公开(公告)号：US11829999B2

公开(公告)日：2023-11-28

申请号：US16682357

申请日：2019-11-13

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi Collinge ,  Susan Thompson ,  Patrik Smets ,  David Anthony Roberts ,  Michael Christopher Ward

IPC: G06Q20/38 ,  G06Q20/32 ,  G06Q20/40

CPC classification number: G06Q20/3823 ,  G06Q20/322 ,  G06Q20/385 ,  G06Q20/405 ,  G06Q20/4012

Abstract: A system and method for generating and provisioning payment credentials to a mobile device lacking a secure element includes receiving and storing by the mobile device a card profile from a remote system. The card profile may include payment credentials corresponding to a payment account and a profile identifier. The mobile device may receive a mobile personal identification number (PIN) input by a user of the mobile device and transmit a key request to the remote system. The mobile device may receive a single use key which may include an application transaction counter and a generating key from the remote system. The mobile device may generate a payment cryptogram valid for a single financial transaction based on the received single use key and the mobile PIN and transmit the payment credentials and the generated payment cryptogram to a point-of-sale terminal for use in a financial transaction.

公开(公告)号：US10572873B2

公开(公告)日：2020-02-25

申请号：US13769059

申请日：2013-02-15

Applicant: MasterCard International Incorporated

Inventor： Colin Tanner ,  David Anthony Roberts ,  Susan Thompson ,  Clive Leader

IPC: G06Q20/38 ,  G06Q20/34 ,  G06Q20/40 ,  G06Q20/32

Abstract: A method for verifying the source of an authorization request includes: storing an integrated circuit card (ICC) master key; receiving an authorization request for a transaction, wherein the request includes an ICC dynamic number, and the ICC dynamic number is extracted from signed data, based on the ICC master key, generated by a payment card during combined data authentication (CDA); verifying the authenticity of the ICC dynamic number using the stored ICC master key; and transmitting the authorization request to a third party. A method for transmitting an authentic authorization request includes: storing payment card data, the data including an ICC master key associated with the payment card; authenticating the card data using CDA to generate signed data; extracting, from the signed data, an ICC dynamic number based on the ICC master key; and transmitting an authorization request for a transaction, the request including the extracted ICC dynamic number.

公开(公告)号：US20180183579A1

公开(公告)日：2018-06-28

申请号：US15822669

申请日：2017-11-27

Applicant: MasterCard International Incorporated

Inventor： David Anthony Roberts ,  Alan Mushing ,  Susan Thompson

IPC: H04L9/08 ,  G06F21/53 ,  H04W4/00 ,  G06Q20/38

Abstract: A method of refreshing key material is described for use in a trusted execution environment logically protected from a regular execution environment. The trusted execution environment further comprises a key identifier. New key material is received at the trusted execution environment to replace existing key material. The key identifier is set to a new value to indicate that new key material is present. The new value of the key identifier is provided directly or indirectly to other parties in association with cryptographic outputs provided by the trusted execution environment using the refreshed key material. This approach is described in connection with an application executing securely on a mobile device.

公开(公告)号：US10515359B2

公开(公告)日：2019-12-24

申请号：US13827042

申请日：2013-03-14

Applicant: MasterCard International Incorporated

Inventor： Mehdi Collinge ,  Susan Thompson ,  Patrik Smets ,  David Anthony Roberts ,  Michael Christopher Ward

IPC: G06Q20/38 ,  G06Q20/40 ,  G06Q20/32

Abstract: A method for generating and provisioning payment credentials to a mobile device lacking a secure element includes: generating a card profile associated with a payment account, wherein the card profile includes at least payment credentials corresponding to the associated payment account and a profile identifier; provisioning, to a mobile device lacking a secure element, the generated card profile; receiving, from the mobile device, a key request, wherein the key request includes at least a mobile identification number (PIN) and the profile identifier; using the mobile PIN; generating a single use key, wherein the single use key includes at least the profile identifier, an application transaction counter, and a generating key for use in generating a payment cryptogram valid for a single financial transaction; and transmitting the generated single use key to the mobile device.

公开(公告)号：US20180181947A1

公开(公告)日：2018-06-28

申请号：US15824342

申请日：2017-11-28

Applicant: MasterCard International Incorporated

Inventor： David Anthony Roberts ,  Alan Mushing ,  Susan Thompson

IPC: G06Q20/32 ,  H04L9/30 ,  H04L9/00

CPC classification number: G06Q20/3227 ,  G06F21/14 ,  H04L9/002 ,  H04L9/0841 ,  H04L9/0891 ,  H04L9/3013 ,  H04L9/3066 ,  H04L9/321 ,  H04L63/0823 ,  H04L2209/16 ,  H04L2209/56

Abstract: A method is described for transferring secrets from a first cryptographic system installed on a computing device to a second cryptographic system installed on the computing device to enable the second cryptographic system to replace the first cryptographic system.

公开(公告)号：US09218479B2

公开(公告)日：2015-12-22

申请号：US14463054

申请日：2014-08-19

Applicant: MasterCard International Incorporated

Inventor： Mehdi Collinge ,  Susan Thompson ,  Axel Emile Jean Charles Cateland

IPC: H04L29/06 ,  G06F21/44

CPC classification number: G06F21/44 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/18

Abstract: A method for authenticating a computing device includes: storing an account profile, the profile including data related to a service account including an alphanumeric code; generating a session identifier and a seed value; computing a first hash using the session identifier; computing a second hash using the session identifier and the alphanumeric code; computing a third hash using the second hash and a utilized seed value; transmitting the session identifier to a computing device via a first communication protocol; transmitting the session identifier and first hash to a remote notification service for transmission to the computing device via a second communication protocol; receiving a fourth hash and the session identifier from the computing device via the first communication protocol; validating the fourth hash based on a comparison of the fourth hash and the computed third hash; and transmitting a validation result to the computing device based on the validation step.

Abstract translation: 用于认证计算设备的方法包括：存储帐户简档，所述简档包括与包括字母数字代码的服务帐户相关的数据; 生成会话标识符和种子值; 使用会话标识符计算第一散列; 使用会话标识符和字母数字代码来计算第二散列; 使用所述第二散列和所使用的种子值来计算第三散列; 经由第一通信协议将会话标识符发送到计算设备; 将所述会话标识符和第一散列发送到远程通知服务，以经由第二通信协议传输到所述计算设备; 经由第一通信协议从计算设备接收第四散列和会话标识符; 基于第四散列和所计算的第三散列的比较来验证第四散列; 以及基于所述验证​​步骤将验证结果发送到所述计算设备。

公开(公告)号：US20130262317A1

公开(公告)日：2013-10-03

申请号：US13827042

申请日：2013-03-14

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi COLLINGE ,  Susan Thompson ,  Patrik Smets ,  David Anthony Roberts ,  Michael Christopher Ward

IPC: G06Q20/38

CPC classification number: G06Q20/3823 ,  G06Q20/322 ,  G06Q20/385 ,  G06Q20/4012 ,  G06Q20/405

Abstract: A method for generating and provisioning payment credentials to a mobile device lacking a secure element includes: generating a card profile associated with a payment account, wherein the card profile includes at least payment credentials corresponding to the associated payment account and a profile identifier; provisioning, to a mobile device lacking a secure element, the generated card profile; receiving, from the mobile device, a key request, wherein the key request includes at least a mobile identification number (PIN) and the profile identifier; using the mobile PIN; generating a single use key, wherein the single use key includes at least the profile identifier, an application transaction counter, and a generating key for use in generating a payment cryptogram valid for a single financial transaction; and transmitting the generated single use key to the mobile device.

Abstract translation: 一种用于向缺少安全元件的移动设备生成和提供支付凭证的方法包括：生成与支付账户相关联的卡配置文件，其中所述卡配置文件至少包括对应于相关支付帐户的支付凭证和配置文件标识符; 提供给缺少安全元件的移动设备，生成的卡简档; 从所述移动设备接收密钥请求，其中所述密钥请求至少包括移动标识号（PIN）和所述简档标识符; 使用移动PIN; 生成单个使用密钥，其中所述单一使用密钥至少包括所述简档标识符，应用交易计数器和用于生成对单个金融交易有效的支付密码的生成密钥; 以及将生成的单次使用密钥发送到移动设备。

公开(公告)号：US10778416B2

公开(公告)日：2020-09-15

申请号：US15822669

申请日：2017-11-27

Applicant: MasterCard International Incorporated

Inventor： David Anthony Roberts ,  Alan Mushing ,  Susan Thompson

IPC: H04L9/08 ,  H04W12/04 ,  G06Q20/38 ,  G06Q20/32 ,  G06Q20/34 ,  G06Q20/12 ,  H04W4/60 ,  G06F21/53 ,  G06F21/74

Abstract: A method of refreshing key material is described for use in a trusted execution environment logically protected from a regular execution environment. The trusted execution environment further comprises a key identifier. New key material is received at the trusted execution environment to replace existing key material. The key identifier is set to a new value to indicate that new key material is present. The new value of the key identifier is provided directly or indirectly to other parties in association with cryptographic outputs provided by the trusted execution environment using the refreshed key material. This approach is described in connection with an application executing securely on a mobile device.