INTEGRATED CONTACTLESS MPOS IMPLEMENTATION

US 20140298027A1
Filed: 04/02/2014
Published: 10/02/2014
Est. Priority Date: 04/02/2013
Status: Active Grant

First Claim

Patent Images

1. A method for secure communication with a mobile device, the method comprising:

receiving, by a mobile device, one or more seed numbers from a communications network;

generating, by the mobile device, one or more session keys, in dependence on one or more of the received one or more seed numbers, for use in encrypted communication with the mobile device; and

/orgenerating, by the mobile device, a pre-image, in dependence on one of the received one or more seed numbers, for use in generating an unpredictable number for use in secure communication with the mobile device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed herein is a method for performing an integrated contactless point-of-sale transaction. More particularly, there is disclose a method comprising: receiving, by a mobile device 1, a seed number from a communications network; generating, by the mobile device 1, one or more session keys, in dependence on the received seed number, for use in encrypted communication with the mobile device 1; and/or generating, by the mobile device 1, a pre-image, in dependence on the received seed number, for use in generating an unpredictable number for use in secure communication with the mobile device. Advantageously, the generation of session keys and/or a pre-image in dependence on a seed number provided to the mobile device improves the security of the system since the source of the seed number can detect incorrect session keys and/or unpredictable number derived from an incorrect pre-image.

Citations

19 Claims

1. A method for secure communication with a mobile device, the method comprising:
- receiving, by a mobile device, one or more seed numbers from a communications network;
  
  generating, by the mobile device, one or more session keys, in dependence on one or more of the received one or more seed numbers, for use in encrypted communication with the mobile device; and
  
  /orgenerating, by the mobile device, a pre-image, in dependence on one of the received one or more seed numbers, for use in generating an unpredictable number for use in secure communication with the mobile device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 11, 13, 14, 17)
- - 2. The method of claim 1, further comprising:
    - generating, by a server, the one or more seed numbers; and
      
      transmitting, by the server, the one or more seed numbers to the mobile device over the communications network.
  - 3. The method of claim 2, wherein the mobile device comprises a reader and a terminal, the method further comprising:
    - communicating between the reader and the server via the terminal.
  - 4. The method of claim 3, further comprising:
    - generating, by the reader, said one or more session keys and/or said pre-image.
  - 5. The method of claim 3, further comprising:
    - receiving, by the server, a log on request from the terminal of the mobile device;
      
      authenticating, by the server, the terminal from the information comprised in the received log on request; and
      
      transmitting, by the server in response to successful authentication of the terminal, said one or more seed numbers to the terminal.
  - 6. The method of claim 3, further comprising:
    - transmitting, by the terminal, information comprising the one or more seed numbers received from the server to the reader;
      
      generating, by the reader, a random number;
      
      generating, by the reader, a first session key (SK2) in dependence on a first part of the random number and one of the received one or more seed numbers; and
      
      generating, by the reader, a second session key (SK3) in dependence on a second part of the random number and one of the received one or more seed numbers.
  - 7. The method of claim 3, further comprising:
    - generating, by the reader, said pre-image in dependence on one of the received one or more seed numbers from the server and identification information of the reader; and
      
      generating a first unpredictable number in dependence on the generated pre-image.
  - 8. The method of claim 3, further comprising:
    - generating, by the reader, a new pre-image in dependence on the pre-image, the value of a transaction sequence counter and received user data used for the previous transaction; and
      
      generating, by the reader, a new unpredictable number for use in the next transaction in dependence on said new pre-image.
  - 11. A mobile device comprising processing and operating means with executable instructions which on execution cause the mobile device to perform the method of a mobile device as set out in claim 1.
  - 13. A server comprising processing and operating means with executable instructions which on execution cause the server to perform the method of a server as set out in claim 1.
  - 14. A mobile communications system comprising a server and a mobile device with executable instructions which on execution cause the server and mobile device to perform the method as set out in claim 1.
  - 17. A computer readable medium for a mobile device comprising computer executable instructions which on execution cause a mobile device to perform the method of a mobile device as set out in claim 1.

9. A method of operating a server for secure communication with a mobile device, the method comprising:
- receiving a log on request from a mobile device;
  
  authenticating the mobile device from the received log on request;
  
  transmitting, in response to successful authentication of the mobile device, one or more seed numbers to the mobile device;
  
  receiving, from the mobile device in response to the server transmitting said one or more seed numbers to the mobile device, encrypted information comprising a random number;
  
  decrypting the received encrypted information to obtain said random number;
  
  generating one or more session keys, in dependence on said random number and one or more of said one or more seed numbers, for encrypted communication with the mobile device; and
  
  /orgenerating a pre-image, in dependence on one of said one or more seed numbers and identification information of the mobile device, wherein said pre-image is for use in generating an unpredictable number for use in secure communication with the mobile device.
- View Dependent Claims (15, 19)
- - 15. A mobile communications system comprising a server and a mobile device with executable instructions which on execution cause the server and mobile device to perform the method as set out in claim 9.
  - 19. A computer readable medium for a server comprising computer executable instructions which on execution cause a server to perform the method of a server as set out in claim 9.

10. A method for secure communication with a mobile device, the mobile device comprising a reader located in a secure zone of the mobile device and a terminal, the method comprising:
- communicating with the mobile device through the terminal, such that communication with the reader is via the terminal;
  
  generating, by the reader, one or more session keys for use in encrypted communication with the mobile device; and
  
  /orgenerating, by reader, a pre-image for use in generating unpredictable number for use in secure communication with the mobile device.
- View Dependent Claims (12, 16, 18)
- - 12. A mobile device comprising processing and operating means with executable instructions which on execution cause the mobile device to perform the method of a mobile device as set out in claim 10.
  - 16. A mobile communications system comprising a server and a mobile device with executable instructions which on execution cause the server and mobile device to perform the method as set out in claim 10.
  - 18. A computer readable medium for a mobile device comprising computer executable instructions which on execution cause a mobile device to perform the method of a mobile device as set out in claim 10.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Roberts, David Anthony, Smets, Patrik, Bateson, Patricia, Cateland, Axel Emile Jean Charles

Granted Patent

US 10,135,614 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3829   involving key management

H04L 2209/80   Wireless

H04L 9/0869   involving random numbers or...

H04L 9/321   involving a third party or ...

H04L 9/3271   using challenge-response

H04W 12/04   Key management, e.g. using ...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

INTEGRATED CONTACTLESS MPOS IMPLEMENTATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

INTEGRATED CONTACTLESS MPOS IMPLEMENTATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links