Systems and methods for cryptographic authentication of contactless cards

US 10,582,386 B1
Filed: 03/12/2019
Issued: 03/03/2020
Est. Priority Date: 10/02/2018
Status: Active Grant

First Claim

Patent Images

1. A data transmission system comprising:

a transmitting device having a processor and memory, the memory of the transmitting device containing a diversified master key, transmission data and a counter value;

an application comprising instructions for execution on a receiving device having a processor and memory, the memory of the receiving device containing the master key;

wherein the transmitting device is configured to;

generate a diversified key using the diversified master key, one or more cryptographic algorithms, and the counter value,generate a cryptographic result including the counter value using the one or more cryptographic algorithms and the diversified key,encrypt the transmission data using the one or more cryptographic algorithms and the diversified key to yield encrypted transmission data, andtransmit the cryptographic result and encrypted transmission data to the application; and

wherein the application is configured to;

generate an authentication diversified key based on the master key and a unique identifier;

generate a session key based on the authentication diversified key and the cryptographic result;

decrypt the encrypted transmission data and validate the received cryptographic result using the one or more cryptographic algorithms and the session key;

wherein the application is configured to initiate, upon authentication of at least one user credential, one or more processes, the one or more processes comprising authenticating one or more electronically generated images associated with transportation ticketing information.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.

543 Citations

20 Claims

1. A data transmission system comprising:
- a transmitting device having a processor and memory, the memory of the transmitting device containing a diversified master key, transmission data and a counter value;
  
  an application comprising instructions for execution on a receiving device having a processor and memory, the memory of the receiving device containing the master key;
  
  wherein the transmitting device is configured to;
  
  generate a diversified key using the diversified master key, one or more cryptographic algorithms, and the counter value,generate a cryptographic result including the counter value using the one or more cryptographic algorithms and the diversified key,encrypt the transmission data using the one or more cryptographic algorithms and the diversified key to yield encrypted transmission data, andtransmit the cryptographic result and encrypted transmission data to the application; and
  
  wherein the application is configured to;
  
  generate an authentication diversified key based on the master key and a unique identifier;
  
  generate a session key based on the authentication diversified key and the cryptographic result;
  
  decrypt the encrypted transmission data and validate the received cryptographic result using the one or more cryptographic algorithms and the session key;
  
  wherein the application is configured to initiate, upon authentication of at least one user credential, one or more processes, the one or more processes comprising authenticating one or more electronically generated images associated with transportation ticketing information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The data transmission system of claim 1, wherein the one or more processes comprises authenticating information associated with at least one selected from the group of event ticketing information, venue access permission information, location information, and language information.
  - 3. The data transmission system of claim 2, wherein authenticating information comprises matching a set of data accessible to the application.
  - 4. The data transmission system of claim 2, wherein the location information comprises directions to at least one selected from the group of an airport lounge and ATM that are located within a pre-determined distance based one or more user preferences.
  - 5. The data transmission system of claim 2, wherein the language information comprises text that is translated from non-English to English.
  - 6. The data transmission system of claim 2, wherein the event ticketing information is authenticated by a scan of at least one selected from the group of sports event ticketing, carnival or fare ticketing, conference or seminar ticketing, private event ticketing, public event ticketing, and school event ticketing.
  - 7. The data transmission system of claim 2, wherein the venue access permission information is associated with enabling one or more intelligent wayfinding services from at least one selected from the group of smart floors and smart signs.
  - 8. The data transmission system of claim 1, wherein the receiving device comprises a server, and the cryptographic result and encrypted transmission data are transmitted by the transmitting device to the application via one or more intermediary devices.
  - 9. The data transmission system of claim 1, wherein the at least one user credential is transmitted from the transmitting device to the application via near field communication.
  - 10. The data transmission system of claim 9, wherein the at least one user credential is transmitted from the transmitting device to the application via at least one selected from the group of a tap gesture, a swipe gesture, and a wave gesture.

11. A method of securing one or more processes using a transmitting device and an application comprising instructions for execution on a receiving device, the method comprising the steps of:
- generating a diversified key using a diversified master key, one or more cryptographic algorithms, and a counter value, the transmitting device comprising a processor and memory, the memory of the transmitting device containing the diversified master key, transmission data, and the counter valuegenerating a cryptographic result including the counter value using the one or more cryptographic algorithms and the diversified key;
  
  encrypting the transmission data using the one or more cryptographic algorithms and the diversified key to yield encrypted transmission data;
  
  transmitting the cryptographic result and encrypted transmission data to an application, the application comprising instructions for execution on a receiving device;
  
  generating an authentication diversified key based on the master key and a unique identifier;
  
  generating a session key based on the authentication diversified key and the cryptographic result;
  
  decrypting the encrypted transmission data and validating the received cryptographic result using the one or more cryptographic algorithms and the session key; and
  
  initiating, upon authentication of at least one user credential, one or more processes, the one or more processes comprising authenticating one or more electronically generated images associated with transportation ticketing information.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, wherein the one or more processes comprises authenticating information associated with at least one selected from the group of event ticketing information, venue access permission information, location information, and language information.
  - 13. The method of claim 12, wherein authenticating information comprises matching a set of data accessible to the application.
  - 14. The method of claim 12, wherein the venue access permission information is associated with enabling one or more intelligent wayfinding services from at least one selected from the group of smart floors and smart signs.
  - 15. The method of claim 12, wherein the location information comprises directions to at least one selected from the group of an airport lounge and ATM that are located within a pre-determined distance based one or more user preferences.
  - 16. The method of claim 12, wherein the language information comprises text that is translated from non-English to English.
  - 17. The method of claim 12, wherein the event ticketing information is authenticated by a scan of at least one selected from the group of sports event ticketing, carnival or fare ticketing, conference or seminar ticketing, private event ticketing, public event ticketing, and school event ticketing.
  - 18. The method of claim 11, wherein the receiving device comprises a server, and the cryptographic result and encrypted transmission data are transmitted by the transmitting device to the application via one or more intermediary devices.
  - 19. The method of claim 11, wherein the at least one user credential is transmitted from the transmitting device to the application via near field communication.
  - 20. The method of claim 11, wherein the at least one user credential is transmitted from the transmitting device to the application via at least one selected from the group of a tap gesture, a swipe gesture, and a wave gesture.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Capital One Services LLC (Capital One Financial Corporation)
Original Assignee
Capital One Services LLC (Capital One Financial Corporation)
Inventors
Newman, Kaitlin, Haynes, Kimberly, Crank, Charles Nathan, Cogswell, Andrew, Hart, Colin, Rule, Jeffrey, Mossler, Lara, Gulati, Latika, Benkreira, Abdelkader, Cunningham, Sarah Jane, Bermudez, Sophie, Mossoba, Michael, Lutz, Wayne
Primary Examiner(s)
Korsak, Oleg

Application Number

US16/351,429
Time in Patent Office

357 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2463/061   applying further key deriva...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0861   using biometrical features,...

H04W 12/041   Key generation or derivation

H04W 12/06   Authentication

H04W 12/47   using near field communicat...

H04W 12/60   Context-dependent security

Systems and methods for cryptographic authentication of contactless cards

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

543 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for cryptographic authentication of contactless cards

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

543 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links