公开(公告)号：US11146539B2

公开(公告)日：2021-10-12

申请号：US16228238

申请日：2018-12-20

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Duncan Garrett ,  John Beric ,  Michael Ward ,  David Anthony Roberts

IPC: H04L29/06 ,  G06Q20/32 ,  G06Q20/42 ,  G06Q20/40

Abstract: A method for trusted notifications comprises: receiving, at a first host having at least one trusted server, a request message from a sender computing device, the request message comprising a request identifier and instructions to: update, at a second host, a recipient account associated with a recipient computing device, and to make a corresponding update at the first host to a sender account associated with the sender computing device. The method further comprises authorizing, at the first host, the request message; updating the sender account; generating a secure message at the at least one trusted server, the secure message comprising the request identifier and an indication from the at least one trusted server that the update completed; and sending the secure message from the first host to the sender computing device. The secure message can be received at the sender computer device and conveyed to the recipient computing device.

公开(公告)号：US20210295306A1

公开(公告)日：2021-09-23

申请号：US17341924

申请日：2021-06-08

Applicant: Mastercard International Incorporated

Inventor： Ian David Alan Maddocks ,  Simon Phillips ,  Duncan Garrett ,  James John Anderson

IPC: G06Q20/32 ,  G06Q20/40 ,  H04W4/80 ,  G06Q20/10

Abstract: A method of operating a payment-enabled mobile device to gain access to a location or a service. In an embodiment, a contactless front-end (CLF) component of a payment-enabled mobile device sequentially detects short-distance radio signals comprising at least two different polling signals, determines based on the sequence of the at least two different polling signals, that the payment-enabled mobile device is in proximity to a non-retail contactless transaction terminal, and then a payment application running on the payment-enabled mobile device bypasses a customary user verification feature. The process also includes the payment-enabled mobile device running the payment application performing a transaction with the non-retail contactless transaction terminal without invoking the customary user verification feature and then gaining access to at least one of a location or service. In some embodiments, the location or service includes one of a transit system, a hotel, a motor vehicle, a workplace, a room, a home, a bank branch, a vehicle charging station and a government facility.

公开(公告)号：US10181121B2

公开(公告)日：2019-01-15

申请号：US13754419

申请日：2013-01-30

Applicant: MasterCard International Incorporated

Inventor： David A. Roberts ,  Duncan Garrett ,  Eddy L. H. Van de Velde

IPC: G06Q30/00 ,  G06Q20/40 ,  G06Q20/10 ,  G06Q20/18 ,  G06Q20/38 ,  G07F7/10 ,  G07F7/12

Abstract: A first command is sent from a payment terminal assembly to a payment device with an on-device balance to compute a cryptogram to complete a putative transaction. It is detected that the cryptogram is not received as expected. In response, an identifier of the payment device and transaction recovery data associated with the putative transaction are stored in a storage area of a terminal memory of the payment terminal assembly. The payment terminal assembly obtains the identifier of the payment device, upon re-presentation of the payment device. Upon such re-presentation, the payment terminal assembly compares the obtained identifier of the payment device to contents of the storage area. Conditioned at least upon the comparing yielding a match, a second command is sent from the payment terminal assembly to the payment device to instruct the payment device to re-produce the cryptogram to complete the putative transaction.

公开(公告)号：US11922428B2

公开(公告)日：2024-03-05

申请号：US17857011

申请日：2022-07-03

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Patrick Mestre ,  Patrik Smets ,  Eddy Van De Velde ,  Duncan Garrett

IPC: G06Q20/34 ,  G06Q20/20 ,  G06Q20/38 ,  G06Q20/40 ,  G07F7/08 ,  H04L9/06 ,  H04L9/08 ,  H04L9/30

CPC classification number: G06Q20/40975 ,  G06Q20/341 ,  G06Q20/352 ,  G06Q20/3823 ,  G06Q20/3827 ,  G06Q20/3829 ,  H04L9/0643 ,  H04L9/0825 ,  H04L9/0844

Abstract: A method of performing a contactless transaction between a payment device and a terminal is described. The method comprises establishing a data connection between the payment device and the terminal and then establishing if the payment device and the terminal both support an enhanced security architecture. If they do not, they will then perform the contactless transaction according to a basic transaction flow using a first cryptographic system. If they do, they will perform the contactless transaction according to an enhanced transaction flow using a second cryptographic system. The first cryptographic system and the second cryptographic system comprise different asymmetric cryptographic systems. Suitable payment devices and terminals, and methods at the payment devices and terminals, are described.

公开(公告)号：US11855969B2

公开(公告)日：2023-12-26

申请号：US17494077

申请日：2021-10-05

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Duncan Garrett ,  John Beric ,  Michael Ward ,  David Anthony Roberts

IPC: H04L9/40 ,  G06Q20/32 ,  G06Q20/42 ,  G06Q20/40

CPC classification number: H04L63/0428 ,  G06Q20/3255 ,  G06Q20/3274 ,  G06Q20/3276 ,  G06Q20/3278 ,  G06Q20/40 ,  G06Q20/42

Abstract: A method for trusted notifications comprises: receiving, at a first host having at least one trusted server, a request message from a sender computing device, the request message comprising a request identifier and instructions to: update, at a second host, a recipient account associated with a recipient computing device, and to make a corresponding update at the first host to a sender account associated with the sender computing device. The method further comprises authorizing, at the first host, the request message; updating the sender account; generating a secure message at the at least one trusted server, the secure message comprising the request identifier and an indication from the at least one trusted server that the update completed; and sending the secure message from the first host to the sender computing device. The secure message can be received at the sender computer device and conveyed to the recipient computing device.

公开(公告)号：US20230342751A1

公开(公告)日：2023-10-26

申请号：US18347049

申请日：2023-07-05

Applicant: Mastercard International Incorporated

Inventor： Ian David Alan Maddocks ,  Simon Phillips ,  Duncan Garrett ,  James John Anderson

IPC: G06Q20/32 ,  G06Q20/40 ,  H04W4/80 ,  G06Q20/10

CPC classification number: G06Q20/3278 ,  G06Q20/405 ,  G06Q20/3224 ,  H04W4/80 ,  G06Q20/102 ,  G06Q20/4012

Abstract: A contactless transaction terminal and method for interacting with a payment enabled mobile device to permit access to a location or to a service. The contactless transaction terminal includes a processor, a polling signal generator operably connected to the processor, an NFC circuit operably connected to the polling signal generator, and a receiver operably connected to the NFC circuit and to a data recovery circuit that is operably connected to the processor. Also included is a storage device operably connected to the processor. The storage device stores program instructions which when executed cause the processor to generate, via the polling signal generator, short-distance radio signals including at least three polling signals; emit, via the NFC circuit, the at least three polling signals at frequent intervals for detection by a payment-enabled mobile device; receive at least one of a Type A or Type B signal from the payment enabled mobile device; and permit access to at least one of a location or service.

公开(公告)号：US20240380577A1

公开(公告)日：2024-11-14

申请号：US18559848

申请日：2022-04-25

Applicant: Mastercard International Incorporated

Inventor： Cédric Colnot ,  Jean-Bernard Collet ,  Duncan Garrett

IPC: H04L9/08 ,  G06Q20/32 ,  G06Q20/38

Abstract: There is provided a computer-implemented method for establishing a communication channel for exchanging messages securely between an initiator device and an endpoint device using an intermediary server. The initiator device is in communication with the intermediary server via a first session encrypted according to a cryptographic protocol. The endpoint device is in communication with the intermediary server via a second session encrypted according to a cryptographic protocol. A request for a handover token via the first session is sent to intermediary server. The handover token includes data that has been generated at the endpoint device and is configured to be used in setting up the communication channel between the initiator device and the endpoint device. The handover token is received from the intermediary server via the first session encrypted according to a cryptographic protocol. The communication channel is established between the initiator device and the endpoint device.

公开(公告)号：US11580509B2

公开(公告)日：2023-02-14

申请号：US16440060

申请日：2019-06-13

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Dave Sylvester ,  John Beric ,  James David Sinton ,  Duncan Garrett ,  David Anthony Roberts ,  Emil Johan Sjoberg

IPC: G06Q20/10 ,  G06Q20/06 ,  G06Q20/36

Abstract: A transaction device is described. The device comprises storage configured to store a first data record comprising first value data and a unique identifier associated with one other device; communications circuitry configured to receive an identifier and second value data from a device; and control circuitry configured to compare the received identifier with the unique identifier and in the event of a positive comparison, the control circuitry is further configured to update the stored first value data in accordance with the exchanged second value data.

公开(公告)号：US10461927B2

公开(公告)日：2019-10-29

申请号：US15642762

申请日：2017-07-06

Applicant: MasterCard International Incorporated

Inventor： Michael Ward ,  John Beric ,  Duncan Garrett ,  David Anthony Roberts

IPC: H04L9/08 ,  H04L9/30 ,  H04L9/14 ,  H04L9/32

Abstract: A method of establishing a secure channel for communication between a first computing device and a second computing device is described. The method uses an elliptic curve Diffie-Hellman protocol, wherein G is an elliptic curve generator point and the first computing device has a unique private key dc with a public key Qc=dc G certified by a party trusted by the second computing device. The first computing device generates (520) a blinding factor r and sends (540) a blinded public key R=r·Qc to the second computing device. The second computing device generates (510) an ephemeral private key dt and a corresponding ephemeral public key Qt=dt G and sends Qt to the first computing device. The first computing device generates (530) Kc=KDF(r dc·Qt) and the second computing device generates (550) Kt=KDF(dt·R), where KDF is a key derivation function used in both generation operations, to establish a secure channel between the first computing device and the second computing device. G is a point in the elliptic curve group E, wherein E is a group of prime order but E* is the quadratic twist of E and is a group of order m=z·m′ where m′ is prime and z is an integer, wherein r·dc is chosen such that z is a factor of r·dc. Suitable apparatus for performing the method is also described.

公开(公告)号：US20180026784A1

公开(公告)日：2018-01-25

申请号：US15642762

申请日：2017-07-06

Applicant: MasterCard International Incorporated

Inventor： Michael Ward ,  John Beric ,  Duncan Garrett ,  David Anthony Roberts

IPC: H04L9/08 ,  H04L9/30 ,  H04L9/14

Abstract: A method of establishing a secure channel for communication between a first computing device and a second computing device is described. The method uses an elliptic curve Diffie-Hellman protocol, wherein G is an elliptic curve generator point and the first computing device has a unique private key dc with a public key Qc=dc G certified by a party trusted by the second computing device. The first computing device generates (520) a blinding factor r and sends (540) a blinded public key R=r·Qc to the second computing device. The second computing device generates (510) an ephemeral private key dt and a corresponding ephemeral public key Qt=dt G and sends Qt to the first computing device. The first computing device generates (530) Kc=KDF (r dc·Qt) and the second computing device generates (550) Kt=KDF (dt·R), where KDF is a key derivation function used in both generation operations, to establish a secure channel between the first computing device and the second computing device. G is a point in the elliptic curve group E, wherein E is a group of prime order but E* is the quadratic twist of E and is a group of order m=z·m′ where m′ is prime and z is an integer, wherein r·dc is chosen such that z is a factor of r·dc. Suitable apparatus for performing the method is also described.