Methods and systems for conducting smart card transactions

US 8,990,572 B2
Filed: 04/24/2012
Issued: 03/24/2015
Est. Priority Date: 04/24/2012
Status: Active Grant

First Claim

Patent Images

1. A method for conducting smart card transactions comprising:

determining, by a card management system, target information corresponding to a smart card type and transmitting commands to a user mobile device, the card management system being configured to store therein target information for different smart card types;

transmitting a smart card identifier for the user mobile device to the card management system and comparing the received identifier against mobile device smart cart identifiers stored therein;

transmitting target information to, and storing in, the user mobile device when the received and stored identifiers do not match;

transmitting, by a computer, biometric data captured from the user to the user mobile device;

after successfully authenticating the user with the user mobile device based on the captured data, activating, by the card management system, an enrollment data record of the user stored therein;

monitoring, by the computer, for mobile devices enrolled in the card management system, the user mobile device being included in the monitored mobile devices;

recognizing, by the computer, communications from a detected mobile device as communications from a smart card reader containing a smart card;

determining whether the detected mobile device is activated;

when the detected mobile device is activated, authenticating the user by comparing authentication data captured from the user against user authentication data stored in the mobile device; and

granting access to a resource, access being contingent upon successful authentication using smart card security techniques.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for conducting smart card transactions is provided that includes causing a computer to recognize communications from a mobile device as communications from a smart card reader containing a smart card, and conducting a smart card transaction in accordance with smart card security techniques with the mobile device.

38 Citations

View as Search Results

14 Claims

1. A method for conducting smart card transactions comprising:
- determining, by a card management system, target information corresponding to a smart card type and transmitting commands to a user mobile device, the card management system being configured to store therein target information for different smart card types;
  
  transmitting a smart card identifier for the user mobile device to the card management system and comparing the received identifier against mobile device smart cart identifiers stored therein;
  
  transmitting target information to, and storing in, the user mobile device when the received and stored identifiers do not match;
  
  transmitting, by a computer, biometric data captured from the user to the user mobile device;
  
  after successfully authenticating the user with the user mobile device based on the captured data, activating, by the card management system, an enrollment data record of the user stored therein;
  
  monitoring, by the computer, for mobile devices enrolled in the card management system, the user mobile device being included in the monitored mobile devices;
  
  recognizing, by the computer, communications from a detected mobile device as communications from a smart card reader containing a smart card;
  
  determining whether the detected mobile device is activated;
  
  when the detected mobile device is activated, authenticating the user by comparing authentication data captured from the user against user authentication data stored in the mobile device; and
  
  granting access to a resource, access being contingent upon successful authentication using smart card security techniques.
- View Dependent Claims (2, 3, 4, 5, 14)
- - 2. The method for conducting smart card transactions in accordance with claim 1, further comprising:
    - installing, before said monitoring step, an interface application on the computer; and
      
      installing, before said monitoring step, an emulation application on the detected mobile device and initializing the emulation application.
  - 3. The method for conducting smart card transactions in accordance with claim 2, said initializing step further comprising:
    - transmitting a certificate and a digitally signed trust point public key from an application server to the detected mobile device; and
      
      storing the certificate and digitally signed trust point public key in the mobile device.
  - 4. A method for conducting smart card transactions in accordance with claim 1, further comprising storing in the card management system data of different authorized users in different respective data records.
  - 5. The method for conducting smart card transactions in accordance with claim 3, further comprising:
    - generating a public-private key pair at the detected mobile device; and
      
      generating the certificate at a certificate authority and transmitting the certificate to the detected mobile device.
  - 14. The method for conducting smart card transactions in accordance with claim 2, said recognizing step comprising causing, by the interface and emulation applications, the computer and the detected mobile device, respectively, to communicate such that the computer recognizes the detected mobile device as a smart card reader containing a smart card.

6. A system for conducting smart card transactions comprising:
- a computer;
  
  a card management system; and
  
  at least one mobile device, wherein;
  
  said computer, said card management system, and said at least one mobile device are configured to communicate with each other;
  
  said computer is configured tocapture biometric data from users,transmit biometric data captured from a user to a user mobile device, the user mobile device being associated with the user and being included in said at least one mobile device,monitor for mobile devices enrolled in said card management system, the monitored mobile devices being included in said at least one mobile device,recognize communications from said at least one mobile device ascommunications from a smart card reader containing a smart card and determine whether a recognized mobile device is activated, the recognized mobile devices being configured to conduct a smart card transaction in accordance with smart card security techniques, andaccess a website after the user is successfully authenticated;
  
  said card management system is configured todetermine target information corresponding to a smart card type,transmit commands to said at least one mobile device,store target information for different smart card types,compare smart card identifiers received from said at least one mobile device against mobile device smart card identifiers stored therein,transmit target information to said at least one mobile device when the received and stored identifiers do not match, andactivate an enrollment data record of the user stored therein after the user is successfully authenticated; and
  
  said at least one mobile device is configured tocapture authentication data from users when said at least one mobile device is activated, andcompare the captured authentication data against user authentication data stored therein.
- View Dependent Claims (7, 8, 9)
- - 7. The system for conducting smart card transactions in accordance with claim 6, said at least one mobile device being further configured to conduct operations conducted by smart card readers containing smart cards.
  - 8. The system for conducting smart card transactions in accordance with claim 6, said computer being further configured to:
    - determine that a recognized mobile device is proximate thereto when the recognized mobile device is within operating range of a communications protocol of said computer; and
      
      cease communicating with the recognized mobile device when the recognized mobile device is out of the operating range.
  - 9. The system for conducting smart card transactions in accordance with claim 6, said at least one mobile device being further configured to:
    - execute security algorithms used on smart cards; and
      
      generate and apply private keys to digitally sign documents and decrypt data.

10. A mobile communications device for emulating smart card readers containing smart cards comprising a processor and a memory, said memory being configured to store data, said communications device being associated with a network and said memory being coupled to said processor and having instructions stored therein which, when executed by said processor cause said processor to perform operations comprising:
- receiving commands transmitted from a card management system, the card management system being configured to determine target information corresponding to a smart card type and store target information for different smart card types;
  
  transmitting a smart card identifier for said communications device to the card management system, the card management system being further configured to compare the received identifier against mobile device smart card identifiers stored therein;
  
  receiving, and storing in said memory, target information from said card management system when the received and stored identifiers do not match;
  
  receiving biometric data captured from a user by a computer;
  
  authenticating the user based on the received biometric data, wherein the card management system is further configured to activate an enrollment data record of the user stored therein after the user is successfully authenticated;
  
  communicating with the computer such that the computer recognizes said mobile communications device as a smart card reader containing a smart card;
  
  when the computer determines said mobile communications device is activated, comparing authentication data captured from the user against user authentication data stored in said memory; and
  
  transmitting a successful authentication result to the computer such that the user can be granted access to a desired website.
- View Dependent Claims (11, 12, 13)
- - 11. The mobile communications device in accordance with claim 10 said memory being configured to store authentication data and biographic data of a user associated with said mobile communications device, and store a mobile device smart card identifier.
  - 12. The mobile communications device in accordance with claim 10, wherein the operations further comprise emulating operations conducted by smart cards and by smart card readers containing smart cards.
  - 13. The mobile communications device in accordance with claim 10, said mobile device being a smart phone, a tablet computer, a laptop computer, or a personal digital assistant.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Corporation DAON Technology
Original Assignee
Daon Holdings Limited
Inventors
Ahern, James, Patefield-Smith, Martin
Primary Examiner(s)
Smithers, Matthew
Assistant Examiner(s)
BROWN, DE'MARIS R

Application Number

US13/454,130
Publication Number

US 20130281055A1
Time in Patent Office

1,064 Days
Field of Search
US Class Current

713/172
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/123   by using dedicated hardware...

G06F 21/34   involving the use of extern...

G06F 21/602   Providing cryptographic fac...

G06Q 20/341   Active cards, i.e. cards in...

H04L 9/32   including means for verifyi...

H04M 15/7556   by SIM, e.g. smart card acc...

Methods and systems for conducting smart card transactions

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for conducting smart card transactions

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links