SYSTEMS AND METHODS FOR REMOTELY LOADING ENCRYPTION KEYS IN CARD READER SYSTEMS

US 20120063601A1
Filed: 09/13/2011
Published: 03/15/2012
Est. Priority Date: 09/13/2010
Status: Active Grant

First Claim

Patent Images

1. A method for remotely loading encryption keys into a card reader system, the method comprising:

storing, at a card reader, a device identification number for identifying the card reader, a first magnetic fingerprint of a data card, and a second magnetic fingerprint of the data card, wherein each of the first and second magnetic fingerprints comprises an intrinsic magnetic characteristic of the data card;

encrypting, using a first encryption key derived from the second magnetic fingerprint, information comprising the device identification number and the first magnetic fingerprint;

sending the encrypted information to an authentication server;

receiving, from the authentication server, a score indicative of a degree of correlation between the first magnetic fingerprint and the second magnetic fingerprint; and

receiving, when the score is above a preselected threshold, a second encryption key from the authentication server, the second encryption key encrypted using a third encryption key derived from the first magnetic fingerprint.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for remotely loading encryption keys in card reader systems are provided. One such method includes storing, at a card reader, a device identification number for identifying the card reader, a first magnetic fingerprint of a data card, and a second magnetic fingerprint of the data card, wherein each of the first and second fingerprints includes an intrinsic magnetic characteristic of the data card, encrypting, using a first encryption key derived from the second fingerprint, information including the device identification number and first fingerprint, sending the encrypted information to an authentication server, receiving, from the authentication server, a score indicative of a degree of correlation between the first fingerprint and second fingerprint, and receiving, when the score is above a preselected threshold, a second encryption key from the authentication server, the second encryption key encrypted using a third encryption key derived from the first fingerprint.

34 Citations

View as Search Results

28 Claims

1. A method for remotely loading encryption keys into a card reader system, the method comprising:
- storing, at a card reader, a device identification number for identifying the card reader, a first magnetic fingerprint of a data card, and a second magnetic fingerprint of the data card, wherein each of the first and second magnetic fingerprints comprises an intrinsic magnetic characteristic of the data card;
  
  encrypting, using a first encryption key derived from the second magnetic fingerprint, information comprising the device identification number and the first magnetic fingerprint;
  
  sending the encrypted information to an authentication server;
  
  receiving, from the authentication server, a score indicative of a degree of correlation between the first magnetic fingerprint and the second magnetic fingerprint; and
  
  receiving, when the score is above a preselected threshold, a second encryption key from the authentication server, the second encryption key encrypted using a third encryption key derived from the first magnetic fingerprint.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15)
- - 2. The method of claim 1, wherein the first magnetic fingerprint and the second magnetic fingerprint are obtained from information stored in a magnetic stripe of the data card.
  - 3. The method of claim 1, wherein the first magnetic fingerprint and the second magnetic fingerprint are obtained from successive readings of information stored in a magnetic stripe of the data card.
  - 4. The method of claim 1, wherein the device identification number is provided to the card reader by an external device.
  - 5. The method of claim 1, wherein the intrinsic magnetic characteristic comprises a remanent noise characteristic of the data card.
  - 6. The method of claim 1, wherein the card reader is a component of a system selected from the group consisting of a point of sale system and an automated teller machine system.
  - 7. The method of claim 1, wherein the encrypting, using the first encryption key derived from the second magnetic fingerprint, the information comprising the device identification number and the first magnetic fingerprint comprises:
    - storing, at the authentication server, the first magnetic fingerprint, the second magnetic fingerprint, and the device identification number; and
      
      encrypting, using the first encryption key derived from the second magnetic fingerprint, the information comprising the device identification number and the first magnetic fingerprint.
  - 8. The method of claim 1, further comprising:
    - storing, when the score is below the preselected threshold, information indicating that the card reader is an unauthorized device.
  - 9. The method of claim 1, further comprising:
    - attempting, at the authentication server, to decrypt the encrypted information;
      
      storing, when the attempting to decrypt is not successful, information indicating that the card reader is an unauthorized device.
  - 10. The method of claim 1, wherein the score is a numerical value in a range from 0 and 100.
  - 11. The method of claim 1, wherein the second encryption key is configured for use as a transaction key.
  - 13. The method of claim 1, wherein the storing, at the card reader, the device identification number for identifying the card reader, the first magnetic fingerprint of the data card, and the second magnetic fingerprint of the data card comprises:
    - sending, from the card reader, the first and second magnetic fingerprints and the device identification number to the authentication server.
  - 14. The method of claim 1, wherein the storing, at the card reader, the device identification number for identifying the card reader, the first magnetic fingerprint of the data card, and the second magnetic fingerprint of the data card comprises:
    - receiving an analog signal indicative of the magnetic information obtained from a magnetic stripe of the data card;
      
      generating the first magnetic fingerprint based on the analog signal.
  - 15. The method of claim 1, wherein the first magnetic fingerprint comprises a digital value selected from the group consisting of an 8 byte value, a 16 byte value, a 24 byte value, and a 54 byte value.

12. The method of claim 12, wherein the transaction key is a base key for DUKPT.

16. A system for remotely loading encryption keys, the system comprising:
- a card reader system comprising a card reader; and
  
  an authentication server in communication with the card reader system;
  
  the card reader system configured to;
  
  store a device identification number for identifying the card reader, a first magnetic fingerprint of a data card, and a second magnetic fingerprint of the data card, wherein each of the first and second magnetic fingerprints comprises an intrinsic magnetic characteristic of the data card;
  
  encrypt, using a first encryption key derived from the second magnetic fingerprint, information comprising the device identification number and the first magnetic fingerprint;
  
  send the encrypted information to the authentication server;
  
  receive, from the authentication server, a score indicative of a degree of correlation between the first magnetic fingerprint and the second magnetic fingerprint; and
  
  receive, when the score is above a preselected threshold, a second encryption key from the authentication server, the second encryption key encrypted using a third encryption key derived from the first magnetic fingerprint.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 17. The system of claim 16, wherein the authentication server is configured to:
    - generate the score indicative of a degree of correlation between the first magnetic fingerprint and the second magnetic fingerprint; and
      
      send the score to the card reader system.
  - 18. The system of claim 16, wherein the authentication server is configured to:
    - attempt to decrypt the encrypted information;
      
      store, when the attempt to decrypt is not successful, information indicating that the card reader system is an unauthorized device.
  - 19. The system of claim 16, wherein the first magnetic fingerprint and the second magnetic fingerprint are obtained from information stored in a magnetic stripe of the data card.
  - 20. The system of claim 16, wherein the first magnetic fingerprint and the second magnetic fingerprint are obtained from successive readings of information stored in a magnetic stripe of the data card.
  - 21. The system of claim 16, wherein the device identification number is provided to the card reader by an external device.
  - 22. The system of claim 16, wherein the intrinsic magnetic characteristic comprises a remanent noise characteristic of the data card.
  - 23. The system of claim 16, wherein the card reader is a component of a system selected from the group consisting of a point of sale system and an automated teller machine system.
  - 24. The system of claim 16, wherein the authentication server is configured to:
    - store the first magnetic fingerprint, the second magnetic fingerprint, and the device identification number; and
      
      encrypt, using the first encryption key derived from the second magnetic fingerprint, the information comprising the device identification number and the first magnetic fingerprint.
  - 25. The system of claim 16, wherein the authentication server is configured to:
    - store, when the score is below the preselected threshold, information indicating that the card reader is an unauthorized device.
  - 26. The system of claim 16, wherein the score is a numerical value in a range from 0 and 100.
  - 27. The system of claim 16, wherein the second encryption key is configured for use as a transaction key.
  - 28. The system of claim 27, wherein the transaction key is a base key for DUKPT.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Magtek Incorporated
Original Assignee
Magtek Incorporated
Inventors
Hart, Annmarie D.

Granted Patent

US 8,737,623 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/279
CPC Class Codes

G06Q 20/3552   Downloading or loading of p...

G06Q 20/3829   involving key management

H04L 9/0866   involving user or device id...

H04L 9/3234   involving additional secure...

SYSTEMS AND METHODS FOR REMOTELY LOADING ENCRYPTION KEYS IN CARD READER SYSTEMS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR REMOTELY LOADING ENCRYPTION KEYS IN CARD READER SYSTEMS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links