In-Card Access Control and Monotonic Counters for Offline Payment Processing System
First Claim
1. A computer-implemented method for verifying a withdrawal transaction history for a smart card device, comprising:
- detecting a smart card device by a mobile communication device;
establishing, by the mobile communication device, a communication channel with the smart card device in response to detecting the smart card device;
receiving, by the mobile communication device, counter information from the smart card device, the counter information comprising a value corresponding to a sum of previous withdrawals using the smart card device, wherein the value is increased each time the smart card device is used for a withdrawal transaction;
receiving, by the mobile communication device, a transaction history from the smart card device, the transaction history comprising information regarding at least one previous withdrawal record associated with the smart card device;
calculating, by the mobile communication device, a record sum of withdrawals based on the information regarding the at least one previous withdrawal record, the record sum of withdrawals equaling a total amount of withdrawals in previous withdrawal records;
determining, by the mobile communication device, whether the value in the counter information matches the record sum of withdrawals; and
authorizing, by the mobile communication device, a transaction with the smart card device based on a determination that the value in the counter information matches the record sum of withdrawals.
2 Assignments
0 Petitions
Accused Products
Abstract
Preventing fraud during an offline transaction by encoding a randomly-generated card verification code onto a smart card. The verification code is transmitted to a contactless device during each transaction, wherein it is cross-referenced with the account number to ensure presence of the card. Also, every transaction record is signed by an access key resident on the contactless device and certified by a signing key resident on a remote system. Funds may be deposited onto the card when the contactless device creates a deposit request, signs the request using an access key and transmits it to the remote system, which in turn processes the request and certifies it with a signing key. Funds may be withdrawn when the contactless device creates a withdrawal record and signs it using an access key. The remote system verifies the signatures and certifies the records using a signing key when the records are later transmitted.
173 Citations
23 Claims
-
1. A computer-implemented method for verifying a withdrawal transaction history for a smart card device, comprising:
-
detecting a smart card device by a mobile communication device; establishing, by the mobile communication device, a communication channel with the smart card device in response to detecting the smart card device; receiving, by the mobile communication device, counter information from the smart card device, the counter information comprising a value corresponding to a sum of previous withdrawals using the smart card device, wherein the value is increased each time the smart card device is used for a withdrawal transaction; receiving, by the mobile communication device, a transaction history from the smart card device, the transaction history comprising information regarding at least one previous withdrawal record associated with the smart card device; calculating, by the mobile communication device, a record sum of withdrawals based on the information regarding the at least one previous withdrawal record, the record sum of withdrawals equaling a total amount of withdrawals in previous withdrawal records; determining, by the mobile communication device, whether the value in the counter information matches the record sum of withdrawals; and authorizing, by the mobile communication device, a transaction with the smart card device based on a determination that the value in the counter information matches the record sum of withdrawals. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer program product, comprising:
a non-transitory computer-readable medium having computer-readable program code embodied therein for verifying a withdrawal transaction history for a smart card device, the computer-readable medium comprising; computer-readable program code for receiving counter information from the smart card device, the counter information comprising a value corresponding to a sum of previous withdrawals using the smart card device, wherein the value is increased each time the smart card device is used for a withdrawal transaction; computer-readable program code for receiving a transaction history from the smart card device, the transaction history comprising information regarding at least one previous withdrawal record associated with the smart card device; computer-readable program code for calculating, a record sum of withdrawals based on the information regarding the at least one previous withdrawal record, the record sum of withdrawals equaling a total amount of withdrawals in previous withdrawal records; computer-readable program code for determining whether the value in the counter information matches the record sum of withdrawals; and computer-readable program code for authorizing a transaction with the smart card device based on a determination that the value in the counter information matches the record sum of withdrawals. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
19. A system for verifying a withdrawal transaction history for a smart card device, the system comprising:
-
one or more information processing units for executing programs; and an engine executable on the one or more information processing units, the engine comprising; instructions for receiving counter information from the smart card device, the counter information comprising a value corresponding to a sum of previous withdrawals using the smart card device, wherein the value is increased each time the smart card device is used for a withdrawal transaction; instructions for receiving a transaction history from the smart card device, the transaction history comprising information regarding at least one previous withdrawal record associated with the smart card device; instructions for calculating a record sum of withdrawals based on the information regarding the at least one previous withdrawal record, the record sum of withdrawals equaling a total amount of withdrawals in previous withdrawal records; instructions for determining whether the value in the counter information matches the record sum of withdrawals; and instructions for authorizing a transaction with the smart card device based on a determination that the value in the counter information matches the record sum of withdrawals. - View Dependent Claims (20, 21, 22, 23)
-
Specification