Authenticating a chip card interface device
First Claim
1. A chip card interface device (CCID) configured for authenticating with a backend system during a transaction with the backend system, the CCID comprising:
- a network communication device configured for communicating with the backend system over a network;
a memory device configured for storing a unique chip key created by the backend system based at least in part on a master chip key of the backend system and based at least in part on a serial number of the processing device of the CCID;
a processing device coupled with the network communication device, the processing device configured for;
instructing the network communication device to communicate a transaction initiation communication to the backend system,receiving a request sent from the backend system in response to the transaction initiation communication, for authentication information, the request for authentication information from the backend system comprising a random number,symmetrically encrypting the random number based at least in part on the unique chip key stored in the memory device; and
instructing the network communication device to communicate, in response to receiving the request for authentication information, an authentication communication to the backend system, the authentication communication including a serial number of the processing device of the CCID such that the backend system can authenticate the identity of the processing device of the CCID and complete the transaction, the authentication communication comprising the encrypted random number;
wherein the serial number is to be used by the backend system to recalculate the unique chip key using the master chip key, the recalculated unique chip key is to be used by the backend system to encrypt a copy of the random number previously received at the CCID from the backend system, and the encrypted copy of the random number is to be compared to the encrypted random number, thereby indicating whether the identity of the processing device is authenticated.
1 Assignment
0 Petitions
Accused Products
Abstract
A system is configured for authenticating a chip card interface device (CCID) during a transaction with the CCID. The system has a communication device configured for communicating with the CCID over a network and a processing device coupled with the communication device. The processing device is configured for receiving a transaction initiation communication from the CCID and instructing the communication device to communicate a request for authentication information including a random number to the CCID. The CCID encrypts the random number with a unique chip key (UCK) previously created with a master chip key (MCK). Then, the CCID communicates the encrypted random number to the system along with a serial number. The system recalculates the UCK using the serial number, encrypts a copy of the random number using the recalculated UCK and compares the encrypted copy with the encrypted random number received from the CCID to authenticate the CCID.
14 Citations
24 Claims
-
1. A chip card interface device (CCID) configured for authenticating with a backend system during a transaction with the backend system, the CCID comprising:
-
a network communication device configured for communicating with the backend system over a network; a memory device configured for storing a unique chip key created by the backend system based at least in part on a master chip key of the backend system and based at least in part on a serial number of the processing device of the CCID; a processing device coupled with the network communication device, the processing device configured for; instructing the network communication device to communicate a transaction initiation communication to the backend system, receiving a request sent from the backend system in response to the transaction initiation communication, for authentication information, the request for authentication information from the backend system comprising a random number, symmetrically encrypting the random number based at least in part on the unique chip key stored in the memory device; and instructing the network communication device to communicate, in response to receiving the request for authentication information, an authentication communication to the backend system, the authentication communication including a serial number of the processing device of the CCID such that the backend system can authenticate the identity of the processing device of the CCID and complete the transaction, the authentication communication comprising the encrypted random number; wherein the serial number is to be used by the backend system to recalculate the unique chip key using the master chip key, the recalculated unique chip key is to be used by the backend system to encrypt a copy of the random number previously received at the CCID from the backend system, and the encrypted copy of the random number is to be compared to the encrypted random number, thereby indicating whether the identity of the processing device is authenticated. - View Dependent Claims (2)
-
-
3. A method for authenticating a chip card interface device (CCID) with a backend system during a transaction with the backend system, the method comprising:
-
storing, by a memory device of the CCID, a unique chip key created by the backend system based at least in part on a master chip key of the backend system and based at least in part on a serial number of the processing device of the CCID; instructing, by a processing device of the CCID, the network communication device to communicate a transaction initiation communication to the backend system; receiving, at the processing device, a request sent from the backend system in response to the transaction initiation communication, for authentication information, the request for authentication information from the backend system comprising a random number; symmetrically encrypting, by the processing device, the random number based at least in part on the unique chip key stored in the memory device; and instructing, by the processing device, the network communication device to communicate, in response to receiving the request for authentication information, an authentication communication to the backend system, the authentication communication including a serial number of the processing device of the CCID such that the backend system can authenticate the identity of the processing device of the CCID and complete the transaction, the authentication communication comprising the encrypted random number; wherein the serial number is to be used by the backend system to recalculate the unique chip key using the master chip key, the recalculated unique chip key is to be used by the backend system to encrypt a copy of the random number previously received at the CCID from the backend system, and the encrypted copy of the random number is to be compared to the encrypted random number, thereby indicating whether the identity of the processing device is authenticated such that the transaction can be completed. - View Dependent Claims (4)
-
-
5. A computer program product comprising a non-transitory computer-readable medium comprising computer-readable instructions for execution by a chip card interface device (CCID), the instructions configured for authenticating the CCID with a backend system during a transaction with the backend system, the instructions comprising:
-
instructions for storing, by a memory device of the CCID, a unique chip key created by the backend system based at least in part on a master chip key of the backend system and based at least in part on a serial number of the processing device of the CCID; instructions for instructing, by a processing device of the CCID, a network communication device to communicate a transaction initiation communication to the backend system; instructions for receiving, at the processing device, a request sent from the backend system in response to the transaction initiation communication, for authentication information, the request for authentication information from the backend system comprising a random number; instructions for symmetrically encrypting, by the processing device, the random number based at least in part on the unique chip key stored in the memory device; and instructions for instructing, by the processing device, the network communication device to communicate, in response to receiving the request for authentication information, an authentication communication to the backend system, the authentication communication including a serial number of the processing device of the CCID such that the backend system can authenticate the identity of the processing device of the CCID and complete the transaction, the authentication communication comprising the encrypted random number; wherein the serial number is to be used by the backend system to recalculate the unique chip key using the master chip key, the recalculated unique chip key is to be used by the backend system to encrypt a copy of the random number previously received at the CCID from the backend system, and the encrypted copy of the random number is to be compared to the encrypted random number, thereby indicating whether the identity of the processing device is authenticated such that the transaction can be completed. - View Dependent Claims (6)
-
-
7. A system configured for authenticating a chip card interface device (CCID) during a transaction with the CCID, the system comprising:
-
a communication device configured for communicating with the CCID over a network; a memory device configured for storing a master chip key; a processing device coupled with the communication device and the memory device, the processing device configured for; receiving a transaction initiation communication from the CCID; in response to receiving the transaction initiation communication, instructing the communication device to communicate a request for authentication information to the CCID, the request for authentication information comprising a random number; receiving an authentication communication from the CCID in response to the request for authentication information, the authentication communication including a serial number of a processing device of the CCID; receiving, via the communication device, an encrypted random number and a serial number of a processing device of the CCID, the encrypted random number being an encryption of the random number based at least in part on a unique chip key based at least in part on the serial number of the processing device of the CCID and based at least in part on the master chip key; re-calculating the unique chip key by encrypting the received serial number and the stored master chip key; encrypting a copy of the random number communicated to the CCID based at least in part on the recalculated unique chip key; comparing the encrypted copy of the random number with the encrypted random number received from the CCID; and determining whether the identity of the processing device of the CCID corresponds with a processing device allowed to conduct the transaction. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method for authenticating a chip card interface device (CCID) during a transaction with the CCID, the method comprising:
-
storing, at a memory device coupled with a processing device of a system, a master chip key; communicating, by a communication device of the system, with the CCID over a network; receiving, at the processing device of the system coupled with the communication device of the system, a transaction initiation communication from the CCID; in response to receiving the transaction initiation communication, instructing, by the processing device, the communication device to communicate a request for authentication information to the CCID, the authentication information comprising a random number; receiving, at the processing device, an authentication communication from the CCID in response to the request for authentication information, the authentication communication including a serial number of a processing device of the CCID; receiving, at the processing device, via the communication device, an encrypted random number and a serial number of a processing device of the CCID, the encrypted random number being an encryption of the random number based at least in part on a unique chip key based at least in part on the serial number of the processing device of the CCID and based at least in part on the master chip key; re-calculating, by the processing device, the unique chip key by encrypting the received serial number and the stored master chip key; encrypting, by the processing device, a copy of the random number communicated to the CCID based at least in part on the recalculated unique chip key; comparing, by the processing device, the encrypted copy of the random number with the encrypted random number received from the CCID; and determining, by the processing device of the system, whether the identity of the processing device of the CCID corresponds with a processing device allowed to conduct the transaction. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A computer program product comprising a non-transitory computer-readable medium comprising computer-readable instructions for execution by a chip card interface device (CCID), the instructions configured for authenticating a chip card interface device (CCID) during a transaction with the CCID, the instructions comprising:
-
instructions for storing, at a memory device coupled with a processing device of a system, a master chip key; instructions for communicating, by a communication device of the system, with the CCID over a network; instructions for receiving, at the processing device of the system coupled with the communication device of the system, a transaction initiation communication from the CCID; instructions for, in response to receiving the transaction initiation communication, instructing, by the processing device, the communication device to communicate a request for authentication information to the CCID, the authentication information including a random number; instructions for receiving, at the processing device, an authentication communication from the CCID in response to the request for authentication information, the authentication communication including a serial number of a processing device of the CCID; instructions for receiving, at the processing device, via the communication device, an encrypted random number and a serial number of the processing device of the CCID, the encrypted random number being an encryption of the random number based at least in part on a unique chip key based at least in part on the serial number of the processing device of the CCID and based at least in part on the master chip key; instructions for re-calculating, by the processing device, the unique chip key by encrypting the received serial number and the stored master chip key; instructions for encrypting, by the processing device, a copy of the random number communicated to the CCID based at least in part on the recalculated unique chip key; instructions for comparing, by the processing device, the encrypted copy of the random number with the encrypted random number received from the CCID; and instructions for determining, by the processing device of the system, whether the identity of the processing device of the CCID corresponds with a processing device allowed to conduct the transaction. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification