Cloud-based transactions with magnetic secure transmission
First Claim
1. A method for enhancing security of a communication device when conducting a transaction using the communication device, the method comprising:
- receiving, from a remote computer, a token that is provisioned for conducting transactions;
receiving, by the communication device, a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK;
requesting, by an application executing in an applications environment of the communication device, a transaction cryptogram from a trusted execution environment of the communication device;
generating, by the trusted execution environment of the communication device, a transaction cryptogram using the LUK;
providing the transaction cryptogram to a magnetic stripe transmission driver executing in the trusted execution environment, wherein the providing is performed by a crypto engine within the trusted execution environment communicating the transaction cryptogram to the magnetic stripe transmission driver;
generating, by an inductive coil controlled by the magnetic stripe transmission driver, an emulated magnetic signal representing data that includes the transaction cryptogram and the token instead of a real account identifier;
wherein the inductive coil for generating the emulated magnetic signal representing the data further provides function for wireless charging of the communication device;
transmitting the emulated magnetic signal to a magnetic stripe reader of an access device using the inductive coil of the communication device instead of a magnetic stripe to conduct the transaction; and
wherein the transaction is authorized based on at least whether the usage of the LUK is within the set of one or more limited-use thresholds.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and transmitting a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction. The token and the transaction cryptogram can be transmitted to a magnetic stripe reader by generating an emulated magnetic signal. The LUK may be associated with a set of one or more limited-use thresholds that limits usage of the LUK, and the transaction can be authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds.
617 Citations
18 Claims
-
1. A method for enhancing security of a communication device when conducting a transaction using the communication device, the method comprising:
-
receiving, from a remote computer, a token that is provisioned for conducting transactions; receiving, by the communication device, a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK; requesting, by an application executing in an applications environment of the communication device, a transaction cryptogram from a trusted execution environment of the communication device; generating, by the trusted execution environment of the communication device, a transaction cryptogram using the LUK; providing the transaction cryptogram to a magnetic stripe transmission driver executing in the trusted execution environment, wherein the providing is performed by a crypto engine within the trusted execution environment communicating the transaction cryptogram to the magnetic stripe transmission driver; generating, by an inductive coil controlled by the magnetic stripe transmission driver, an emulated magnetic signal representing data that includes the transaction cryptogram and the token instead of a real account identifier; wherein the inductive coil for generating the emulated magnetic signal representing the data further provides function for wireless charging of the communication device; transmitting the emulated magnetic signal to a magnetic stripe reader of an access device using the inductive coil of the communication device instead of a magnetic stripe to conduct the transaction; and wherein the transaction is authorized based on at least whether the usage of the LUK is within the set of one or more limited-use thresholds. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A communication device comprising:
-
an inductive coil; a processor; and a memory coupled to the processor and storing a mobile application that performs operations for enhancing security of the communication device when conducting transactions using the communication device, the operations including; receiving a token that is provisioned for conducting transactions; receiving a limited-use key (LUK) that is associated with a set of one or more limited-use thresholds that limits usage of the LUK; requesting a transaction cryptogram from a trusted execution environment of the communication device; generating a transaction cryptogram using the LUK, the transaction cryptogram being generated in the trusted execution environment of the communication device; providing the transaction cryptogram to a magnetic stripe transmission driver executing in the trusted execution environment, wherein the providing is performed by a crypto engine within the trusted execution environment communicating the transaction cryptogram to the magnetic stripe transmission driver; generating, by the inductive coil controlled by the magnetic stripe transmission driver, an emulated magnetic signal representing data that includes the transaction cryptogram and the token instead of a real account identifier; wherein the inductive coil for generating the emulated magnetic signal representing the data further provides function for wireless charging of the communication device; transmitting the emulated magnetic signal to a magnetic stripe reader of an access device using the inductive coil of the communication device instead of a magnetic stripe to conduct the transaction; and wherein the transaction is authorized based on at least whether the usage of the LUK is within the set of one or more limited-use thresholds. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification