Device, system and method for reducing an interaction time for a contactless transaction
First Claim
Patent Images
1. A reader, comprising:
- a contactless interface;
a transaction module coupled to the contactless interface, wherein;
the transaction module is structured and arranged to;
discover the presence of a contactless payment device within a predetermined distance from the reader;
energize the contactless interface upon discovery of the presence of the contactless payment device within the predetermined distance from the reader, wherein the energized contactless interface enables communication between the contactless payment device and the reader;
send to the contactless payment device, via the contactless interface, a request for data; and
receive, from the contactless payment device, via the contactless interface, the requested data;
perform;
a contactless transaction with less than one-half second of interaction time between the contactless payment device and the reader; and
static and dynamic data authentication using the requested data; and
a security module coupled to the transaction module, wherein the security module is structured and arranged to prevent a man in the middle attack on the contactless transaction by validating a dynamic signature received from the contactless payment device, wherein the dynamic signature comprises;
a transaction currency code; and
a contactless payment device unpredictable number.
1 Assignment
0 Petitions
Accused Products
Abstract
A method. The method comprises, at a reader, performing at least one transaction-based risk management process prior to energizing a contactless interface, initiating communication with a card utilized for the contactless transaction, receiving information associated with the card, and terminating communication with the card to authorizing the contactless transaction.
-
Citations
16 Claims
-
1. A reader, comprising:
-
a contactless interface; a transaction module coupled to the contactless interface, wherein; the transaction module is structured and arranged to; discover the presence of a contactless payment device within a predetermined distance from the reader; energize the contactless interface upon discovery of the presence of the contactless payment device within the predetermined distance from the reader, wherein the energized contactless interface enables communication between the contactless payment device and the reader; send to the contactless payment device, via the contactless interface, a request for data; and receive, from the contactless payment device, via the contactless interface, the requested data; perform; a contactless transaction with less than one-half second of interaction time between the contactless payment device and the reader; and static and dynamic data authentication using the requested data; and a security module coupled to the transaction module, wherein the security module is structured and arranged to prevent a man in the middle attack on the contactless transaction by validating a dynamic signature received from the contactless payment device, wherein the dynamic signature comprises; a transaction currency code; and a contactless payment device unpredictable number. - View Dependent Claims (2, 3)
-
-
4. A card issued by an issuer, comprising:
-
a transaction module structured and arranged; for wireless communication, wherein the card is structured and arranged to operate in both a chip-mode and a magnetic stripe data mode; to cooperate with a reader to; be discoverable by being within a predetermined distance of the reader; receive from the reader a first command message containing a request for a list of applications that are supported by the card for conducting a contactless transaction; send to the reader, in response to the first command message, the requested list of the applications; receive from the reader a second command message requesting to conduct the contactless transaction utilizing one said application in the list of applications; send, in response to the second command message, a request to provide one type of contactless transaction supported by the reader; receive a third command message containing the requested one type of said contactless transaction supported by the reader; send, in response to the third command message; a request for offline authorization of the contactless transaction; an address in memory of the card of data related to the one said application in the list of applications; and a dynamic signature comprising;
a transaction currency code; and
a card unpredictable number;receive, in response to the request for the offline authorization of the contactless transaction, a fourth command message containing a request for the data related to the one said application in the list of applications at the address in the memory of the card; send, in response to the fourth command message, the requested data related to the one said application in the list of applications; and execute the contactless transaction that includes interactive communications with the issuer of the card with less than one-half second of interaction time between the card and the reader; and a security module structured and arranged to cooperate with the reader to prevent a man in the middle attack on the contactless transaction by validating the dynamic signature. - View Dependent Claims (5, 6)
-
-
7. An apparatus comprising:
-
a card issued by an issuer; and a reader, comprising; a contactless interface; a transaction module, coupled to the contactless interface, and structured and arranged to; discover the presence of the card within a predetermined distance from the reader; energize the contactless interface upon discovery of the presence of the card within the predetermined distance from the reader, wherein the energized contactless interface enables communication between the card and the reader; send to the card, via the contactless interface, a request for data including a dynamic signature; and receive, from the card, via the contactless interface, the requested data including the dynamic signature; process a contactless transaction within less than one-half second of interaction time between the reader and the card; and a security module, coupled to the transaction module, and structured to cooperate with the card to prevent a man in the middle attack on the contactless transaction by validating a dynamic signature, wherein the dynamic signature comprises; a transaction currency code; and a card unpredictable number; and wherein the card is structured and arranged to communicate with the reader via the contactless interface, and includes; a transaction module structured and arranged to; send to the reader; a request for information; and the requested data; receive, from the reader; the requested information; and the request for data; and a security module structured and arranged to cooperate with the reader to prevent, using the dynamic signature, a man in the middle attack on the contactless transaction. - View Dependent Claims (8, 9)
-
-
10. A reader apparatus comprising:
-
means for initiating communication with a contactless payment device utilized for a contactless transaction by; upon sensing the contactless payment device within a predetermined range from the reader apparatus, energizing a contactless interface with the contactless payment device, wherein the energized contactless interface enables communication between the contactless payment device and the reader; and sending to the contactless payment device, via the contactless interface, a first command message containing a request for a list of applications that are supported by the contactless payment device for conducting the contactless transaction; means for receiving, via the contactless interface, in response to the first command message, the requested list of the applications; means for sending to the contactless payment device, via the contactless interface, a second command message requesting to conduct the contactless transaction utilizing one said application in the list of applications; means for receiving, via the contactless interface, in response to the second command message, a request from the contactless payment device to provide one type of contactless transaction supported by the reader; means for sending, via the contactless interface, a third command message to the contactless payment device containing the requested one type of said contactless transaction supported by the reader; means for receiving from the contactless payment device, via the contactless interface, in response to the third command message; a request for offline authorization of the contactless transaction; and an address related to data for the one said application in the list of applications; and a dynamic signature comprising; an application transaction counter; a transaction currency code; and a contactless payment device unpredictable number; means for recalculating the dynamic signature; means for validating the recalculated dynamic signature, wherein the offline authorization of the contactless transaction is not performed unless the dynamic signature is validated by the means for validating; means for sending, via the contactless interface, in response to the request for the offline authorization of the contactless transaction, a fourth command message to the contactless payment device containing a request for the data at the address for the one said application in the list of applications; means for receiving from the contactless payment device, via the contactless interface, in response to the fourth command message, the requested data at the address for the one said application in the list of applications; means, in response to receiving the requested data at the address for the one said application in the list of applications, for terminating communication via the contactless interface with the contactless payment device; and means, after said terminating of the communication with the contactless payment device, using the requested data at the address for the one said application in the list of applications, performing the offline authorization of the contactless transaction, wherein the time between sending of the first command message and the terminating of the communication via the contactless interface with the contactless payment device is less than one-half second. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A reader apparatus comprising:
-
means for discovering the presence of a contactless payment device within a predetermined distance from the reader apparatus; means for energizing a contactless interface upon discovery of the presence of the contactless payment device within the predetermined distance from the reader apparatus, wherein the energized contactless interface enables communication between the contactless payment device and the reader apparatus; means for reading from the contactless payment device via the contactless interface a dynamic signature from a contactless payment device, the dynamic signature including; a transaction currency code; and a contactless payment device unpredictable number; means for recalculating the dynamic signature utilizing the contactless payment device unpredictable number; means for validating the recalculated dynamic signature; means, if the recalculated dynamic signature is validated, for offline authorizing of the contactless transaction; and means for completing a contactless transaction with less than one-half second of interaction between the contactless payment device and the reader apparatus. - View Dependent Claims (16)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeVisa International Service Association (Visa, Inc.)
-
Original AssigneeVisa International Service Association (Visa, Inc.)
-
InventorsChan, William Chi Yuen, Oppenlander, Carole, Wagner, Kim, Glendenning, Craig Allen, Ochieano, Anita, Aabye, Christian, Hill, Trudy, Sahota, Jagdeep Singh
-
Primary Examiner(s)Hess; Daniel A
-
Assistant Examiner(s)Savusdiphol; Paultep
-
Application NumberUS11/536,307Publication NumberTime in Patent Office1,454 DaysField of Search235/375, 235/379, 235/380US Class Current235/375CPC Class CodesG06K 7/0008 General problems related to...G06Q 20/04 Payment circuitsG06Q 20/352 Contactless payments by cardsG06Q 20/3674 involving authenticationG06Q 20/382 insuring higher security of...G06Q 20/38215 Use of certificates or encr...G06Q 20/3825 Use of electronic signaturesG06Q 20/40 Authorisation, e.g. identif...G06Q 20/401 Transaction verificationG06Q 20/4016 involving fraud or risk lev...G06Q 20/409 Device specific authenticat...G06Q 30/06 Buying, selling or leasing ...G07F 7/0826 Embedded security moduleG07F 7/088 the card reader being part ...G07F 7/1008 Active credit-cards provide...G07F 7/1016 Devices or methods for secu...
