US 12,353,946 B2
Multipath authentication of security-relevant applications and devices
Ullrich Martini, Munich (DE)
Assigned to GIESECKE+DEVRIENT EPAYMENTS GMBH, Munich (DE)
Filed by Giesecke+Devrient ePayments GmbH, Munich (DE)
Filed on May 24, 2024, as Appl. No. 18/673,696.
Claims priority of application No. 102023113979.7 (DE), filed on May 26, 2023.
Prior Publication US 2024/0394487 A1, Nov. 28, 2024
Int. Cl. G06K 7/10 (2006.01); G06F 21/44 (2013.01); H04L 9/40 (2022.01); H04W 12/06 (2021.01)
CPC G06K 7/10366 (2013.01) [G06F 21/44 (2013.01); H04L 63/0853 (2013.01); H04W 12/06 (2013.01)] 13 Claims
OG exemplary drawing
 
1. A method for interaction between a card reader on which an application is executed and a chip card, the method comprising the following steps:
transmitting, by way of the card reader, a request to the chip card;
providing, by way of the chip card, an identifier;
transferring the identifier from the chip card to the card reader;
initiating, by way of the card reader, an attestation of the application by an attestation authority;
transferring, by way of the card reader, an attestation request for the application to the attestation authority;
receiving, by way of the card reader, an attestation response provided by the attestation authority;
transferring, by way of the card reader, the attestation response and the identifier to a service;
checking the attestation response for validity;
if the attestation response is valid:
signing, by way of the service, the identifier;
transferring, by way of the service, the signed identifier to the chip card;
checking, by way of the chip card, a validity of the signed identifier;
providing the application with functions of the chip card if the signed identifier is valid.