Using a contactless card to securely share personal data stored in a blockchain

US 10,535,062 B1
Filed: 03/20/2019
Issued: 01/14/2020
Est. Priority Date: 03/20/2019
Status: Active Grant

First Claim

Patent Images

1. A method for providing a user data element to a merchant device during a transaction between a user and a merchant, comprising:

receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant and a type of the user data element;

generating an encrypted request by encrypting, by an applet executing in a memory of the contactless card based on a private key stored in the memory of the contactless card, the wallet address of the merchant and the type of the user data element;

generating, by the applet based on the private key, a digital signature for the first request;

transmitting, to a card reader of a mobile device by the communications interface of the contactless card, the digital signature and the encrypted request;

receiving, by a verification service executing on a server from the mobile device, the digital signature, the encrypted request, and a wallet address of the user;

verifying, by the verification service, the digital signature based on a public key associated with the private key of the contactless card;

decrypting, by the verification service based on verifying the digital signature, the encrypted request using the private key and selecting, by the verification service, the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user;

encrypting, by the verification service, the selected user data element using the public key to produce an encrypted user data element;

transmitting, by the verification service to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user;

responsive to receiving the second request, generating, by the node, a block in the blockchain corresponding to the first request, the block comprising the indication of the verification of the digital signature, the encrypted user data element, and the public key, the wallet address of the merchant, and the wallet address of the user;

responsive to generation of the block, reading, by the merchant device, the block in the blockchain;

decrypting, by the merchant device based on the public key, the encrypted user data element; and

authorizing, by the merchant device, the transaction based on the decrypted user data element.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and articles of manufacture to securely share data stored in a blockchain. A contactless card may receive a request to provide a data element from a device. An applet of the contactless card may encrypt the data element and a wallet address. The applet may generate a signature for the request, and transmit, to a mobile device, the signature and the encrypted data. The mobile device may transmit, to a verification service, the signature and encrypted data. The verification service may verify the signature based on a public key. A node in a blockchain may generate a block in the blockchain, the block comprising indications of the verification of the signature, the requested data element, and the wallet address. An encrypted data element corresponding to the data element may be decrypted using a public key. The device may receive the decrypted data element from the wallet address.

572 Citations

20 Claims

1. A method for providing a user data element to a merchant device during a transaction between a user and a merchant, comprising:
- receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant and a type of the user data element;
  
  generating an encrypted request by encrypting, by an applet executing in a memory of the contactless card based on a private key stored in the memory of the contactless card, the wallet address of the merchant and the type of the user data element;
  
  generating, by the applet based on the private key, a digital signature for the first request;
  
  transmitting, to a card reader of a mobile device by the communications interface of the contactless card, the digital signature and the encrypted request;
  
  receiving, by a verification service executing on a server from the mobile device, the digital signature, the encrypted request, and a wallet address of the user;
  
  verifying, by the verification service, the digital signature based on a public key associated with the private key of the contactless card;
  
  decrypting, by the verification service based on verifying the digital signature, the encrypted request using the private key and selecting, by the verification service, the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user;
  
  encrypting, by the verification service, the selected user data element using the public key to produce an encrypted user data element;
  
  transmitting, by the verification service to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user;
  
  responsive to receiving the second request, generating, by the node, a block in the blockchain corresponding to the first request, the block comprising the indication of the verification of the digital signature, the encrypted user data element, and the public key, the wallet address of the merchant, and the wallet address of the user;
  
  responsive to generation of the block, reading, by the merchant device, the block in the blockchain;
  
  decrypting, by the merchant device based on the public key, the encrypted user data element; and
  
  authorizing, by the merchant device, the transaction based on the decrypted user data element.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, the private key corresponding to a request to read the user data element, a transaction key corresponding to a request to perform a transaction in the blockchain, the method further comprising:
    - determining, by the applet, a type of the first request; and
      
      selecting, by the applet, one of the private key and the transaction key based on the determined type of the first request.
  - 3. The method of claim 1,wherein the digital signature comprises a hash value.
  - 4. The method of claim 1, wherein the block in the blockchain further comprises an indication of a request token associated with the first request.
  - 5. The method of claim 1, wherein the user data element is one of a plurality of user data elements, each user data element corresponding to one or more personally identifiable attributes describing the user, the personally identifiable attributes comprising:
    - (i) an age, (ii) a name, (iii) an address, (iv) an identification number, (v) one or more biometric identifiers, (vi) one or more account numbers, and (vii) an email address.
  - 6. The method of claim 1, further comprising:
    - decrypting, by the verification service based on the public key, the encrypted user data element and the wallet address to validate an identity of the user.
  - 7. The method of claim 1, further comprising:
    - identifying, by the verification service, a plurality of blocks of the blockchain associated with a plurality of prior requests, the plurality of prior requests validated and fulfilled to provide user data elements of the user.

8. A system to provide a user data element to a merchant device during a transaction between a user and a merchant, comprising:
- a contactless card, comprising;
  
  a communications interface, wherein the communications interface is configured to receive a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant, and a type of the user data element;
  
  a processor; and
  
  a memory storing an applet which when executed by the processor causes the processor to;
  
  generate an encrypted request by encrypting the wallet address of the merchant and the type of the user data element based on a private key stored in the memory of the contactless card;
  
  generate a digital signature for the first request; and
  
  transmit the digital signature and the encrypted request to a card reader of a mobile device;
  
  a server executing a verification service, the verification service programmed to;
  
  receive the digital signature, the encrypted request, and a wallet address of the user from the mobile device;
  
  verify the digital signature received from the mobile device based on a public key associated with the private key of the contactless card;
  
  based on the verification of the digital signature, decrypt the encrypted request received from the mobile device using the private key;
  
  select the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user;
  
  encrypt the selected user data element using the public key to produce an encrypted user data element; and
  
  transmit, to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user; and
  
  a node of a blockchain programmed to;
  
  generate a block in the blockchain corresponding to the first request in response to receiving the second request from the verification service, the block comprising the indication of the verification of the digital signature, the encrypted user data element, the public key, the wallet address of the merchant, and the wallet address of the user, wherein the merchant device is programmed to read the block in the blockchain, decrypt the encrypted user data element from the block based on the public key, and authorize the transaction based on the decrypted user data element.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, the private key corresponding to a request to read the user data element, a transaction key corresponding to a request to perform a transaction in the blockchain, the applet further configured to:
    - determine a type of the first request; and
      
      select one of the private key and the transaction key based on the determined type of the first request.
  - 10. The system of claim 8, wherein the digital signature comprises a hash value.
  - 11. The system of claim 8, wherein the block in the blockchain further comprises an indication of a request token associated with the first request.
  - 12. The system of claim 8, wherein the user data element is one of a plurality of user data elements, each user data element corresponding to one or more personally identifiable attributes describing the user, the personally identifiable attributes comprising:
    - (i) an age, (ii) a name, (iii) an address, (iv) an identification number, (v) one or more biometric identifiers, (vi) one or more account numbers, and (vii) an email address.
  - 13. The system of claim 8, wherein the verification service is configured to decrypt, based on the public key, the encrypted user data element and the wallet address to validate an identity of the user.
  - 14. The system of claim 8, wherein the verification service is configured to identify a plurality of blocks of the blockchain associated with a plurality of prior requests, the plurality of prior requests validated and fulfilled to provide user data elements of the user.

15. A non-transitory computer-readable storage medium storing computer-readable instructions that when executed by a processor cause the processor to perform operations to provide a user data element to a merchant device during a transaction between a user and a merchant, the operations comprising:
- receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant and a type of the user data element;
  
  generating an encrypted request by encrypting, by an applet executing in a memory of the contactless card based on a private key stored in the memory of the contactless card, the wallet address of the merchant and the type of the user data element;
  
  generating, by the applet based on the private key, a digital signature for the first request;
  
  transmitting, to a card reader of a mobile device by the communications interface of the contactless card, the digital signature and the encrypted request;
  
  receiving, by a verification service executing on a server from the mobile device, the digital signature, the encrypted request, and a wallet address of the user;
  
  verifying, by the verification service, the digital signature based on a public key associated with the private key of the contactless card;
  
  based on the verifying the digital signature, decrypting, by the verification service, the encrypted request using the private key and selecting, by the verification service, the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user;
  
  encrypting, by the verification service, the selected user data element using the public key to produce an encrypted user data element;
  
  transmitting, by the verification service to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user;
  
  in response to receiving the second request, generating, by the node of the blockchain, a block in the blockchain corresponding to the first request, the block comprising the indication of the verification of the digital signature, the encrypted one or more user data element, the public key, the wallet address of the merchant, and the wallet address of the user;
  
  in responsive to generation of the block, reading, by the merchant device, the block in the blockchain;
  
  decrypting, by the merchant device based on the public key, the encrypted user data element; and
  
  authorizing, by the merchant device, the transaction based on the decrypted user data element.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable storage medium of claim 15, the private key corresponding to a request to read the user data element, a transaction key corresponding to a request to perform a transaction in the blockchain, wherein the applet is further configured to:
    - determine a type of the first request; and
      
      select one of the private key and the transaction key based on the determined type of the first request.
  - 17. The non-transitory computer-readable storage medium of claim 15, wherein the digital signature comprises a hash value.
  - 18. The non-transitory computer-readable storage medium of claim 15, wherein the block in the blockchain further comprises an indication of a request token associated with the first request.
  - 19. The non-transitory computer-readable storage medium of claim 15, wherein the user data element is one of a plurality of user data elements, each user data element corresponding to one or more personally identifiable attributes describing the user, the personally identifiable attributes comprising:
    - (i) an age, (ii) a name, (iii) an address, (iv) an identification number, (v) one or more biometric identifiers, (vi) one or more account numbers, and (vii) an email address.
  - 20. The non-transitory computer-readable storage medium of claim 15, wherein the verification service is configured to decrypt, based on the public key, the encrypted user data element and the wallet address to validate an identity of the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Capital One Services LLC (Capital One Financial Corporation)
Original Assignee
Capital One Services LLC (Capital One Financial Corporation)
Inventors
Rule, Jeffrey, Ilincic, Rajko, Newman, Kaitlin
Primary Examiner(s)
Kim, Steven S

Application Number

US16/359,980
Time in Patent Office

300 Days
Field of Search
US Class Current
CPC Class Codes

G06Q 20/326   Payment applications instal...

G06Q 20/352   Contactless payments by cards

G06Q 20/3674   involving authentication

G06Q 20/3825   Use of electronic signatures

G06Q 20/389   Keeping log of transactions...

G06Q 20/4014   Identity check for transact...

G07F 7/0886   the card reader being porta...

G07F 7/0893   the card reader reading the...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3247   involving digital signatures

H04L 9/50   using hash chains, e.g. blo...

Using a contactless card to securely share personal data stored in a blockchain

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

572 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Using a contactless card to securely share personal data stored in a blockchain

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

572 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links