METHODS FOR SECURE CREDENTIAL PROVISIONING

US 20160218875A1
Filed: 01/27/2016
Published: 07/28/2016
Est. Priority Date: 01/27/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

determining, by a user device, a one-time user public key;

sending, by the user device to a provisioning server computer, a provisioning request message including the one-time user public key;

receiving, by the user device, an encrypted provisioning response message from the provisioning server computer, the encrypted provisioning response message comprising encrypted credential data;

determining, by the user device, a response shared secret using a static server public key;

determining, by the user device, a response session key from the response shared secret, the response session key usable for decrypting the encrypted provisioning response message;

decrypting, by the user device, the encrypted provisioning response message using the response session key to determine the encrypted credential data;

determining, by the user device, a storage protection key from the response shared secret, the storage protection key being different from the response session key and usable for decrypting the encrypted credential data;

encrypting, by the user device, the storage protection key with a key encryption key to generate an encrypted storage protection key;

storing, by the user device, the encrypted storage protection key; and

storing, by the user device, the encrypted credential data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments can provide methods for securely provisioning sensitive credential data, such as a limited use key (LUK) onto a user device. In some embodiments, the credential data can be encrypted using a separate storage protection key and decrypted only at the time of a transaction to generate a cryptogram for the transaction. Thus, end-to-end protection can be provided during the transit and storage of the credential data, limiting the exposure of the credential data only when the credential data is required, thereby reducing the risk of compromise of the credential data.

173 Citations

24 Claims

1. A computer-implemented method, comprising:
- determining, by a user device, a one-time user public key;
  
  sending, by the user device to a provisioning server computer, a provisioning request message including the one-time user public key;
  
  receiving, by the user device, an encrypted provisioning response message from the provisioning server computer, the encrypted provisioning response message comprising encrypted credential data;
  
  determining, by the user device, a response shared secret using a static server public key;
  
  determining, by the user device, a response session key from the response shared secret, the response session key usable for decrypting the encrypted provisioning response message;
  
  decrypting, by the user device, the encrypted provisioning response message using the response session key to determine the encrypted credential data;
  
  determining, by the user device, a storage protection key from the response shared secret, the storage protection key being different from the response session key and usable for decrypting the encrypted credential data;
  
  encrypting, by the user device, the storage protection key with a key encryption key to generate an encrypted storage protection key;
  
  storing, by the user device, the encrypted storage protection key; and
  
  storing, by the user device, the encrypted credential data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 15, 16, 17, 18, 19, 20)
- - 2. The computer-implemented method of claim 1, wherein the encrypted credential data includes a limited use key (LUK) or key derivation data for a single use key (SUK).
  - 3. The computer-implemented method of claim 1, wherein the encrypted credential data is stored in a storage server remotely connected to the user device and the encrypted storage protection key is stored in the user device.
  - 4. The computer-implemented method of claim 1, further comprising:
    - in response to an indication to generate a cryptogram used for authenticating an authorization request message, retrieving the encrypted credential data;
      
      retrieving the encrypted storage protection key;
      
      decrypting the encrypted storage protection key using the key encryption key to obtain the storage protection key;
      
      decrypting the encrypted credential data using the storage protection key to obtain credential data; and
      
      generating the cryptogram using the credential data.
  - 5. The computer-implemented method of claim 4, wherein decrypting the encrypted credential data using the storage protection key comprises:
    - deriving a credential encryption key using the storage protection key and key derivation data for the credential encryption key, the key derivation data comprises data specific to the user device; and
      
      decrypting the encrypted credential data using the credential encryption key.
  - 6. The computer-implemented method of claim 4, wherein the cryptogram is generated using a cryptogram key derived from the credential data.
  - 7. The computer-implemented method of claim 1, further comprising:
    - generating, by the user device, a request shared secret using the static server public key and a user private key corresponding to the one-time user public key; and
      
      encrypting, by the user device, request data using the request shared secret to obtain encrypted request data, wherein the provisioning request message includes the encrypted request data.
  - 8. The computer-implemented method of claim 1, wherein the provisioning response message includes a blinded static server public key and the response shared secret is determined using the blinded static server public key.
  - 9. The computer-implemented method of claim 1, wherein determining the one-time user public key comprises generating an ephemeral user key pair comprising an ephemeral user private key and an ephemeral user public key, wherein the ephemeral user public key is used as the one-time user public key.
  - 10. The computer-implemented method of claim 1, wherein determining the one-time user public key comprises blinding a static user public key.
  - 15. A computer system, comprising:
    - a memory that stores computer-executable instructions; and
      
      a processor configured to access the memory and execute the computer-executable instructions to implement the method of claim 1.
  - 16. The computer system of claim 15, wherein the encrypted credential data is stored in a storage server remotely connected to the user device.
  - 17. The computer system of claim 15, wherein the storage protection key is encrypted using a key encryption key to generate an encrypted storage protection key and the encrypted storage protection key is stored.
  - 18. The computer system of claim 17, wherein the method further comprises:
    - in response to an indication to generate a cryptogram used for authenticating an authorization request message, retrieving the encrypted credential data;
      
      retrieving the encrypted storage protection key;
      
      decrypting the encrypted storage protection key using the key encryption key to obtain the storage protection key;
      
      decrypting the encrypted credential data using the storage protection key to obtain the credential data; and
      
      generating the cryptogram using the credential data.
  - 19. The computer system of claim 18, wherein decrypting the encrypted credential data using the storage protection key comprises:
    - deriving a credential encryption key using the storage protection key and key derivation data for the credential encryption key, the key derivation data comprises data specific to the user device; and
      
      decrypting the encrypted credential data using the credential encryption key.
  - 20. The computer system of claim 15, wherein the credential data includes a limited use key (LUK) or key derivation data for a single use key (SUK).

11. A computer-implemented method, comprising:
- receiving by a server computer from a user device, a provisioning request message including a one-time user public key;
  
  generating, by the server computer, a response shared secret using a static server private key and the one-time user public key;
  
  identifying, by the server computer, credential data to be included in a provisioning response message;
  
  determining, by the server computer, a response session key from the response shared secret, the response session key usable for encrypting the provisioning response message;
  
  determining, by the server computer, a storage protection key from the response shared secret, the storage protection key being different from the response session key and usable for encrypting the credential data;
  
  encrypting, by the server computer, the credential data using the storage protection key to generate encrypted credential data;
  
  encrypting, by the server computer, the provisioning response message using the response session key to generate encrypted provisioning response message, wherein the provisioning response message includes the encrypted credential data; and
  
  sending, by the server computer to the user device, the encrypted provisioning response message.
- View Dependent Claims (12, 13, 14)
- - 12. The computer-implemented method of claim 11, wherein the credential data comprises a LUK and cryptogram key derivation data usable for deriving a cryptogram key that is used to generate a cryptogram.
  - 13. The computer-implemented method of claim 11, wherein encrypting the credential data comprises determining a credential encryption key using the storage protection key and key derivation data, wherein the key derivation data is specific to the user device.
  - 14. The computer-implemented method of claim 11, wherein the provisioning response message includes a blinded static server public key corresponding to the static server private key.

21. A computer-implemented method, comprising:
- determining, by a user device, a one-time user public key;
  
  determining, by a user device, a storage protection public key;
  
  sending, by the user device to a provisioning server computer, a provisioning request message including the one-time user public key and the storage protection public key;
  
  receiving, by the user device, an encrypted provisioning response message from the provisioning server computer, the encrypted provisioning response message comprising encrypted credential data, wherein the encrypted credential data is encrypted using the storage protection public key;
  
  determining, by the user device, a response shared secret using a static server public key;
  
  determining, by the user device, a response session key from the response shared secret, the response session key usable for decrypting the encrypted provisioning response message;
  
  decrypting, by the user device, the encrypted provisioning response message using the response session key to determine the encrypted credential data; and
  
  storing, by the user device, the encrypted credential data.
- View Dependent Claims (22, 23, 24)
- - 22. The computer-implemented method of claim 21, wherein the storage protection public key and the one-time user public key both correspond to a same user private key.
  - 23. The computer-implemented method of claim 21, wherein the storage protection public key and the one-time user public key correspond to different user private keys.
  - 24. The computer-implemented method of claim 21, further comprising:
    - in response to an indication to generate a cryptogram used for authenticating an authorization request message, retrieving the encrypted credential data;
      
      decrypting the encrypted credential data using a storage protection private key corresponding to the storage protection public key to obtain the credential data; and
      
      generating the cryptogram using the credential data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Le Saint, Eric, Bhattacharya, Soumendra

Granted Patent

US 10,461,933 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/045   wherein the sending and rec...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/0861   Generation of secret inform...

H04L 9/0891   Revocation or update of sec...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

METHODS FOR SECURE CREDENTIAL PROVISIONING

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

173 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS FOR SECURE CREDENTIAL PROVISIONING

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

173 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links