Using a contactless card to securely share personal data stored in a blockchain
First Claim
1. A method for providing a user data element to a merchant device during a transaction between a user and a merchant, comprising:
- receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant and a type of the user data element;
generating an encrypted request by encrypting, by an applet executing in a memory of the contactless card based on a private key stored in the memory of the contactless card, the wallet address of the merchant and the type of the user data element;
generating, by the applet based on the private key, a digital signature for the first request;
transmitting, to a card reader of a mobile device by the communications interface of the contactless card, the digital signature and the encrypted request;
receiving, by a verification service executing on a server from the mobile device, the digital signature, the encrypted request, and a wallet address of the user;
verifying, by the verification service, the digital signature based on a public key associated with the private key of the contactless card;
decrypting, by the verification service based on verifying the digital signature, the encrypted request using the private key and selecting, by the verification service, the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user;
encrypting, by the verification service, the selected user data element using the public key to produce an encrypted user data element;
transmitting, by the verification service to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user;
responsive to receiving the second request, generating, by the node, a block in the blockchain corresponding to the first request, the block comprising the indication of the verification of the digital signature, the encrypted user data element, and the public key, the wallet address of the merchant, and the wallet address of the user;
responsive to generation of the block, reading, by the merchant device, the block in the blockchain;
decrypting, by the merchant device based on the public key, the encrypted user data element; and
authorizing, by the merchant device, the transaction based on the decrypted user data element.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and articles of manufacture to securely share data stored in a blockchain. A contactless card may receive a request to provide a data element from a device. An applet of the contactless card may encrypt the data element and a wallet address. The applet may generate a signature for the request, and transmit, to a mobile device, the signature and the encrypted data. The mobile device may transmit, to a verification service, the signature and encrypted data. The verification service may verify the signature based on a public key. A node in a blockchain may generate a block in the blockchain, the block comprising indications of the verification of the signature, the requested data element, and the wallet address. An encrypted data element corresponding to the data element may be decrypted using a public key. The device may receive the decrypted data element from the wallet address.
572 Citations
20 Claims
-
1. A method for providing a user data element to a merchant device during a transaction between a user and a merchant, comprising:
-
receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant and a type of the user data element; generating an encrypted request by encrypting, by an applet executing in a memory of the contactless card based on a private key stored in the memory of the contactless card, the wallet address of the merchant and the type of the user data element; generating, by the applet based on the private key, a digital signature for the first request; transmitting, to a card reader of a mobile device by the communications interface of the contactless card, the digital signature and the encrypted request; receiving, by a verification service executing on a server from the mobile device, the digital signature, the encrypted request, and a wallet address of the user; verifying, by the verification service, the digital signature based on a public key associated with the private key of the contactless card; decrypting, by the verification service based on verifying the digital signature, the encrypted request using the private key and selecting, by the verification service, the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user; encrypting, by the verification service, the selected user data element using the public key to produce an encrypted user data element; transmitting, by the verification service to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user; responsive to receiving the second request, generating, by the node, a block in the blockchain corresponding to the first request, the block comprising the indication of the verification of the digital signature, the encrypted user data element, and the public key, the wallet address of the merchant, and the wallet address of the user; responsive to generation of the block, reading, by the merchant device, the block in the blockchain; decrypting, by the merchant device based on the public key, the encrypted user data element; and authorizing, by the merchant device, the transaction based on the decrypted user data element. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system to provide a user data element to a merchant device during a transaction between a user and a merchant, comprising:
-
a contactless card, comprising; a communications interface, wherein the communications interface is configured to receive a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant, and a type of the user data element; a processor; and a memory storing an applet which when executed by the processor causes the processor to; generate an encrypted request by encrypting the wallet address of the merchant and the type of the user data element based on a private key stored in the memory of the contactless card; generate a digital signature for the first request; and transmit the digital signature and the encrypted request to a card reader of a mobile device; a server executing a verification service, the verification service programmed to; receive the digital signature, the encrypted request, and a wallet address of the user from the mobile device; verify the digital signature received from the mobile device based on a public key associated with the private key of the contactless card; based on the verification of the digital signature, decrypt the encrypted request received from the mobile device using the private key; select the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user; encrypt the selected user data element using the public key to produce an encrypted user data element; and transmit, to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user; and a node of a blockchain programmed to; generate a block in the blockchain corresponding to the first request in response to receiving the second request from the verification service, the block comprising the indication of the verification of the digital signature, the encrypted user data element, the public key, the wallet address of the merchant, and the wallet address of the user, wherein the merchant device is programmed to read the block in the blockchain, decrypt the encrypted user data element from the block based on the public key, and authorize the transaction based on the decrypted user data element. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium storing computer-readable instructions that when executed by a processor cause the processor to perform operations to provide a user data element to a merchant device during a transaction between a user and a merchant, the operations comprising:
-
receiving, by a communications interface of a contactless card from a card reader of a merchant device, a first request to provide the user data element to a wallet address of the merchant, wherein the first request includes the wallet address of the merchant and a type of the user data element; generating an encrypted request by encrypting, by an applet executing in a memory of the contactless card based on a private key stored in the memory of the contactless card, the wallet address of the merchant and the type of the user data element; generating, by the applet based on the private key, a digital signature for the first request; transmitting, to a card reader of a mobile device by the communications interface of the contactless card, the digital signature and the encrypted request; receiving, by a verification service executing on a server from the mobile device, the digital signature, the encrypted request, and a wallet address of the user; verifying, by the verification service, the digital signature based on a public key associated with the private key of the contactless card; based on the verifying the digital signature, decrypting, by the verification service, the encrypted request using the private key and selecting, by the verification service, the user data element corresponding to the type of the user data element, wherein the user data element comprises information describing the user; encrypting, by the verification service, the selected user data element using the public key to produce an encrypted user data element; transmitting, by the verification service to a node of a blockchain, a second request to generate a block in the blockchain, wherein the second request comprises the encrypted user data element, an indication of the verification of the digital signature, the public key, the wallet address of the merchant, and the wallet address of the user; in response to receiving the second request, generating, by the node of the blockchain, a block in the blockchain corresponding to the first request, the block comprising the indication of the verification of the digital signature, the encrypted one or more user data element, the public key, the wallet address of the merchant, and the wallet address of the user; in responsive to generation of the block, reading, by the merchant device, the block in the blockchain; decrypting, by the merchant device based on the public key, the encrypted user data element; and authorizing, by the merchant device, the transaction based on the decrypted user data element. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification