-
公开(公告)号:US20170300716A1
公开(公告)日:2017-10-19
申请号:US15488276
申请日:2017-04-14
发明人: Hans Reisgies
CPC分类号: G06F21/6245 , G06F21/45 , G06F21/606 , G06F21/6209 , G06F21/72 , H04L9/0897 , H04L2209/805
摘要: A system for generation, storage, administration and use of one or more digital secrets in association with a portable electronic device. The system comprises a highly secured memory that stores only one or more master keys; a keystore implemented in the portable electronic device outside of the highly secured memory; one or more cryptography applets implemented in the portable electronic device outside of the highly secured memory; and a highly trusted intermediary module (ThIM) implemented outside of the highly secured memory, the ThIM establishes and manages a highly trusted communication conduit between the highly secured memory, the keystore, the one or more cryptography applets, and at least one third party application, wherein the ThIM polls the portable electronic device, the highly secured memory, the keystore, the one or more cryptography applets to determine a trust score, initialization cost, and transaction cost for each component in the portable electronic device, the ThIM providing a trusted third party application acceptable interaction parameters based on the trust score, the initialization cost, and the transaction cost, the ThIM managing highly trusted communications between the trusted third party application and the highly secured memory in accordance with the acceptable interaction parameters.
-
公开(公告)号:US09607298B2
公开(公告)日:2017-03-28
申请号:US14293688
申请日:2014-06-02
CPC分类号: G06Q20/3226 , G06F21/34 , G06F21/74 , G06Q20/204 , G06Q20/3567 , G06Q20/3574 , G06Q20/401 , H04L63/08 , H04L63/0807 , H04L63/20
摘要: A system for providing an application associated with a portable communication device the ability to communicate via a secure element. The system has a digital identifier and digital token operably associated with the application; a card services module that provides an application programming interface to the secure element; and a secure data table associated with the card services module. The secure data table includes a list of trusted applications each identifiable by paired digital identifier and token. The card services module [includes] compares the identifier and the token with each of the identifier-token pairs in the table until a match indicates the application is trusted. The card services module issues commands to the secure element based on an action requested by a trusted application in conjunction with the presentation of the digital token. A method of providing an application with the ability to communicate via secure element is also disclosed.
-
3.发明申请SYSTEM AND METHOD FOR PRESENTATION OF MULTIPLE NFC CREDENTIALS DURING A SINGLE NFC TRANSACTION 有权用于在单次NFC交易期间呈现多个NFC证书的系统和方法公开(公告)号:US20140358797A1
公开(公告)日:2014-12-04
申请号:US14462011
申请日:2014-08-18
发明人: Hans Reisgies , David Brudnicki , Andrew Weinstein
CPC分类号: G06Q20/3821 , G06Q20/20 , G06Q20/322 , G06Q20/3278 , G06Q20/401 , G06Q2220/00 , H04B5/0031 , H04B5/0062 , H04L63/08 , H04L63/105
摘要: A system for presentation of multiple NFC credentials via an NFC baseband in a portable communication device during a single NFC transaction. The system comprises a secure element having a directory of available NFC credentials stored therein, wherein the ordering of the available NFC credentials usually indicates the priority. The system further comprises a pre-determined multiple-credential start Application ID (AID) wherein the directory includes a plurality of NFC credentials after the pre-determined multiple-credential start AID. A method for presenting multiple NFC credentials during a single NFC transaction is also disclosed.
摘要翻译: 一种用于在单个NFC交易期间通过便携式通信设备中的NFC基带呈现多个NFC凭证的系统。 该系统包括具有存储在其中的可用NFC证书的目录的安全元件,其中可用NFC证书的排序通常指示优先级。 系统还包括预定的多凭证开始应用程序ID(AID),其中目录在预定的多凭证启动AID之后包括多个NFC凭证。 还公开了在单个NFC交易期间呈现多个NFC凭证的方法。
-
4.发明申请公开(公告)号:US20220358484A1
公开(公告)日:2022-11-10
申请号:US17687464
申请日:2022-03-04
发明人: David Brudnicki , Michael Craft , Hans Reisgies , Andrew Weinstein , Miller Abel , Kaushik Roy
摘要: A system for issuing a dynamic temporary credential to a portable communication device for use in a transaction with an electronic control point. The system receives the current geo-location of the portable communication device and transmits a dynamic temporary credential to the portable communication device from the centralized computer. The system further scores the risk in authorizing a transaction associated with an electronic control point using the dynamic temporary credential it issued. The system may prevent the transmission of the dynamic temporary credential until the end user has been authenticated, which may include verifying one or more of a manually input passcode, the unique digital signature of the portable communication device, and know your customer queries. The system may further include a validation mapping gateway operably connected to one or more issuers that substitutes legacy payment data for the dynamic temporary credential in a payment transaction before sending the payment transaction along with the risk score to the issuer associated with the legacy payment data.
-
公开(公告)号:US20220284431A1
公开(公告)日:2022-09-08
申请号:US17827456
申请日:2022-05-27
发明人: Hans Reisgies , Peter Milov
摘要: A system and method for electronic payment that involves generating and then using a temporary token based on a legacy PAN (Primary Account Number) to conduct an electronic transaction. The token is generated by transforming the PAN using specific inputs such that the original PAN can be recovered by manipulating the token in various ways as disclosed herein. One potential manipulation that may be used is encryption/decryption. The token is transmitted to a portable electronic device such that the portable electronic device may present the token to a point-of-sale device. The POS communicates the token to a server which validates the token by, among other things, recovering the PAN. If the PAN is recovered as expected a validation message is returned to the POS device.
-
公开(公告)号:US11348105B2
公开(公告)日:2022-05-31
申请号:US16736597
申请日:2020-01-07
发明人: Hans Reisgies , Peter Milov
摘要: A system and method for electronic payment that involves generating and then using a temporary token based on a legacy PAN (Primary Account Number) to conduct an electronic transaction. The token is generated by transforming the PAN using specific inputs such that the original PAN can be recovered by manipulating the token in various ways as disclosed herein. One potential manipulation that may be used is encryption/decryption. The token is transmitted to a portable electronic device such that the portable electronic device may present the token to a point-of-sale device. The POS communicates the token to a server which validates the token by, among other things, recovering the PAN. If the PAN is recovered as expected a validation message is returned to the POS device.
-
7.发明申请SYSTEM AND METHOD FOR PROVIDING DIVERSE SECURE DATA COMMUNICATION PERMISSIONS TO TRUSTED APPLICATIONS ON A PORTABLE COMMUNICATION DEVICE 审中-公开将便携式通信设备的多媒体数据通信许可证提供给受信任应用的系统和方法公开(公告)号:US20140223510A1
公开(公告)日:2014-08-07
申请号:US14250720
申请日:2014-04-11
IPC分类号: H04L29/06
CPC分类号: G06Q20/3226 , G06F21/34 , G06F21/74 , G06Q20/204 , G06Q20/3567 , G06Q20/3574 , G06Q20/401 , H04L63/08 , H04L63/0807 , H04L63/20
摘要: A system for providing first and second trusted applications diverse permission to communicate via a secure element. The system comprising first digital identifier and digital token operably associated with the first trusted application; a second digital identifier and digital token operably associated with the second trusted application. The system further includes a card services module that provides an application programming interface to the secure element supported by a secure data table including first and second sets of permissions. The card services module issues one or more commands to the secure element based on a first action requested by the first trusted application in conjunction with the presentation of the first digital token only if the one or more commands will not violate the first set of permissions. A method is also disclosed.
摘要翻译: 一种用于提供第一和第二可信应用的不同许可通过安全元件进行通信的系统。 该系统包括与第一可信应用可操作地相关联的第一数字标识符和数字令牌; 可操作地与第二可信应用相关联的第二数字标识符和数字令牌。 该系统还包括一个卡服务模块,该卡服务模块向包括第一和第二组权限的安全数据表支持的安全元件提供应用程序编程接口。 仅当所述一个或多个命令不违反第一组权限时,卡服务模块才基于第一可信应用所请求的第一动作与所述第一数字令牌的呈现一起向所述安全元件发出一个或多个命令。 还公开了一种方法。
-
公开(公告)号:US20200320531A1
公开(公告)日:2020-10-08
申请号:US16736597
申请日:2020-01-07
发明人: Hans Reisgies , Peter Milov
摘要: A system and method for electronic payment that involves generating and then using a temporary token based on a legacy PAN (Primary Account Number) to conduct an electronic transaction. The token is generated by transforming the PAN using specific inputs such that the original PAN can be recovered by manipulating the token in various ways as disclosed herein. One potential manipulation that may be used is encryption/decryption. The token is transmitted to a portable electronic device such that the portable electronic device may present the token to a point-of-sale device. The POS communicates the token to a server which validates the token by, among other things, recovering the PAN. If the PAN is recovered as expected a validation message is returned to the POS device.
-
公开(公告)号:US20170061403A1
公开(公告)日:2017-03-02
申请号:US15246281
申请日:2016-08-24
发明人: Hans Reisgies , Peter Milov
摘要: A system and method for electronic payment that involves generating and then using a temporary token based on a legacy PAN (Primary Account Number) to conduct an electronic transaction. The token is generated by transforming the PAN using specific inputs such that the original PAN can be recovered by manipulating the token in various ways as disclosed herein. One potential manipulation that may be used is encryption/decryption. The token is transmitted to a portable electronic device such that the portable electronic device may present the token to a point-of-sale device. The POS communicates the token to a server which validates the token by, among other things, recovering the PAN. If the PAN is recovered as expected a validation message is returned to the POS device.
摘要翻译: 一种用于电子支付的系统和方法,涉及基于传统PAN(主帐号)生成并随后使用临时令牌进行电子交易。 令牌是通过使用特定输入来转换PAN来生成的,使得可以通过以如本文所公开的各种方式操纵令牌来恢复原始PAN。 可能使用的一个潜在的操作是加密/解密。 令牌被发送到便携式电子设备,使得便携式电子设备可将令牌呈现给销售点设备。 POS将令牌传达到通过(其中包括)恢复PAN来验证令牌的服务器。 如果按照预期恢复PAN,则将验证消息返回给POS设备。
-
10.发明申请SYSTEM AND METHOD FOR PROVIDING DIVERSE SECURE DATA COMMUNICATION PERMISSIONS TO TRUSTED APPLICATIONS ON A PORTABLE COMMUNICATION DEVICE 审中-公开将便携式通信设备的多媒体数据通信许可证提供给受信任应用的系统和方法公开(公告)号:US20160224961A1
公开(公告)日:2016-08-04
申请号:US14987507
申请日:2016-01-04
摘要: A system for providing first and second trusted applications diverse permission to communicate via a secure element. The system comprising first digital identifier and digital token operably associated with the first trusted application; a second digital identifier and digital token operably associated with the second trusted application. The system further includes a card services module that provides an application programming interface to the secure element supported by a secure data table including first and second sets of permissions. The card services module issues one or more commands to the secure element based on a first action requested by the first trusted application in conjunction with the presentation of the first digital token only if the one or more commands will not violate the first set of permissions. A method is also disclosed.
摘要翻译: 一种用于提供第一和第二可信应用的不同许可通过安全元件进行通信的系统。 该系统包括与第一可信应用可操作地相关联的第一数字标识符和数字令牌; 可操作地与第二可信应用相关联的第二数字标识符和数字令牌。 该系统还包括一个卡服务模块,该卡服务模块向包括第一和第二组权限的安全数据表支持的安全元件提供应用程序编程接口。 仅当所述一个或多个命令不违反第一组权限时,卡服务模块基于第一可信应用所请求的第一动作结合第一数字令牌的显示向安全元件发出一个或多个命令。 还公开了一种方法。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.015 秒)
