公开(公告)号：US20170262839A1

公开(公告)日：2017-09-14

申请号：US15606252

申请日：2017-05-26

Applicant: MasterCard International Incorporated

Inventor： Ian David Alan Maddocks ,  Simon Phillips ,  Jonathan James Main

IPC: G06Q20/36 ,  G06Q20/32 ,  G06Q20/20 ,  G06Q20/40

CPC classification number: G06Q20/3672 ,  G06Q20/20 ,  G06Q20/3278 ,  G06Q20/36 ,  G06Q20/4014 ,  G06Q20/40145

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.

公开(公告)号：US20240112182A1

公开(公告)日：2024-04-04

申请号：US18387440

申请日：2023-11-06

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Sowmya Reddy Lakka ,  Brian Piel ,  Vincenzo Palomba ,  Jonathan James Main ,  David Anthony Roberts

IPC: G06Q20/38 ,  G06Q20/04 ,  G06Q20/12 ,  G06Q20/40

CPC classification number: G06Q20/385 ,  G06Q20/04 ,  G06Q20/12 ,  G06Q20/38215 ,  G06Q20/401

Abstract: Systems and methods are provided for authenticating users. An exemplary method includes receiving, by a directory server (DS), an authentication request for a transaction to an account where the request includes a token and a cryptogram, and transmitting the token and cryptogram to a digital service server (DSS). The method also includes mapping, by the DSS, the token to an account number for the account, validating the cryptogram, generating a directory server nonce (DSN) for the request, and transmitting the DSN and the account number to the DS. The method further includes transmitting, by the DS, the DSN and the account number to an access control server (ACS) associated with an issuer of the account and, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction and transmitting the AAV to a merchant or server.

公开(公告)号：US20170103396A1

公开(公告)日：2017-04-13

申请号：US14881249

申请日：2015-10-13

Applicant: MasterCard International Incorporated

Inventor： Patrik Smets ,  Jonathan James Main ,  Mehdi Collinge

IPC: G06Q20/40 ,  G06Q20/38

CPC classification number: G06Q20/4014 ,  G06Q20/322 ,  G06Q20/3227 ,  G06Q20/367 ,  G06Q20/382 ,  G06Q20/40 ,  G06Q2220/00

Abstract: Systems, methods and apparatus for operating a device to complete a transaction are provided which include receiving a request to initiate a transaction with a merchant, transmitting a payment transaction initiation message to a merchant server associated with the merchant, receiving a request message from the merchant server for remote payment data, the request message including information identifying whether the merchant server supports a selected one of a first data format and an alternative data format, and providing the remote payment data to the merchant server in the selected data format for use by the merchant server to initiate authorization processing of the transaction.

公开(公告)号：US20160092878A1

公开(公告)日：2016-03-31

申请号：US14621123

申请日：2015-02-12

Applicant: MasterCard International Incorporated

Inventor： Cristian Radu ,  Jonathan James Main ,  Eric G. Alger

IPC: G06Q20/40 ,  G06Q20/36

CPC classification number: G06Q20/4014 ,  G06Q20/36 ,  G06Q20/4012

Abstract: A method includes maintaining a digital wallet in a computer, and receiving a request for a transaction. The computer may receive and verify user authentication data, and then allow the user to access any payment card account in the digital wallet without requiring additional user authentication, regardless of the account selected for the transaction by the user. In some embodiments, cryptogram generation may be performed with an EMV server in association with the digital wallet, to enhance the level of security assurance for merchants, issuers and users.

Abstract translation: 一种方法包括在计算机中维护数字钱包，以及接收对交易的请求。 计算机可以接收和验证用户认证数据，然后允许用户访问数字钱包中的任何支付卡帐户，而不需要额外的用户认证，而不管用户为交易选择的帐户。 在一些实施例中，可以使用与数字钱包相关联的EMV服务器执行密码生成，以增强商家，发行者和用户的安全保证级别。

公开(公告)号：US11080697B2

公开(公告)日：2021-08-03

申请号：US15725893

申请日：2017-10-05

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Sowmya Reddy Lakka ,  Brian Piel ,  Vincenzo Palomba ,  Jonathan James Main ,  David Anthony Roberts

IPC: G06Q20/38 ,  G06Q20/40 ,  G06Q20/12 ,  G06Q20/04

Abstract: Systems and methods are provided for authenticating users to payment accounts in connection with transactions. An exemplary method includes receiving, by at least one computing device, an authentication request for a transaction associated with a payment account where the authentication request includes a token associated with the payment account and a cryptogram, and mapping the token to a primary account number (PAN) for the payment account. The method also includes validating the cryptogram, generating a directory server nonce (DSN) for the authentication request, and transmitting the DSN and the account number to an access control server (ACS) associated with an issuer of the payment account. The method further includes, in response to an issuer authentication value (IAV), compiling an accountholder authentication value (AAV) including the IAV, the DSN and an amount of the transaction, and transmitting the AAV to one of a merchant and a server.

公开(公告)号：US10902423B2

公开(公告)日：2021-01-26

申请号：US14621123

申请日：2015-02-12

Applicant: MasterCard International Incorporated

Inventor： Cristian Radu ,  Jonathan James Main ,  Eric G. Alger

IPC: G06K5/00 ,  G06Q20/40 ,  G06Q20/36

Abstract: A method includes maintaining a digital wallet in a computer, and receiving a request for a transaction. The computer may receive and verify user authentication data, and then allow the user to access any payment card account in the digital wallet without requiring additional user authentication, regardless of the account selected for the transaction by the user. In some embodiments, cryptogram generation may be performed with an EMV server in association with the digital wallet, to enhance the level of security assurance for merchants, issuers and users.

公开(公告)号：US20170255929A1

公开(公告)日：2017-09-07

申请号：US15602842

申请日：2017-05-23

Applicant: MasterCard International Incorporated

Inventor： Ian David Alan Maddocks ,  Simon Phillips ,  Jonathan James Main

IPC: G06Q20/36 ,  G06Q20/32 ,  G06Q20/20 ,  G06Q20/40

CPC classification number: G06Q20/3672 ,  G06Q20/20 ,  G06Q20/3278 ,  G06Q20/36 ,  G06Q20/4014 ,  G06Q20/40145

Abstract: In a payment-enabled smartphone, a shared cardholder verification method (CVM) applet serves a number of mobile payment cardlets. The shared CVM applet validates CVM information input by a user of the smartphone and in response issues a CVM token. The CVM token is passed to a particular one of the mobile payment cardlets that is selected for a current transaction. The selected mobile payment cardlet submits the CVM token back to the shared CVM applet for verification. Upon verifying the CVM token, the shared CVM applet enables the selected mobile payment cardlet to perform the current transaction.

公开(公告)号：US20230274278A1

公开(公告)日：2023-08-31

申请号：US18142708

申请日：2023-05-03

Applicant: MasterCard International Incorporated

Inventor： Patrik Smets ,  Jonathan James Main ,  Mehdi Collinge

IPC: G06Q20/40 ,  G06Q20/36 ,  G06Q20/32 ,  G06Q20/38

CPC classification number: G06Q20/4014 ,  G06Q20/40 ,  G06Q20/367 ,  G06Q20/3227 ,  G06Q20/322 ,  G06Q20/382 ,  G06Q2220/00

Abstract: Methods, apparatus and systems for operating a payment-enabled mobile device to facilitate a payment transaction with a merchant server. In an embodiment, a mobile device processor of the payment-enabled mobile device receives a payment transaction request from a user, transmits a payment transaction initiation message directly to a merchant server of the merchant, and receives a request message from the merchant server that includes one of a request to provide an Authorization Request Cryptogram (ARQC) or a request to provide user consent information. The user consent information may include cardholder verification results or a request to provide an ARQC. Based on the received request message, the mobile device processor selects a particular mobile payment cardlet to use from a plurality of mobile payment cardlets running in a secure element, generates remote payment data using the particular mobile payment cardlet, and transmits the remote payment data to the merchant server to process the payment transaction.

公开(公告)号：US11470659B2

公开(公告)日：2022-10-11

申请号：US17078983

申请日：2020-10-23

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Patrik Smets ,  Eddy Van De Velde ,  David Anthony Roberts ,  Jonathan James Main

IPC: H04W76/11 ,  H04W76/12 ,  H04W12/63 ,  H04W12/65 ,  G06Q20/20 ,  H04L65/1104

Abstract: Examples provide a system and method for initiating contactless communication sessions between computing devices using a variety of modalities. A user pre-registers a selected modality for triggering session initiation. A session initiation device generates trigger data based on a detected occurrence of a predetermined event corresponding to a user selected modality, such as, but not limited to, biometric data, a unique user identifier (ID), a vehicle identifier, or any other type of modality. The trigger data is mapped to a mobile device ID. The mobile device ID can be requested from a connection server. The communication session is established between the first computing device and the mobile user device using the mobile device identifier. The computing device transmits data to the mobile user device via the established communication session when the computing device is brought into proximity to the mobile user device.

公开(公告)号：US11176547B2

公开(公告)日：2021-11-16

申请号：US15892780

申请日：2018-02-09

Applicant: MasterCard International Incorporated

Inventor： Patrik Smets ,  Michael Ward ,  David Anthony Roberts ,  Jonathan James Main

IPC: G06Q20/38 ,  H04L9/08 ,  G06Q20/32 ,  G06Q20/36 ,  G06Q40/02 ,  G06Q20/40 ,  H04W12/041 ,  H04W12/062 ,  H04W12/0433 ,  G06F8/60

Abstract: A method for generating transaction credentials for a user in a transaction, comprising: storing in a mobile device, an encrypted session key, and an encrypted user authentication credential; receiving an authorisation request; initiating a user authorisation process wherein in the event that the user is an authenticated user, the method comprises: decrypting the encrypted session key and encrypted user authentication credential; generating a transaction cryptogram in dependence on the user authentication credential and the session key; transmitting the transaction cryptogram and a user authentication status to a transaction processing entity for use in a transaction.