SOFTWARE PIN ENTRY

US 20130332360A1
Filed: 03/13/2013
Published: 12/12/2013
Est. Priority Date: 06/12/2012
Status: Active Grant

First Claim

Patent Images

1. A method for processing payment transactions between a card, a card reader and a mobile device, comprising:

receiving batched information from the mobile device, where the batched information includes information required for a transaction, where the transaction requires a plurality of authentication codes before the transaction is approved or denied;

receiving, from the card, distinct requests for information from the batched information; and

providing, to the card, the information based on the respective request, where the card generates the plurality of authentication codes based on the information.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A card reader configured to read a smart card can be detachably connected to a mobile computing device. When the card reader is attached to the mobile device, an application installed on the mobile computing device permits the mobile device to communicate with the card reader in order to process transactions.

Security measures can be used on the mobile device to prevent theft of a PIN during software PIN entry of a payment transaction. The mobile device can prevent the keypad or other input interface from displaying feedback. The mobile device can also prevent passcodes from being stolen by displaying media encoded with digital rights management (DRM) and by managing the media and user inputs at a secure server.

A mobile device can securely communicate with a card reader for a payment transaction using asymmetric or symmetric encryption.

20 Citations

View as Search Results

18 Claims

1. A method for processing payment transactions between a card, a card reader and a mobile device, comprising:
- receiving batched information from the mobile device, where the batched information includes information required for a transaction, where the transaction requires a plurality of authentication codes before the transaction is approved or denied;
  
  receiving, from the card, distinct requests for information from the batched information; and
  
  providing, to the card, the information based on the respective request, where the card generates the plurality of authentication codes based on the information.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, where the batched information includes transaction details and an application selection, where the transaction details include one or more of the following:
    - transaction amount, currency type, date, nonce, or verification results.
  - 3. The method of claim 1, where the batched information includes a passcode from a user.
  - 4. The method of claim 1, where the batched information is sent when the card is inserted into the card reader.
  - 5. The method of claim 1, where the batched information is sent before the card is inserted into the card reader.
  - 6. The method of claim 1, further comprising:
    - receiving the plurality of authentication codes from the card;
      
      transmitting the plurality of authentication codes to the mobile device, which sends the plurality of authentication codes to an issuing bank associated with the card;
      
      receiving a response from the issuing bank, where the response authorizes the plurality of authentication codes; and
      
      sending the response to the card.

7. A system comprising:
- a processor; and
  
  computer-readable medium coupled to the processor and having instructions stored thereon, which, when executed by the processor, cause the processor to perform operations comprising;
  
  receiving batched information from the mobile device, where the batched information includes information required for a transaction, where the transaction requires a plurality of authentication codes before the transaction is approved or denied;
  
  receiving, from the card, distinct requests for information from the batched information; and
  
  providing, to the card, the information based on the respective request, where the card generates the plurality of authentication codes based on the information.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, where the batched information includes transaction details and an application selection, where the transaction details include one or more of the following:
    - transaction amount, currency type, date, nonce, or verification results.
  - 9. The system of claim 7, where the batched information includes a passcode from a user.
  - 10. The system of claim 7, where the batched information is sent when the card is inserted into the card reader.
  - 11. The system of claim 7, where the batched information is sent before the card is inserted into the card reader.
  - 12. The system of claim 7, further comprising:
    - receiving the plurality of authentication codes from the card;
      
      transmitting the plurality of authentication codes to the mobile device, which sends the plurality of authentication codes to an issuing bank associated with the card;
      
      receiving a response from the issuing bank, where the response authorizes the plurality of authentication codes; and
      
      sending the response to the card.

13. A computer-readable medium having instructions stored thereon, which, when executed by a processor, cause the processor to perform operations comprising:
- receiving batched information from the mobile device, where the batched information includes information required for a transaction, where the transaction requires a plurality of authentication codes before the transaction is approved or denied;
  
  receiving, from the card, distinct requests for information from the batched information; and
  
  providing, to the card, the information based on the respective request, where the card generates the plurality of authentication codes based on the information.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer-readable medium of claim 13, where the batched information includes transaction details and an application selection, where the transaction details include one or more of the following:
    - transaction amount, currency type, date, nonce, or verification results.
  - 15. The computer-readable medium of claim 13, where the batched information includes a passcode from a user.
  - 16. The computer-readable medium of claim 13, where the batched information is sent when the card is inserted into the card reader.
  - 17. The computer-readable medium of claim 13, where the batched information is sent before the card is inserted into the card reader.
  - 18. The computer-readable medium of claim 13, further comprising:
    - receiving the plurality of authentication codes from the card;
      
      transmitting the plurality of authentication codes to the mobile device, which sends the plurality of authentication codes to an issuing bank associated with the card;
      
      receiving a response from the issuing bank, where the response authorizes the plurality of authentication codes; and
      
      sending the response to the card.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Block, Inc. (f/k/a Square, Inc.)
Original Assignee
Block, Inc. (f/k/a Square, Inc.)
Inventors
Quigley, Oliver S. C., McCauley, Nathan, Lee, Bob

Granted Patent

US 10,515,363 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/44
CPC Class Codes

G06F 21/35   communicating wirelessly

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/326   Payment applications instal...

G06Q 20/353   Payments by cards read by M...

G06Q 20/3674   involving authentication

G06Q 20/3829   involving key management

G06Q 20/4012   Verifying personal identifi...

G06Q 2220/00   Business processing using c...

G07F 19/211   Software architecture withi...

G07F 7/1041   PIN input keyboard gets new...

G07F 7/1091   Use of an encrypted form of...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 9/3226   using a predetermined code,...

H04L 9/3271   using challenge-response

H04W 12/065   Continuous authentication

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

SOFTWARE PIN ENTRY

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

SOFTWARE PIN ENTRY

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others