DEVICE, SYSTEM AND METHOD FOR REDUCING AN INTERACTION TIME FOR A CONTACTLESS TRANSACTION

US 20100270374A1
Filed: 07/06/2010
Published: 10/28/2010
Est. Priority Date: 09/28/2005
Status: Active Grant

First Claim

Patent Images

1. A method comprising a plurality of steps each being performed by hardware executing software, wherein the steps comprise:

discovering the presence of a contactless payment device within a predetermined distance from a reader;

energizing a contactless interface to enable communication between the contactless payment device and the reader upon discovery of the presence of the contactless payment device within the predetermined distance from the reader;

sending to the contactless payment device, via the contactless interface, a request for data; and

receiving, from the contactless payment device, via the contactless interface, the requested data;

performing a contactless transaction within less than one-half second of interaction time between the contactless payment device and the reader;

performing static and dynamic data authentication using the requested data;

andvalidating a dynamic signature received from the contactless payment device, wherein the dynamic signature comprises;

a transaction currency code; and

a contactless payment device unpredictable number.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method. The method comprises, at a reader, performing at least one transaction-based risk management process prior to energizing a contactless interface, initiating communication with a card utilized for the contactless transaction, receiving information associated with the card, and terminating communication with the card to authorizing the contactless transaction.

31 Citations

View as Search Results

21 Claims

1. A method comprising a plurality of steps each being performed by hardware executing software, wherein the steps comprise:
- discovering the presence of a contactless payment device within a predetermined distance from a reader;
  
  energizing a contactless interface to enable communication between the contactless payment device and the reader upon discovery of the presence of the contactless payment device within the predetermined distance from the reader;
  
  sending to the contactless payment device, via the contactless interface, a request for data; and
  
  receiving, from the contactless payment device, via the contactless interface, the requested data;
  
  performing a contactless transaction within less than one-half second of interaction time between the contactless payment device and the reader;
  
  performing static and dynamic data authentication using the requested data;
  
  andvalidating a dynamic signature received from the contactless payment device, wherein the dynamic signature comprises;
  
  a transaction currency code; and
  
  a contactless payment device unpredictable number.
- View Dependent Claims (2, 3, 4)
- - 2. The method as defined in claim 1, wherein the validating of the dynamic signature received from the contactless payment device comprises recalculating the dynamic signature.
  - 3. The method as defined in claim 2, wherein the dynamic signature is recalculated using at least one of:
    - the transaction currency code; and
      
      the contactless payment device unpredictable number.
  - 4. A non-transitory computer readable medium comprising software which, when executed by hardware, the hardware performs the method of claim 1.

5. A method comprising a plurality of steps each being performed by a card that is structured and arranged to operate in both a chip-mode and a magnetic stripe data mode, the card being discovered by a reader to be within a predetermined distance of the reader, and the card executing software to perform the plurality of steps, wherein the steps comprise:
- receiving, from the reader, a first command message containing a request for a list of applications that are supported by the card for conducting a contactless transaction;
  
  sending, to the reader, in response to the first command message, the requested list of the applications;
  
  receiving, from the reader, a second command message requesting to conduct the contactless transaction utilizing one said application in the list of applications;
  
  sending, to the reader, in response to the second command message, a request to provide one type of contactless transaction supported by the reader;
  
  receiving, from the reader, a third command message containing the requested one type of said contactless transaction supported by the reader;
  
  sending, to the reader, in response to the third command message;
  
  a request for offline authorization of the contactless transaction;
  
  an address in a memory of the card of data related to the one said application in the list of applications; and
  
  a dynamic signature comprising;
  
  a transaction currency code; and
  
  a card unpredictable number;
  
  receiving, from the reader, in response to the request for the offline authorization of the contactless transaction, a fourth command message containing a request for the data related to the one said application in the list of applications at the address in the memory of the card;
  
  sending, to the reader, in response to the fourth command message, the requested data related to the one said application in the list of applications, whereby the contactless transaction can be executes by interactive communications with an issuer of the card with less than one-half second of interaction time between the card and the reader.
- View Dependent Claims (6, 7, 8)
- - 6. The method as defined in claim 5, wherein the validating of the dynamic signature comprises recalculating the dynamic signature.
  - 7. The method as defined in claim 6, wherein the dynamic signature is recalculated using at least one of:
    - the transaction currency code; and
      
      the contactless payment device unpredictable number.
  - 8. A non-transitory computer readable medium comprising software which, which executed by hardware, the hardware performs the method of claim 5.

9. A method comprising a plurality of steps each being performed by hardware executing software, wherein the steps comprise:
- discovering the presence of the card within a predetermined distance from a reader;
  
  energizing, upon discovery of the presence of the card within the predetermined distance from the reader, a contactless interface that, when energized, enables communication between the card and the reader;
  
  sending to the card, via the contactless interface, a request for data including a dynamic signature;
  
  receiving, from the card, via the contactless interface, the requested data including the dynamic signature that includes a transaction currency code and card unpredictable number;
  
  processing a contactless transaction with less than one-half second of interaction time between the reader and the card;
  
  sending, from the card to the reader, a request for information and the requested data;
  
  receiving, from the reader, the requested information and the request for data;
  
  andvalidating the dynamic signature, by the card cooperating with the reader;
  
  whereby a man in the middle attack on the contactless transaction is prevented.
- View Dependent Claims (10, 11, 12)
- - 10. The method as defined in claim 9, wherein the validating of the dynamic signature comprises recalculating the dynamic signature.
  - 11. The method as defined in claim 10, wherein the dynamic signature is recalculated using at least one of:
    - the transaction currency code; and
      
      the contactless payment device unpredictable number.
  - 12. A non-transitory computer readable medium comprising software which, when executed by hardware, the hardware performs the method of claim 9.

13. A method comprising a plurality of steps each being performed by a reader apparatus executing software, wherein the steps comprise:
- sensing a contactless payment device within a predetermined range;
  
  energizing a contactless interface to enable communication between the contactless payment device and the reader;
  
  sending to the contactless payment device, via the contactless interface, a first command message containing a request for a list of applications that are supported by the contactless payment device for conducting a contactless transaction;
  
  receiving, via the contactless interface, in response to the first command message, the requested list of the applications;
  
  sending to the contactless payment device, via the contactless interface, a second command message requesting to conduct the contactless transaction utilizing one said application in the list of applications;
  
  receiving, via the contactless interface, in response to the second command message, a request from the contactless payment device to provide one type of contactless transaction supported by the reader;
  
  sending, via the contactless interface, a third command message to the contactless payment device containing the requested one type of said contactless transaction supported by the reader;
  
  receiving from the contactless payment device, via the contactless interface, in response to the third command message;
  
  a request for offline authorization of the contactless transaction; and
  
  an address related to data for the one said application in the list of applications; and
  
  a dynamic signature comprising;
  
  an application transaction counter;
  
  a transaction currency code; and
  
  a contactless payment device unpredictable number;
  
  recalculating the dynamic signature;
  
  validating the recalculated dynamic signature, wherein the offline authorization of the contactless transaction is not performed unless the dynamic signature is validated by the means for validating;
  
  sending, via the contactless interface, in response to the request for the offline authorization of the contactless transaction, a fourth command message to the contactless payment device containing a request for the data at the address for the one said application in the list of applications;
  
  receiving from the contactless payment device, via the contactless interface, in response to the fourth command message, the requested data at the address for the one said application in the list of applications;
  
  terminating communication via the contactless interface with the contactless payment device in response to receiving the requested data at the address for the one said application in the list of applications; and
  
  after said terminating of the communication with the contactless payment device, and using the requested data at the address for the one said application in the list of applications, performing the offline authorization of the contactless transaction, wherein the time between sending of the first command message and the terminating of the communication via the contactless interface with the contactless payment device is less than one-half second.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method as defined in claim 13, wherein the validating of the recalculated dynamic signature is validated by using at least one of:
    - the application transaction counter;
      
      the transaction currency code; and
      
      the contactless payment device unpredictable number.
  - 15. The method as defined in claim 13, wherein the steps further comprise:
    - re-establishing communication with the contactless payment device via the contactless interface; and
      
      completing a second said contactless transaction with less than one-half second of interaction between the contactless payment device and the reader apparatus.
  - 16. The method as defined in claim 15, wherein the second said contactless transaction comprises a non-financial contactless transaction.
  - 17. The method as defined in claim 15, wherein the completing of the second said contactless transaction further comprises transmitting, via the contactless interface, a message containing a change to memory in the contactless payment device.
  - 18. A non-transitory computer readable medium comprising software which, when executed by hardware, the hardware performs the method of claim 13.

19. A method comprising a plurality of steps each being performed by a reader apparatus executing software, wherein the steps comprise:
- discovering the presence of a contactless payment device within a predetermined distance from the reader apparatus;
  
  energizing a contactless interface upon discovery of the presence of the contactless payment device within the predetermined distance from the reader apparatus, wherein the energized contactless interface enables communication between the contactless payment device and the reader apparatus;
  
  reading from the contactless payment device via the contactless interface a dynamic signature from a contactless payment device, the dynamic signature including;
  
  a transaction currency code; and
  
  a contactless payment device unpredictable number;
  
  recalculating the dynamic signature utilizing the contactless payment device unpredictable number;
  
  attempting to validate the recalculated dynamic signature; and
  
  if the recalculated dynamic signature is validated;
  
  offline authorizing of the contactless transaction; and
  
  completing a contactless transaction with less than one-half second of interaction between the contactless payment device and the reader apparatus.
- View Dependent Claims (20, 21)
- - 20. The method as defined in claim 19, wherein:
    - the reading further comprises reading a cryptogram from the contactless payment device that includes an application transaction counter; and
      
      the steps further comprise, if the recalculated dynamic signature is not validated, requesting that the contactless transaction be processed online with the cryptogram.
  - 21. A non-transitory computer readable medium comprising software which, when executed by hardware, the hardware performs the method of claim 19.

Specification

Resources

Litigation Campaign Assessment

Granted Patent

US 8,770,476 B2
Time in Patent Office

Days
Field of Search
US Class Current

235/380
CPC Class Codes

G06K 7/0008   General problems related to...

G06Q 20/04   Payment circuits

G06Q 20/352   Contactless payments by cards

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3825   Use of electronic signatures

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/409   Device specific authenticat...

G06Q 30/06   Buying, selling or leasing ...

G07F 7/0826   Embedded security module

G07F 7/088   the card reader being part ...

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

DEVICE, SYSTEM AND METHOD FOR REDUCING AN INTERACTION TIME FOR A CONTACTLESS TRANSACTION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

DEVICE, SYSTEM AND METHOD FOR REDUCING AN INTERACTION TIME FOR A CONTACTLESS TRANSACTION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others