Methods and Systems for Two-Factor Authentication Using Contactless Chip Cards or Devices and Mobile Devices or Dedicated Personal Readers
First Claim
1. A method of generating authentication data for use in a transaction comprising:
- providing a contactless chip device having pre-stored secret data, configured to communicate with a mobile device;
inputting a first input value into said mobile device;
placing said contactless chip device in a proximity to said mobile device to instantiate communication between said contactless chip device and said mobile device;
communicating data derived from said first input value from said mobile device to said contactless chip device;
converting data derived from said first input value and said pre-stored secret data, into at least one dynamic value;
communicating said dynamic value from said contactless chip device to said mobile device; and
communicating authentication data based at least in part on said dynamic value to a user of said mobile device.
1 Assignment
0 Petitions
Accused Products
Abstract
Generating authentication data for use in a transaction by providing a contactless payment device or smart card configured to communicate with a mobile device, placing the contactless chip card in a proximity to the mobile device to instantiate communication between the contactless chip card and the mobile device, inputting a first input value into the mobile device, communicating data derived from the first input value from the mobile device to the contactless chip card, the contactless chip card converting a set of conversion data, including the first input value, into at least one dynamic value based at least in part on a secret value, communicating the dynamic value from the contactless chip card to the mobile device, and communicating authentication data based at least in part on the dynamic value to a user. In some embodiments the first input value is a Personal Identification Number (PIN), a challenge, or both a PIN and a challenge.
255 Citations
24 Claims
-
1. A method of generating authentication data for use in a transaction comprising:
-
providing a contactless chip device having pre-stored secret data, configured to communicate with a mobile device;
inputting a first input value into said mobile device;
placing said contactless chip device in a proximity to said mobile device to instantiate communication between said contactless chip device and said mobile device;
communicating data derived from said first input value from said mobile device to said contactless chip device;
converting data derived from said first input value and said pre-stored secret data, into at least one dynamic value;
communicating said dynamic value from said contactless chip device to said mobile device; and
communicating authentication data based at least in part on said dynamic value to a user of said mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of operating a mobile device to generate authentication data for use in a transaction comprising:
-
operating said mobile device in accordance with a first mode of operation wherein said mobile device is capable of permitting voice communication between a user of said mobile device and a third party; and
operating said mobile device in accordance with a second mode of operation in response to a command, said second mode of operation comprising;
receiving a first input value;
communicating data derived from said first input value to a contactless chip device via near field communication;
receiving a dynamic value from said contactless chip device; and
communicating authentication data based at least in part on said dynamic value to a verification entity. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A mobile device for generating authentication data, comprising:
-
a data entry device capable of receiving data from a user;
a communications device capable of communicating with a contactless chip device;
a display capable of displaying data to a user; and
a processor programmed with instructions having functionality for;
receiving a first input value from said data entry device;
communicating data derived from said first input value to a contactless chip device and receiving a responsive dynamic value using said transceiver; and
communicating authentication data based at least in part on said responsive dynamic value via said display. - View Dependent Claims (22, 23, 24)
-
Specification