US 12,112,322 B2
Systems and methods for user authorization and access to services using contactless cards
Kaitlin Newman, Washington, DC (US); Colin Hart, Arlington, VA (US); Jeffrey Rule, Chevy Chase, MD (US); Lara Mossler, Farmville, VA (US); Sophie Bermudez, Washington, DC (US); Michael Mossoba, Arlington, VA (US); Wayne Lutz, Fort Washington, MD (US); Charles Nathan Crank, Henrico, VA (US); Melissa Heng, Glen Allen, VA (US); Kevin Osborn, Newton Highlands, MA (US); Kimberly Haynes, Reston, VA (US); Andrew Cogswell, Midlothian, VA (US); Latika Gulati, Annandale, VA (US); Sarah Jane Cunningham, Arlington, VA (US); and James Ashfield, Midlothian, VA (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Oct. 14, 2021, as Appl. No. 17/501,884.
Application 17/501,884 is a continuation of application No. 16/659,189, filed on Oct. 21, 2019, granted, now 11,182,785.
Application 16/659,189 is a continuation of application No. 16/351,441, filed on Mar. 12, 2019, granted, now 10,579,998, issued on Mar. 3, 2020.
Application 16/351,441 is a continuation in part of application No. 16/205,119, filed on Nov. 29, 2018, granted, now 10,581,611, issued on Mar. 3, 2020.
Claims priority of provisional application 62/740,352, filed on Oct. 2, 2018.
Prior Publication US 2022/0036349 A1, Feb. 3, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06Q 20/38 (2012.01); G06Q 20/34 (2012.01); H04L 9/08 (2006.01)
CPC G06Q 20/3829 (2013.01) [G06Q 20/352 (2013.01); G06Q 20/38215 (2013.01); H04L 9/0838 (2013.01); H04L 9/0866 (2013.01); H04L 2209/56 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system, comprising:
a contactless card having a processor and memory, the memory of the contactless card containing a card key and transmission data;
an application comprising instructions for execution on a receiving device having a processor and memory, the memory of the receiving device containing an application key;
wherein the contactless card is configured to:
encrypt the transmission data using a cryptographic algorithm and the card key to yield encrypted transmission data, and
transmit the encrypted transmission data to the application; and
wherein the application is configured to:
decrypt the encrypted transmission data using the cryptographic algorithm and the application key;
authenticate a user identity associated with a user;
record information comprising at least one selected from the group of a time of authentication, a location of authentication, a type of contactless card, a type of receiving device, a movement of one or more entries into a communication field, and a timing of one or more entries into a communication field; and
after authenticating the user identity, access sensitive information.