Systems and methods for performing secure financial transactions

US 8,736,424 B2
Filed: 12/03/2012
Issued: 05/27/2014
Est. Priority Date: 03/21/2006
Status: Active Grant

First Claim

Patent Images

1. A method for performing a point of sale transaction using a tag incorporated in a bank card, the tag comprising a storage storing a plurality of encryption keys, the method comprising:

at the tag, receiving a pointer identifying one of the plurality of encryption keys stored in the tag storage;

encrypting tag data using the identified encryption key, the tag data comprising identification data identifying the tag;

sending the encrypted identification data to a point of sale terminal comprising a tag reader;

at the point of sale terminal, receiving transaction information corresponding to a purchase requested by a user;

at a server, receiving the purchase transaction information and the encrypted identification data identifying the tag from the point of sale terminal;

at the server, decrypting the encrypted identification data identifying the tag using a same encryption key as the encryption key identified by the pointer received at the tag;

at the server, associating the identification data identifying the tag with an account number associated with a bank account of the user; and

at the point of sale terminal, receiving an authorization from the server authorizing the transaction.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An RFID system includes an RFID tag, an RFID reader, and a server. The RFID tag communicates to the server via encrypted information. The information may be encrypted with synchronized encryption keys. In this manner, the reader need not decrypt the information from the RFID tag. The effectiveness of malicious readers is thereby reduced, resulting in improved RFID tag security.

Citations

30 Claims

1. A method for performing a point of sale transaction using a tag incorporated in a bank card, the tag comprising a storage storing a plurality of encryption keys, the method comprising:
- at the tag, receiving a pointer identifying one of the plurality of encryption keys stored in the tag storage;
  
  encrypting tag data using the identified encryption key, the tag data comprising identification data identifying the tag;
  
  sending the encrypted identification data to a point of sale terminal comprising a tag reader;
  
  at the point of sale terminal, receiving transaction information corresponding to a purchase requested by a user;
  
  at a server, receiving the purchase transaction information and the encrypted identification data identifying the tag from the point of sale terminal;
  
  at the server, decrypting the encrypted identification data identifying the tag using a same encryption key as the encryption key identified by the pointer received at the tag;
  
  at the server, associating the identification data identifying the tag with an account number associated with a bank account of the user; and
  
  at the point of sale terminal, receiving an authorization from the server authorizing the transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. The method of claim 1, wherein the server stores a copy of the plurality of encryption keys stored at the tag, the method further comprising:
    - prior to the tag receiving the pointer, selecting the encryption key identified by the pointer at the server;
      
      sending the pointer from the server to the tag reader; and
      
      sending the pointer from the tag reader to the tag.
  - 3. The method of claim 2, wherein a different encryption keys is selected depending on a type of read request received at the tag.
  - 4. The method of claim 2, wherein a different encryption key is selected each time the tag is read.
  - 5. The method of claim 1 further comprising:
    - prior to the tag receiving the pointer, selecting the encryption key identified by the pointer at the tag reader;
      
      sending the pointer from the tag reader to the server; and
      
      sending the pointer from the tag reader to the tag.
  - 6. The method of claim 1, wherein the transaction information corresponding to the purchase comprises a fee corresponding to the purchase.
  - 7. The method of claim 6 further comprising, at the server, debiting the bank account by the fee corresponding to the purchase.
  - 8. The method of claim 7 further comprising, at the server, sending a new balance of the bank account to the point of sale terminal.
  - 9. The method of claim 6, wherein the point of sale terminal is in a store, the method further comprising, at the server, crediting the store with the fee corresponding to the purchase.
  - 10. The method of claim 1, wherein the server is a bank server.
  - 11. The method of claim 1, wherein the tag comprises a transceiver configured to wirelessly communicate with the tag reader.
  - 12. The method of claim 1, wherein the tag comprises a transceiver configured to communicate with the tag reader using one of Bluetooth, optical, and UWB communication.
  - 13. The method of claim 1, wherein the tag comprises a transceiver configured to communicate with the tag reader using radio signals.
  - 14. The method of claim 1, wherein the tag does not comprise a continuous source of power, wherein the tag comprises a transceiver configured to communicate with the tag reader according to backscattering.
  - 15. The method of claim 1, wherein the tag comprises (i) a continuous source of power and (ii) a transmitter to communicate with the tag reader using radio signals.
  - 16. The method of claim 1 further comprising:
    - at the point of sale terminal, receiving authentication data to authenticate the point of sale terminal;
      
      sending the authentication data along with said purchase transaction information and said encrypted identification data identifying the tag from the point of sale terminal to the server; and
      
      at the server, authenticating the point of sale terminal based on the authentication data.
  - 17. The method of claim 16, wherein the authentication data is received at the point of sale terminal from the user.
  - 18. The method of claim 16, wherein the authentication data is one of a password, a code, and a personal identification number (PIN).
  - 19. The method of claim 16, wherein the tag reader of the point of sale terminal is a first tag reader, the method further comprising:
    - at the server, receiving said encrypted identification data identifying the tag from a second tag reader different from the first tag reader, the second tag reader having read the encrypted identification data identifying the tag without receiving the authentication data; and
      
      at the server, not authenticating the second tag reader due to the lack of the authentication data.
  - 20. The method of claim 1 further comprising:
    - at the point of sale terminal, encrypting the purchase transaction information and the encrypted identification data identifying the tag prior to sending the purchase transaction and the encrypted identification data to the server.
  - 21. The method of claim 20, wherein the point of sale terminal uses a different encryption scheme than the tag uses for encrypting the data identifying the tag.
  - 22. The method of claim 20, wherein the point of sale terminal encrypts the purchase transaction information and the encrypted identification data identifying the tag using authentication data received from the user.
  - 23. The method of claim 1, wherein the tag comprises a switch, the method further comprising activating the tag using the switch prior to sending the encrypted identification data to the point of sale terminal.
  - 24. The method of claim 1, wherein the tag is a radio frequency identification (RFID) tag.
  - 25. The method of claim 1 further comprising:
    - receiving biometric data from the point of sale terminal;
      
      comparing the received biometric data with biometric data stored in the tag storage; and
      
      prior to sending the encrypted identification data to the point of sale terminal, activating the tag when the received biometric data and the stored biometric data match.
  - 26. The method of claim 25, wherein the biometric data comprises a finger print.
  - 27. The method of claim 1, wherein the tag comprises a display and a switch, the method further comprising:
    - receiving authentication data at the tag from the point of sale terminal;
      
      at the tag, displaying the authentication data; and
      
      receiving an activation of the switch after displaying the authentication data,wherein the tag sends the encrypted identification data to the point of sale terminal only after receiving the activation of the switch.
  - 28. The method of claim 27, wherein the authentication data comprises information about the transaction.
  - 29. The method of claim 1, wherein the tag comprises a display and a switch, to verify information displayed on the tag display, the method further comprising:
    - at the tag, receiving an image from the point of sale terminal;
      
      displaying the received image on the tag display; and
      
      receiving an activation of the switch after displaying the image on the tag display,wherein the encrypted identification data is sent to the point of sale terminal only after receiving the activation of the switch.
  - 30. The method of claim 29, wherein the switch is one of a push button and a toggling switch activated by the user after verifying the displayed image.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Knapp Investment Company Limited
Original Assignee
Radiofy, LLC
Inventors
Shoarinejad, Kambiz, Soltan, Maryam
Primary Examiner(s)
PHAM, TOAN NGOC

Application Number

US13/692,327
Publication Number

US 20130181817A1
Time in Patent Office

540 Days
Field of Search

340/572.1, 340/10.2, 340/572.4, 340/10.4, 340/5.8, 340/5.82, 235/375
US Class Current

340/10.1
CPC Class Codes

G06K 7/00   Methods or arrangements for...

G06K 7/10257   arrangements for protecting...

G06Q 20/206   comprising security or oper...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/3829   involving key management

G06Q 20/40145   Biometric identity checks

G06Q 20/409   Device specific authenticat...

G07F 7/10   together with a coded signa...

G07F 7/12   Card verification

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/0876   based on the identity of th...

H04L 9/12   Transmitting and receiving ...

H04L 9/3226   using a predetermined code,...

H04L 9/3231   Biological data, e.g. finge...

Systems and methods for performing secure financial transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for performing secure financial transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links