Authenticating an RF transaction using a transaction counter

US 7,705,732 B2
Filed: 12/09/2004
Issued: 04/27/2010
Est. Priority Date: 07/10/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

receiving an authentication request from a radio frequency (RF) transaction device, wherein the authentication request comprises a total transactions counted value, and wherein the total transactions counted value represents a number of transactions associated with the RF transaction device;

denying the authentication request in response to the total transactions counted value exceeding a maximum transactions counted value; and

disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for securing a Radio Frequency (RF) transaction using a RF identification device (RFID) transaction device is provided. RFID transaction device includes a transactions counter for tallying the number of transactions attempted or completed with the RFID transactions device. Counter value is used to create a RFID device authentication tag for use in validating the RFID device. A RFID reader, interacting with the RFID device, provides a random number to the RFID device which may be used in the RFID device authentication tag creation and validation. RFID reader may also use counter value and random number to create a RFID reader authentication key useful for validating RFID reader. RFID transaction device may include an encryption key for creating RFID transaction device authentication tag. Likewise, RFID reader may include a RFID reader encryption key for creating RFID reader authentication tag.

Citations

23 Claims

1. A method, comprising:
- receiving an authentication request from a radio frequency (RF) transaction device, wherein the authentication request comprises a total transactions counted value, and wherein the total transactions counted value represents a number of transactions associated with the RF transaction device;
  
  denying the authentication request in response to the total transactions counted value exceeding a maximum transactions counted value; and
  
  disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the authentication request further comprises at least one of an RF transaction device authentication tag, an account issuer routing number, or an encrypted transaction device identifier.
  - 3. The method of claim 1, further comprising transmitting an interrogation signal to the RF transaction device.
  - 4. The method of claim 1, further comprising:
    - transmitting the authentication request to a transaction processing entity; and
      
      receiving a denial message from the transaction processing entity in response to the total transactions counted value exceeding the maximum transactions counted value.
  - 5. The method of claim 1, further comprising:
    - presetting the total transactions counted value to an initial count value;
      
      setting an increment value for the total transactions counted value; and
      
      setting the maximum transactions counted value.

6. A radio frequency (RF) reader, comprising:
- means for receiving an authentication request from an RF transaction device, wherein the authentication request comprises a total transactions counted value, and wherein the total transactions counted value represents a number of transactions associated with the RF transaction device;
  
  means for denying the authentication request in response to the total transactions counted value exceeding a maximum transactions counted value; and
  
  means for disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.
- View Dependent Claims (7, 8, 9)
- - 7. The (RF) reader of claim 6, further comprising:
    - means for receiving an RF transaction device authentication tag from the RF transaction device; and
      
      means for decrypting the RF transaction device authentication tag in order to authenticate the RF transaction device.
  - 8. The (RF) reader of claim 7, further comprising:
    - means for producing an (RF) reader authentication tag using at least one of a RF transaction device authentication tag, a transaction account number, a random number, or the total transactions counted value, and an RF transaction device encryption key; and
      
      means for converting at least one of the RF transaction device authentication tag, the transaction account number, the random number, the total transactions counted value, or the RF transaction device encryption key to a merchant point of sale recognizable format.
  - 9. The (RF) reader of claim 6, further comprising:
    - means for receiving an encrypted transaction device identifier from the RF transaction device; and
      
      means for decrypting the encrypted transaction device identifier in order to authenticate the RF transaction device.

10. A transaction processing entity, comprising:
- means for receiving an authentication request from a radio frequency (RF) reader, wherein the authentication request is initiated by an RF transaction device, wherein the authentication request comprises a total transactions counted value, and wherein the total transactions counted value represents a number of transactions associated with the RF transaction device;
  
  means for denying the authentication request in response to the total transactions counted value exceeding a maximum transactions counted value; and
  
  means for disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The transaction processing entity of claim 10, wherein the authentication request further comprises at least one of an RF reader authentication tag, an RF transaction device authentication tag, or an encrypted transaction device identifier.
  - 12. The transaction processing entity of claim 10, further comprising means for validating the RF transaction device in accordance with an RF transaction device authentication tag.
  - 13. The transaction processing entity of claim 10, further comprising means for evaluating validity of the RF reader in accordance with an RF reader authentication tag.
  - 14. The transaction processing entity of claim 10, further comprising:
    - means for locating an RF reader encryption key using a merchant point of sale identifier, rehashing from an RF reader authentication tag, a transaction account number, the total transactions counted value, a random number, and an RF transaction device authentication tag using the RF reader encryption key;
      
      means for verifying the RF transaction device using a corresponding RF transaction device encryption key;
      
      means for verifying the total transactions counted value; and
      
      means for processing the authentication request where the RF reader authentication tag, RF transaction device authentication tag, and total transactions counted value are verified.

15. A method, comprising:
- receiving an authentication request from a radio frequency (RF) reader, wherein the authentication request is initiated by an RF transaction device, wherein the authentication request comprises a total transactions counted value, and wherein the total transactions counted value represents a number of transactions associated with the RF transaction device;
  
  denying the authentication request in response to the total transactions counted value exceeding a maximum transactions counted value; and
  
  disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.

16. A method, comprising:
- transmitting an authentication request to a radio frequency (RF) reader, wherein the authentication request comprises a total transactions counted value, wherein the total transactions counted value represents a number of transactions associated with an RF transaction device, and wherein the authentication request is denied in response to the total transactions counted value exceeding a maximum transactions counted value;
  
  incrementing, at the RF transaction device, the total transactions counted value; and
  
  disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.
- View Dependent Claims (17, 18)
- - 17. The method of claim 16, further comprising incrementing the total transactions counted value by a selected value.
  - 18. The method of claim 16, further comprising incrementing the total transactions .counted value in response to at least one of receiving an interrogation signal, transmitting data, or completing an RF transaction.

19. A radio frequency (RF) transaction device, comprising:
- means for transmitting an authentication request to an RF reader, the authentication request comprising a total transactions counted value, wherein the total transactions counted value represents a number of transactions associated with the RF transaction device, and wherein the authentication request is denied in response to the total transactions counted value exceeding a maximum transactions counted value;
  
  means for incrementing, at the RF transaction device, the total transactions counted value; and
  
  means for disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.
- View Dependent Claims (20)
- - 20. The RF transaction device of claim 19, further comprising:
    - means for storing at least one of a transaction account number, a transaction account expiration date, or an RF transaction device encryption key;
      
      means for receiving a random number and producing an RF transaction device authentication tag using at least one of the transaction account number, the transaction account expiration date, the RF transaction device encryption key, the random number, or the total transactions counted value; and
      
      means for transmitting at least one of the RF transaction device authentication tag, the RF transaction device encryption key, the random number, or the total transactions counted value to the (RF) reader.

21. A tangible computer-readable medium having stored thereon computer-executable instructions that, if executed by a computing device, cause the computing device to perform a method comprising:
- receiving an authentication request from a radio frequency (RF) transaction device, wherein the authentication request comprises a total transactions counted value, and wherein the total transactions counted value represents a number of transactions associated with the RF transaction device;
  
  denying the authentication request in response to the total transactions counted value exceeding a maximum transactions counted value; and
  
  disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.

22. A tangible computer-readable medium having stored thereon computer-executable instructions that, if executed by a computing device, cause the computing device to perform a method comprising:
- receiving an authentication request from a radio frequency (RF) reader, wherein the authentication request is initiated by an RF transaction device, wherein the authentication request comprises a total transactions counted value, and wherein the total transactions counted value represents a number of transactions associated with the RF transaction device;
  
  denying the authentication request in response to the total transactions counted value exceeding a maximum transactions counted value; and
  
  disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.

23. A tangible computer-readable medium having stored thereon computer-executable instructions that, if executed by a computing device, cause the computing device to perform a method comprising:
- transmitting an authentication request to a radio frequency (RF) reader, wherein the authentication request comprises a total transactions counted value, wherein the total transactions counted value represents a number of transactions associated with an RF transaction device, and wherein the authentication request is denied in response to the total transactions counted value exceeding a maximum transactions counted value;
  
  incrementing, at the RF transaction device, the total transactions counted value; and
  
  disabling the RF transaction device in response to the total transactions counted value exceeding the maximum transactions counted value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Xatra Fund MX LLC (Intellectual Ventures LLC)
Inventors
Saunders, Peter D, Bishop, Fred
Primary Examiner(s)
Previl, Daniel

Application Number

US10/905,005
Publication Number

US 20060012473A1
Time in Patent Office

1,965 Days
Field of Search

340/5.4, 340/5.2, 340/5.1, 340/5.6, 340/5.61, 340/5.51, 340/5.81, 340/5.8, 340/568.1, 340/572.1, 235/375, 235/380, 235/472.01, 235/472.02, 235/454, 235/439, 705/35, 705/39, 705/44, 705/50, 705/64, 705/16, 705/22
US Class Current

340/572.1
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/203   Inventory monitoring

G06Q 20/327   Short range or proximity pa...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/382   insuring higher security of...

G06Q 20/388   using mutual authentication...

G06Q 40/00   Finance; Insurance; Tax str...

G07C 9/28   the pass enabling tracking ...

G07G 1/009   the reader being an RFID re...

Authenticating an RF transaction using a transaction counter

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating an RF transaction using a transaction counter

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links