CPC G06F 21/31 (2013.01) [H04L 9/3213 (2013.01); H04W 4/80 (2018.02); H04W 12/02 (2013.01); H04W 12/033 (2021.01); H04W 12/037 (2021.01); H04W 12/041 (2021.01); H04W 12/0431 (2021.01); H04W 12/0471 (2021.01); H04W 12/08 (2013.01); H04L 2209/56 (2013.01)] | 20 Claims |
1. A method comprising:
receiving, by a remote server, an authorization request message from an access device during a transaction between the access device and a portable communication device, the portable communication device comprising a first limited use key;
determining, by the remote server, a second limited use key;
modifying, by the remote server, an authorization response message to include the second limited use key; and
transmitting, by the remote server, the modified authorization response message comprising the second limited use key to the access device,
wherein the authorization request message further comprises a token and a cryptogram obtained by the access device from the portable communication device, the cryptogram generated with the first limited use key, and wherein the method further comprises:
verifying, by the remote server, the cryptogram.
|