Systems and methods for cryptographic authentication of contactless cards
First Claim
Patent Images
1. A data transmission system comprising:
- a transmitting device having a processor and memory, the memory of the transmitting device containing a diversified master key, transmission data and a counter value;
an application comprising instructions for execution on a receiving device having a processor and memory, the memory of the receiving device containing the master key;
wherein the transmitting device is configured to;
generate a diversified key using the diversified master key, one or more cryptographic algorithms, and the counter value,generate a cryptographic result including the counter value using the one or more cryptographic algorithms and the diversified key,encrypt the transmission data using the one or more cryptographic algorithms and the diversified key to yield encrypted transmission data, andtransmit the cryptographic result and encrypted transmission data to the application; and
wherein the application is configured to;
generate an authentication diversified key based on the master key and a unique identifier;
generate a session key based on the authentication diversified key and the cryptographic result;
decrypt the encrypted transmission data and validate the received cryptographic result using the one or more cryptographic algorithms and the diversified key; and
notify the transmitting device of the successful decryption and validation;
wherein, upon receipt of the notification, the transmitting device is configured to transmit reward data to the application, andwherein the application is configured to generate a code to reset at least one selected from the group of expiring coupons and promotions.
2 Assignments
0 Petitions
Accused Products
Abstract
Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.
553 Citations
20 Claims
-
1. A data transmission system comprising:
-
a transmitting device having a processor and memory, the memory of the transmitting device containing a diversified master key, transmission data and a counter value; an application comprising instructions for execution on a receiving device having a processor and memory, the memory of the receiving device containing the master key; wherein the transmitting device is configured to; generate a diversified key using the diversified master key, one or more cryptographic algorithms, and the counter value, generate a cryptographic result including the counter value using the one or more cryptographic algorithms and the diversified key, encrypt the transmission data using the one or more cryptographic algorithms and the diversified key to yield encrypted transmission data, and transmit the cryptographic result and encrypted transmission data to the application; and wherein the application is configured to; generate an authentication diversified key based on the master key and a unique identifier; generate a session key based on the authentication diversified key and the cryptographic result; decrypt the encrypted transmission data and validate the received cryptographic result using the one or more cryptographic algorithms and the diversified key; and notify the transmitting device of the successful decryption and validation; wherein, upon receipt of the notification, the transmitting device is configured to transmit reward data to the application, and wherein the application is configured to generate a code to reset at least one selected from the group of expiring coupons and promotions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A contactless card comprising:
-
a substrate, including; a memory containing one or more applets, a counter value, and a plurality of keys; a communication interface; and one or more processors in communication with the memory and communication interface, wherein the one or more processors is configured to update the counter value when the communication interface is within a range of a communication field of an application comprising instructions for execution on a receiving device, wherein the contactless card is configured to create a cryptogram using the plurality of keys and the counter value, and wherein the cryptogram is transmitted, via the communication interface, to the application, and wherein loyalty program information is transmitted, via the communication interface, to the application, wherein the application is configured to update the loyalty program information stored on the contactless card, wherein the application is configured to update a reward value stored on the contactless card, and wherein the application is configured to update the reward value based on a number of times the communication interface enters the communication field. - View Dependent Claims (19, 20)
-
Specification