US 12,093,954 B2
Method and system for secure authentication of user and mobile device without secure elements
Mehdi Collinge, Mont-Sainte-Aldegonde (BE); Patrik Smets, Nijlen (BE); and Axel Emile Jean Charles Cateland, Scarsdale, NY (US)
Assigned to MASTERCARD INTERNATIONAL INCORPORATED, Purchase, NY (US)
Filed by MASTERCARD INTERNATIONAL INCORPORATED, Purchase, NY (US)
Filed on Apr. 13, 2022, as Appl. No. 17/719,675.
Application 17/719,675 is a division of application No. 14/558,189, filed on Dec. 2, 2014, granted, now 11,334,890.
Claims priority of provisional application 61/996,665, filed on May 14, 2014.
Claims priority of provisional application 61/980,784, filed on Apr. 17, 2014.
Claims priority of provisional application 61/979,122, filed on Apr. 14, 2014.
Claims priority of provisional application 61/979,132, filed on Apr. 14, 2014.
Claims priority of provisional application 61/979,113, filed on Apr. 14, 2014.
Claims priority of provisional application 61/955,716, filed on Mar. 19, 2014.
Claims priority of provisional application 61/951,842, filed on Mar. 12, 2014.
Claims priority of provisional application 61/910,819, filed on Dec. 2, 2013.
Prior Publication US 2022/0245630 A1, Aug. 4, 2022
Int. Cl. G06Q 20/40 (2012.01); G06Q 20/38 (2012.01); H04L 9/40 (2022.01); H04W 12/041 (2021.01)
CPC G06Q 20/4012 (2013.01) [G06Q 20/3821 (2013.01); G06Q 20/3829 (2013.01); H04L 63/0428 (2013.01); H04L 63/06 (2013.01); H04L 63/062 (2013.01); H04W 12/041 (2021.01); H04L 63/083 (2013.01); H04L 2463/102 (2013.01)] 12 Claims
OG exemplary drawing
 
1. A method for generating payment credentials in a payment transaction, comprising:
storing, in at least one memory of a processing server in a transaction system, at least a card master key associated with a transaction account and a single use key;
generating, by a processor of the processing server in the transaction system, a first session key based on at least the card master key stored in the at least one memory;
receiving, by an input device interfaced with a mobile device in the transaction system, a personal identification number (PIN) input by a user of the mobile device;
transmitting, by the mobile device in the transaction system, to the processing server, the PIN in a secure message;
receiving, by a receiver of the processing server, the PIN from the mobile device in the secure message;
generating, by the processor of the processing server, a second session key using the single use key stored in the at least one memory and the PIN received from the mobile device;
initiating, by the mobile device in the transaction system, a transaction with a point of sale via near field communication to trigger generation of two application cryptograms by the processing server;
in response to the mobile device initiating the transaction with the point of sale via near field communication, initiating, by the processor of the processing server, generation of two application cryptograms, wherein said initiating generation of two application cryptograms includes:
generating, by the processor of the processing server, a first application cryptogram based on at least the first session key stored in the at least one memory; and
generating, by the processor of the processing server, a second application cryptogram based on at least the second session key; and
transmitting, by a transmitter of the processing server, via the point sale, at least the first application cryptogram and second application cryptogram to a financial institution associated with the transaction account for use in the payment transaction.