Methods for secure cryptogram generation

Assignee

• Visa International Service Association · US

Inventors

• Eric Le Saint · Cupertino, US
• James Gordon · Lafayette, US
• Roopesh Joshi · San Ramon, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/061
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Embodiments of the invention introduce efficient methods for securely generating a cryptogram by a user device, and validating the cryptogram by a server computer. In some embodiments, a secure communication can be conducted whereby a user device provides a cryptogram without requiring the user device to persistently store an encryption key or other sensitive data used to generate the cryptogram. For example, the user device and server computer can mutually authenticate and establish a shared secret. Using the shared secret, the server computer can derive a session key and transmit key derivation parameters encrypted using the session key to the user device. The user device can also derive the session key using the shared secret, decrypt the encrypted key derivation parameters, and store the key derivation parameters. Key derivation parameters and the shared secret can be used to generate a single use cryptogram key. The cryptogram key can be used to generate a cryptogram for conducting secure communications.