EP3077972A4 - Method and system for secure authentication of user and mobile device without secure elements - Google Patents

Method and system for secure authentication of user and mobile device without secure elements Download PDF

Info

Publication number
EP3077972A4
EP3077972A4 EP14868126.5A EP14868126A EP3077972A4 EP 3077972 A4 EP3077972 A4 EP 3077972A4 EP 14868126 A EP14868126 A EP 14868126A EP 3077972 A4 EP3077972 A4 EP 3077972A4
Authority
EP
European Patent Office
Prior art keywords
secure
user
mobile device
elements
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP14868126.5A
Other languages
German (de)
French (fr)
Other versions
EP3077972A1 (en
Inventor
Mehdi Collinge
Patrik Smets
Axel Emile Jean Charles CATELAND
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mastercard International Inc
Original Assignee
Mastercard International Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastercard International Inc filed Critical Mastercard International Inc
Publication of EP3077972A1 publication Critical patent/EP3077972A1/en
Publication of EP3077972A4 publication Critical patent/EP3077972A4/en
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Computer And Data Communications (AREA)
EP14868126.5A 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements Ceased EP3077972A4 (en)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US201361910819P 2013-12-02 2013-12-02
US201461951842P 2014-03-12 2014-03-12
US201461955716P 2014-03-19 2014-03-19
US201461979132P 2014-04-14 2014-04-14
US201461980784P 2014-04-17 2014-04-17
PCT/US2014/067992 WO2015084755A1 (en) 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements

Publications (2)

Publication Number Publication Date
EP3077972A1 EP3077972A1 (en) 2016-10-12
EP3077972A4 true EP3077972A4 (en) 2017-08-09

Family

ID=53274011

Family Applications (1)

Application Number Title Priority Date Filing Date
EP14868126.5A Ceased EP3077972A4 (en) 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements

Country Status (16)

Country Link
EP (1) EP3077972A4 (en)
JP (2) JP6353537B2 (en)
KR (2) KR102025816B1 (en)
CN (1) CN106062799B (en)
AU (1) AU2014357381B2 (en)
BR (1) BR112016012527A2 (en)
CA (1) CA2932346C (en)
CL (1) CL2016001353A1 (en)
HK (1) HK1227146A1 (en)
IL (1) IL245965B (en)
MX (1) MX361793B (en)
NZ (1) NZ720688A (en)
RU (1) RU2663319C2 (en)
SG (1) SG10201800179UA (en)
UA (1) UA115500C2 (en)
WO (1) WO2015084755A1 (en)

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2661910C1 (en) 2013-12-02 2018-07-23 Мастеркард Интернэшнл Инкорпорейтед Method and system for protected communication of remote notification service messages to mobile devices without protected elements
RU2653290C1 (en) * 2014-04-14 2018-05-07 Мастеркард Интернэшнл Инкорпорейтед Method and system for generation of improved storage key in mobile device without protective elements
US10614442B2 (en) 2014-12-03 2020-04-07 Mastercard International Incorporated System and method of facilitating cash transactions at an ATM system without an ATM card using mobile
US10248947B2 (en) * 2015-06-29 2019-04-02 Oberthur Technologies of America Corp. Method of generating a bank transaction request for a mobile terminal having a secure module
US11120436B2 (en) * 2015-07-17 2021-09-14 Mastercard International Incorporated Authentication system and method for server-based payments
SG10201508945YA (en) 2015-10-29 2017-05-30 Mastercard International Inc Method and system for cardless use of an automated teller machine (atm)
US10496982B2 (en) * 2016-02-03 2019-12-03 Accenture Global Solutions Limited Secure contactless card emulation
WO2017182411A1 (en) * 2016-04-18 2017-10-26 Bancontact-Mistercash Nv/Sa Method and device for authorizing mobile transactions
WO2017184840A1 (en) * 2016-04-21 2017-10-26 Mastercard International Incorporated Method and system for contactless transactions without user credentials
EP3507754A1 (en) 2016-09-04 2019-07-10 Mastercard International Incorporated Method and system for cardless atm transaction via mobile device
EP3340094B1 (en) * 2016-12-22 2021-04-28 Mastercard International Incorporated Method for renewal of cryptographic whiteboxes under binding of new public key and old identifier
CN110199309B (en) * 2017-01-23 2023-06-16 万事达卡国际公司 Method and system for authentication via trusted execution environment
EP3364363A1 (en) 2017-02-21 2018-08-22 Mastercard International Incorporated Transaction cryptogram
EP3364329B1 (en) 2017-02-21 2023-07-26 Mastercard International Incorporated Security architecture for device applications
EP3364352A1 (en) 2017-02-21 2018-08-22 Mastercard International Incorporated Determining legitimate conditions at a computing device
CN107274183B (en) * 2017-03-21 2020-05-22 中国银联股份有限公司 Transaction verification method and system
US11468444B2 (en) * 2017-12-18 2022-10-11 Mastercard International Incorporated Method and system for bypassing merchant systems to increase data security in conveyance of credentials
KR101972599B1 (en) * 2018-06-19 2019-04-25 김승훈 Apparatus and Method for Processing Session Key and Recording Medium Recording Program thereof
US10581611B1 (en) 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
EP3640878B1 (en) * 2018-10-17 2023-06-21 Swatch Ag Method and system for activating a portable contactless payment object
US10984416B2 (en) * 2019-03-20 2021-04-20 Capital One Services, Llc NFC mobile currency transfer
US11803827B2 (en) 2019-11-01 2023-10-31 Mastercard International Incorporated Method and system for enabling cardless transactions at an ATM for any institutional entity
CN111901109B (en) * 2020-08-04 2022-10-04 华人运通(上海)云计算科技有限公司 White-box-based communication method, device, equipment and storage medium
CN113421084B (en) * 2021-05-26 2023-03-24 歌尔股份有限公司 Bus card processing method, device, equipment and readable storage medium

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4183823B2 (en) * 1999-02-10 2008-11-19 富士通株式会社 Data verification device, data verification system, and data verification program storage medium
US7249093B1 (en) * 1999-09-07 2007-07-24 Rysix Holdings, Llc Method of and system for making purchases over a computer network
JP2004086599A (en) * 2002-08-27 2004-03-18 Toppan Printing Co Ltd Credit card information management device, management method, and program thereof
US7873572B2 (en) * 2004-02-26 2011-01-18 Reardon David C Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages
JP5179471B2 (en) * 2006-04-10 2013-04-10 モデール ビー.ブイ. Apparatus and method for securely transmitting data
US8713655B2 (en) * 2008-04-21 2014-04-29 Indian Institute Of Technology Method and system for using personal devices for authentication and service access at service outlets
SG10201506319WA (en) * 2010-08-12 2015-09-29 Mastercard International Inc Multi-commerce channel wallet for authenticated transactions
US8746553B2 (en) * 2010-09-27 2014-06-10 Mastercard International Incorporated Purchase Payment device updates using an authentication process
KR20120110926A (en) * 2011-03-30 2012-10-10 주식회사 비즈모델라인 Method and system for card payment using program identity, smart phone
WO2012170895A1 (en) * 2011-06-09 2012-12-13 Yeager C Douglas Systems and methods for authorizing a transaction
US10515359B2 (en) * 2012-04-02 2019-12-24 Mastercard International Incorporated Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements
CN107369015B (en) * 2012-04-18 2021-01-08 谷歌有限责任公司 Processing payment transactions without a secure element

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
No further relevant documents disclosed *

Also Published As

Publication number Publication date
IL245965A0 (en) 2016-07-31
BR112016012527A2 (en) 2017-08-08
RU2663319C2 (en) 2018-08-03
KR20160091418A (en) 2016-08-02
KR20170139689A (en) 2017-12-19
CL2016001353A1 (en) 2017-05-12
SG10201800179UA (en) 2018-02-27
CN106062799A (en) 2016-10-26
CA2932346C (en) 2018-09-04
NZ720688A (en) 2017-09-29
UA115500C2 (en) 2017-11-10
AU2014357381B2 (en) 2017-03-23
WO2015084755A1 (en) 2015-06-11
HK1227146A1 (en) 2017-10-13
IL245965B (en) 2022-05-01
KR101809221B1 (en) 2017-12-14
JP2018164281A (en) 2018-10-18
EP3077972A1 (en) 2016-10-12
JP2017504871A (en) 2017-02-09
CA2932346A1 (en) 2015-06-11
MX2016007217A (en) 2016-12-09
MX361793B (en) 2018-12-17
KR102025816B1 (en) 2019-09-26
AU2014357381A1 (en) 2016-06-16
JP6353537B2 (en) 2018-07-04
CN106062799B (en) 2022-04-29

Similar Documents

Publication Publication Date Title
HK1227146A1 (en) Method and system for secure authentication of user and mobile device without secure elements
EP3259877A4 (en) Secure authentication of user and mobile device
EP3005203A4 (en) System and method for credential authentication
ZA201509242B (en) User authentication system and method
EP2984589A4 (en) System and method for mobile single sign-on integration
GB201403428D0 (en) System and method of interaction for mobile devices
EP3035725A4 (en) Authentication method and authentication device for wireless router
HK1187201A2 (en) An nfc-based fingerprint authentication system and method
EP3017395A4 (en) Method and apparatus of data authentication
EP3059689A4 (en) Authentication apparatus and authentication method
EP3078160A4 (en) Multi-factor authentication system and method
EP3086505A4 (en) Authentication system, authentication method and authentication device
EP3265953A4 (en) User authentication method and device for credentials back-up service to mobile devices
SG11201506832WA (en) Portable communication device and system and method therefor
EP3086504A4 (en) Authentication system and authentication method
EP3018607A4 (en) Device and authentication system
HK1184867A1 (en) Method and system for user authentication
SG2013038278A (en) Authentication device and method
EP3086252A4 (en) Authentication system and authentication method
EP3042302A4 (en) Mobile device configuration system and method
EP3082057A4 (en) Authentication method and authentication system
EP2941032A4 (en) Method and network device for security authentication of mobile communication system
HK1205387A1 (en) Mobile device-based authentication method and authentication apparatus
GB2523924B (en) Behaviometric signature authentication system and method
EP3007141A4 (en) Authentication system and program

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20160623

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20170706

RIC1 Information provided on ipc code assigned before grant

Ipc: G06Q 20/38 20120101AFI20170630BHEP

Ipc: H04W 12/04 20090101ALI20170630BHEP

Ipc: G06Q 20/40 20120101ALI20170630BHEP

Ipc: H04L 29/06 20060101ALI20170630BHEP

Ipc: H04W 12/08 20090101ALI20170630BHEP

Ipc: H04W 12/06 20090101ALI20170630BHEP

Ipc: G06Q 20/20 20120101ALI20170630BHEP

Ipc: G06Q 20/32 20120101ALI20170630BHEP

REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1227146

Country of ref document: HK

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20180910

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20210213

REG Reference to a national code

Ref country code: HK

Ref legal event code: WD

Ref document number: 1227146

Country of ref document: HK