	US 11,908,262 B2
	Token based secure access to a locker system
Kevin Osborn, Newton Highlands, MA (US); Matt J. Oliver, Whitney, TX (US); and Lin Ni Lisa Cheng, New York, NY (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Nov. 18, 2021, as Appl. No. 17/530,273.
Prior Publication US 2023/0154260 A1, May 18, 2023
Int. Cl. G07C 9/22 (2020.01); G07C 9/00 (2020.01); H04L 9/32 (2006.01); H04L 9/00 (2022.01)

CPC G07C 9/22 (2020.01) [G07C 9/00309 (2013.01); G07C 9/00896 (2013.01); H04L 9/3213 (2013.01); H04L 9/3242 (2013.01); H04L 9/50 (2022.05); H04L 2209/80 (2013.01)]

15 Claims

1. A locker system, comprising:

a memory configured to store a master key;

a communication interface; and

a processor coupled to the memory and the communication interface, and configured to:

receive a token through the communication interface to unlock a locker identified by a unique locker identifier, wherein the token includes token data, and a message authentication code (MAC) to authenticate the token data, wherein the MAC is generated using a secret key obtained based on a unique derivation key (UDK) associated with the master key, and wherein the token data includes at least the unique locker identifier, wherein the locker is located in a locker bank identified by a unique locker bank identifier, and wherein the UDK is generated based on the master key and the unique locker bank identifier, and the secret key is a session key generated based on the UDK and a transaction counter;

determine whether the token is valid based on the token data, the MAC, and the secret key; and

send a signal to unlock the locker in response to a determination that the token is valid.