UA115500C2 - Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпеки - Google Patents
Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпекиInfo
- Publication number
- UA115500C2 UA115500C2 UAA201607123A UAA201607123A UA115500C2 UA 115500 C2 UA115500 C2 UA 115500C2 UA A201607123 A UAA201607123 A UA A201607123A UA A201607123 A UAA201607123 A UA A201607123A UA 115500 C2 UA115500 C2 UA 115500C2
- Authority
- UA
- Ukraine
- Prior art keywords
- secure
- generating
- processing device
- session key
- user
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/204—Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3274—Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Abstract
Спосіб генерування платіжних облікових даних в платіжній транзакції, який включає в себе: збереження в пам'яті щонайменше разового ключа, асоційованого з транзакційним рахунком; прийом приймальним пристроєм персонального ідентифікаційного номера; ідентифікацію пристроєм обробки першого сеансового ключа; генерування пристроєм обробки другого сеансового ключа, основуючись щонайменше на збереженому разовому ключі і прийнятому персональному ідентифікаційному номері; генерування пристроєм обробки першої криптограми додатка, основуючись щонайменше на першому сеансовому ключі; генерування пристроєм обробки другої криптограми додатка, основуючись щонайменше на другому сеансовому ключі; і передачу передавальним пристроєм щонайменше першої криптограми додатка і другої криптограми додатка для використання в платіжній транзакції.
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201361910819P | 2013-12-02 | 2013-12-02 | |
US201461951842P | 2014-03-12 | 2014-03-12 | |
US201461955716P | 2014-03-19 | 2014-03-19 | |
US201461979132P | 2014-04-14 | 2014-04-14 | |
US201461980784P | 2014-04-17 | 2014-04-17 | |
PCT/US2014/067992 WO2015084755A1 (en) | 2013-12-02 | 2014-12-02 | Method and system for secure authentication of user and mobile device without secure elements |
Publications (1)
Publication Number | Publication Date |
---|---|
UA115500C2 true UA115500C2 (uk) | 2017-11-10 |
Family
ID=53274011
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
UAA201607123A UA115500C2 (uk) | 2013-12-02 | 2014-12-02 | Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпеки |
Country Status (16)
Country | Link |
---|---|
EP (1) | EP3077972A4 (uk) |
JP (2) | JP6353537B2 (uk) |
KR (2) | KR102025816B1 (uk) |
CN (1) | CN106062799B (uk) |
AU (1) | AU2014357381B2 (uk) |
BR (1) | BR112016012527A2 (uk) |
CA (1) | CA2932346C (uk) |
CL (1) | CL2016001353A1 (uk) |
HK (1) | HK1227146A1 (uk) |
IL (1) | IL245965B (uk) |
MX (1) | MX361793B (uk) |
NZ (1) | NZ720688A (uk) |
RU (1) | RU2663319C2 (uk) |
SG (1) | SG10201800179UA (uk) |
UA (1) | UA115500C2 (uk) |
WO (1) | WO2015084755A1 (uk) |
Families Citing this family (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
SG10201803986RA (en) | 2013-12-02 | 2018-06-28 | Mastercard International Inc | Method and system for secure transmission of remote notification service messages to mobile devices without secure elements |
KR102151579B1 (ko) * | 2014-04-14 | 2020-09-03 | 마스터카드 인터내셔날, 인코포레이티드 | 보안 요소들이 구비되어 있지 않은 모바일 기기에서 어드밴스트 저장 키를 생성하는 방법 및 시스템 |
US10614442B2 (en) | 2014-12-03 | 2020-04-07 | Mastercard International Incorporated | System and method of facilitating cash transactions at an ATM system without an ATM card using mobile |
US10248947B2 (en) * | 2015-06-29 | 2019-04-02 | Oberthur Technologies of America Corp. | Method of generating a bank transaction request for a mobile terminal having a secure module |
US11120436B2 (en) * | 2015-07-17 | 2021-09-14 | Mastercard International Incorporated | Authentication system and method for server-based payments |
SG10201508945YA (en) | 2015-10-29 | 2017-05-30 | Mastercard International Inc | Method and system for cardless use of an automated teller machine (atm) |
US10496982B2 (en) * | 2016-02-03 | 2019-12-03 | Accenture Global Solutions Limited | Secure contactless card emulation |
EP4177810A1 (en) * | 2016-04-18 | 2023-05-10 | Bancontact Payconiq Company | Method and device for authorizing mobile transactions |
WO2017184840A1 (en) * | 2016-04-21 | 2017-10-26 | Mastercard International Incorporated | Method and system for contactless transactions without user credentials |
SG11201900748QA (en) * | 2016-09-04 | 2019-03-28 | Mastercard International Inc | Method and system for cardless atm transaction via mobile device |
EP3340094B1 (en) * | 2016-12-22 | 2021-04-28 | Mastercard International Incorporated | Method for renewal of cryptographic whiteboxes under binding of new public key and old identifier |
US11244296B2 (en) * | 2017-01-23 | 2022-02-08 | Mastercard International Incorporated | Method and system for authentication via a trusted execution environment |
EP3364363A1 (en) | 2017-02-21 | 2018-08-22 | Mastercard International Incorporated | Transaction cryptogram |
EP3364329B1 (en) | 2017-02-21 | 2023-07-26 | Mastercard International Incorporated | Security architecture for device applications |
EP3364352A1 (en) | 2017-02-21 | 2018-08-22 | Mastercard International Incorporated | Determining legitimate conditions at a computing device |
CN107274183B (zh) * | 2017-03-21 | 2020-05-22 | 中国银联股份有限公司 | 交易验证方法及系统 |
US11468444B2 (en) * | 2017-12-18 | 2022-10-11 | Mastercard International Incorporated | Method and system for bypassing merchant systems to increase data security in conveyance of credentials |
KR101972599B1 (ko) * | 2018-06-19 | 2019-04-25 | 김승훈 | 세션키 처리장치, 처리 방법 및 이를 위한 프로그램을 기록한 컴퓨터 판독 가능한 기록매체 |
US10581611B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
EP3640878B1 (fr) * | 2018-10-17 | 2023-06-21 | Swatch Ag | Procede et systeme d'activation d'un objet portable de paiement sans contact |
US11803827B2 (en) | 2019-11-01 | 2023-10-31 | Mastercard International Incorporated | Method and system for enabling cardless transactions at an ATM for any institutional entity |
CN111901109B (zh) * | 2020-08-04 | 2022-10-04 | 华人运通(上海)云计算科技有限公司 | 基于白盒的通信方法、装置、设备和存储介质 |
CN113421084B (zh) * | 2021-05-26 | 2023-03-24 | 歌尔股份有限公司 | 公交卡处理方法、装置、设备及可读存储介质 |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4183823B2 (ja) * | 1999-02-10 | 2008-11-19 | 富士通株式会社 | データ照合装置、データ照合システムおよびデータ照合プログラム記憶媒体 |
US7249093B1 (en) * | 1999-09-07 | 2007-07-24 | Rysix Holdings, Llc | Method of and system for making purchases over a computer network |
JP2004086599A (ja) * | 2002-08-27 | 2004-03-18 | Toppan Printing Co Ltd | クレジットカード情報管理装置および管理方法並びにそのプログラム |
US7873572B2 (en) * | 2004-02-26 | 2011-01-18 | Reardon David C | Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages |
PT2011301E (pt) * | 2006-04-10 | 2011-09-23 | Trust Integration Services B V | Sistema e método para a transmissão segura de dados |
US8713655B2 (en) * | 2008-04-21 | 2014-04-29 | Indian Institute Of Technology | Method and system for using personal devices for authentication and service access at service outlets |
WO2012021864A2 (en) * | 2010-08-12 | 2012-02-16 | Mastercard International, Inc. | Multi-commerce channel wallet for authenticated transactions |
US8746553B2 (en) * | 2010-09-27 | 2014-06-10 | Mastercard International Incorporated Purchase | Payment device updates using an authentication process |
KR20120110926A (ko) * | 2011-03-30 | 2012-10-10 | 주식회사 비즈모델라인 | 프로그램 식별을 통한 카드 결제 방법 및 시스템과 이를 위한 스마트폰 |
WO2012170895A1 (en) * | 2011-06-09 | 2012-12-13 | Yeager C Douglas | Systems and methods for authorizing a transaction |
US10515359B2 (en) * | 2012-04-02 | 2019-12-24 | Mastercard International Incorporated | Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements |
CN107369015B (zh) * | 2012-04-18 | 2021-01-08 | 谷歌有限责任公司 | 在不具有安全元件的情况下处理支付交易 |
-
2014
- 2014-12-02 NZ NZ720688A patent/NZ720688A/en not_active IP Right Cessation
- 2014-12-02 RU RU2016126401A patent/RU2663319C2/ru not_active IP Right Cessation
- 2014-12-02 KR KR1020177035338A patent/KR102025816B1/ko active IP Right Grant
- 2014-12-02 CN CN201480074679.7A patent/CN106062799B/zh active Active
- 2014-12-02 AU AU2014357381A patent/AU2014357381B2/en active Active
- 2014-12-02 CA CA2932346A patent/CA2932346C/en active Active
- 2014-12-02 MX MX2016007217A patent/MX361793B/es active IP Right Grant
- 2014-12-02 BR BR112016012527A patent/BR112016012527A2/pt not_active IP Right Cessation
- 2014-12-02 JP JP2016535719A patent/JP6353537B2/ja active Active
- 2014-12-02 SG SG10201800179UA patent/SG10201800179UA/en unknown
- 2014-12-02 KR KR1020167017367A patent/KR101809221B1/ko active IP Right Grant
- 2014-12-02 WO PCT/US2014/067992 patent/WO2015084755A1/en active Application Filing
- 2014-12-02 EP EP14868126.5A patent/EP3077972A4/en not_active Ceased
- 2014-12-02 UA UAA201607123A patent/UA115500C2/uk unknown
-
2016
- 2016-06-01 IL IL245965A patent/IL245965B/en unknown
- 2016-06-02 CL CL2016001353A patent/CL2016001353A1/es unknown
- 2016-12-15 HK HK16114270A patent/HK1227146A1/zh unknown
-
2018
- 2018-06-08 JP JP2018110433A patent/JP2018164281A/ja active Pending
Also Published As
Publication number | Publication date |
---|---|
KR101809221B1 (ko) | 2017-12-14 |
BR112016012527A2 (pt) | 2017-08-08 |
EP3077972A1 (en) | 2016-10-12 |
JP2017504871A (ja) | 2017-02-09 |
MX2016007217A (es) | 2016-12-09 |
KR102025816B1 (ko) | 2019-09-26 |
EP3077972A4 (en) | 2017-08-09 |
WO2015084755A1 (en) | 2015-06-11 |
JP2018164281A (ja) | 2018-10-18 |
CL2016001353A1 (es) | 2017-05-12 |
JP6353537B2 (ja) | 2018-07-04 |
CA2932346C (en) | 2018-09-04 |
CN106062799B (zh) | 2022-04-29 |
MX361793B (es) | 2018-12-17 |
IL245965A0 (en) | 2016-07-31 |
IL245965B (en) | 2022-05-01 |
NZ720688A (en) | 2017-09-29 |
HK1227146A1 (zh) | 2017-10-13 |
AU2014357381B2 (en) | 2017-03-23 |
AU2014357381A1 (en) | 2016-06-16 |
SG10201800179UA (en) | 2018-02-27 |
CA2932346A1 (en) | 2015-06-11 |
KR20170139689A (ko) | 2017-12-19 |
RU2663319C2 (ru) | 2018-08-03 |
CN106062799A (zh) | 2016-10-26 |
KR20160091418A (ko) | 2016-08-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
UA115500C2 (uk) | Спосіб і система безпечної аутентифікації користувача і мобільний пристрій без елементів безпеки | |
NZ629125A (en) | Credential management system | |
MX2018000737A (es) | Sistemas y metodos de pago de modos multiples. | |
MX2019006226A (es) | Sistema de pago movil. | |
NZ628971A (en) | Transaction processing system and method | |
MX354574B (es) | Procedimiento y aparato de autenticación de usuarios basados en datos de audio y vídeo. | |
MX2015012794A (es) | Metodos y sistemas para autenticar una transaccion con el uso de un dispositivo electronico portatil. | |
SG11201806344VA (en) | Credit payment method and apparatus based on mobile terminal p2p | |
PH12019501081A1 (en) | Scan and pay method and device utilized in mobile apparatus | |
WO2015025282A3 (en) | Methods and systems for transferring electronic money | |
MY190913A (en) | Device and method for secure connection | |
MX2017008188A (es) | Facilitacion de envio y recepcion de pagos de personas a comercios. | |
MX2017012298A (es) | Sistema de procesamiento de pagos utilizando informacion de pago codificada y metodo para el procesamiento de los mismos. | |
WO2016190918A3 (en) | Multiple protocol transaction encryption | |
UA117951C2 (uk) | Спосіб і система для генерації вдосконаленого ключа зберігання в мобільному пристрої без захисних елементів | |
SG2013042429A (en) | Method for receiving an electronic receipt of an electronic payment transaction into a mobile device | |
IN2014KN02931A (uk) | ||
PH12018501541A1 (en) | Credit payment method and apparatus based on mobile terminal ese | |
MX2020014235A (es) | Sistemas y metodos para autenticacion segura de solo lectura. | |
TW201612812A (en) | Apparatus and method for self-service payment | |
MX2014002399A (es) | Metodo y sistema para autorizar una accion en un sitio. | |
WO2013192564A3 (en) | Aggregating online activities | |
MY170316A (en) | Portable communication device and system and method therefor | |
GB2545841A (en) | Systems and methods for providing payment hotspots | |
MX2018003170A (es) | Verificacion de transacciones de pago. |