公开(公告)号：US10135614B2

公开(公告)日：2018-11-20

申请号：US14243325

申请日：2014-04-02

Applicant: MasterCard International Incorporated

Inventor： David Anthony Roberts ,  Patrik Smets ,  Axel Emile Jean Charles Cateland ,  Patricia Bateson

IPC: H04L9/08 ,  H04W12/06 ,  H04W12/04 ,  H04L9/32 ,  G06Q20/20 ,  G06Q20/32 ,  G06Q20/38

Abstract: Disclosed herein is a method for performing an integrated contactless point-of-sale transaction. More particularly, there is disclose a method comprising: receiving, by a mobile device 1, a seed number from a communications network; generating, by the mobile device 1, one or more session keys, in dependence on the received seed number, for use in encrypted communication with the mobile device 1; and/or generating, by the mobile device 1, a pre-image, in dependence on the received seed number, for use in generating an unpredictable number for use in secure communication with the mobile device. Advantageously, the generation of session keys and/or a pre-image in dependence on a seed number provided to the mobile device improves the security of the system since the source of the seed number can detect incorrect session keys and/or unpredictable number derived from an incorrect pre-image.

公开(公告)号：US20180232734A1

公开(公告)日：2018-08-16

申请号：US15429524

申请日：2017-02-10

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Patrik Smets ,  Marc Van Puyvelde ,  Paul Vanneste ,  Johan Gerber

IPC: G06Q20/40 ,  G06Q20/32

CPC classification number: G06Q20/401 ,  G06Q20/32 ,  G06Q20/3224 ,  G06Q20/3821 ,  G06Q20/40 ,  G06Q20/405

Abstract: Disclosed are exemplary embodiments of systems and methods for enabling Internet of Things (IoT) devices to initiate payment transactions. In an exemplary embodiment, a method generally includes receiving, by a computing device, a transaction request associated with a merchant where the transaction request includes a device identifier for an IoT device associated with a consumer and/or a location of the IoT device, and retrieving, by the computing device, a payment credential associated with a payment account when the transaction request is authenticated. The method also includes causing, by the computing device, the payment credential to be sent to the IoT device associated with the device identifier, whereby the IoT device is able to direct the merchant to proceed in the transaction using the payment credential.

公开(公告)号：US20170011370A1

公开(公告)日：2017-01-12

申请号：US15265170

申请日：2016-09-14

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Patrick Mestré ,  Patrik Smets

IPC: G06Q20/10 ,  G06Q20/40

CPC classification number: G06Q20/401 ,  G06Q20/102 ,  G06Q20/341 ,  G06Q20/3829 ,  G06Q20/409 ,  H04L9/0841 ,  H04L9/0869 ,  H04L9/3066 ,  H04L63/1408 ,  H04L2209/08 ,  H04L2209/16 ,  H04L2209/56

Abstract: Methods and devices are provided for use in carrying out a transaction between a transaction device and a point of interaction. In connection therewith, a device for interacting with a point of interaction to carry out a transaction by a consumer includes a processor comprising a payment application and a system environment module, where the system environment module is configured to determine whether the payment application is eligible for a transaction. The device also includes an input in communication with the processor and configured to receive transaction data from a point of interaction in connection with the transaction, and an output in communication with the processor and configured to transmit transaction data to the point of interaction in connection with the transaction when the system environment module determines that the payment application is eligible for the transaction.

Abstract translation: 提供了用于在交易设备和交互点之间执行交易的方法和设备。 与此相关，用于与交互点交互以执行消费者的交易的设备包括包括支付应用程序和系统环境模块的处理器，其中系统环境模块被配置为确定支付应用程序是否符合 一个交易。 该设备还包括与处理器通信的输入，并被配置为从与交易相关的交互点接收交易数据，以及与处理器通信的输出，并被配置为将交易数据传送到与 当系统环境模块确定支付应用程序符合交易条件时的交易。

公开(公告)号：US20160217467A1

公开(公告)日：2016-07-28

申请号：US14983973

申请日：2015-12-30

Applicant: MasterCard International Incorporated

Inventor： Patrik Smets ,  Axel Cateland ,  Ian David Alan Maddocks ,  David Anthony Roberts

IPC: G06Q20/40 ,  G06Q20/32

Abstract: A mobile computing device having at least one processor and at least one memory, together providing a first execution environment and a second execution environment logically isolated from the first execution environment, the mobile computing device comprising: a first application executable within the first execution environment; a second trusted application executable within the second execution environment; and a secure communications channel between the first application and the second trusted application, wherein the second trusted application is configured to generate one or more data items and to provide the one or more data items to the first application via the secure communications channel.

Abstract translation: 一种具有至少一个处理器和至少一个存储器的移动计算设备，一起提供与第一执行环境逻辑隔离的第一执行环境和第二执行环境，所述移动计算设备包括：可在第一执行环境内执行的第一应用; 在第二执行环境内可执行的第二可信应用程序; 以及第一应用和第二可信应用之间的安全通信信道，其中所述第二可信应用被配置为生成一个或多个数据项，并且经由所述安全通信信道将所述一个或多个数据项提供给所述第一应用。

公开(公告)号：US20150348026A1

公开(公告)日：2015-12-03

申请号：US14712343

申请日：2015-05-14

Applicant: MasterCard International Incorporated

Inventor： David A. Roberts ,  Patrik Smets ,  Mehdi Collinge ,  Axel Cateland

IPC: G06Q20/38 ,  G06Q20/32 ,  G06Q20/40 ,  G06Q20/10

CPC classification number: G06Q20/3829 ,  G06F21/31 ,  G06Q20/02 ,  G06Q20/10 ,  G06Q20/3224 ,  G06Q20/3226 ,  G06Q20/3227 ,  G06Q20/3278 ,  G06Q20/3825 ,  G06Q20/3827 ,  G06Q20/4012 ,  G06Q20/40145 ,  H04L63/0861 ,  H04W12/0027 ,  H04W12/04 ,  H04W12/06 ,  H04W12/0806

Abstract: A mobile computing device has at least one processor and at least one memory together providing a first execution environment and a second execution environment logically isolated from the first execution environment. The following approach is taken to manage data items for an application executing the first execution environment. A trust relationship is established between a trust client in the second execution environment and a remote trusted party and the trust client receives one or more data items from the remote trusted party. On executing the application in the first execution environment, the trust client provides the data items or further data items derived therefrom to the application 213. Provision of these data items may be conditional upon a user authentication process. A suitable mobile computing device is also described.

Abstract translation: 移动计算设备具有至少一个处理器和至少一个存储器，一起提供与第一执行环境逻辑隔离的第一执行环境和第二执行环境。 采取以下方法来管理执行第一个执行环境的应用程序的数据项。 在第二执行环境中的信任客户端与远程可信方之间建立信任关系，信任客户端从远程受信任方接收一个或多个数据项。 在第一执行环境中执行应用程序时，信任客户端将数据项目或从其导出的其他数据项目提供给应用程序213.这些数据项目的提供可能取决于用户认证过程。 还描述了合适的移动计算设备。

公开(公告)号：US08960540B2

公开(公告)日：2015-02-24

申请号：US14019426

申请日：2013-09-05

Applicant: MasterCard International Incorporated

Inventor： Patrik Smets ,  Patrick Mestre ,  Eddy Van de Velde

IPC: G06K5/00 ,  G06K15/00 ,  G06Q20/20 ,  G06Q20/34

CPC classification number: G06Q20/401 ,  G06Q20/208 ,  G06Q20/3226 ,  G06Q20/3229 ,  G06Q20/3255 ,  G06Q20/34 ,  G06Q20/341 ,  G06Q20/354 ,  G06Q20/3552 ,  G06Q20/3563 ,  G06Q20/3829

Abstract: A system and method for operating a payment terminal, the method including receiving a list of eligible applications from a payment device; generating a candidate list including applications from the list of eligible applications received that are supported by the payment terminal; determining a reduced candidate list, the reduced candidate list including applications from the candidate list that match merchant-specified network preference criteria; determining a final selection of an application based on the reduced candidate list; and providing an indication of the final selection application.

Abstract translation: 一种用于操作支付终端的系统和方法，所述方法包括从支付设备接收合格应用的列表; 从所述支付终端支持的所接收的合格申请表中生成包括应用的候选列表; 确定缩减的候选列表，所述缩小的候选列表包括与所述候选列表的匹配商户指定的网络偏好准则的应用; 基于所述缩小的候选列表确定应用的最终选择; 并提供最终选择应用的指示。

公开(公告)号：US20140298027A1

公开(公告)日：2014-10-02

申请号：US14243325

申请日：2014-04-02

Applicant: MasterCard International Incorporated

Inventor： David Anthony Roberts ,  Patrik Smets ,  Axel Emile Jean Charles Cateland ,  Patricia Bateson

IPC: H04L9/08 ,  H04W12/06

CPC classification number: H04L9/0869 ,  G06Q20/20 ,  G06Q20/3278 ,  G06Q20/3829 ,  H04L9/321 ,  H04L9/3271 ,  H04L2209/80 ,  H04W12/04 ,  H04W12/06

Abstract: Disclosed herein is a method for performing an integrated contactless point-of-sale transaction. More particularly, there is disclose a method comprising: receiving, by a mobile device 1, a seed number from a communications network; generating, by the mobile device 1, one or more session keys, in dependence on the received seed number, for use in encrypted communication with the mobile device 1; and/or generating, by the mobile device 1, a pre-image, in dependence on the received seed number, for use in generating an unpredictable number for use in secure communication with the mobile device. Advantageously, the generation of session keys and/or a pre-image in dependence on a seed number provided to the mobile device improves the security of the system since the source of the seed number can detect incorrect session keys and/or unpredictable number derived from an incorrect pre-image.

Abstract translation: 本文公开了一种执行集成的非接触式销售点交易的方法。 更具体地，公开了一种方法，包括：由移动设备1从通信网络接收种子号码; 由移动设备1根据接收到的种子号码生成用于与移动设备1的加密通信中的一个或多个会话密钥; 和/或由移动设备1根据接收到的种子号码生成用于生成用于与移动设备进行安全通信的不可预测的号码的前置映像。 有利的是，根据提供给移动设备的种子号码，生成会话密钥和/或预先映像提高了系统的安全性，因为种子号码的源可以检测不正确的会话密钥和/或不可预测的号码 不正确的前图像。

公开(公告)号：US20140158759A1

公开(公告)日：2014-06-12

申请号：US14019426

申请日：2013-09-05

Applicant: MasterCard International Incorporated

Inventor： Patrik Smets ,  Patrick Mestre ,  Eddy Van de Velde

IPC: G06Q20/20

CPC classification number: G06Q20/401 ,  G06Q20/208 ,  G06Q20/3226 ,  G06Q20/3229 ,  G06Q20/3255 ,  G06Q20/34 ,  G06Q20/341 ,  G06Q20/354 ,  G06Q20/3552 ,  G06Q20/3563 ,  G06Q20/3829

Abstract: A system and method for operating a payment terminal, the method including receiving a list of eligible applications from a payment device; generating a candidate list including applications from the list of eligible applications received that are supported by the payment terminal; determining a reduced candidate list, the reduced candidate list including applications from the candidate list that match merchant-specified network preference criteria; determining a final selection of an application based on the reduced candidate list; and providing an indication of the final selection application.

Abstract translation: 一种用于操作支付终端的系统和方法，所述方法包括从支付设备接收合格应用的列表; 从所述支付终端支持的所接收的合格申请表中生成包括应用的候选列表; 确定缩减的候选列表，所述缩小的候选列表包括与所述候选列表的匹配商户指定的网络偏好准则的应用; 基于所述缩小的候选列表确定应用的最终选择; 并提供最终选择应用的指示。

公开(公告)号：US11334890B2

公开(公告)日：2022-05-17

申请号：US14558189

申请日：2014-12-02

Applicant: MasterCard International Incorporated

Inventor： Mehdi Collinge ,  Patrik Smets ,  Axel Emile Jean Charles Cateland

IPC: G06Q20/40 ,  G06Q20/38 ,  H04L29/06 ,  H04W12/041

Abstract: A method for generating payment credentials in a payment transaction includes: storing, in a memory, at least a single use key associated with a transaction account; receiving, by a receiving device, a personal identification number; identifying, by a processing device, a first session key; generating, by the processing device, a second session key based on at least the stored single use key and the received personal identification number; generating, by the processing device, a first application cryptogram based on at least the first session key; generating, by the processing device, a second application cryptogram based on at least the second session key; and transmitting, by a transmitting device, at least the first application cryptogram and second application cryptogram for use in a payment transaction.

公开(公告)号：US10909531B2

公开(公告)日：2021-02-02

申请号：US14712343

申请日：2015-05-14

Applicant: MasterCard International Incorporated

Inventor： David A. Roberts ,  Patrik Smets ,  Mehdi Collinge ,  Axel Cateland

IPC: G06Q20/38 ,  G06Q20/10 ,  G06Q20/32 ,  G06Q20/40 ,  H04W12/06 ,  H04W12/04 ,  G06Q20/02 ,  H04W12/08 ,  H04W12/00 ,  G06F21/31 ,  H04L29/06

Abstract: A mobile computing device has at least one processor and at least one memory together providing a first execution environment and a second execution environment logically isolated from the first execution environment. The following approach is taken to manage data items for an application executing the first execution environment. A trust relationship is established between a trust client in the second execution environment and a remote trusted party and the trust client receives one or more data items from the remote trusted party. On executing the application in the first execution environment, the trust client provides the data items or further data items derived therefrom to the application. Provision of these data items may be conditional upon a user authentication process. A suitable mobile computing device is also described.