SYSTEMS AND METHODS FOR AUTHORIZING A TRANSACTION

US 20120317628A1
Filed: 06/08/2012
Published: 12/13/2012
Est. Priority Date: 06/09/2011
Status: Abandoned Application

First Claim

Patent Images

1. A system for acquiring digital credential data comprising:

an electronic communication device;

a communication channel; and

a repository remote from the electronic communications device and having a plurality of secure element representations, wherein the repository is configured to;

a) receive a request for the digital credential data from the electronic communications device using the communication channel,b) validate the computing device, wherein the electronic communication device is paired with one of the plurality of secure element representations;

c) extract at least a portion of the digital credential data from the paired secure element representation, andd) send a repository response communication with the digital credential data to the electronic communication device over the communication channel; and

wherein the electronic communication device is configured toa) authenticate to the repository,b) send a request for the acquisition of at least a portion of the digital credential data to the repository as a device command communication over the communication channel, andc) receive the repository response containing the digital credential data from the repository over the communication channel.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatuses are disclosed for creating a software based secure element reader and a digital credential data delivery system for point-of-sale (POS) locations that do not have a secure element reader. Methods and apparatuses are described for creating a remotely hosted repository of secure elements that may be selected and connected to a mobile or a stationary device. Near-field communication (NFC) capabilities may be utilized to interrogate a selected secure element by a RFID POS reader through the mobile NFC device over a data connection between that mobile NFC device and the remote hosted secure element.

255 Citations

56 Claims

1. A system for acquiring digital credential data comprising:
- an electronic communication device;
  
  a communication channel; and
  
  a repository remote from the electronic communications device and having a plurality of secure element representations, wherein the repository is configured to;
  
  a) receive a request for the digital credential data from the electronic communications device using the communication channel,b) validate the computing device, wherein the electronic communication device is paired with one of the plurality of secure element representations;
  
  c) extract at least a portion of the digital credential data from the paired secure element representation, andd) send a repository response communication with the digital credential data to the electronic communication device over the communication channel; and
  
  wherein the electronic communication device is configured toa) authenticate to the repository,b) send a request for the acquisition of at least a portion of the digital credential data to the repository as a device command communication over the communication channel, andc) receive the repository response containing the digital credential data from the repository over the communication channel.
- View Dependent Claims (2, 3, 4)
- - 2. The system of claim 1 wherein the electronic communication device is a mobile device.
  - 3. The system of claim 1 wherein the electronic communication device is a stationary device.
  - 4. The system of claim 1 wherein the repository uses ISO7816 to extract at least a portion of the digital credential data from a paired secure element representation.

5. A method for acquiring digital credential data by a point-of-sale terminal having access to an internet from a mobile device that has access to the internet and that has a secure element and a secure element reader, the method comprising:
- a) reading the secure element in the mobile device using the secure element reader in the mobile device; and
  
  b) sending the digital credential data, acquired from reading the secure element in the mobile device, from the mobile device to the point-of-sale terminal over the internet.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The method of claim 5 further comprising:
    - acquiring in the mobile device a unique identifier of the point-of-sale terminal as an identified point-of-sale terminal; and
      
      establishing a unique network address of the identified point-of-sale terminal, and wherein step b) comprises sending the digital credential data to the identified point-of-sale terminal over the internet.
  - 7. The method of claim 5 further comprising:
    - reading a QR code into the mobile device; and
      
      translating the QR code in the mobile device to identify an internet address of the point-of-sale terminal, and wherein step b) comprises sending the digital credential data over the internet to the internet address of the point-of-sale terminal.
  - 8. The method of claim 5 further comprising:
    - reading an RFID tag code into the mobile device; and
      
      translating the RFID tag code in the mobile device to identify an internet address of the point-of-sale terminal, and wherein step b) comprises sending the digital credential data over the internet to the internet address of the point-of-sale terminal.
  - 9. The method of claim 5 further comprising using a GPS geo-location utility in the mobile device to define an internet address of the point-of-sale terminal, and wherein step b) comprises sending the digital credential data over the internet to the internet address of the point-of-sale terminal.
  - 10. The method of claim 5 further comprising:
    - translating the digital credential data received by the point-of-sale terminal into Track Data; and
      
      delivering the Track Data to a field in a transaction authorization system using keyboard emulation.

11. A method for acquiring digital credential data by a point-of-sale terminal comprising:
- authenticating and validating a mobile device at a repository having a plurality of secure element representations wherein the mobile device is paired with one of the secure element representations in the repository;
  
  sending through a first communication channel a POS command communication from the point-of-sale terminal to the mobile device requesting the digital credential data; and
  
  sending through the first communication channel a device response communication from the mobile device to the point-of-sale terminal wherein the device response communication comprises at least a portion of the digital credential data.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 12. The method of claim 11 further comprising:
    - sending through a second communication channel a device command communication from the mobile device to the repository; and
      
      sending through the second communication channel a repository response communication from the repository to the mobile device wherein the repository response communication comprises at least a portion of the digital credential data.
  - 13. The method of claim 11 further comprising:
    - caching at least a portion of the digital credential data in the mobile device,wherein the device response communication comprises the cached portion of the digital credential data.
  - 14. The method of claim 11 wherein the POS command communication comprises a plurality of command communications conforming to ISO7816-4 protocol, the device response communication comprises the plurality of the response communications conforming to ISO07816-4 protocol, and the method further comprises:
    - interpreting in the mobile device the POS command communications wherein, for at least one POS command communication the mobile device returns to the point-of-sale terminal as a portion of the device response communication a cached ISO7816-4 protocol response communication from a cache located in the mobile device.
  - 15. The method of claim 11 further comprising:
    - sending through a second communication channel a device command communication from the mobile device to the repository;
      
      andsending through the second communication channel a repository response communication from the repository to the mobile device wherein the repository response communication comprises the at least a portion of the digital credential data.
  - 16. The method of claim 11 wherein the repository uses ISO 7816 to extract at least a portion of the digital credential data from the paired secure element representation.
  - 17. The method of claim 11 wherein the mobile device is proximate to the point-of-sale terminal.
  - 18. The method of claim 11 wherein the mobile device is remote from the repository.
  - 19. The method of claim 11 wherein the point-of-sale terminal is remote from the repository.
  - 20. The method of claim 11 wherein the mobile device is remote from the repository and the point-of-sale terminal is remote from the repository and the digital credential data comprises Track Data.
  - 21. The method of claim 11 wherein the first communication channel comprises a near-field communication channel.
  - 22. The method of claim 11 wherein the first communication channel comprises a TCP/UDP/IP communication channel.
  - 23. The method of claim 11 wherein the authenticating step comprises matching a gesture signal with a valid gesture signal.
  - 24. The method of claim 11 wherein the POS command communication conforms to any part of ISO7816 part 1, 2, 3, or 4.
  - 25. The method of claim 11 further comprising:
    - sending through a second communication channel from the mobile device to the repository a device command communication conforming to any part of ISO 7816 part 1, 2, 3, or 4; and
      
      sending through the second communication channel a repository response communication from the repository to the mobile device wherein the repository response communication comprises the at least a portion of the digital credential data.
  - 26. The method of claim 11 wherein the mobile device is remote from the repository and the method further comprises:
    - sending through a second communication channel using TCP/UDP/IP protocol from the mobile device to the repository a device command communication; and
      
      sending through the second communication channel a repository response communication from the repository to the mobile device wherein the repository response communication comprises the at least a portion of the digital credential data.
  - 27. The method of claim 11 wherein the mobile device is remote from the repository and the method further comprises:
    - sending through a second communication channel using a Secure Socket Layer and TCP/UDP/IP protocol from the mobile device to the repository a device command communication; and
      
      sending through the second communication channel a repository response communication from the repository to the mobile device wherein the repository response communication comprises the at least a portion of the digital credential data.
  - 28. The method of claim 11 wherein the POS command communication conforms to ISO7816-4 protocol, the device response communication conforms to ISO7816-4 protocol and the method further comprises:
    - sending through a second communication channel from the mobile device to the repository a device command communication that conforms to ISO7816-4 protocol; and
      
      sending through the second communication channel a repository response communication from the repository to the mobile device a repository response communication that conforms to ISO7816-4 protocol.
  - 29. The method of claim 11 wherein the POS command communication comprises a plurality of command communications conforming to ISO7816-4 protocol, the device response communication comprises the plurality of the response communications conforming to ISO7816-4 protocol, and the method further comprises:
    - sending through a second communication channel from the mobile device to the repository a plurality of device command communications conforming to ISO7816-4 protocol; and
      
      sending through the second communication channel a repository response communication from the repository to the mobile device a plurality of response communications conforming to ISO7816-4 protocol.
  - 30. The method of claim 11 wherein the method further comprises converting inside the mobile device at least a portion of the credential data into Track Data.
  - 31. The method of claim 11 wherein the mobile device is remote from the point-of-sale terminal, and wherein the method further comprises:
    - converting inside the mobile device at least a portion of the credential data into Track Data; and
      
      providing the Track Data formatted as digital credential data according to ISO7813 as at least a portion of the device response communication.
  - 32. The method of claim 11 wherein the mobile device is remote from the repository, the point-of-sale terminal is remote from the repository, the repository comprises a database of static Track Data, and the method further comprises:
    - constructing in the repository cache data or at least a portion of a repository response communication using the database of static Track Data.
  - 33. The method of claim 11 wherein:
    - the first communication channel comprises an NFC communication channel;
      
      the POS command communication comprises a select file command conforming to ISO7816-4 protocol using a VISA AID starting with A000000003; and
      
      the device response communication comprises digital credential data that does not have a beginning PAN digit, as defined in ISO7813, equal to a numeral “
      
      4”
      
      .
  - 34. The method of claim 11 wherein:
    - the first communication channel comprises an NFC communication channel;
      
      the POS command communication comprises a select file command conforming to ISO7816-4 protocol using a VISA AID starting with A000000003;
      
      the device response communication comprises digital credential data that does not have a beginning PAN digit, as defined in ISO7813, equal to a numeral “
      
      4”
      
      ; and
      
      the method further comprises formatting the digital credential data in the point-of-sale terminal into a digital credential that is identical to a static magnetic stripe card that conforms to ISO7813.

35. A system for acquiring digital credential data using a mobile device comprising:
- a point-of-sale terminal having a NFC interface using ISO7816-4 protocol to transmit a request for the digital credential data and to receive digital credential data; and
  
  a mobile device having a NFC interface using ISO7816-4 protocol configured toa) receive the request from the point-of-sale terminal for an acquisition of the digital credential data,b) interpret the request from the point-of-sale within an operating system of the mobile device and within an application running in that operating system, andc) send the digital credential data to the point-of-sale terminal using ISO8916-4 protocol generated from an application running in an operating system in the mobile device.

36. A system for acquiring digital credential data comprising:
- a mobile device;
  
  a first communication channel;
  
  a point-of-sale terminal configured to generate a request for an acquisition of the digital credential data from the mobile device over the first communication channel as a POS command communication, and configured for receiving the digital credential data from the mobile device over the first communication channel as a device response communication; and
  
  a repository that is remote from the point-of-sale terminal, the repository having a plurality of secure element representations and being configured to validate the mobile device and pair the mobile device with a specific secure element representation; and
  
  wherein the mobile device is remote from the repository and is configured toa) authenticate to the repository;
  
  b) receive the POS command communication over the first communication channel, andc) send at least a portion of the digital credential data to the point-of-sale terminal as the device response communication over the first communication channel.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
- - 37. The system of claim 36 further comprising a second communication channel and wherein:
    - the repository is configured to receive a request for the digital credential data from the mobile device using the second communication channel and to send a response with at least a portion of the digital credential data to the mobile device using the second communication channel.
  - 38. The system of claim 36 wherein the mobile device comprises a cache memory configured to store at least a portion of the digital credential data as cached data and the mobile device is configured to send the cached data as at least a portion of the device response communication.
  - 39. The system of claim 36 wherein the repository uses ISO7816 to extract the at least a portion of the digital credential data from the paired secure element representation.
  - 40. The system of claim 36 wherein the mobile device is proximate to the point-of-sale terminal.
  - 41. The system of claim 36 wherein the mobile device is remote from the repository.
  - 42. The system of claim 36 wherein the point-of-sale terminal is remote from the repository.
  - 43. The system of claim 36 wherein the mobile device is remote from the repository and the point-of-sale terminal is remote from the repository and the digital credential data comprises Track Data.
  - 44. The system of claim 36 wherein first communication channel comprises a near-field communication channel.
  - 45. The system of claim 36 wherein the mobile device is remote from the point-of-sale terminal and the first communication channel comprises a TCP/UDP/IP communication channel.
  - 46. The system of claim 36 wherein the mobile device is configured for generating a gesture signal and to authenticate to the repository by matching the gesture signal with a valid gesture signal.
  - 47. The system of claim 36 wherein the repository comprises a digital database of a plurality of mobile device identifications and at least one secure element representation identifier associated with each mobile device and the repository is configured to validate the mobile device using the digital database.
  - 48. The system of claim 36 wherein the mobile device comprises non-persistent memory for caching a cached portion of the digital credential data and the mobile device is configured to provide the cached portion to the point-of-sale terminal through the first communication channel.
  - 49. The system of claim 36 wherein there is a plurality of command communications and a plurality of response communications over the first communication channel.
  - 50. The system of claim 36 wherein the request for the acquisition of the digital credential data and the device response communication comprise 7816-4 data.
  - 51. The system of claim 36 further comprising a second communication channel and wherein:
    - the repository is configured to receive a request for the digital credential data from the mobile device using the second communication channel and to send a response with at least a portion of the digital credential data to the mobile device using the second communication channel; and
      
      wherein the device command communication and the repository response communication comprise 7816-4 data.
  - 52. The system of claim 36 further comprising a second communication channel and wherein:
    - the repository is configured to receive a request for the digital credential data from the mobile device using the second communication channel and to send a response with at least a portion of the digital credential data to the mobile device using the second communication channel; and
      
      wherein the first communication channel and the second communication channel comprise TCP/UDP/IP communication channels.

53. A repository for secure element representations comprising:
- at least one secure element reader;
  
  a plurality of secure element representations disposed proximate to the secure element reader;
  
  a server disposed proximate to the secure element reader, the server having a multitasking processor to communicate with the plurality of secure element representations through the secure element reader and conduct a plurality of command/response time-wise overlapping sessions with the plurality of secure element representations; and
  
  an internet connection to the server wherein each of the secure element representations is addressable over the internet.
- View Dependent Claims (54)
- - 54. The repository of claim 53 wherein the plurality of secure element representations is selected from the group consisting of hardware representations, virtual hardware representations, and a combination thereof.

55. A method for acquiring digital credential data by a point-of-sale terminal comprising:
- authenticating and validating a stationary device at a repository having a plurality of secure element representations wherein the stationary device is paired with one of the secure element representations in the repository;
  
  sending through a first communication channel a POS command communication from the point-of-sale terminal to the stationary device requesting the digital credential data; and
  
  sending through the first communication channel a device response communication from the stationary device to the point-of-sale terminal wherein the device response communication comprises the digital credential data.
- View Dependent Claims (56)
- - 56. The method of claim 55 further comprising a second communication channel and wherein:
    - the repository is configured to receive a request for the digital credential data from the stationary device using the second communication channel and to send a response with at least a portion of the digital credential data to the stationary device using the second communication channel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
OV Loop, Inc.
Original Assignee
OV Loop, Inc.
Inventors
Yeager, C. Douglas

Application Number

US13/491,922
Publication Number

US 20120317628A1
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06Q 20/204   comprising interface for re...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/352   Contactless payments by cards

G06Q 20/356   Aspects of software for car...

SYSTEMS AND METHODS FOR AUTHORIZING A TRANSACTION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

255 Citations

56 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR AUTHORIZING A TRANSACTION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

255 Citations

56 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links