公开(公告)号：US20230086806A1

公开(公告)日：2023-03-23

申请号：US18071502

申请日：2022-11-29

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Ashfaq Kamal

IPC: H04L9/40 ,  G06Q40/02 ,  G06F21/35 ,  H04L9/32 ,  G06Q20/02 ,  G06F21/33 ,  G06Q20/38 ,  G06Q50/26 ,  G06F21/64 ,  G06Q10/10 ,  G06Q20/40

Abstract: Systems and methods are provided for verifying identities of users. One example computer-implemented method includes requesting a unique ID for a user, from a software development kit (SDK) in a mobile device, and issuing the unique ID for the user. The method also includes generating, by the SDK, a public/private key pair specific to the unique ID, prompting the user to capture an image of a government issued document, and capturing the image of the document. The method further includes validating, by the mobile device, the identity of the user based on the image of the document and, based on the validation, (i) converting the image via a one-way hash function, (ii) signing the hashed image with the private key of the public/private key pair, and (iii) transmitting the signed hashed image, the unique ID, and the public key of the public/private key pair to an identification provider.

公开(公告)号：US11522848B2

公开(公告)日：2022-12-06

申请号：US16679115

申请日：2019-11-08

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Ashfaq Kamal

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/64 ,  G06F21/33 ,  G06F21/35 ,  H04L9/40 ,  G06Q40/02 ,  G06Q20/02 ,  G06Q20/38 ,  G06Q50/26 ,  G06Q10/10 ,  G06Q20/40

Abstract: Systems and methods are provided for verifying identities of users. One exemplary method includes generating a unique identifier (ID) for a user, generating a public/private key pair associated with the unique ID for the user, and receiving at least two images. The images include a first image associated with a physical document indicative of an identity of the user and a second image comprising an image of at least part of the user. The exemplary method further includes validating an integrity of the first image, converting at least the first image to one-way hashed data, when the integrity of the first image is valid, and transmitting the hashed data signed with the private key, the unique ID and the public key to an identification provider, whereby a digital identity record for the user is stored in a ledger data structure.

公开(公告)号：US20220141218A1

公开(公告)日：2022-05-05

申请号：US17579219

申请日：2022-01-19

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Sumeet Bhatt ,  Ashfaq Kamal ,  Robert D. Reany

IPC: H04L9/40 ,  G06F16/955 ,  G06Q20/00 ,  G06F21/32 ,  G06Q20/10 ,  G06Q20/18 ,  G06Q20/34 ,  G06Q20/40

Abstract: Systems, methods, and non-transitory computer readable media relate to smartcard biometric enrollment. In an embodiment that does not require a user to visit a central location to provide fingerprint images, an activation code corresponding to a unique ID that uniquely identifies a user of a service is generated and sent to the user. In response, at least one finger image is received from a user device. The image is processed to isolate a fingerprint image, which is used to generate a biometric template that is sent to a smartcard manufacturer and used to configure a smartcard for biometric authentication of the user. In another embodiment, a kiosk/ATM provides smartcard biometric enrollment by detecting a smartcard in the smartcard reader, verifying an ID of a user associated with the smartcard, capturing a biometric image from the user, processing the biometric image to generate a biometric template, and storing the biometric template on the smartcard.

公开(公告)号：US11240233B2

公开(公告)日：2022-02-01

申请号：US15853648

申请日：2017-12-22

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Ashfaq Kamal ,  Sumeet Bhatt ,  Robert D. Reany

IPC: H04L29/06 ,  G06Q20/20

Abstract: Systems and methods are provided for use in provisioning a biometric image template of a user to a card device associated with the user. One exemplary method includes authenticating, by a card device, a portable communication device associated with the user based on a certificate associated with the portable communication device and receiving, at the card device, a biometric image of the user from the portable communication device after the portable communication device is authenticated. The method then includes storing, by the card device, the biometric image of the user in a memory of the card device as a biometric image template of the user, whereby the user may be authenticated, by the card device, based on a subsequent biometric image matching the biometric image template.

公开(公告)号：US20210110397A1

公开(公告)日：2021-04-15

申请号：US17069475

申请日：2020-10-13

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Daniel Brian O'Sullivan ,  Ashfaq Kamal

IPC: G06Q20/40

Abstract: Systems, devices and methods are described herein for verifying digital identities. One exemplary method includes receiving a request for verification from a relying party where the request includes a query related to an attribute of an identity of a user and a MPAN specific to the user. The method also includes identifying at least one verification party enrolled for the user and, when the at least one verification party includes sufficient information to respond to the query, converting the MPAN to an AgencyPAN associated with the at least one verification party. The method then includes submitting the query along with the AgencyPAN to an interface processor associated with the at least one verification party, receiving a response to the query from the interface processor, and transmitting the response to the query to the relying party.

公开(公告)号：US20210014682A1

公开(公告)日：2021-01-14

申请号：US16925688

申请日：2020-07-10

Applicant: Mastercard International Incorporated

Inventor： Ashfaq Kamal

IPC: H04W12/06 ,  H04W12/00 ,  H04W8/20 ,  G06Q20/32 ,  H04L9/08 ,  G06K19/077

Abstract: Methods and apparatus for securing access to an encrypted personal data store on a mobile device. In some embodiments, a universal integrated circuit card (UICC) processor receives, from a mobile device processor of a mobile device having an encrypted Personal Data Store (PDS), a PDS access request associated with a mobile application, then determines that access control rules are stored in at least one access control rules database and transmits to the mobile device processor, the access control rules governing access to the data in the encrypted PDS. The process also includes the UICC processor receiving a request for a symmetric shared secret and transmitting the symmetric shared secret to the mobile device processor for use in accessing the PID of the user stored in the encrypted PDS in accordance with the access control rules.

公开(公告)号：US10715520B2

公开(公告)日：2020-07-14

申请号：US15583147

申请日：2017-05-01

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Sumeet Bhatt ,  Ashfaq Kamal ,  Robert D. Reany

IPC: H04L29/06 ,  G06F16/955 ,  G06Q20/00 ,  G06F21/32 ,  G06Q20/10 ,  G06Q20/18 ,  G06Q20/34 ,  G06Q20/40

Abstract: Systems, methods, and non-transitory computer readable media decentralizes biometric enrollment. A server receives a request to enroll a user for biometric authentication in association with a unique ID, generates an activation code corresponding to the unique ID, and sends the activation code to the user. A user device receives and validates the activation code. If the activation code is valid, the user device is enabled to: capture at least one biometric image, and to send the biometric image to the server. The server receives at least one biometric image from the user device in response to the activation code and extracts features from at least one biometric image to generate a biometric template based upon the extracted features to enroll the user for biometric authentication without requiring the user to visit a central location to provide at least one biometric image.

公开(公告)号：US20200159914A1

公开(公告)日：2020-05-21

申请号：US16751534

申请日：2020-01-24

Applicant: Mastercard International Incorporated

Inventor： Ashfaq Kamal

IPC: G06F21/53 ,  H04W12/06 ,  H04L29/06 ,  H04L9/32 ,  H04L9/30 ,  G06F21/62 ,  G06F21/56 ,  G06F8/71 ,  G06F8/61 ,  H04W4/80 ,  H04L9/08 ,  H04L9/06 ,  G06F21/14

Abstract: Methods and systems for protecting sensitive data and applications on a mobile device. In an embodiment, a mobile device processor of a mobile device downloads, from a digital wallet server computer, a mobile wallet application including a white box software development kit (SDK) which includes code protection processes, then obfuscates, by running the code protection processes of the white box SDK, consumer financial data and consumer authentication data and stores the obfuscated consumer financial data and consumer authentication data in a regular memory of the mobile device. The process also includes protecting, by the mobile device processor running the white box SDK, sensitive applications stored in the regular memory which execute during a transaction from attack, and re-obfuscating, by the mobile device processor, at least one of the consumer financial data and the consumer authentication data according to a predetermined time interval.

公开(公告)号：US10546119B2

公开(公告)日：2020-01-28

申请号：US15350783

申请日：2016-11-14

Applicant: MasterCard International Incorporated

Inventor： Ashfaq Kamal

IPC: G06F21/00 ,  G06F21/53 ,  H04W4/80 ,  G06F8/61 ,  G06F8/71 ,  G06F21/56 ,  G06F21/62 ,  H04L9/30 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04W88/02

Abstract: Methods and systems for protecting sensitive data on a mobile device. In an embodiment, a mobile device processor of a mobile device downloads, from a provider computer, an application including a white box software development kit (SDK). The mobile device processor utilizes a code protection process of the application to obfuscate sensitive user data, stores the obfuscated user data in a regular memory, runs the white box SDK to monitor and protect sensitive applications which execute when conducting transactions, and receives instructions from a trusted application manager computer to at least one of re-obfuscate the sensitive user data and reset a user root key.

公开(公告)号：US20200013032A1

公开(公告)日：2020-01-09

申请号：US16030315

申请日：2018-07-09

Applicant: Mastercard International Incorporated

Inventor： Ellen Moskowitz ,  Ashfaq Kamal

IPC: G06Q20/10 ,  G06Q20/34 ,  G06K19/07

Abstract: Methods, apparatus and systems for allowing users to easily and securely enroll directly into a newly issued biometric payment card. In an embodiment, a user is provided with a biometric payment card enrollment package that includes a biometric payment card, an energy sleeve having a power source and at least a front wall and a rear wall defining an opening for accepting the biometric payment card therein, and at least one light-emitting diode (LED). The power source includes circuitry to provide power to an EMV chip of the biometric payment card when the biometric payment card is seated therein, and to provide power to the LED during a biometric enrollment process. In some embodiments, a software development kit (SDK) provided by the issuer of the biometric payment card provides support and guidance which enables the user to enroll directly into the biometric payment card.