Client device authentication using contactless legacy magnetic stripe data
First Claim
1. A data transmission system comprising:
- a card having a processor and memory, the memory of the card containing a master key, transmission data and a counter value, wherein the card is an MSD compliant card;
a server having a processor and memory, the memory of the server containing the master key and the counter value;
a cellphone wherein the server is in data communication with the card through the cellphone;
wherein the cellphone is configured to;
receive an input from a user and, based on the input, derive a key diversification value;
transmit the key diversification value to the card;
receive encrypted transmission data from the card; and
transmit the encrypted transmission data and the key diversification value to the server;
wherein the card is configured to;
generate a diversified key using the master key, the counter value, the key diversification value and one or more cryptographic algorithms;
encrypt the transmission data using one or more cryptographic algorithms and the diversified key to yield the encrypted transmission data, andtransmit the encrypted transmission data to the cellphone; and
wherein the server is configured to;
receive the encrypted transmission and the key diversification value from the cellphone;
generate the diversified key based on the master key, the counter value and the key diversification value; and
decrypt the encrypted transmission data using one or more cryptographic algorithms and the diversified key; and
transmit a communication to a second server to authenticate a transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
A technique for generating a diversified encryption key for a contactless legacy magnetic stripe card is disclosed. The diversified key can be generated using a master key, a key diversification value and an encryption algorithm. In one example embodiment, the key diversification value can be provided by the user as a fingerprint, numeric code or photo. The user can provide the key diversification value to the card or a cellphone. The card can generate the diversified key using the user provided key diversification value. The card or the cellphone can transmit the user provided diversification value to the server and the server can regenerate the diversified key using the user provided diversification value.
562 Citations
20 Claims
-
1. A data transmission system comprising:
-
a card having a processor and memory, the memory of the card containing a master key, transmission data and a counter value, wherein the card is an MSD compliant card; a server having a processor and memory, the memory of the server containing the master key and the counter value; a cellphone wherein the server is in data communication with the card through the cellphone; wherein the cellphone is configured to; receive an input from a user and, based on the input, derive a key diversification value; transmit the key diversification value to the card; receive encrypted transmission data from the card; and transmit the encrypted transmission data and the key diversification value to the server; wherein the card is configured to; generate a diversified key using the master key, the counter value, the key diversification value and one or more cryptographic algorithms; encrypt the transmission data using one or more cryptographic algorithms and the diversified key to yield the encrypted transmission data, and transmit the encrypted transmission data to the cellphone; and wherein the server is configured to; receive the encrypted transmission and the key diversification value from the cellphone; generate the diversified key based on the master key, the counter value and the key diversification value; and decrypt the encrypted transmission data using one or more cryptographic algorithms and the diversified key; and transmit a communication to a second server to authenticate a transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A data transmission system comprising:
-
a card having a processor and memory, the memory of the card containing a master key, transmission data and a counter value, wherein the card is an MSD compliant card; a server having a processor and memory, the memory of the server containing the master key and the counter value; a cellphone wherein the server is in data communication with the card through the cellphone; wherein the cellphone is configured to; receive a first input from a user and, based on the first input, derive a key diversification value; receive a second input from the user and, based on the second input, derive an algorithm selection value; transmit the key diversification value and the algorithm selection value to the card; receive encrypted transmission data from the card; and transmit the encrypted transmission data, the key diversification value and the algorithm selection value to the server; wherein the card is configured to; generate a diversified key using the master key, the counter value, the key diversification value and a cryptographic algorithm selected using the algorithm selection value; encrypt the transmission data using the cryptographic algorithm and the diversified key to yield the encrypted transmission data; and transmit the encrypted transmission data to the cellphone; and wherein the server is configured to; receive the encrypted transmission, the key diversification value and the algorithm selection value from the cellphone; generate the diversified key based on the master key, the counter value and the key diversification value using the cryptographic algorithm; and decrypt the encrypted transmission data using the cryptographic algorithm and the diversified key; and transmit a communication to a second server to authenticate a transaction. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification