公开(公告)号：US20200320507A1

公开(公告)日：2020-10-08

申请号：US16839391

申请日：2020-04-03

Applicant: Mastercard International Incorporated

Inventor： Patrik Smets

IPC: G06Q20/32 ,  G06N3/04 ,  G06Q20/34

Abstract: A method of transaction selection is described for a transaction conducted between a user computing device adapted for use as a payment device and a terminal. The user computing device supports a plurality of payment cards. Steps at the user computing device include the following: establishing communication with the terminal; receiving transaction related information from the terminal; performing a card selection operation using the transaction related information to select a preferred payment card for performing the transaction; and identifying to the terminal preferred applications for performing the transaction based on the preferred payment card. An associated method of card selection is described, along with corresponding steps performed at the terminal. User computing devices and terminals adapted to carry out these methods are also described.

公开(公告)号：US10692079B2

公开(公告)日：2020-06-23

申请号：US15878571

申请日：2018-01-24

Applicant: Mastercard International Incorporated

Inventor： Harjender Singh ,  Patrik Smets ,  Philip Wei Ping Yen

IPC: G06Q20/32 ,  G06Q20/02 ,  G06Q20/36 ,  G06Q20/38

Abstract: A method for facilitating a transaction with a one-time number includes: receiving a first transaction request, wherein the first transaction request includes a plurality of data elements including at least a first data element configured to store a zero transaction amount and a second data element configured to store a primary account number; parsing the primary account number stored in the second data element included in the received first transaction request; generating a one-time value, wherein the one-time value includes a predetermined number of digits and a subset of the predetermined number of digits is a reference to the processing server; storing a data entry comprised of at least the parsed primary account number and the generated one-time value; and transmitting the generated one-time value in response to the received first transaction request.

公开(公告)号：US10515359B2

公开(公告)日：2019-12-24

申请号：US13827042

申请日：2013-03-14

Applicant: MasterCard International Incorporated

Inventor： Mehdi Collinge ,  Susan Thompson ,  Patrik Smets ,  David Anthony Roberts ,  Michael Christopher Ward

IPC: G06Q20/38 ,  G06Q20/40 ,  G06Q20/32

Abstract: A method for generating and provisioning payment credentials to a mobile device lacking a secure element includes: generating a card profile associated with a payment account, wherein the card profile includes at least payment credentials corresponding to the associated payment account and a profile identifier; provisioning, to a mobile device lacking a secure element, the generated card profile; receiving, from the mobile device, a key request, wherein the key request includes at least a mobile identification number (PIN) and the profile identifier; using the mobile PIN; generating a single use key, wherein the single use key includes at least the profile identifier, an application transaction counter, and a generating key for use in generating a payment cryptogram valid for a single financial transaction; and transmitting the generated single use key to the mobile device.

公开(公告)号：US20180240113A1

公开(公告)日：2018-08-23

申请号：US15896710

申请日：2018-02-14

Applicant: MasterCard International Incorporated

Inventor： Patrik Smets ,  Michael Ward ,  David Anthony Roberts ,  Mohamed Abou El Enin

IPC: G06Q20/40 ,  G06Q20/32 ,  G06Q20/38 ,  G06Q20/34 ,  G06F21/31 ,  H04L29/06 ,  H04L9/32

CPC classification number: G06Q20/401 ,  G06F21/31 ,  G06Q20/02 ,  G06Q20/20 ,  G06Q20/32 ,  G06Q20/3278 ,  G06Q20/351 ,  G06Q20/352 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q20/4012 ,  G06Q20/40145 ,  G06Q20/4018 ,  G06Q20/409 ,  H04L9/321 ,  H04L63/123 ,  H04L63/126

Abstract: A method of determining legitimate use of a computing device for an action to be approved by a remote system is described. The following steps are carried out at the computing device. A verification method (44) is established for authenticating a user at the computing device or for verifying the integrity of the computing device in association with carrying out the action on that computing device. Cryptographic material is received from a trusted system for use in performing the action. The action is then performed (42). This may or may not comprise successful performance of the verification step. However, performing the action comprises returning information to the remote system that includes whether there was successful authentication using the verification method and parameters relating to computing device state when the action was performed. Suitable computing apparatus is also described.

公开(公告)号：US20180240111A1

公开(公告)日：2018-08-23

申请号：US15896691

申请日：2018-02-14

Applicant: Mastercard International Incorporated

Inventor： Patrik Smets ,  Michael Ward ,  David Anthony Roberts ,  Mohamed Abou El Enin

IPC: G06Q20/38 ,  G06Q20/32 ,  G06Q20/10 ,  G06F21/36 ,  H04L9/14

CPC classification number: G06Q20/3829 ,  G06F21/36 ,  G06F21/602 ,  G06F21/606 ,  G06F2221/2103 ,  G06Q20/102 ,  G06Q20/32 ,  G06Q20/3821 ,  H04L9/0894 ,  H04L9/14 ,  H04L2209/56

Abstract: A computing device embodies a security architecture for an application (42). The security architecture has non-volatile storage (43) for storing first cryptographic material and volatile storage (51) for storing second cryptographic material. The second cryptographic material is lost on rebooting of the computing device. At least the second cryptographic material may be replenished from a source external to the computing device but accessible by a computing network. Methods of use of this architecture by the application are also described.

公开(公告)号：US20170337541A1

公开(公告)日：2017-11-23

申请号：US15160253

申请日：2016-05-20

Applicant: MasterCard International Incorporated

Inventor： Mehdi Collinge ,  Patrik Smets ,  Simon Phillips

IPC: G06Q20/32 ,  G06Q20/10 ,  G06Q20/40

CPC classification number: G06Q20/3226 ,  G06Q20/102 ,  G06Q20/3221 ,  G06Q20/327 ,  G06Q20/3674 ,  G06Q20/4012

Abstract: A method includes completing a payment transaction using a payment-enabled mobile device. The method further includes prompting a user to perform a user authentication process with respect to the payment-enabled mobile device. The prompting occurs after completion of the payment transaction and prior to commencing another payment transaction using the payment-enabled mobile device.

公开(公告)号：US09779402B2

公开(公告)日：2017-10-03

申请号：US15265151

申请日：2016-09-14

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Duncan Garrett ,  Dave Roberts ,  Patrik Smets

IPC: G06Q20/40 ,  H04L9/08 ,  G06Q20/34 ,  G06Q20/38 ,  H04L9/30 ,  H04L29/06 ,  G06Q20/10

CPC classification number: G06Q20/401 ,  G06Q20/102 ,  G06Q20/341 ,  G06Q20/3829 ,  G06Q20/409 ,  H04L9/0841 ,  H04L9/0869 ,  H04L9/3066 ,  H04L63/1408 ,  H04L2209/08 ,  H04L2209/16 ,  H04L2209/56

Abstract: Methods and devices are provided for use in detecting relay attacks between devices in a communications network. One method includes sending first data by a first device to a second device, and receiving, by the first device, a communication from the second device where the communication comprises second data generated at the second device and a time parameter related to the generation of the second data. The method also includes measuring a total transmission time at the first device between sending the first data and receiving the communication, and determining a further time parameter related to the generation of the second data based at least in part on the measured total transmission time. The method then further includes determining the presence of a relay attack between the first and second devices in dependence on a comparison of the time parameter and the further time parameter.

公开(公告)号：US20170006048A1

公开(公告)日：2017-01-05

申请号：US15265151

申请日：2016-09-14

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Duncan Garrett ,  Dave Roberts ,  Patrik Smets

IPC: H04L29/06 ,  G06Q20/34 ,  H04L9/30 ,  H04L9/08

CPC classification number: G06Q20/401 ,  G06Q20/102 ,  G06Q20/341 ,  G06Q20/3829 ,  G06Q20/409 ,  H04L9/0841 ,  H04L9/0869 ,  H04L9/3066 ,  H04L63/1408 ,  H04L2209/08 ,  H04L2209/16 ,  H04L2209/56

Abstract: Methods and devices are provided for use in detecting relay attacks between devices in a communications network. One method includes sending first data by a first device to a second device, and receiving, by the first device, a communication from the second device where the communication comprises second data generated at the second device and a time parameter related to the generation of the second data. The method also includes measuring a total transmission time at the first device between sending the first data and receiving the communication, and determining a further time parameter related to the generation of the second data based at least in part on the measured total transmission time. The method then further includes determining the presence of a relay attack between the first and second devices in dependence on a comparison of the time parameter and the further time parameter.

Abstract translation: 提供了用于检测通信网络中设备之间的中继攻击的方法和设备。 一种方法包括：通过第一设备将第一数据发送到第二设备，以及由第一设备接收来自第二设备的通信，其中通信包括在第二设备处生成的第二数据，以及与生成第二设备相关的时间参数 第二个数据。 该方法还包括在发送第一数据和接收通信之间测量第一设备的总传输时间，以及至少部分地基于所测量的总传输时间来确定与产生第二数据有关的另外的时间参数。 该方法然后还包括根据时间参数和另外的时间参数的比较确定第一和第二设备之间的中继攻击的存在。

公开(公告)号：US20170004497A1

公开(公告)日：2017-01-05

申请号：US15265182

申请日：2016-09-14

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Patrick Mestré ,  Patrik Smets

IPC: G06Q20/40 ,  H04L9/08 ,  H04L9/30 ,  G06Q20/34

CPC classification number: G06Q20/401 ,  G06Q20/102 ,  G06Q20/341 ,  G06Q20/3829 ,  G06Q20/409 ,  H04L9/0841 ,  H04L9/0869 ,  H04L9/3066 ,  H04L63/1408 ,  H04L2209/08 ,  H04L2209/16 ,  H04L2209/56

Abstract: Methods and devices are provided for use in facilitating transactions between transaction devices and points of interactions. In connection therewith, one transaction device generally includes an input and an output for communicating with a point of interaction with regard to a transaction by a consumer at the point of interaction involving the transaction device. The transaction device also includes a processor in communication with the input and the output. The processor is configured to interact with the point of interaction in connection with the transaction, store transaction data relating to the transaction in a data store during the course of the transaction, and, in response to an interruption in the transaction with the point of interaction, retrieve transaction data stored in the data store in order to resume the transaction with the point of interaction when communication with the point of interaction is restored.

Abstract translation: 提供方法和设备用于促进交易设备和交互点之间的交易。 与此相关，一个交易设备通常包括用于在涉及交易设备的交互点处与消费者的交易相关的交互点进行通信的输入和输出。 交易设备还包括与输入和输出通信的处理器。 处理器被配置为与交易相关联的交互点进行交互，在交易过程中存储与数据存储中的交易有关的交易数据，并且响应于交易中的交互点 检索存储在数据存储器中的事务数据，以便在与交互点的通信恢复时以交互点恢复事务。

公开(公告)号：US09286607B2

公开(公告)日：2016-03-15

申请号：US14210989

申请日：2014-03-14

Applicant: MasterCard International Incorporated

Inventor： Patrik Smets ,  David Roberts

IPC: G06K19/06 ,  G06Q20/34 ,  G07F7/08

CPC classification number: G06Q20/352 ,  G07F7/0893

Abstract: A contactless card reader system comprises the a contactless card reader for short range wireless communication with a payment device using a contactless card protocol. The reader also comprises a terminal for exchanging data with the payment device and with a remote server to perform a contactless card transaction. The terminal is comprised in a personal computing device. The remote server may provide functionality to the terminal in performance of the transaction. A method of performing a transaction is also described.

Abstract translation: 非接触式读卡器系统包括用于使用非接触式卡协议的支付设备进行短距离无线通信的非接触式读卡器。 阅读器还包括用于与支付设备交换数据的终端以及与远程服务器进行非接触式卡交易的终端。 终端包括在个人计算设备中。 远程服务器可以在执行交易时向终端提供功能。 还描述了执行交易的方法。