In-card access control and monotonic counters for offline payment processing system

Assignee

• Google LLC · US

Inventors

• Michael William Springer · San Francisco, US
• Ismail Cem Paya · Gainesville, US
• Malgorzata Monika Lisowiec · Stintenberger Straße, CH
• Aneto Pablo Okonkwo · Zürich, CH
• Patrick Pui Wah Leung · Paris, FR
• Fan Jiang · 安丰镇, CN

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04B5/77
• WIPO fieldIT methods for management
• WIPO sectorElectrical engineering

Abstract

Preventing fraud during an offline transaction by encoding a randomly-generated card verification code onto a smart card. The verification code is transmitted to a contactless device during each transaction, wherein it is cross-referenced with the account number to ensure presence of the card. Also, every transaction record is signed by an access key resident on the contactless device and certified by a signing key resident on a remote system. Funds may be deposited onto the card when the contactless device creates a deposit request, signs the request using an access key and transmits it to the remote system, which in turn processes the request and certifies it with a signing key. Funds may be withdrawn when the contactless device creates a withdrawal record and signs it using an access key. The remote system verifies the signatures and certifies the records using a signing key when the records are later transmitted.