Card reader for use with web based transactions
First Claim
1. A method for establishing a secure connection between a card reader and a server, the method comprising:
- receiving, at the card reader, a first challenge request;
generating, at the card reader, a response to the first challenge request using a first encryption key;
sending, from the card reader, the response to the first challenge request;
sending, from the card reader, a second challenge request to the server;
receiving, at the card reader, an encrypted response to the second challenge request;
verifying, at the card reader, the encrypted response to the second challenge request; and
if the encrypted response is verified;
reading data card information from a data card, the data card information comprising an intrinsic magnetic characteristic and recorded data on the data card;
generating, at the card reader, a magnetic fingerprint based on the intrinsic magnetic characteristic; and
sending, from the card reader, the magnetic fingerprint to authenticate the data card.
1 Assignment
0 Petitions
Accused Products
Abstract
A card reader for use in web based transactions is provided. In one embodiment, the invention relates to a method for establishing a secure connection between a card reader and a server, the method including receiving a first challenge request, generating a response to the first challenge request using a first encryption key, sending the response to the first challenge request, sending a second challenge request, receiving an encrypted response to the second challenge request, verifying the encrypted response to the second challenge request; and, if the encrypted response is verified, reading data card information from a data card, the data card information including an intrinsic magnetic characteristic and recorded data on the data card, generating a magnetic fingerprint based on the intrinsic magnetic characteristic, and sending the magnetic fingerprint to authenticate the data card.
-
Citations
38 Claims
-
1. A method for establishing a secure connection between a card reader and a server, the method comprising:
-
receiving, at the card reader, a first challenge request; generating, at the card reader, a response to the first challenge request using a first encryption key; sending, from the card reader, the response to the first challenge request; sending, from the card reader, a second challenge request to the server; receiving, at the card reader, an encrypted response to the second challenge request; verifying, at the card reader, the encrypted response to the second challenge request; and if the encrypted response is verified; reading data card information from a data card, the data card information comprising an intrinsic magnetic characteristic and recorded data on the data card; generating, at the card reader, a magnetic fingerprint based on the intrinsic magnetic characteristic; and sending, from the card reader, the magnetic fingerprint to authenticate the data card. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for establishing a secure connection between a card reader and a server, the system comprising:
the card reader comprising; a read head configured to read data card information from a data card, the data card information comprising an intrinsic magnetic characteristic and recorded data on the data card; and a processor coupled to the read head, the processor configured to; receive a first challenge request; generate a response to the first challenge request using a first encryption key; send the response to the first challenge request; send a second challenge request; receive an encrypted response to the second challenge request; verify the encrypted response to the second challenge request; generate, if the encrypted response is verified, a magnetic fingerprint based on the intrinsic magnetic characteristic; and send the magnetic fingerprint. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
35. A method for establishing a secure connection between a card reader and a server, the method comprising:
-
receiving, at the server, a challenge request generated by the card reader; decrypting, at the server, the challenge request using a first encryption key; generating, at the server, a response to the challenge request of the card reader using a second encryption key; sending, from the server, the response to the challenge request; receiving, at the server, an encrypted magnetic fingerprint; decrypting, at the server, the encrypted magnetic fingerprint; generating, at the server, a score indicative of a degree of correlation between the magnetic fingerprint and a reference magnetic fingerprint; and sending, from the server, the score. - View Dependent Claims (36, 37, 38)
-
Specification