Systems and methods for cryptographic authentication of contactless cards
First Claim
Patent Images
1. An authentication system comprising:
- an authentication server;
a client application comprising instructions for execution on a client device in data communication with the authentication server; and
a contactless card containing a processor and a memory;
wherein the authentication server is configured to;
receive a transaction request, wherein the transaction request includes account information for an account requesting to engage in a transaction and transaction information for the transaction,in response to receiving the transaction request, send an authentication request to the client application requesting at least one authentication factor when a value of the transaction exceeds a predetermined value, wherein the at least one authentication factor includes a cryptogram generated by placing the contactless card in a communication field of the client device,receive an authentication signal from the client device, the authentication signal including the cryptogram, andauthorize the transaction when the authentication signal is received.
1 Assignment
0 Petitions
Accused Products
Abstract
Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key. Example embodiments of systems and methods can be used to provide further authentication and added levels of security for transactions.
507 Citations
19 Claims
-
1. An authentication system comprising:
-
an authentication server; a client application comprising instructions for execution on a client device in data communication with the authentication server; and a contactless card containing a processor and a memory; wherein the authentication server is configured to; receive a transaction request, wherein the transaction request includes account information for an account requesting to engage in a transaction and transaction information for the transaction, in response to receiving the transaction request, send an authentication request to the client application requesting at least one authentication factor when a value of the transaction exceeds a predetermined value, wherein the at least one authentication factor includes a cryptogram generated by placing the contactless card in a communication field of the client device, receive an authentication signal from the client device, the authentication signal including the cryptogram, and authorize the transaction when the authentication signal is received. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An authentication system comprising:
-
an authentication server in data communication with a network; a client application comprising instructions for execution on a client device in data communication with the network; and a contactless card containing a processor and a memory, wherein the contactless card is associated with an account having account information; wherein the authentication server is configured to; receive a transaction request, wherein the transaction request includes account information for the account associated with the contactless card and transaction information for a transaction, in response to receiving the transaction request, send an authentication request to the client application requesting at least one authentication factor when a value of the transaction exceeds a predetermined value, the authentication request, receive an authentication signal from the client application including the at least one authentication factor, and authorize the transaction when the authentication signal is received from the client application. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method of authenticating a transaction comprising the steps of:
-
receiving, by an authentication server, a transaction verification request wherein the transaction verification request includes account information for an account requesting to engage in a transaction and transaction information for the transaction, in response to receiving the transaction request, sending, by the authentication server, an authentication request to a client application comprising instructions for execution on a client device when a value of the transaction exceeds a predetermined value, the authentication request requesting at least one authentication factor, wherein the at least one authentication factor includes a cryptogram generated by placing a contactless card in a communication field of the client device, detecting, by the client application, the at least one authentication factor via at least one of a sensor and a communication interface, sending, by the client application, an authentication signal including the authentication factor to the authentication server, in response to receiving the authentication signal from the client application, verifying, by the authentication server, the at least one authentication factor, and authorizing, by the authentication server, the transaction in response to verification of the authentication factor. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification