Device, system and method for reducing an interaction time for a contactless transaction

US 10,043,177 B2
Filed: 02/23/2017
Issued: 08/07/2018
Est. Priority Date: 09/28/2005
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a payment device in communication with a contactless reader, information related to a transaction that includes at least a terminal unpredictable number and a transaction amount;

determining, by the payment device using one or more risk-management processes, whether to terminate the transaction, process the transaction in an online manner, or process the transaction in an offline manner;

generating a response to the received information based on the information related to the transaction, the response being configured based on the manner in which the transaction is to be processed; and

sending, from the payment device to the contactless reader, the generated response to cause the transaction to be processed in the determined manner using information provided in the response, wherein processing the transaction in an offline manner comprises;

receiving, at the payment device from the contactless reader, a command message to request one or more records indicated in the application file locator (AFL) received from the payment device;

transmitting, from the payment device to the contactless reader, the requested one or more records requested by the command message; and

recalculating the dynamic signature in order to authorize the transaction if the dynamic signature received from the payment device matches the recalculated dynamic signature.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, devices, and systems are described for sending and receiving messages between a terminal reader and a payment device, such as a credit card. A dynamic signature is calculated on the payment device from an application transaction counter, a terminal unpredictable number, and a transaction amount, and it is sent with an application the locator (AFL) to the reader. The reader then sends a read record command to the payment device to get records associated with the AFL, among other normal processing. While the normal processing is occurring for the transaction, the dynamic signature can be recalculated and compared with that from the payment device in order to assure that nothing has surreptitiously changed the values in the messages.

39 Citations

18 Claims

1. A method comprising:
- receiving, at a payment device in communication with a contactless reader, information related to a transaction that includes at least a terminal unpredictable number and a transaction amount;
  
  determining, by the payment device using one or more risk-management processes, whether to terminate the transaction, process the transaction in an online manner, or process the transaction in an offline manner;
  
  generating a response to the received information based on the information related to the transaction, the response being configured based on the manner in which the transaction is to be processed; and
  
  sending, from the payment device to the contactless reader, the generated response to cause the transaction to be processed in the determined manner using information provided in the response, wherein processing the transaction in an offline manner comprises;
  
  receiving, at the payment device from the contactless reader, a command message to request one or more records indicated in the application file locator (AFL) received from the payment device;
  
  transmitting, from the payment device to the contactless reader, the requested one or more records requested by the command message; and
  
  recalculating the dynamic signature in order to authorize the transaction if the dynamic signature received from the payment device matches the recalculated dynamic signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein processing the transaction in an online manner comprises transmitting the response to the received information to an authorization entity to be assessed.
  - 3. The method of claim 1, wherein if the transaction is to be processed in an offline manner, the response to the received information also includes at least an application file locator (AFL) and a dynamic signature generated from an application transaction counter (ATC), the terminal unpredictable number, and the transaction amount.
  - 4. The method of claim 1, further comprising causing the transaction be processed in an online manner using the cryptogram if the dynamic signature received from the payment device does not match the recalculated dynamic signature.
  - 5. The method of claim 1, wherein authorization may be provided irrespective of whether the contactless reader is in communication with an authorization entity associated with the payment device.
  - 6. The method of claim 1, wherein the transaction is authorized upon determining the dynamic signature received from the payment device matches the recalculated dynamic signature.
  - 7. The method of claim 1, wherein the response to the received information further comprises a cryptogram generated by the payment device based on the application transaction counter, the terminal unpredictable number, and the transaction amount.
  - 8. The method of claim 1, wherein the one or more risk-management processes comprises at least one of checking an internal card indicator to protect against transaction tearing, comparing a value of an application currency code to a value of a transaction currency code, comparing the number of personal identification number entries to a predetermined limit, determining whether a cardholder verification method is required, comparing the transaction amount to a low value limit associated with the payment device, comparing the transaction amount to a cumulative total transaction amount associated with the payment device, or comparing a value of the ATC to a value of a consecutive transaction limit.
  - 9. The method of claim 1, wherein the payment device determines that the transaction is to be processed in an offline manner upon receiving an indication from the contactless reader that the contactless reader is unable to communicate with an authorization entity associated with the payment device.

10. A system comprising:
- a contactless reader;
  
  a processor; and
  
  a memory including instructions that, when executed with the processor, cause the system to, at least;
  
  send, via the contactless reader to a payment device, a terminal unpredictable number and a transaction amount in relation to a transaction;
  
  receive, from the payment device via the contactless reader, a response based on the terminal unpredictable number and the transaction amount that includes an indication of a manner in which the transaction is to be processed and information needed to process the transaction in the indicated manner;
  
  upon determining that the transaction is to be processed in an online manner, transmitting a cryptogram received in the response to an authorization entity for the transaction to be authorized; and
  
  upon determining that the transaction is to be processed in an offline manner, validating a dynamic signature received in the response by;
  
  sending, via the contactless reader to the payment device, a request for one or more records indicated in an application file locator (AFL) received in the response;
  
  receiving the one or more records from the payment device;
  
  generating a dynamic signature based on the one or more records; and
  
  determining whether the dynamic signature received in the response matches the dynamic signature generated by the system.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10, wherein the response includes at least an application transaction counter (ATC).
  - 12. The system of claim 11, wherein the cryptogram received in the response is generated by the payment device based on the ATC, the terminal unpredictable number, and the transaction amount.
  - 13. The system of claim 11, wherein the ATC is incremented before the ATC is generated by the payment device.
  - 14. The system of claim 10, wherein the ATC is incremented upon completion of the transaction.
  - 15. The system of claim 10, wherein the transaction is a non-financial transaction.
  - 16. The system of claim 10, wherein the instructions further cause the system to transmit, to the payment device, a request for a list of applications that are supported by the payment device for conducting the transaction.
  - 17. The system of claim 10, wherein the instructions further cause the system to process the transaction in an online manner upon failing to validate the dynamic signature received in the response.
  - 18. The system of claim 10, wherein the payment device is configured to operate in chip-mode or magnetic stripe mode.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Hill, Trudy, Sahota, Jagdeep Singh, Aabye, Christian, Wagner, Kim R., Ochieano, Anita, Oppenlander, Carole, Chan, William Chi Yuen, Glendenning, Craig Allen
Primary Examiner(s)
Savusdiphol, Paultep

Application Number

US15/441,127
Publication Number

US 20170161723A1
Time in Patent Office

530 Days
Field of Search

235375, 235379, 235380
US Class Current
CPC Class Codes

G06K 7/0008   General problems related to...

G06Q 20/04   Payment circuits

G06Q 20/352   Contactless payments by cards

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3825   Use of electronic signatures

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/409   Device specific authenticat...

G06Q 30/06   Buying, selling or leasing ...

G07F 7/0826   Embedded security module

G07F 7/088   the card reader being part ...

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

Device, system and method for reducing an interaction time for a contactless transaction

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

39 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Device, system and method for reducing an interaction time for a contactless transaction

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links