Generating barcodes utilizing cryptographic techniques

US 10,885,410 B1
Filed: 12/23/2019
Issued: 01/05/2021
Est. Priority Date: 12/23/2019
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a processor circuit; and

a memory storing instructions which when executed by the processor circuit, cause the processor circuit to;

initiate, by an application executing on the processor circuit, a request for generation of a barcode;

receive, by the application, encrypted data from a communications interface of a contactless card associated with an account, the encrypted data generated based on a cryptographic algorithm and a diversified key, the diversified key stored in a memory of the contactless card and generated based on a master key and a counter value stored in the memory of the contactless card;

receive, by the application and from a server, verification of the encrypted data;

receive, by the application and from the server, an encrypted authorization token associated with the account; and

generate the barcode on the contactless card utilizing the encrypted authorization token.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, computer-readable media, and apparatuses to securely generate barcodes. In one example, an application may receive a request to generate a barcode. The application may read encrypted data generated by a contactless card and transmit the encrypted data to a server for verification. The server may verify the encrypted data and generate an encrypted authentication token. The server may transmit the encrypted authentication token to the application. The application may provide the encrypted authentication token to the contactless card. The contactless card may generate the barcode using the encrypted authentication token.

570 Citations

20 Claims

1. An apparatus, comprising:
- a processor circuit; and
  
  a memory storing instructions which when executed by the processor circuit, cause the processor circuit to;
  
  initiate, by an application executing on the processor circuit, a request for generation of a barcode;
  
  receive, by the application, encrypted data from a communications interface of a contactless card associated with an account, the encrypted data generated based on a cryptographic algorithm and a diversified key, the diversified key stored in a memory of the contactless card and generated based on a master key and a counter value stored in the memory of the contactless card;
  
  receive, by the application and from a server, verification of the encrypted data;
  
  receive, by the application and from the server, an encrypted authorization token associated with the account; and
  
  generate the barcode on the contactless card utilizing the encrypted authorization token.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus of claim 1, the memory storing instructions which when executed by the processor circuit, cause the processor circuit to:
    - scan the barcode; and
      
      decrypt the authorization token to authorize a transaction.
  - 3. The apparatus of claim 2, wherein the memory storing instructions which when executed by the processor circuit, cause the processor circuit to:
    - invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.
  - 4. The apparatus of claim 3, wherein the transaction is a payment transaction and the authorization token is a payment token, and wherein the payment token is associated with a pre-stipulated user limitation in relation to the transaction.
  - 5. The apparatus of claim 3, wherein the encrypted data received from the contactless card is based on a first tap of the contactless card to the apparatus.
  - 6. The apparatus of claim 2, wherein the processor circuit is associated with a mobile device.
  - 7. The apparatus of claim 6, wherein the memory storing instructions which when executed by the processor circuit, cause the processor circuit to:
    - invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.
  - 8. The apparatus of claim 6, wherein the encrypted data received from the contactless card is based on a first tap of the contactless card to the mobile device.

9. A method, comprising:
- initiating, by an application executing on a processor circuit of a mobile device, a request for generation of a barcode;
  
  receiving, by the application, encrypted data from a communications interface of a contactless card associated with an account, the encrypted data generated based on a cryptographic algorithm and a diversified key, the diversified key stored in a memory of the contactless card and generated based on a master key and a counter value stored in the memory of the contactless card;
  
  receiving, by the application and from a server, verification of the encrypted data;
  
  receiving, by the application and from the server, an encrypted authorization token associated with the account; and
  
  generating the barcode on the contactless card utilizing the encrypted authorization token.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, further comprising:
    - scanning the barcode; and
      
      decrypting the authorization token to authorize a transaction.
  - 11. The method of claim 10, further comprising:
    - invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.
  - 12. The method of claim 11, wherein the transaction is a payment transaction and the authorization token is a payment token.
  - 13. The method of claim 12, wherein the payment token is associated with a pre-stipulated user limitation in relation to the transaction.
  - 14. The method of claim 9, wherein the encrypted data received from the contactless card is based on a first tap of the contactless card to the mobile device.

15. A non-transitory computer-readable storage medium storing instructions that when executed by a processor circuit cause the processor circuit to:
- initiate, by an application executing on the processor circuit, a request for generation of a barcode;
  
  receive, by the application, encrypted data from a communications interface of a contactless card associated with an account, the encrypted data generated based on a cryptographic algorithm and a diversified key, the diversified key stored in a memory of the contactless card and generated based on a master key and a counter value stored in the memory of the contactless card;
  
  receive, by the application and from a server, verification of the encrypted data;
  
  receive, by the application and from the server, an encrypted authorization token associated with the account; and
  
  generate the barcode on the contactless card utilizing the encrypted authorization token.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable storage medium of claim 15, storing instructions that when executed by the processor circuit cause the processor circuit to:
    - scan the barcode; and
      
      decrypt the authorization token to authorize a transaction.
  - 17. The non-transitory computer-readable storage medium of claim 16, storing instructions that when executed by the processor circuit cause the processor circuit to:
    - invalidate the authorization token and the barcode for a subsequent transaction after the scanning of the barcode.
  - 18. The non-transitory computer-readable storage medium of claim 17, wherein the transaction is a payment transaction and the authorization token is a payment token.
  - 19. The non-transitory computer-readable storage medium of claim 18, wherein the payment token is associated with a pre-stipulated user limitation in relation to the transaction.
  - 20. The non-transitory computer-readable storage medium of claim 15, wherein the encrypted data received from the contactless card is based on a first tap of the contactless card to a computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Capital One Services LLC (Capital One Financial Corporation)
Original Assignee
Capital One Services LLC (Capital One Financial Corporation)
Inventors
Rule, Jeffrey, Osborn, Kevin, Chigurupati, Srinivasa
Primary Examiner(s)
Ellis, Suezu

Application Number

US16/725,843
Time in Patent Office

379 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/602   Providing cryptographic fac...

G06K 19/06028   using bar codes

G06K 7/1413   1D bar codes

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3226   Use of secure elements sepa...

G06Q 20/3274   using a pictured code, e.g....

G06Q 20/3276   using a pictured code, e.g....

G06Q 20/352   Contactless payments by cards

G06Q 20/357   Cards having a plurality of...

G06Q 20/38215   Use of certificates or encr...

Generating barcodes utilizing cryptographic techniques

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

570 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Generating barcodes utilizing cryptographic techniques

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

570 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links