System and methods for secure firmware validation
First Claim
1. A dynamic transaction card comprising:
- A EuroPay-MasterCard-Visa (EMV) processor storing existing firmware and version data associated with the existing firmware;
an EMV plate connectively coupled to the EMV processor;
a bootloader;
an input/output interface that receives an updated firmware program from a firmware provider system;
an applet comprising instructions that when executed, cause the EMV chip to perform a checksum validation; and
data storage storing a first checksum calculated using the stored firmware upon loading of the firmware, wherein firmware is validated on the dynamic transaction card by performing the following;
receiving at the EMV processor, a trigger that triggers checksum validation via the applet;
reading, via the applet, the firmware to determine data comprising the first checksum;
receiving at the EMV processor, the data comprising the first checksum;
calculating, using the EMV processor, a second checksum associated with the firmware;
comparing, using the EMV processor, the first checksum and the second checksum;
validating the updated firmware upon determining that the received checksum and the calculated checksum are equal; and
deleting at least a portion of data in the data storage and the EMV processor upon determining that the first checksum and the second checksum are not equal;
wherein the EMV processor receives, via contacts on the EMV plate, an update component associated with the updated firmware program transmitted from the firmware provider system during a secure communication with the firmware provider system via a secure terminal, wherein the update component is used to validate the received updated firmware program;
wherein, in response to the validation of the updated firmware program, the bootloader loads the updated firmware on the dynamic transaction card, executes the updated firmware program, which overwrites the existing firmware; and
wherein, in response to the bootloader loading and executing the updated firmware program, the EMV processor stores and uses the updated firmware program.
2 Assignments
0 Petitions
Accused Products
Abstract
An electronic device, such as a dynamic transaction card having an EMV chip, that acts as a TPM having a memory, an applet, and a cryptographic coprocessor performs secure firmware and/or software updates, and performs firmware and/or software validation for firmware and/or software that is stored on the electronic device. Validation may compare a calculated checksum with a checksum stored in EMV chip memory. If a checksum calculated for firmware and/or a software application matches a checksum stored in EMV chip memory of the transaction card, the transaction card may operate normally. If a checksum calculated for firmware and/or a software application does not match a checksum stored in EMV chip memory of the transaction card, the transaction card may freeze all capabilities, erase the memory of the transaction card, display data indicative of a fraudulent or inactive transaction card, and/or the like.
-
Citations
28 Claims
-
1. A dynamic transaction card comprising:
-
A EuroPay-MasterCard-Visa (EMV) processor storing existing firmware and version data associated with the existing firmware; an EMV plate connectively coupled to the EMV processor; a bootloader; an input/output interface that receives an updated firmware program from a firmware provider system; an applet comprising instructions that when executed, cause the EMV chip to perform a checksum validation; and data storage storing a first checksum calculated using the stored firmware upon loading of the firmware, wherein firmware is validated on the dynamic transaction card by performing the following; receiving at the EMV processor, a trigger that triggers checksum validation via the applet; reading, via the applet, the firmware to determine data comprising the first checksum; receiving at the EMV processor, the data comprising the first checksum; calculating, using the EMV processor, a second checksum associated with the firmware; comparing, using the EMV processor, the first checksum and the second checksum; validating the updated firmware upon determining that the received checksum and the calculated checksum are equal; and deleting at least a portion of data in the data storage and the EMV processor upon determining that the first checksum and the second checksum are not equal; wherein the EMV processor receives, via contacts on the EMV plate, an update component associated with the updated firmware program transmitted from the firmware provider system during a secure communication with the firmware provider system via a secure terminal, wherein the update component is used to validate the received updated firmware program; wherein, in response to the validation of the updated firmware program, the bootloader loads the updated firmware on the dynamic transaction card, executes the updated firmware program, which overwrites the existing firmware; and wherein, in response to the bootloader loading and executing the updated firmware program, the EMV processor stores and uses the updated firmware program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for updating firmware on a dynamic transaction card comprising:
-
storing existing firmware and version data associated with the existing firmware in a EuroPay-MasterCard-Visa (EMV) processor contained within the dynamic transaction card; receiving, at the EMV processor via an input/output interface connectively coupled to the EMV processor, an updated firmware program transmitted from a firmware provider system; receiving, at the EMV processor via an EMV plate connectively coupled to the EMV processor, an update component associated with the updated firmware program from the firmware provider system during a secure communication with the firmware provider system via a secure terminal; validating, using the EMV processor, the received updated firmware program an EMV processor storing existing firmware and version data associated with the existing firmware; loading, via a bootloader, the updated firmware, in response to validating the updated firmware; upon loading the firmware, calculating a first checksum using the stored firmware; storing the first checksum in data storage; receiving at the EMV processor, a trigger that triggers checksum validation via an applets; reading, via the applet, the firmware to determine data comprising the first checksum; receiving at the EMV processor, the data comprising the first checksum; calculating, using the EMV processor, a second checksum associated with the firmware; comparing using the EMV processor, the first checksum and the second checksum; validating the updated firmware upon determining that the received checksum and the calculated checksum are equal; and deleting at least a portion of data in the data storage and the EMV processor upon determining that the first checksum and the second checksum are not equal; executing the updated firmware; overwriting the existing firmware; and storing and using the updated firmware in response to the bootloader loading and executing the updated firmware. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification