US2012130905A1PendingUtilityA1

Transaction verification on rfid enabled payment and transaction instruments

Assignee: TSUDIK GENEPriority: Nov 9, 2010Filed: Oct 31, 2011Published: May 24, 2012
Est. expiryNov 9, 2030(~4.3 yrs left)· nominal 20-yr term from priority
H04L 2463/082H04L 2463/121G06Q 20/352G06F 21/36H04L 2209/56H04L 63/0823H04L 9/3226G07F 7/0846G07F 7/0873H04L 2209/805H04L 2463/102H04L 63/126G06Q 20/40G07F 7/0853H04L 9/0838G06Q 20/401H04W 12/069G06F 21/34G06Q 20/3278
41
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A display enabled RFID tag (DERT) receives transaction details from the reader. DERT verifies that the details match their counterparts in the reader public key certificate. The process is aborted in case of a mismatch. DERT extracts and displays user-verifiable data. It then enters a countdown stage that lasts for a predetermined duration. A user observes the transaction information and, if the transaction amount and other details are deemed correct, presses an accept button provided on the DERT before the timer runs out. DERT signs the time-stamped transaction statement and sends it to the reader. This signed statement is then sent to the payment gateway and eventually to the financial institution that issued the payment DERT.

Claims

exact text as granted — not AI-modified
1 . A method for securing the communication of a wireless, interface-constrained device with a reader comprising:
 providing the wireless, interface-constrained device with a passive display, where the wireless, interface-constrained device is capable of generating a random number and is characterized by a personal identification number (PIN) having a predetermined number of numbers;   generating the random number with the same length as the PIN;   displaying the random number with the wireless, interface-constrained device;   using a reader keypad to change the displayed random number on the wireless, interface-constrained device to the PIN; and   performing a matching algorithm in the wireless, interface-constrained device, so that if the PIN was entered correctly, the wireless, interface-constrained device unlocks itself for communication with the reader, otherwise the wireless, interface-constrained device remains locked,   whereby user-to-tag authentication is performed.   
     
     
         2 . The method of  claim 1  further comprising masking all numbers displayed on the wireless, interface-constrained device except the one currently being modified to reduce vulnerability to spying. 
     
     
         3 . A method for securing the communication of a wireless, interface-constrained device with a reader comprising:
 providing the wireless, interface-constrained device with a timer, passive display and a user-controlled input;   receiving transaction details in the wireless, interface-constrained device from the reader;   verifying that the transaction details match their counterparts in the reader PKC, otherwise aborting communication in case of a mismatch;   extracting and displaying selected user-verifiable data relating to the transaction;   initiating a countdown for a predetermined duration;   observing the selected extracted and displayed transaction information by a user and, if the selected extracted and displayed transaction information is deemed correct by the user, activating the user-controlled input before the countdown ends;   aborting communication with the reader if the user deems that the selected extracted and displayed transaction information is incorrect, or if the countdown ends;   detecting activation of the user-controlled input;   automatically authorizing a time-stamped transaction statement to be sent to the reader if communication with the reader is allowed by the user; and   completing the transaction through the reader if authorized,   whereby transaction verification is performed.   
     
     
         4 . The method of  claim 1  for securing the communication of a wireless, interface-constrained device with a reader comprising:
 providing the wireless, interface-constrained device with a timer, and a user-controlled input; 
 receiving in the wireless, interface-constrained device a Certificate Revocation List (CRL) and the reader's Public Key Certificate (PKC) from the reader; 
 if either CRLexp or PKCexp, where CRLexp and PKCexp are the expiration times of CRL and PKC, respectively, is smaller than Tagcurr, the last valid time-stamp encountered by the wireless, interface-constrained device, or if CRLiss≧PKCexp, where CRLiss is the issuance time of the CRL, aborting the communication with the reader; 
 determining in the wireless, interface-constrained device whether the CRL from the reader includes the serial number of the reader certificate and if so, aborting the communication with the reader; 
 checking in the wireless, interface-constrained device the Certificate Authority (CA) signatures of the PKC and CRL from the reader, and if either check fails, aborting the communication with the reader; 
 If CRLiss or PKCiss is more recent than the currently stored date in the wireless, interface-constrained device, where PKCiss is the issuance time of the PKC, updating the stored date stored in the wireless, interface-constrained device to the more recent of CRLiss and PKCiss; 
 displaying the lesser of CRLexp and PKCexp in the wireless, interface-constrained device and entering a countdown of fixed duration; 
 deciding by means of user discernment whether the displayed time-stamp, namely the lesser of CRLexp and PKCexp, is in the future, and if so, activating the user-controlled input before the countdown ends; 
 detecting activation of the user-controlled input; and 
 allowing communication with the reader, otherwise automatically aborting communication with the reader if activation of the user-controlled input is not detected before the countdown ends or if the user otherwise activates a user-controlled rejection input. 
 
     
     
         5 . A method for securing the communication of a wireless, interface-constrained device comprising:
 providing the wireless, interface-constrained device with a passive display and capability of generating a random pass code for device pairing and running a secret based key agreement protocol;   generating and displaying a pass code in wireless, interface-constrained device;   prompting a user of a paired device to enter the pass code; and   using the pass code to perform an authenticated key agreement protocol to establish a common key between the wireless, interface-constrained device and paired device and to confirm its possession by both the wireless, interface-constrained device and the paired device.   
     
     
         6 . A wireless, interface-constrained device adapted to communicate with a reader with a reader keypad comprising:
 a passive display;   a random number generator;   a memory for a personal identification number (PIN) having a predetermined number of numbers, the random number with the same length as the PIN;   a circuit for communicating with the reader so that the displayed random number on the wireless, interface-constrained device can be changed to the PIN by use of the reader keypad; and   a processor coupled to the display, random number generator, memory and circuit for communicating, the processor for performing a matching algorithm, so that if the PIN is entered correctly, the wireless, interface-constrained device unlocks itself for further communication with the reader, otherwise the wireless, interface-constrained device remains locked,   whereby user-to-tag authentication is performed.   
     
     
         7 . The device of  claim 6  where the processor is arranged and configured to mask all numbers displayed on the display except the one currently being modified to reduce vulnerability to spying. 
     
     
         8 . A wireless, interface-constrained device for securing communication with a reader with a Public Key Certificate (PKC) comprising:
 a timer;   a passive display;   a user-controlled input;   a circuit for communicating with the reader for receiving transaction details from the reader;   a processor coupled to the timer, display, user-controlled input and the circuit for communicating, the processor for verifying that the transaction details match their counterparts in the reader Public Key Certificate (PKC), otherwise aborting communication in case of a mismatch, for extracting and displaying selected user-verifiable data relating to the transaction;   where the timer initiates a countdown for a predetermined duration during which time a user observes the selected extracted and displayed transaction information and, if the selected extracted and displayed transaction information is deemed correct by the user, activates the user-controlled input before the countdown ends;   where the processor detects activation of the user-controlled input, aborts communication with the reader if the user deems that the selected extracted and displayed transaction information is incorrect, or if the countdown ends, otherwise the processor automatically authorizes a time-stamped transaction statement to be sent to the reader if communication with the reader is allowed by the user, and completes the transaction through the reader if authorized,   whereby transaction verification is performed.   
     
     
         9 . The wireless, interface-constrained device of  claim 6  for securing the communication with a reader comprising:
 a timer; 
 a user-controlled input; 
 where the circuit for communicating with the reader receives a Certificate Revocation List (CRL) and the reader's Public Key Certificate (PKC) from the reader;. 
 where the processor is coupled to the timer, display, user-controlled input and the circuit for communicating, the processor for aborting communication with the reader, if either CRLexp or PKCexp, where CRLexp and PKCexp are the expiration times of CRL and PKC, respectively, is smaller than Tagcurr, the last valid time-stamp encountered by the wireless, interface-constrained device, or if CRLiss≧PKCexp, where CRLiss is the issuance time of the CRL, for determining whether the CRL from the reader includes the serial number of the reader certificate and if so, aborting the communication with the reader, for checking the Certificate Authority (CA) signatures of the PKC and CRL from the reader, and if either check fails aborting the communication with the reader, for updating a stored date to a more recent of CRLiss and PKCiss, if CRLiss or PKCiss is more recent than the currently stored date, where PKCiss is the issuance time of the PKC, for displaying the lesser of CRLexp and PKCexp in the display and initiating a countdown by the timer of fixed duration; 
 where a user decides whether the displayed time-stamp, namely the lesser of CRLexp and PKCexp, is in the future, and if so activates the user-controlled input before the countdown by the timer ends; and 
 where the processor detects activation of the user-controlled input and allows communication with the reader, otherwise automatically aborts communication with the reader if activation of the user-controlled input is not detected before the countdown by the timer ends. 
 
     
     
         10 . The device of  claim 9  further comprising a user-controlled rejection input and where the processor aborts communication with the reader if the user activates the user-controlled rejection input. 
     
     
         11 . A wireless, interface-constrained device adapted for communication with a paired device comprising:
 a passive display;   a memory for storing a random pass code for device pairing;   a circuit for communicating with the paired device; and   a processor coupled to the display, the memory and the circuit for communicating, the processor for running a secret based key agreement protocol, for generating and displaying a pass code in the display, for sending a prompt to a user of the paired device to enter the pass code, and for using the pass code to perform an authenticated key agreement protocol to establish a common key with paired device and to confirm possession of the pass code by both the wireless, interface-constrained device and the paired device.   
     
     
         12 . The method of  claim 1  further comprising:
 providing the wireless, interface-constrained device with a timer, and a user-controlled input; 
 receiving transaction details in the wireless, interface-constrained device from the reader; 
 verifying that the transaction details match their counterparts in the reader PKC, otherwise aborting communication in case of a mismatch; 
 extracting and displaying selected user-verifiable data relating to the transaction; 
 initiating a countdown for a predetermined duration; 
 observing the selected extracted and displayed transaction information by a user and, if the selected extracted and displayed transaction information is deemed correct by the user, activating the user-controlled input before the countdown ends; 
 aborting communication with the reader if the user deems that the selected extracted and displayed transaction information is incorrect, or if the countdown ends; 
 detecting activation of the user-controlled input; 
 automatically authorizing a time-stamped transaction statement to be sent to the reader if communication with the reader is allowed by the user; and 
 completing the transaction through the reader if authorized, 
 whereby transaction verification is performed. 
 
     
     
         13 . The method of  claim 1  further comprising:
 providing the wireless, interface-constrained device with a timer, and a user-controlled input; 
 receiving in the wireless, interface-constrained device a Certificate Revocation List (CRL) and the reader's Public Key Certificate (PKC) from the reader;. 
 if either CRLexp or PKCexp, where CRLexp and PKCexp are the expiration times of CRL and PKC, respectively, is smaller than Tagcurr, the last valid time-stamp encountered by the wireless, interface-constrained device, or if CRLiss≧PKCexp, where CRLiss is the issuance time of the CRL, aborting the communication with the reader; 
 determining in the wireless, interface-constrained device whether the CRL from the reader includes the serial number of the reader certificate and if so, aborting the communication with the reader; 
 checking in the wireless, interface-constrained device the Certificate Authority (CA) signatures of the PKC and CRL from the reader, and if either check fails, aborting the communication with the reader; 
 If CRLiss or PKCiss is more recent than the currently stored date in the wireless, interface-constrained device, where PKCiss is the issuance time of the PKC, updating the stored date stored in the wireless, interface-constrained device to the more recent of CRLiss and PKCiss; 
 displaying the lesser of CRLexp and PKCexp in the wireless, interface-constrained device and entering a countdown of fixed duration; 
 deciding by means of user discernment whether the displayed time-stamp, namely the lesser of CRLexp and PKCexp, is in the future, and if so, activating the user-controlled input before the countdown ends; 
 detecting activation of the user-controlled input; and 
 allowing communication with the reader, otherwise automatically aborting communication with the reader if activation of the user-controlled input is not detected before the countdown ends or if the user otherwise activates a user-controlled rejection input. 
 
     
     
         14 . The method of  claim 1  further comprising:
 providing the wireless, interface-constrained device with a passive display and capability of generating a random pass code for device pairing and running a secret based key agreement protocol; 
 generating and displaying a pass code in wireless, interface-constrained device; 
 prompting a user of a paired device to enter the pass code; and 
 using the pass code to perform an authenticated key agreement protocol to establish a common key between the wireless, interface-constrained device and paired device and to confirm its possession by both the wireless, interface-constrained device and the paired device.

Join the waitlist — get patent alerts

Track US2012130905A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.