UA115500C2 - Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпеки - Google Patents

Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпеки

Info

Publication number
UA115500C2
UA115500C2 UAA201607123A UAA201607123A UA115500C2 UA 115500 C2 UA115500 C2 UA 115500C2 UA A201607123 A UAA201607123 A UA A201607123A UA A201607123 A UAA201607123 A UA A201607123A UA 115500 C2 UA115500 C2 UA 115500C2
Authority
UA
Ukraine
Prior art keywords
secure
generating
processing device
session key
user
Prior art date
Application number
UAA201607123A
Other languages
English (en)
Inventor
Мехді Коллінге
Патрік Сметс
Аксель Еміль Жан Чарльз Кейтленд
Original Assignee
Мастеркард Інтернешнл Інкорпорейтед
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Мастеркард Інтернешнл Інкорпорейтед filed Critical Мастеркард Інтернешнл Інкорпорейтед
Publication of UA115500C2 publication Critical patent/UA115500C2/uk

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Abstract

Спосіб генерування платіжних облікових даних в платіжній транзакції, який включає в себе: збереження в пам'яті щонайменше разового ключа, асоційованого з транзакційним рахунком; прийом приймальним пристроєм персонального ідентифікаційного номера; ідентифікацію пристроєм обробки першого сеансового ключа; генерування пристроєм обробки другого сеансового ключа, основуючись щонайменше на збереженому разовому ключі і прийнятому персональному ідентифікаційному номері; генерування пристроєм обробки першої криптограми додатка, основуючись щонайменше на першому сеансовому ключі; генерування пристроєм обробки другої криптограми додатка, основуючись щонайменше на другому сеансовому ключі; і передачу передавальним пристроєм щонайменше першої криптограми додатка і другої криптограми додатка для використання в платіжній транзакції.
UAA201607123A 2013-12-02 2014-12-02 Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпеки UA115500C2 (uk)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US201361910819P 2013-12-02 2013-12-02
US201461951842P 2014-03-12 2014-03-12
US201461955716P 2014-03-19 2014-03-19
US201461979132P 2014-04-14 2014-04-14
US201461980784P 2014-04-17 2014-04-17
PCT/US2014/067992 WO2015084755A1 (en) 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements

Publications (1)

Publication Number Publication Date
UA115500C2 true UA115500C2 (uk) 2017-11-10

Family

ID=53274011

Family Applications (1)

Application Number Title Priority Date Filing Date
UAA201607123A UA115500C2 (uk) 2013-12-02 2014-12-02 Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпеки

Country Status (16)

Country Link
EP (1) EP3077972A4 (uk)
JP (2) JP6353537B2 (uk)
KR (2) KR102025816B1 (uk)
CN (1) CN106062799B (uk)
AU (1) AU2014357381B2 (uk)
BR (1) BR112016012527A2 (uk)
CA (1) CA2932346C (uk)
CL (1) CL2016001353A1 (uk)
HK (1) HK1227146A1 (uk)
IL (1) IL245965B (uk)
MX (1) MX361793B (uk)
NZ (1) NZ720688A (uk)
RU (1) RU2663319C2 (uk)
SG (1) SG10201800179UA (uk)
UA (1) UA115500C2 (uk)
WO (1) WO2015084755A1 (uk)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SG10201803986RA (en) 2013-12-02 2018-06-28 Mastercard International Inc Method and system for secure transmission of remote notification service messages to mobile devices without secure elements
KR102151579B1 (ko) * 2014-04-14 2020-09-03 마스터카드 인터내셔날, 인코포레이티드 보안 요소들이 구비되어 있지 않은 모바일 기기에서 어드밴스트 저장 키를 생성하는 방법 및 시스템
US10614442B2 (en) 2014-12-03 2020-04-07 Mastercard International Incorporated System and method of facilitating cash transactions at an ATM system without an ATM card using mobile
US10248947B2 (en) * 2015-06-29 2019-04-02 Oberthur Technologies of America Corp. Method of generating a bank transaction request for a mobile terminal having a secure module
US11120436B2 (en) * 2015-07-17 2021-09-14 Mastercard International Incorporated Authentication system and method for server-based payments
SG10201508945YA (en) 2015-10-29 2017-05-30 Mastercard International Inc Method and system for cardless use of an automated teller machine (atm)
US10496982B2 (en) * 2016-02-03 2019-12-03 Accenture Global Solutions Limited Secure contactless card emulation
EP4177810A1 (en) * 2016-04-18 2023-05-10 Bancontact Payconiq Company Method and device for authorizing mobile transactions
WO2017184840A1 (en) * 2016-04-21 2017-10-26 Mastercard International Incorporated Method and system for contactless transactions without user credentials
SG11201900748QA (en) * 2016-09-04 2019-03-28 Mastercard International Inc Method and system for cardless atm transaction via mobile device
EP3340094B1 (en) * 2016-12-22 2021-04-28 Mastercard International Incorporated Method for renewal of cryptographic whiteboxes under binding of new public key and old identifier
US11244296B2 (en) * 2017-01-23 2022-02-08 Mastercard International Incorporated Method and system for authentication via a trusted execution environment
EP3364363A1 (en) 2017-02-21 2018-08-22 Mastercard International Incorporated Transaction cryptogram
EP3364329B1 (en) 2017-02-21 2023-07-26 Mastercard International Incorporated Security architecture for device applications
EP3364352A1 (en) 2017-02-21 2018-08-22 Mastercard International Incorporated Determining legitimate conditions at a computing device
CN107274183B (zh) * 2017-03-21 2020-05-22 中国银联股份有限公司 交易验证方法及系统
US11468444B2 (en) * 2017-12-18 2022-10-11 Mastercard International Incorporated Method and system for bypassing merchant systems to increase data security in conveyance of credentials
KR101972599B1 (ko) * 2018-06-19 2019-04-25 김승훈 세션키 처리장치, 처리 방법 및 이를 위한 프로그램을 기록한 컴퓨터 판독 가능한 기록매체
US10581611B1 (en) 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
EP3640878B1 (fr) * 2018-10-17 2023-06-21 Swatch Ag Procede et systeme d'activation d'un objet portable de paiement sans contact
US11803827B2 (en) 2019-11-01 2023-10-31 Mastercard International Incorporated Method and system for enabling cardless transactions at an ATM for any institutional entity
CN111901109B (zh) * 2020-08-04 2022-10-04 华人运通(上海)云计算科技有限公司 基于白盒的通信方法、装置、设备和存储介质
CN113421084B (zh) * 2021-05-26 2023-03-24 歌尔股份有限公司 公交卡处理方法、装置、设备及可读存储介质

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4183823B2 (ja) * 1999-02-10 2008-11-19 富士通株式会社 データ照合装置、データ照合システムおよびデータ照合プログラム記憶媒体
US7249093B1 (en) * 1999-09-07 2007-07-24 Rysix Holdings, Llc Method of and system for making purchases over a computer network
JP2004086599A (ja) * 2002-08-27 2004-03-18 Toppan Printing Co Ltd クレジットカード情報管理装置および管理方法並びにそのプログラム
US7873572B2 (en) * 2004-02-26 2011-01-18 Reardon David C Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages
PT2011301E (pt) * 2006-04-10 2011-09-23 Trust Integration Services B V Sistema e método para a transmissão segura de dados
US8713655B2 (en) * 2008-04-21 2014-04-29 Indian Institute Of Technology Method and system for using personal devices for authentication and service access at service outlets
WO2012021864A2 (en) * 2010-08-12 2012-02-16 Mastercard International, Inc. Multi-commerce channel wallet for authenticated transactions
US8746553B2 (en) * 2010-09-27 2014-06-10 Mastercard International Incorporated Purchase Payment device updates using an authentication process
KR20120110926A (ko) * 2011-03-30 2012-10-10 주식회사 비즈모델라인 프로그램 식별을 통한 카드 결제 방법 및 시스템과 이를 위한 스마트폰
WO2012170895A1 (en) * 2011-06-09 2012-12-13 Yeager C Douglas Systems and methods for authorizing a transaction
US10515359B2 (en) * 2012-04-02 2019-12-24 Mastercard International Incorporated Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements
CN107369015B (zh) * 2012-04-18 2021-01-08 谷歌有限责任公司 在不具有安全元件的情况下处理支付交易

Also Published As

Publication number Publication date
KR101809221B1 (ko) 2017-12-14
BR112016012527A2 (pt) 2017-08-08
EP3077972A1 (en) 2016-10-12
JP2017504871A (ja) 2017-02-09
MX2016007217A (es) 2016-12-09
KR102025816B1 (ko) 2019-09-26
EP3077972A4 (en) 2017-08-09
WO2015084755A1 (en) 2015-06-11
JP2018164281A (ja) 2018-10-18
CL2016001353A1 (es) 2017-05-12
JP6353537B2 (ja) 2018-07-04
CA2932346C (en) 2018-09-04
CN106062799B (zh) 2022-04-29
MX361793B (es) 2018-12-17
IL245965A0 (en) 2016-07-31
IL245965B (en) 2022-05-01
NZ720688A (en) 2017-09-29
HK1227146A1 (zh) 2017-10-13
AU2014357381B2 (en) 2017-03-23
AU2014357381A1 (en) 2016-06-16
SG10201800179UA (en) 2018-02-27
CA2932346A1 (en) 2015-06-11
KR20170139689A (ko) 2017-12-19
RU2663319C2 (ru) 2018-08-03
CN106062799A (zh) 2016-10-26
KR20160091418A (ko) 2016-08-02

Similar Documents

Publication Publication Date Title
UA115500C2 (uk) Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпеки
NZ629125A (en) Credential management system
MX2018000737A (es) Sistemas y metodos de pago de modos multiples.
MX2019006226A (es) Sistema de pago movil.
NZ628971A (en) Transaction processing system and method
MX354574B (es) Procedimiento y aparato de autenticación de usuarios basados en datos de audio y vídeo.
MX2015012794A (es) Metodos y sistemas para autenticar una transaccion con el uso de un dispositivo electronico portatil.
SG11201806344VA (en) Credit payment method and apparatus based on mobile terminal p2p
PH12019501081A1 (en) Scan and pay method and device utilized in mobile apparatus
WO2015025282A3 (en) Methods and systems for transferring electronic money
MY190913A (en) Device and method for secure connection
MX2017008188A (es) Facilitacion de envio y recepcion de pagos de personas a comercios.
MX2017012298A (es) Sistema de procesamiento de pagos utilizando informacion de pago codificada y metodo para el procesamiento de los mismos.
WO2016190918A3 (en) Multiple protocol transaction encryption
UA117951C2 (uk) Спосіб і система для генерації вдосконаленого ключа зберігання в мобільному пристрої без захисних елементів
SG2013042429A (en) Method for receiving an electronic receipt of an electronic payment transaction into a mobile device
IN2014KN02931A (uk)
PH12018501541A1 (en) Credit payment method and apparatus based on mobile terminal ese
MX2020014235A (es) Sistemas y metodos para autenticacion segura de solo lectura.
TW201612812A (en) Apparatus and method for self-service payment
MX2014002399A (es) Metodo y sistema para autorizar una accion en un sitio.
WO2013192564A3 (en) Aggregating online activities
MY170316A (en) Portable communication device and system and method therefor
GB2545841A (en) Systems and methods for providing payment hotspots
MX2018003170A (es) Verificacion de transacciones de pago.