公开(公告)号：US11263626B2

公开(公告)日：2022-03-01

申请号：US16299342

申请日：2019-03-12

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi Collinge ,  Patrik Smets

IPC: G06Q20/00 ,  G06Q20/38 ,  H04L29/06

Abstract: A method for generating cryptograms in a webservice environment includes: receiving, in a first environment of a computing system, a credential request transmitted by an external computing device using a secure communication protocol, the credential request including a transaction identifier and account identifier; transmitting, by the first environment, a data request to a second environment of the computing system, the data request including the account identifier; receiving, by the first environment, an account profile and session key from the second environment; transmitting, by the first environment, a cryptogram request to a third environment of the computing system, the cryptogram request including the account profile and session key; receiving, by the first environment, a cryptogram from the third environment generated using the account profile and session key; and transmitting, by the first environment, the cryptogram and transaction identifier to the external computing device via the secure communication protocol.

公开(公告)号：US20210133067A1

公开(公告)日：2021-05-06

申请号：US17088079

申请日：2020-11-03

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Cristian Radu ,  Mehdi Collinge ,  Omar Laazimani

IPC: G06F11/30 ,  H04L9/32 ,  G06F9/54 ,  G06F9/50

Abstract: A method is described of monitoring a service performed at a computing node. The computing node is one of a plurality of computing nodes in a distributed computing system. Each computing node is adapted to perform at least one service for clients. A monitoring process is adapted to monitor a service process performing the process. In the method, the monitoring process monitors the service process on performance of the service. The monitoring service then provides monitoring information to a monitoring process for another service process. A suitable computing node for performing the service is described, as is a coordinated monitoring service for supporting multiple monitoring services.

公开(公告)号：US20200302441A1

公开(公告)日：2020-09-24

申请号：US16325084

申请日：2017-08-11

Applicant: Mastercard International Incorporated

Inventor： Mehdi Collinge ,  Alan Johnson

IPC: G06Q20/38 ,  G06Q20/40 ,  G06Q20/36 ,  H04L9/08

Abstract: A cryptographic method of performing a tokenised transaction between a payment offering party and a payment accepting party is described. The tokenised transaction is mediated by a transaction scheme. The payment accepting party is provided with a merchant identity and a merchant certificate associated with that identity by the transaction scheme provider. The payment accepting party provides the merchant identity and transaction seed data to the payment offering party. The payment offering party validates the merchant identity and uses the merchant identity and the transaction seed data to generate a cryptogram for the tokenised transaction. The payment offering party provides the cryptogram to the payment accepting party for transmission to the transaction scheme provider for authorisation of the tokenised transaction. A suitable user computing device and merchant computing device for acting as payment offering party and payment accepting party respectively are also described.

公开(公告)号：US10311436B2

公开(公告)日：2019-06-04

申请号：US16165180

申请日：2018-10-19

Applicant: Mastercard International Incorporated

Inventor： Simon Phillips ,  Mark Britten ,  Mehdi Collinge

IPC: H04L9/32 ,  G06F21/35 ,  G06Q20/40 ,  G06Q20/38 ,  G06Q20/32 ,  H04L29/06 ,  H04W12/06

Abstract: Back-up credentials data is stored for a user. A communication channel is established with a mobile device. A cryptogram is received from the mobile device, such that the cryptogram is relayed by the mobile device from an authentication device that interacted with the mobile device. The authentication device is associated with the user. The cryptogram is verified. In response to the verification of the cryptogram, the stored back-up credentials data is made accessible to the mobile device.

公开(公告)号：US10275767B2

公开(公告)日：2019-04-30

申请号：US14919265

申请日：2015-10-21

Applicant: MasterCard International Incorporated

Inventor： Mehdi Collinge ,  Patrik Smets

IPC: G06Q20/38 ,  H04L29/06 ,  G06Q20/00

Abstract: A method for generating cryptograms in a webservice environment includes: receiving, in a first environment of a computing system, a credential request transmitted by an external computing device using a secure communication protocol, the credential request including a transaction identifier and account identifier; transmitting, by the first environment, a data request to a second environment of the computing system, the data request including the account identifier; receiving, by the first environment, an account profile and session key from the second environment; transmitting, by the first environment, a cryptogram request to a third environment of the computing system, the cryptogram request including the account profile and session key; receiving, by the first environment, a cryptogram from the third environment generated using the account profile and session key; and transmitting, by the first environment, the cryptogram and transaction identifier to the external computing device via the secure communication protocol.

公开(公告)号：US09825946B2

公开(公告)日：2017-11-21

申请号：US14985664

申请日：2015-12-31

Applicant: MasterCard International Incorporated

Inventor： Mehdi Collinge ,  Michael Christopher Ward ,  Sandra Jansen

IPC: H04L29/06

CPC classification number: H04L63/0853 ,  G06Q20/00 ,  H04L63/0414 ,  H04L63/083 ,  H04L63/0876 ,  H04L63/10 ,  H04L63/123

Abstract: A method for enhanced validation of cryptograms for varying account number lengths includes: storing one or more primary account numbers and a plurality of formatting templates, each template being associated with an account number length; receiving a selection indicating a specific primary account number; identifying a specific formatting template where the associated account number length corresponds to a length of the specific primary account number; receiving an unpredictable number from a point of sale device; generating a cryptogram based on at least the unpredictable number and one or more algorithms; generating a data string, wherein the data string includes at least the generated cryptogram, the specific primary account number, and the unpredictable number, and wherein the data string is formatted based on the identified specific formatting template; and electronically transmitting the generated data string to the point of sale device.

公开(公告)号：US09508071B2

公开(公告)日：2016-11-29

申请号：US14636619

申请日：2015-03-03

Applicant: MasterCard International Incorporated

Inventor： Simon Phillips ,  Mark Britten ,  Mehdi Collinge

IPC: G06F19/00 ,  G06Q20/32 ,  H04L29/06 ,  G06Q20/38 ,  G06Q20/40

CPC classification number: G06Q20/4014 ,  G06F21/35 ,  G06Q20/322 ,  G06Q20/327 ,  G06Q20/38215 ,  G06Q20/3825 ,  G06Q20/40 ,  G06Q20/4012 ,  G06Q20/40145 ,  G06Q2220/00 ,  H04L9/3226 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/0861 ,  H04W12/06

Abstract: Back-up credentials data is stored for a user. A communication channel is established with a mobile device. A cryptogram is received from the mobile device, such that the cryptogram is relayed by the mobile device from an authentication device that interacted with the mobile device. The authentication device is associated with the user. The cryptogram is verified. In response to the verification of the cryptogram, the stored back-up credentials data is made accessible to the mobile device.

Abstract translation: 为用户存储备份凭据数据。 与移动设备建立通信信道。 从移动设备接收密码，使得密码由移动设备从与移动设备交互的认证设备中继。 认证设备与用户相关联。 验证密码。 响应密码的验证，存储的备份凭证数据使移动设备可访问。

公开(公告)号：US20230327863A1

公开(公告)日：2023-10-12

申请号：US18042961

申请日：2021-07-22

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi Collinge ,  Alan Johnson ,  Omar Laazimani

IPC: H04L9/08 ,  H04L9/14 ,  H04L9/06 ,  H04L9/32

CPC classification number: H04L9/0861 ,  H04L9/14 ,  H04L9/0618 ,  H04L9/3242

Abstract: A method of providing a secure service at a computing node is described. The secure service is for a requesting party external to the computing node. The following steps take place at the computing node. A service request is received from the requesting party. This service request comprises a request to generate a credential. The credential is then generated, and service-related information is obtained. The credential and the service-related information are encrypted using an encryption process to form an encrypted message part. A service-identifying clear message part is also created, and a message is sent comprising the clear message part and the encrypted message part to the requesting party. Methods of using such a message to validate the credential, and of using such a message to confirm the integrity of service-related information held in the message, are also described, as is computing apparatus adapted to carry out one or more of these methods.

公开(公告)号：US20220329409A1

公开(公告)日：2022-10-13

申请号：US17616533

申请日：2020-04-22

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi Collinge ,  Omar Laazimani ,  Cristian Radu

IPC: H04L9/08 ,  H04L9/32

Abstract: A method is described of managing service events in a distributed computing system. The distributed computing system comprises a plurality of computing nodes able to perform a service using a service process. The method takes place at one of the computing nodes. A service event is received or created. This service event is identified by a combination of a node identifier, a time element, and a local counter value. The local counter value represents a number of service events performed by a service process for a user since a last reset. The identified service event is then stored in a service process database according to node identifier and local counter values. The service process database is used to manage service events in the distributed system. Service events are removed from the service process database when no longer valid using the time element

公开(公告)号：US20210019728A1

公开(公告)日：2021-01-21

申请号：US16932657

申请日：2020-07-17

Applicant: Mastercard International Incorporated

Inventor： Mehdi Collinge ,  Alan Johnson

IPC: G06Q20/32 ,  G06Q20/40

Abstract: Currently, many aspects of electronic transactions have become digital, and may therefore be performed online using mobile devices. However, many of these possibilities have been adopted by no longer supporting legacy systems—in the newer and emerging economies, this does not create a major problem as they have few consumers using legacy systems and methods. But this lack of interoperability limits the adoption of legacy-compatible systems and method. It also restricts their adoption in other countries. In addition, the increased use of payment through such electronic transactions is increasing the frequency and amount of fraudulent transactions.
A computer-implemented electronic transaction method 400 is provided comprising: providing 270 a transaction identifier 150 to initiate an electronic transaction, the transaction identifier 150 comprising: a routing identifier 160; a serial number (174) not directly associated with the user 210; contextual information 190 comprising one or more parameters associated with the generation of the transaction identifier 150; verification information 180 comprising a value calculated deterministically using the serial number 174 and the contextual information 190. The transaction identifier 150 is conveyed to an Authenticator 600 using the routing identifier 160; who authenticates the transaction identifier 150 using the verification information 180, the serial number (174) and the contextual information 190, and allows initiation if it is considered authentic.
The authenticator has a high degree of freedom in defining the validity of the data contents. The improved transaction identifier may be adequately authenticated using data and values comprised in the improved transaction identifier itself. Optionally, additional external data or values (not comprised in the improved transaction identifier) may also be used. By using a serial number not directly associated with the user, more possibilities and more flexibility are provided to initiate electronic transactions, and in particular, electronic payment transactions.