B2 (en) * | 2016-01-26 | 2020-04-21 | American Greetings | Activation and assigning value to gift cards using RFID |
US9794074B2 (en) | 2016-02-04 | 2017-10-17 | Nasdaq Technology Ab | Systems and methods for storing and sharing transactional data using distributed computing systems |
US9619952B1 (en) | 2016-02-16 | 2017-04-11 | Honeywell International Inc. | Systems and methods of preventing access to users of an access control system |
US10148135B2 (en) | 2016-02-16 | 2018-12-04 | Intel IP Corporation | System, apparatus and method for authenticating a device using a wireless charger |
FR3049083A1 (fr) | 2016-03-15 | 2017-09-22 | Dp Security Consulting Sas | Procede de duplication des donnees d'un microcircuit securise vers un autre microcircuit securise permettant, au plus, a un seul microcircuit securise d'etre operationnel a un instant donne |
US9894199B1 (en) | 2016-04-05 | 2018-02-13 | State Farm Mutual Automobile Insurance Company | Systems and methods for authenticating a caller at a call center |
EP3229397B1 (en) | 2016-04-07 | 2020-09-09 | ContactOffice Group | Method for fulfilling a cryptographic request requiring a value of a private key |
US10255816B2 (en) | 2016-04-27 | 2019-04-09 | Uber Technologies, Inc. | Transport vehicle configuration for impaired riders |
US10333705B2 (en) | 2016-04-30 | 2019-06-25 | Civic Technologies, Inc. | Methods and apparatus for providing attestation of information using a centralized or distributed ledger |
KR20170126688A (ko) | 2016-05-10 | 2017-11-20 | 엘지전자 주식회사 | 스마트 카드 및 그 스마트 카드의 제어 방법 |
US9635000B1 (en) | 2016-05-25 | 2017-04-25 | Sead Muftic | Blockchain identity management system based on public identities ledger |
GB201609460D0 (en) | 2016-05-30 | 2016-07-13 | Silverleap Technology Ltd | Increased security through ephemeral keys for software virtual contactless card in a mobile phone |
US10097544B2 (en) | 2016-06-01 | 2018-10-09 | International Business Machines Corporation | Protection and verification of user authentication credentials against server compromise |
US10680677B2 (en) | 2016-08-01 | 2020-06-09 | Nxp B.V. | NFC system wakeup with energy harvesting |
US10032169B2 (en) | 2016-08-08 | 2018-07-24 | Ellipse World, Inc. | Prepaid, debit and credit card security code generation system |
US20180039986A1 (en) | 2016-08-08 | 2018-02-08 | Ellipse World S.A. | Method for a Prepaid, Debit and Credit Card Security Code Generation System |
US10084762B2 (en) | 2016-09-01 | 2018-09-25 | Ca, Inc. | Publicly readable blockchain registry of personally identifiable information breaches |
US10748130B2 (en) * | 2016-09-30 | 2020-08-18 | Square, Inc. | Sensor-enabled activation of payment instruments |
US10462128B2 (en) | 2016-10-11 | 2019-10-29 | Michael Arthur George | Verification of both identification and presence of objects over a network |
US10719771B2 (en) | 2016-11-09 | 2020-07-21 | Cognitive Scale, Inc. | Method for cognitive information processing using a cognitive blockchain architecture |
US20180160255A1 (en) | 2016-12-01 | 2018-06-07 | Youngsuck PARK | Nfc tag-based web service system and method using anti-simulation function |
US10133979B1 (en) | 2016-12-29 | 2018-11-20 | Wells Fargo Bank, N.A. | Wearable computing device-powered chip-enabled card |
US10237070B2 (en) | 2016-12-31 | 2019-03-19 | Nok Nok Labs, Inc. | System and method for sharing keys across authenticators |
DE102017000768A1 (de) | 2017-01-27 | 2018-08-02 | Giesecke+Devrient Mobile Security Gmbh | Verfahren zum Durchführen einer Zweifaktorauthentifizierung |
US20180240106A1 (en) | 2017-02-21 | 2018-08-23 | Legacy Ip Llc | Hand-held electronics device for aggregation of and management of personal electronic data |
JP6736757B2 (ja) * | 2017-02-28 | 2020-08-05 | 株式会社ソニー・インタラクティブエンタテインメント | 情報処理装置およびソフトウェア処理方法 |
US20180254909A1 (en) | 2017-03-06 | 2018-09-06 | Lamark Solutions, Inc. | Virtual Identity Credential Issuance and Verification Using Physical and Virtual Means |
US10764043B2 (en) | 2017-04-05 | 2020-09-01 | University Of Florida Research Foundation, Incorporated | Identity and content authentication for phone calls |
US10129648B1 (en) | 2017-05-11 | 2018-11-13 | Microsoft Technology Licensing, Llc | Hinged computing device for binaural recording |
US20190019375A1 (en) | 2017-07-14 | 2019-01-17 | Gamblit Gaming, Llc | Ad hoc customizable electronic gaming table |
US9940571B1 (en) | 2017-08-25 | 2018-04-10 | Capital One Services, Llc | Metal contactless transaction card |
US10019707B1 (en) | 2017-10-24 | 2018-07-10 | Capital One Services, Llc | Transaction card mode related to locating a transaction card |
US11102180B2 (en) | 2018-01-31 | 2021-08-24 | The Toronto-Dominion Bank | Real-time authentication and authorization based on dynamically generated cryptographic data |
US10992477B2 (en) * | 2018-10-02 | 2021-04-27 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11392935B2 (en) * | 2019-08-05 | 2022-07-19 | Apple Inc. | Automatic activation of a physical payment card |
US20220263653A1 (en) * | 2019-12-06 | 2022-08-18 | Ismail Jibrin | System, method, and device for vitality verification using a biometric one-time passcode |
US11210656B2 (en) * | 2020-04-13 | 2021-12-28 | Capital One Services, Llc | Determining specific terms for contactless card activation |
US11373169B2 (en) * | 2020-11-03 | 2022-06-28 | Capital One Services, Llc | Web-based activation of contactless cards |
-
2021
- 2021-04-20 US US17/235,112 patent/US11935035B2/en active Active
-
2022
- 2022-03-21 CN CN202280029834.8A patent/CN117203655A/zh active Pending
- 2022-03-21 CA CA3213859A patent/CA3213859A1/en active Pending
- 2022-03-21 JP JP2023564220A patent/JP2024514925A/ja active Pending
- 2022-03-21 EP EP22719395.0A patent/EP4327262A1/en active Pending
- 2022-03-21 KR KR1020237034473A patent/KR20230174217A/ko unknown
- 2022-03-21 AU AU2022260655A patent/AU2022260655A1/en active Pending
- 2022-03-21 WO PCT/US2022/021096 patent/WO2022225630A1/en active Application Filing
Also Published As
Publication number | Publication date |
---|---|
WO2022225630A1 (en) | 2022-10-27 |
KR20230174217A (ko) | 2023-12-27 |
US20220335412A1 (en) | 2022-10-20 |
AU2022260655A1 (en) | 2023-10-19 |
US11935035B2 (en) | 2024-03-19 |
EP4327262A1 (en) | 2024-02-28 |
JP2024514925A (ja) | 2024-04-03 |
CA3213859A1 (en) | 2022-10-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112805967B (zh) | 非接触式卡的密码认证的系统和方法 | |
JP2022504072A (ja) | 非接触カードの暗号化認証のためのシステムおよび方法 | |
CN112602104A (zh) | 用于非接触卡的密码认证的系统和方法 | |
BR112021005174A2 (pt) | sistema de ressincronização de contador, método de ressincronização de um contador em um cartão sem contato, e, cartão sem contato | |
CN113168631A (zh) | 用于非接触卡的密码认证的系统和方法 | |
CN117396908A (zh) | 将显示器应用于交易卡的方法、介质及系统 | |
US11658997B2 (en) | Systems and methods for signaling an attack on contactless cards | |
KR20210069030A (ko) | 비접촉식 카드의 암호화 인증을 위한 시스템 및 방법 | |
CN117203655A (zh) | 通过非接触式卡利用资源定位符执行一系列操作的技术 | |
US20220366410A1 (en) | Systems and techniques to utilize an active link in a uniform resource locator to perform a money exchange | |
US20240135360A1 (en) | Techniques to utilize resource locators by a contactless card to perform a sequence of operations | |
KR20210153592A (ko) | 비접촉식 카드 재발급을 위한 시스템 및 방법 | |
CN117121007A (zh) | 通过非接触式卡认证的经认证的消息传递会话 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40096902 Country of ref document: HK |
|
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |