| CPC G06F 21/44 (2013.01) [G06F 21/33 (2013.01); G06F 21/602 (2013.01); G06F 21/606 (2013.01)] | 20 Claims |
|
1. A method comprising:
determining, by a contactless access device, an interaction value associated with an interaction;
responsive to determining the interaction value, prompting, by the contactless access device, a user operating a user device for a secret;
receiving, by the contactless access device, the secret from the user;
after receiving the secret from the user, receiving, by the contactless access device from the user device, an initial communication from the user device over a wireless communication medium;
receiving, by the contactless access device from the user device, a user device certificate comprising a public key;
verifying, by the contactless access device, the user device certificate;
concatenating, by the contactless access device, at least the secret and an unpredictable number to form a concatenated value;
encrypting, by the contactless access device, the concatenated value with the public key;
transmitting, by the contactless access device, the encrypted concatenated value over the wireless communication medium to the user device, wherein the user device decrypts the encrypted concatenated value with a private key corresponding to the public key, verifies the unpredictable number, verifies the secret by comparing the secret to another secret stored in the user device, determines whether or not the interaction is approved based at least upon the verification of the secret, produces a user device interaction authorization result, and then provides the user device interaction authorization result to the contactless access device; and
receiving, by the contactless access device from the user device, the user device interaction authorization result,
wherein the public key is a secret encipherment public key, and wherein the user device certificate includes the secret encipherment public key and a user device public key.
|