| CPC H04W 12/03 (2021.01) [H04B 1/7163 (2013.01); H04L 9/088 (2013.01); H04L 9/3073 (2013.01); H04L 9/3271 (2013.01); H04W 12/041 (2021.01); H04W 12/08 (2013.01); H04W 12/106 (2021.01); H04W 12/122 (2021.01); H04W 76/10 (2018.02); H04L 2209/80 (2013.01)] | 15 Claims |
|
1. A method comprising:
forming a communication channel between a user device and an access device, wherein the communication channel is a primary communication channel;
securing the communication channel between the user device and the access device using a user device key pair in the user device and an access device ephemeral key pair in the access device;
generating, by the access device, a session key using at least a private cryptographic key in the access device ephemeral key pair and a public cryptographic key in the user device key pair;
using, by the access device, the session key to secure an ultra-wideband communication channel between the user device and the access device;
determining, by the access device, a distance between the access device and the user device based on the ultra-wideband communication channel;
comparing the distance to a predetermined threshold distance;
if the distance does not exceed the predetermined threshold distance, performing further communications with the user device over the primary communication channel, wherein the further communications comprise receiving a payment credential from the user device; and
generating and transmitting, by the access device, an authorization request message comprising the payment credential to an authorizing entity computer.
|