Nothing Special   »   [go: up one dir, main page]

MX2016007217A - Method and system for secure authentication of user and mobile device without secure elements. - Google Patents

Method and system for secure authentication of user and mobile device without secure elements.

Info

Publication number
MX2016007217A
MX2016007217A MX2016007217A MX2016007217A MX2016007217A MX 2016007217 A MX2016007217 A MX 2016007217A MX 2016007217 A MX2016007217 A MX 2016007217A MX 2016007217 A MX2016007217 A MX 2016007217A MX 2016007217 A MX2016007217 A MX 2016007217A
Authority
MX
Mexico
Prior art keywords
secure
generating
processing device
session key
application cryptogram
Prior art date
Application number
MX2016007217A
Other languages
Spanish (es)
Other versions
MX361793B (en
Inventor
Collinge Mehdi
Smets Patrik
Emile Jean Charles Cateland Axel
Original Assignee
Mastercard International Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastercard International Inc filed Critical Mastercard International Inc
Publication of MX2016007217A publication Critical patent/MX2016007217A/en
Publication of MX361793B publication Critical patent/MX361793B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Computer And Data Communications (AREA)

Abstract

A method for generating payment credentials in a payment transaction includes: storing, in a memory, at least a single use key associated with a transaction account; receiving, by a receiving device, a personal identification number; identifying, by a processing device, a first session key; generating, by the processing device, a second session key based on at least the stored single use key and the received personal identification number; generating, by the processing device, a first application cryptogram based on at least the first session key; generating, by the processing device, a second application cryptogram based on at least the second session key; and transmitting, by a transmitting device, at least the first application cryptogram and second application cryptogram for use in a payment transaction.
MX2016007217A 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements. MX361793B (en)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US201361910819P 2013-12-02 2013-12-02
US201461951842P 2014-03-12 2014-03-12
US201461955716P 2014-03-19 2014-03-19
US201461979132P 2014-04-14 2014-04-14
US201461980784P 2014-04-17 2014-04-17
PCT/US2014/067992 WO2015084755A1 (en) 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements

Publications (2)

Publication Number Publication Date
MX2016007217A true MX2016007217A (en) 2016-12-09
MX361793B MX361793B (en) 2018-12-17

Family

ID=53274011

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2016007217A MX361793B (en) 2013-12-02 2014-12-02 Method and system for secure authentication of user and mobile device without secure elements.

Country Status (16)

Country Link
EP (1) EP3077972A4 (en)
JP (2) JP6353537B2 (en)
KR (2) KR102025816B1 (en)
CN (1) CN106062799B (en)
AU (1) AU2014357381B2 (en)
BR (1) BR112016012527A2 (en)
CA (1) CA2932346C (en)
CL (1) CL2016001353A1 (en)
HK (1) HK1227146A1 (en)
IL (1) IL245965B (en)
MX (1) MX361793B (en)
NZ (1) NZ720688A (en)
RU (1) RU2663319C2 (en)
SG (1) SG10201800179UA (en)
UA (1) UA115500C2 (en)
WO (1) WO2015084755A1 (en)

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11334890B2 (en) 2013-12-02 2022-05-17 Mastercard International Incorporated Method and system for secure authentication of user and mobile device without secure elements
KR101903709B1 (en) * 2014-04-14 2018-10-04 마스터카드 인터내셔날, 인코포레이티드 Method and system for generating an advanced storage key in a mobile device without secure elements
US10614442B2 (en) 2014-12-03 2020-04-07 Mastercard International Incorporated System and method of facilitating cash transactions at an ATM system without an ATM card using mobile
US10185949B2 (en) * 2015-03-05 2019-01-22 American Express Travel Related Services Company, Inc. System and method for authentication of a mobile device configured with payment capabilities
US10248947B2 (en) * 2015-06-29 2019-04-02 Oberthur Technologies of America Corp. Method of generating a bank transaction request for a mobile terminal having a secure module
US11120436B2 (en) * 2015-07-17 2021-09-14 Mastercard International Incorporated Authentication system and method for server-based payments
SG10201508945YA (en) 2015-10-29 2017-05-30 Mastercard International Inc Method and system for cardless use of an automated teller machine (atm)
US10496982B2 (en) 2016-02-03 2019-12-03 Accenture Global Solutions Limited Secure contactless card emulation
WO2017182411A1 (en) * 2016-04-18 2017-10-26 Bancontact-Mistercash Nv/Sa Method and device for authorizing mobile transactions
WO2017184840A1 (en) 2016-04-21 2017-10-26 Mastercard International Incorporated Method and system for contactless transactions without user credentials
AU2017318589B2 (en) 2016-09-04 2020-04-09 Mastercard International Incorporated Method and system for cardless ATM transaction via mobile device
EP3340094B1 (en) * 2016-12-22 2021-04-28 Mastercard International Incorporated Method for renewal of cryptographic whiteboxes under binding of new public key and old identifier
WO2018136914A1 (en) * 2017-01-23 2018-07-26 Mastercard International Incorporated Method and system for authentication via a trusted execution environment
EP3364329B1 (en) 2017-02-21 2023-07-26 Mastercard International Incorporated Security architecture for device applications
EP3364352A1 (en) 2017-02-21 2018-08-22 Mastercard International Incorporated Determining legitimate conditions at a computing device
EP3364363A1 (en) 2017-02-21 2018-08-22 Mastercard International Incorporated Transaction cryptogram
CN107274183B (en) * 2017-03-21 2020-05-22 中国银联股份有限公司 Transaction verification method and system
US11468444B2 (en) * 2017-12-18 2022-10-11 Mastercard International Incorporated Method and system for bypassing merchant systems to increase data security in conveyance of credentials
KR101972599B1 (en) * 2018-06-19 2019-04-25 김승훈 Apparatus and Method for Processing Session Key and Recording Medium Recording Program thereof
US10581611B1 (en) * 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
EP3640878B1 (en) * 2018-10-17 2023-06-21 Swatch Ag Method and system for activating a portable contactless payment object
US10984416B2 (en) * 2019-03-20 2021-04-20 Capital One Services, Llc NFC mobile currency transfer
US11803827B2 (en) 2019-11-01 2023-10-31 Mastercard International Incorporated Method and system for enabling cardless transactions at an ATM for any institutional entity
CN111901109B (en) * 2020-08-04 2022-10-04 华人运通(上海)云计算科技有限公司 White-box-based communication method, device, equipment and storage medium
CN113421084B (en) * 2021-05-26 2023-03-24 歌尔股份有限公司 Bus card processing method, device, equipment and readable storage medium

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4183823B2 (en) * 1999-02-10 2008-11-19 富士通株式会社 Data verification device, data verification system, and data verification program storage medium
US7249093B1 (en) * 1999-09-07 2007-07-24 Rysix Holdings, Llc Method of and system for making purchases over a computer network
JP2004086599A (en) * 2002-08-27 2004-03-18 Toppan Printing Co Ltd Credit card information management device, management method, and program thereof
US7873572B2 (en) * 2004-02-26 2011-01-18 Reardon David C Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages
DK2011301T3 (en) * 2006-04-10 2011-10-17 Trust Integration Services B V Arrangement and method for secure data transmission
US8713655B2 (en) * 2008-04-21 2014-04-29 Indian Institute Of Technology Method and system for using personal devices for authentication and service access at service outlets
US20120143752A1 (en) * 2010-08-12 2012-06-07 Mastercard International, Inc. Multi-commerce channel wallet for authenticated transactions
US8746553B2 (en) * 2010-09-27 2014-06-10 Mastercard International Incorporated Purchase Payment device updates using an authentication process
KR20120110926A (en) * 2011-03-30 2012-10-10 주식회사 비즈모델라인 Method and system for card payment using program identity, smart phone
GB201105765D0 (en) * 2011-04-05 2011-05-18 Visa Europe Ltd Payment system
US20120317628A1 (en) * 2011-06-09 2012-12-13 Yeager C Douglas Systems and methods for authorizing a transaction
US10515359B2 (en) * 2012-04-02 2019-12-24 Mastercard International Incorporated Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements
CN104272331B (en) * 2012-04-18 2017-06-23 谷歌公司 Payment transaction is processed in the case of without safety element

Also Published As

Publication number Publication date
AU2014357381B2 (en) 2017-03-23
KR101809221B1 (en) 2017-12-14
KR20170139689A (en) 2017-12-19
EP3077972A1 (en) 2016-10-12
JP6353537B2 (en) 2018-07-04
CA2932346C (en) 2018-09-04
EP3077972A4 (en) 2017-08-09
HK1227146A1 (en) 2017-10-13
KR102025816B1 (en) 2019-09-26
BR112016012527A2 (en) 2017-08-08
AU2014357381A1 (en) 2016-06-16
IL245965A0 (en) 2016-07-31
RU2663319C2 (en) 2018-08-03
CL2016001353A1 (en) 2017-05-12
CA2932346A1 (en) 2015-06-11
JP2018164281A (en) 2018-10-18
SG10201800179UA (en) 2018-02-27
JP2017504871A (en) 2017-02-09
MX361793B (en) 2018-12-17
WO2015084755A1 (en) 2015-06-11
NZ720688A (en) 2017-09-29
KR20160091418A (en) 2016-08-02
CN106062799A (en) 2016-10-26
CN106062799B (en) 2022-04-29
IL245965B (en) 2022-05-01
UA115500C2 (en) 2017-11-10

Similar Documents

Publication Publication Date Title
MX361793B (en) Method and system for secure authentication of user and mobile device without secure elements.
MX2019006226A (en) Mobile payment system.
PH12018502545A1 (en) Increased security through ephemeral keys for software virtual contactless card in mobile phone
PH12019501652A1 (en) Data sending method and apparatus
NZ629125A (en) Credential management system
NZ628971A (en) Transaction processing system and method
MX2018005593A (en) Method and system for processing of a blockchain transaction in a transaction processing network.
SG11201806344VA (en) Credit payment method and apparatus based on mobile terminal p2p
SG11201806131YA (en) Credit payment method and apparatus based on card emulation of mobile terminal
EP4325806A3 (en) Geo-fence authorization provisioning
MX2015009491A (en) User authentication method and apparatus based on audio and video data.
MX2017012298A (en) Payment processing system using encrypted payment information, and method therefor.
MX368548B (en) Methods and systems for authenticating a transaction with the use of a portable electronic device.
MY189090A (en) Method and apparatus of barcode-based mobile payment and service processing
MX2019005359A (en) Scan and pay method and device utilized in mobile apparatus.
MY190913A (en) Device and method for secure connection
WO2016190918A3 (en) Multiple protocol transaction encryption
MX2016010086A (en) Method and system for generating an advanced storage key in a mobile device without secure elements.
MX345061B (en) Method, one or more computer-readable non-transitory storage media and a device, in particular relating to computing resources and/or mobile-device-based trust computing.
IN2014KN02931A (en)
MX2020014235A (en) Systems and methods for secure read-only authentication.
TW201612812A (en) Apparatus and method for self-service payment
MX342852B (en) Method and system for authorizing an action at a site.
MX2019003187A (en) System and methods for point to point encryption and tokenization using a mobile device.
SG10201706801YA (en) Biometric system for authenticating a biometric request

Legal Events

Date Code Title Description
FG Grant or registration