Systems and methods for cryptographic authentication of contactless cards

US 10,887,106 B2
Filed: 10/18/2019
Issued: 01/05/2021
Est. Priority Date: 10/02/2018
Status: Active Grant

First Claim

Patent Images

1. An authentication system, comprising:

a contactless card including one or more processors and a memory, the memory containing a key and a counter, wherein the contactless card is configured to;

create cryptographic data based on the key and the counter, andtransmit the cryptographic data and a one-time password;

wherein the counter is configured to increment at one or more intervals in a non-monotonic sequence; and

wherein the increment is associated with one or more cryptographic algorithms.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example embodiments of systems and methods for data transmission between contactless card and receiving devices are provided. In an embodiment, the contactless card may be configured to create a cryptogram based on a plurality of keys and a counter. The cryptogram may be transmitted to the receiving device. The contactless card may be configured to transmit a one-time password to the client device. The counter value may be adjusted each time the one-time password is generated, and the counter may be configured to increment in a non-monotonic sequence, the sequence associated with one or more cryptographic algorithms.

547 Citations

20 Claims

1. An authentication system, comprising:
- a contactless card including one or more processors and a memory, the memory containing a key and a counter, wherein the contactless card is configured to;
  
  create cryptographic data based on the key and the counter, andtransmit the cryptographic data and a one-time password;
  
  wherein the counter is configured to increment at one or more intervals in a non-monotonic sequence; and
  
  wherein the increment is associated with one or more cryptographic algorithms.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The authentication system of claim 1, wherein the counter is configured to begin at a first value for a first account and a second value for a second account.
  - 3. The authentication system of claim 2, wherein the one or more cryptographic algorithms are configured to encrypt a starting value to obtain one or more subsequent counter values.
  - 4. The authentication system of claim 1, wherein the one or more cryptographic algorithms are selected based on a time for entry into an active communication field with a device.
  - 5. The authentication system of claim 1, wherein the increment is based on one selected from the group of an assigned sequence and a derived sequence.
  - 6. The authentication system of claim 5, wherein the increment is based on the derived sequence and the derived sequence comprises account information and session information.
  - 7. The authentication system of claim 6, wherein the account information comprises at least one selected from the group of a unique identifier, a shared secret, a card sequence number, card information, address information, a time of programming of the contactless card, or any combination thereof.
  - 8. The authentication system of claim 6, wherein the session information comprises one or more random values exchanged during an established session.
  - 9. The authentication system of claim 6, wherein the account information comprises at least one dynamic parameter.
  - 10. The authentication system of claim 1, wherein the one-time password is transmitted for authentication.

11. A method for authenticating one-time passwords, comprising:
- creating, by one or more processors, cryptographic data based on a key and a counter contained in a memory of a contactless card; and
  
  transmitting, by the one or more processors, the cryptographic data and one or more one-time passwords for authentication;
  
  wherein the counter is configured to decrement at one or more intervals in a non-monotonic sequence; and
  
  wherein the decrement associated with one or more cryptographic algorithms.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, wherein the counter is configured to begin at a first value for a first account and a second value for a second account.
  - 13. The method of claim 12, wherein the one or more cryptographic algorithms are configured to encrypt a starting value to obtain one or more subsequent counter values.
  - 14. The method of claim 11, wherein the one or more cryptographic algorithms are selected based on a time for entry into an active communication field with a device.
  - 15. The method of claim 11, wherein the decrement is based on an assigned sequence and the assigned sequence is based on a previous counter value.
  - 16. The method of claim 11, wherein the decrement is based on a derived sequence and the derived sequence comprises account information and session information.
  - 17. The method of claim 16, wherein the account information comprises at least one selected from the group of a plurality of parameters including a unique identifier, a shared secret, a card sequence number, card information, address information, a time of programming of the contactless card, or any combination thereof.
  - 18. The method of claim 17, wherein a first parameter of the plurality of parameters is combined with a second parameter of the plurality of parameters to yield the derived sequence.
  - 19. The method of claim 11, wherein the one or more cryptographic algorithms are selected to avoid wrapping of the counter.

20. A contactless card comprising:
- one or more processors and a memory, wherein the memory contains a counter,wherein the contactless card is configured to;
  
  transmit one or more one-time passwords, andadjust the counter with generation of each of the one or more one-time passwords;
  
  wherein the counter is configured to increment or decrement in a non-monotonic sequence; and
  
  wherein a value of the increment or decrement is selected based on a time for entry by the contactless card into an active communication field of a device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Capital One Services LLC (Capital One Financial Corporation)
Original Assignee
Capital One Services LLC (Capital One Financial Corporation)
Inventors
Ashfield, James, Duane, William, Osborn, Kevin
Primary Examiner(s)
Korsak, Oleg

Application Number

US16/657,917
Publication Number

US 20200235934A1
Time in Patent Office

445 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 9/14   using a plurality of keys o...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3228   One-time or temporary data,...

H04L 9/3234   involving additional secure...

H04L 9/3242   involving keyed hash functi...

Systems and methods for cryptographic authentication of contactless cards

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

547 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for cryptographic authentication of contactless cards

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

547 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links