Smart card loading transactions using wireless telecommunications network
First Claim
1. A method of loading value over a wireless telecommunications network onto a smart card using a mobile telephone handset, said method comprising:
- receiving at a subscriber identification module (SIM) within a mobile telephone handset a request from a user to load a load value onto a smart card that communicates with said handset;
generating, by said smart card, a cryptographic signature S1 using a first cryptographic key shared between said smart card and an issuer of said smart card;
sending a funding account identifier from said smart card to said SIM;
preparing a load data message that includes said load value, said funding account identifier, and said cryptographic signature S1;
sending said load data message over said telecommunications network from said SIM of said handset to a gateway server computer;
receiving an approval response message from said gateway server computer at said SIM of said handset, said approval response message including a cryptographic signature S2 and an approval to load said load value onto said smart card, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card;
validating, by said smart card, said cryptographic signature S2; and
loading said load value into a stored-value application of said smart card.
1 Assignment
0 Petitions
Accused Products
Abstract
Smart card transactions allow consumers to load value onto and make purchases using smart cards with a mobile telephone handset over the telecommunications network. To load the smart card, the handset receives a request to load value. The handset generates a funds request message and sends the message to a funds issuer computer that debits a user account. Next, the handset authenticates the smart card and receives a response message including approval to load. The handset validates the response and loads the value onto the smart card. For payment, the handset sends an order request message to the merchant server computer, and in return receives a purchase instruction message. The handset processes the message locally, and sends a draw request message to a payment server computer. The payment server computer sends an approval to debit the smart card. The handset validates the approval and debits the smart card.
-
Citations
39 Claims
-
1. A method of loading value over a wireless telecommunications network onto a smart card using a mobile telephone handset, said method comprising:
-
receiving at a subscriber identification module (SIM) within a mobile telephone handset a request from a user to load a load value onto a smart card that communicates with said handset; generating, by said smart card, a cryptographic signature S1 using a first cryptographic key shared between said smart card and an issuer of said smart card; sending a funding account identifier from said smart card to said SIM; preparing a load data message that includes said load value, said funding account identifier, and said cryptographic signature S1; sending said load data message over said telecommunications network from said SIM of said handset to a gateway server computer; receiving an approval response message from said gateway server computer at said SIM of said handset, said approval response message including a cryptographic signature S2 and an approval to load said load value onto said smart card, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; validating, by said smart card, said cryptographic signature S2; and loading said load value into a stored-value application of said smart card. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of loading value over a wireless telecommunications network onto a smart card using a mobile telephone handset, said method comprising:
-
receiving, at a gateway server computer, a load data message over a wireless telecommunications network from a subscriber identification module (SIM) within a mobile telephone handset, wherein said load data message includes a load value, a funding account identifier, and a cryptographic signature S1 generated by a smart card; sending a funds request message over a network to a bank system that controls an account of a user, said funds request message including said load value and said funding account identifier that identifies said account of said user; receiving a funds response message over said network from said bank system indicating an approval to debit said user account by said load value; sending a load request message over said network to an issuer system arranged to authenticate said smart card, said load request message including said cryptographic signature S1, wherein said cryptographic signature S1 is generated using a first cryptographic key shared between said smart card and an issuer of said smart card; receiving a load response message over said network from said issuer system indicating validation of said smart card and a cryptographic signature S2, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; and sending an approval response message from said gateway server computer to said SIM of said handset over said wireless telecommunications network, said approval response message including said cryptographic signature S2 and an approval to load said load value onto said smart card that is in communication with said handset. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An apparatus, comprising:
-
a memory; and a processor disposed in communication with said memory, and configured to issue a plurality of processing instructions stored in the memory, wherein the processor issues instructions to; receive at a subscriber identification module (SIM) within a mobile telephone handset a request from a user to load a load value onto a smart card that communicates with said handset; generate, by said smart card, a cryptographic signature S1 using a first cryptographic key shared between said smart card and an issuer of said smart card; send a funding account identifier from said smart card to said SIM; prepare a load data message that includes said load value, said funding account identifier, and said cryptographic signature S1; send said load data message over a telecommunications network from said SIM of said handset to a gateway server computer; receive an approval response message from said gateway server computer at said SIM of said handset, said approval response message including a cryptographic signature S2 and an approval to load said load value onto said smart card, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; validate, by said smart card, said cryptographic signature S2; and load said load value into a stored-value application of said smart card. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. An apparatus, comprising:
- a memory; and
a processor disposed in communication with said memory, and configured to issue a plurality of processing instructions stored in the memory, wherein the processor issues instructions to; receive, at a gateway server computer, a load data message over a wireless telecommunications network from a subscriber identification module (SIM) within a mobile telephone handset, wherein said load data message includes a load value, a funding account identifier, and a cryptographic signature S1 generated by a smart card; send a funds request message over a network to a bank system that controls an account of a user, said funds request message including said load value and said funding account identifier that identifies said account of said user; receive a funds response message over said network from said bank system indicating an approval to debit said user account by said load value; send a load request message over said network to an issuer system arranged to authenticate said smart card, said load request message including said cryptographic signature S1, wherein said cryptographic signature S1 is generated using a first cryptographic key shared between said smart card and an issuer of said smart card; receive a load response message over said network from said issuer system indicating validation of said smart card and a cryptographic signature S2, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; and send an approval response message from said gateway server computer to said SIM of said handset over said wireless telecommunications network, said response message including said cryptographic signature S2 and an approval to load said load value onto said smart card that is in communication with said handset. - View Dependent Claims (22, 23, 24, 25, 26)
- a memory; and
-
27. A processor-readable non-transitory medium storing processor-executable instructions to:
-
receive at a subscriber identification module (SIM) within a mobile telephone handset a request from a user to load a load value onto a smart card that communicates with said handset; generate, by said smart card, a cryptographic signature S1 using a first cryptographic key shared between said smart card and an issuer of said smart card; send a funding account identifier from said smart card to said SIM; prepare a load data message that includes said load value, said funding account identifier, and said cryptographic signature S1; send said load data message over a telecommunications network from said SIM of said handset to a gateway server computer; receive an approval response message from said gateway server computer at said SIM of said handset, said approval response message including a cryptographic signature S2 and an approval to load said load value onto said smart card, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; validate, by said smart card, said cryptographic signature S2; and load said load value into a stored-value application of said smart card. - View Dependent Claims (28, 29, 30, 31, 32, 33)
-
-
34. A processor-readable non-transitory medium storing processor-executable instructions to:
-
receive, at a gateway server computer, a load data message over a wireless telecommunications network from a subscriber identification module (SIM) within a mobile telephone handset, wherein said load data message includes a load value, a funding account identifier, and a cryptographic signature S1 generated by a smart card; send a funds request message over a network to a bank system that controls an account of said user, said funds request message including said load value and said funding account identifier that identifies said account of said user; receive a funds response message over said network from said bank system indicating an approval to debit said user account by said load value; send a load request message over said network to an issuer system arranged to authenticate said smart card, said load request message including said cryptographic signature S1, wherein said cryptographic signature S1 is generated using a first cryptographic key shared between said smart card and an issuer of said smart card; receive a load response message over said network from said issuer system indicating validation of said smart card and a cryptographic signature S2, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; and send an approval response message from said gateway server computer to said SIM of said handset over said wireless telecommunications network, said approval response message including said cryptographic signature S2 and an approval to load said load value onto said smart card that is in communication with said handset. - View Dependent Claims (35, 36, 37, 38, 39)
-
Specification