SYSTEMS AND METHODS FOR SIGNALING AN ATTACK ON CONTACTLESS CARDS

US 20200236133A1
Filed: 10/18/2019
Published: 07/23/2020
Est. Priority Date: 10/02/2018
Status: Active Grant

First Claim

Patent Images

1-20. -20. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key. In an embodiment, the transmitting device can signal an attack or potential attack through the counter value. The attack signaling can further include information relating to the attack or potential attack.

1 Citation

45 Claims

1-20. -20. (canceled)

21. A signaling system comprising:
- a contactless card including a processor and memory; and
  
  a server in data communication with the contactless card,wherein the contactless card is configured to, upon detection of a potential attack, create a one-time password (OTP) value that is transmitted to the server, the OTP value indicative of the potential attack, andwherein the server, upon receipt of the OTP value, is configured to execute one or more actions responsive to the potential attack.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
- - 22. The signaling system of claim 21, wherein:
    - the OTP value is created by one or more OTP generation algorithms; and
      
      the OTP value is based on at least one selected from the group of a counter, time, and a challenge-response scheme.
  - 23. The signaling system of claim 22, wherein:
    - the OTP value is counter-based; and
      
      the contactless card is configured to set one or more keys of the contactless card to a zero value.
  - 24. The signaling system of claim 23, wherein the contactless card is configured to create the OTP value by switching from a first OTP generation algorithm to a second OTP generation algorithm upon detection of the potential attack.
  - 25. The signaling system of claim 22, wherein a plurality of counter-based OTP values are indicative of different potential attacks.
  - 26. The signaling system of claim 22, wherein:
    - the OTP value is time-based; and
      
      the OTP value comprises at least one selected from the group of a time value of zero, a time value prior to an activation of the contactless card, and a time value exceeding a maximum possible lifetime of the contactless card.
  - 27. The signaling system of claim 22, wherein:
    - the OTP value is challenge-response scheme-based; and
      
      the OTP value comprises a value that is configured to exceed a value for a response associated with at least one of the one or more OTP generation algorithms.
  - 28. The signaling system of claim 21, wherein the server is configured to detect whether a plurality of contactless cards have been subject to the potential attack during a predetermined time.
  - 29. The signaling system of claim 21, wherein the contactless card is configured to transmit the OTP value to the server via one or more intermediary devices.

30. A method for signaling a potential attack, comprising:
- receiving, by a server, one or more notifications from a contactless card;
  
  determining, by the server, that the one or more notifications are indicative of the detection of a potential attack to the contactless card; and
  
  executing, by the server, one or more actions in response to the one or more notifications.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39)
- - 31. The method of claim 30, wherein the one or more notifications are based on a challenge-response scheme.
  - 32. The method of claim 31, wherein the one or more notifications are based on at least one selected from the group of time, a counter, and at least one OTP generation algorithm.
  - 33. The method of claim 32, further comprising adjusting, by the contactless card, one or more keys of the contactless card to a zero value when the one or more notifications are counter-based.
  - 34. The method of claim 33, wherein:
    - the counter is adjusted to a value indicative of a specific attack; and
      
      the specific attack is at least one selected from the group of a code-modification attack, a fuzzing attack, and a clock jitter attack.
  - 35. The method of claim 33, wherein:
    - the one or more notifications are time-based; and
      
      the one or more notifications include at least one selected from the group of a time value of zero, a time value prior to existence of the contactless card, and a time value exceeding the maximum possible lifetime of the contactless card.
  - 36. The method of claim 33, wherein:
    - the one or more notifications are challenge-response scheme-based; and
      
      the one or more notifications include a value that is configured to exceed a value for a response associated with at least one of the OTP generation algorithms.
  - 37. The method of claim 33, further comprising receiving, by the server, the one or more notifications from the contactless card that is configured to create the one or more notifications by switching from a first OTP generation algorithm to a second OTP generation algorithm upon detection of the potential attack.
  - 38. The method of claim 30, further comprising determining, by the contactless card, a cloning attempt associated with the transmitting device based on the one or more notifications being requested at a first rate that exceeds a second rate.
  - 39. The method of claim 30, wherein the one or more actions includes at least one selected from the group of generating a plurality of event logs associated with the attack of the contactless card;
    - transmitting a notification to threat response personnel;
      
      rendering the contactless card mute;
      
      initiating a replacement request of the contactless card;
      
      initiating a communication session with a device so as to indicate compromise of the contactless card; and
      
      establishing data communication with an engine so as to adjust a risk level of the user based on the detection of the potential attack.

40. A non-transitory computer readable medium comprising computer-executable instructions that are executed by a processor and comprising the steps of:
- creating, upon detection of a potential attack, a one-time password (OTP) value that is indicative of a potential attack;
  
  transmitting the OTP value; and
  
  performing, upon receipt of the OTP value, one or more protective actions.
- View Dependent Claims (41, 42, 43, 44, 45)
- - 41. The non-transitory computer readable medium of claim 40, wherein:
    - the OTP value is created by one or more OTP generation algorithms; and
      
      the OTP value is based on at least one selected from the group of a counter, time, and a challenge-response scheme.
  - 42. The non-transitory computer readable medium of claim 41, wherein:
    - the OTP value is counter-based; and
      
      a plurality of counter-based OTP values are indicative of different potential attacks.
  - 43. The non-transitory computer readable medium of claim 41, wherein:
    - the OTP value is time-based; and
      
      the OTP value comprises at least one selected from the group of a time value of zero, a time value prior to an activation of a contactless card, and a time value exceeding a maximum possible lifetime of the contactless card.
  - 44. The non-transitory computer readable medium of claim 41, wherein:
    - the OTP value is challenge-response scheme-based; and
      
      the OTP value comprises a value that is configured to exceed a value for a response associated with at least one of the one or more OTP generation algorithms.
  - 45. The non-transitory computer readable medium of claim 41, wherein:
    - the OTP value is created by switching from a first OTP generation algorithm to a second OTP generation algorithm upon detection of the potential attack.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Capital One Services LLC (Capital One Financial Corporation)
Original Assignee
Capital One Services LLC (Capital One Financial Corporation)
Inventors
DUANE, William, CHIGURUPATI, Srinivasa, OSBORN, Kevin

Granted Patent

US 10,880,327 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0838   using one-time-passwords

H04L 63/0846   using time-dependent-passwo...

H04L 63/0853   using an additional device,...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

SYSTEMS AND METHODS FOR SIGNALING AN ATTACK ON CONTACTLESS CARDS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

1 Citation

45 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR SIGNALING AN ATTACK ON CONTACTLESS CARDS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1 Citation

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links