Contactless card and personal identification system
First Claim
1. A method for dual factor authentication of a request for access to an account associated with a client includes the steps of:
- receiving an input personal identification number (PIN) from a user interface;
engaging a contactless card, the contactless card storing a PIN associated with the client;
communicating the input PIN to the contactless card;
receiving, in response to a match of the input PIN with the stored PIN, a cryptogram from the contactless card, the cryptogram formed using a dynamic key of the contactless card, the dynamic key formed using a counter value maintained by the contactless card, wherein the cryptogram comprises contactless card data that is encoded using the dynamic key;
communicating the cryptogram to an authenticating device; and
authorizing the request in response to authentication of the cryptogram by the authenticating device.
1 Assignment
0 Petitions
Accused Products
Abstract
A dual-factor PIN based authentication system and method uses a cryptogram provided by a contactless card associated with the client in association with a PIN stored by the contactless card to authenticate the client. In some embodiments, cryptogram authentication may be preconditioned upon a PIN match determination by the contactless card. In other embodiments, the cryptogram may be formed at least in part using the personal identification number (PIN) stored on the contactless card encoded using a dynamic key stored by the contactless card and uniquely associated with the client. Authentication may be achieved by comparing the cryptogram formed using the PIN against an expected cryptogram generated an expected PIN and an expected dynamic key.
-
Citations
20 Claims
-
1. A method for dual factor authentication of a request for access to an account associated with a client includes the steps of:
-
receiving an input personal identification number (PIN) from a user interface; engaging a contactless card, the contactless card storing a PIN associated with the client; communicating the input PIN to the contactless card; receiving, in response to a match of the input PIN with the stored PIN, a cryptogram from the contactless card, the cryptogram formed using a dynamic key of the contactless card, the dynamic key formed using a counter value maintained by the contactless card, wherein the cryptogram comprises contactless card data that is encoded using the dynamic key; communicating the cryptogram to an authenticating device; and authorizing the request in response to authentication of the cryptogram by the authenticating device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for dual factor authentication of a request for access to an account associated with a client includes the steps of:
-
receiving an input personal identification number (PIN) from a user interface; engaging a contactless card, the contactless card storing a PIN associated with the client; receiving a cryptogram from the contactless card, the cryptogram formed using a dynamic key of the contactless card, the dynamic key formed using a counter maintained by the contactless card, wherein the cryptogram comprises contactless card data including the PIN and is encoded using the dynamic key; communicating the input PIN and the cryptogram to an authenticating device, the request including a cryptogram; and authorizing the request in response to authentication of the input PIN and cryptogram by the authenticating device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A device comprising:
-
a contactless card interface configured to communicate with a contactless card associated with a client, the contactless card comprising a stored peronal identification number (PIN); a user interface; a processor; a non-volatile memory having program code stored thereon for authenticating a request by the client, the program code operable when executed upon by the processor to; communicate an input PIN received by the user interface to the contactless card; receive, in response to a match of the input PIN with the stored PIN, a cryptogram from the contactless card, the cryptogram formed using a dynamic key of the contactless card, the dynamic key formed using a counter value maintained by the contactless card, wherein the cryptogram comprises contactless card data that is encoded using the dynamic key; communicate the cryptogram to an authenticating device; and authorize the request in response to authentication of the cryptogram by the authenticating device. - View Dependent Claims (20)
-
Specification