Contactless delivery systems and methods

Information

  • Patent Grant
  • 11682012
  • Patent Number
    11,682,012
  • Date Filed
    Wednesday, January 27, 2021
    3 years ago
  • Date Issued
    Tuesday, June 20, 2023
    12 months ago
Abstract
A contactless delivery system is provided. The contactless delivery system includes a contactless card storing a cryptogram containing a unique identifier associated with a user account. After entry into a communication field, the contactless card is configured to transmit the cryptogram to a server. Upon receipt of the cryptogram, the server is configured to validate and decrypt the cryptogram, and extract the unique identifier. The server can query a database for an identity of the user account using the unique identifier, generate a digital signature based on the identity of the user account, and transmit a verification notification including the identity of the user account and the digital signature.
Description
FIELD OF THE INVENTION

The present disclosure relates generally to delivery management, and more particularly, to contactless delivery systems and methods.


BACKGROUND

Electronic commerce is becoming increasingly widespread and common. Online shopping, where items are purchased online and shipped to the purchasing customer at a residential address, commercial address, or other location, constitutes a large and growing sector of the global economy. With the number and value of goods purchased online and shipped for delivery increasing, along in-store pickup and other forms of receiving goods, it is critical that efficient, timely, and secure deliveries can be made.


In social distancing scenarios, it is difficult to identify people without close physical personal contact. For example, when a package is delivered to a customer, the customer generally needs to identify himself or herself to complete the delivery and receive the package. As another example, a customer may arrange to pick up a package from a store, and the customer may call a phone number indicating he or she has arrived at the store. But the customer has to identify himself or herself to ensure the secure pick up of the package, and presenting a form of identification (e.g., a driver's license) to store personnel is difficult without physical contact or coming into close proximity to store personnel. In another example, a package may being delivered to a customer by a delivery person, and this may require the customer to verify himself or herself to the delivery person, such that the package can be delivered to the correct recipient and in a secure manner. In many such interactions, social distancing is not possible and the identification and verification process is not efficient.


These and other deficiencies exist. Accordingly, there is a need to provide systems and methods that overcome these deficiencies to verify customers in a secure and efficient manner while minimizing physical contact or close interactions between people.


SUMMARY

Aspects of the disclosed technology include systems and methods for contactless package delivery.


Embodiments of the present disclosure provide a contactless delivery system. The contactless delivery system includes a contactless card. The contactless card includes a processor and a memory. The memory stores a cryptogram that contains a unique identifier associated with a user account. After entry into a communication field, the contactless card is configured to transmit the cryptogram to a server via one or more intermediary devices. Upon receipt of the cryptogram, the server is configured to: validate the cryptogram; decrypt the cryptogram and extract the unique identifier; query, using the unique identifier, a database for an identity of the user account; generate a digital signature based on the identity of the user account; and transmit a verification notification including the identity of the user account and the digital signature.


Embodiments of the present disclosure provide a contactless delivery system. The contactless system includes a server comprising a processor and a memory. The server is configured to: receive a cryptogram containing an unique identifier associated with a user account; validate the cryptogram; decrypt the cryptogram and extract the unique identifier; query, using the unique identifier, a database for an identity of the user account; generate a digital signature based on the identity of the user account; and transmit a verification notification including the identity of the user account and the digital signature.


Embodiments of the present disclosure provide a contactless delivery method. The contactless method comprises: receiving a cryptogram, the cryptogram containing an unique identifier associated with a user account; validating the cryptogram; decrypting the cryptogram and extracting the unique identifier; querying, using the unique identifier, a database for an identity of the user account; generating a digital signature based on the identity of the user account; and transmitting a verification notification including the identity of the user account and the digital signature.


Further features of the disclosed systems and methods, and the advantages offered thereby, are explained in greater detail hereinafter with reference to specific example embodiments illustrated in the accompanying drawings.





BRIEF DESCRIPTION OF THE DRAWINGS


FIG. 1 is a diagram of a system for contactless delivery according to an example embodiment.



FIG. 2 is a sequence chart illustrating a method of contactless delivery according to an example embodiment.



FIG. 3 is a flow chart illustrating a method of contactless delivery according to an example embodiment.



FIG. 4 is a flow chart illustrating a method of contactless delivery according to an example embodiment.



FIG. 5 is a diagram of a system for contactless delivery according to an example embodiment.



FIG. 6 is a sequence chart illustrating a method of contactless delivery according to an example embodiment.



FIG. 7 is a flow chart illustrating a method of contactless delivery according to an example embodiment.



FIG. 8 is a flow chart illustrating a method of contactless delivery according to an example embodiment.



FIG. 9 is a flow chart illustrating a method of contactless delivery according to an example embodiment.



FIG. 10 is a flow chart illustrating a method of contactless delivery according to an example embodiment.





DETAILED DESCRIPTION OF EXAMPLE EMBODIMENTS

The following description of embodiments provides non-limiting representative examples referencing numerals to particularly describe features and teachings of different aspects of the invention. The embodiments described should be recognized as capable of implementation separately, or in combination, with other embodiments from the description of the embodiments. A person of ordinary skill in the art reviewing the description of embodiments should be able to learn and understand the different described aspects of the invention. The description of embodiments should facilitate understanding of the invention to such an extent that other implementations, not specifically covered but within the knowledge of a person of skill in the art having read the description of embodiments, would be understood to be consistent with an application of the invention.


Many consumers and merchants are seeking to complete transactions efficiently, and also seeking to complete transactions in a socially distant manner where employees or other personnel do not have to come into close physical proximity with consumers. This is particularly true during times when many people are concern about spreading germs, such as during a pandemic, and accordingly new ways are needed to interact and complete transactions without bringing people into close proximity with each other. This can be difficult because people depend heavily on physical evidence of identity (e.g., driver license, physical signature, birth certificate, passport, etc.) to verify their identity. Moreover, common forms of identification, such as photographic identification and physical signatures, may be outdated, may not be reliable, and may not even be particularly meaningful. In such cases, digital ways may be needed, for example, to sign for packages, show driver license for purchases, and produce car registration for an officer.


Example embodiments of the present disclosure provide systems and methods for contactless delivery. The disclosed system and method may also be used beyond the contactless package delivery, such as in a pandemic time in terms of maintaining safety for people. A contactless card or other device may be tapped to a device (e.g., a smart phone) to exchange identities at a distance. Accordingly, a delivery person can verify that they are delivering a package to the right person, and the person accepting the package can also verify that the delivery person who is delivering to them is authorized to make the delivery. In some embodiments, certified immunity documents of both the person accepting the package and the delivery person may be used to understand about the person's immunity or a company's policies around sanitation.


In some embodiments, when a contactless card or other device is tapped to a person's phone, certificates signed by an employer (e.g., a courier) can also be transferred. This transfer can be either directly from the contactless card, the person's phone, or indirectly after looking up their identity online.


In some embodiments, when a contactless card is tapped to a package delivery device, the identity of the person who taps the contactless card can be determined and verified to match the addressee of the package. This can also be implemented with host card emulation (HCE) that emulates the contactless card. The address on the package may be a loose address (stored preferences) or tight with digitally signed certificates, or may be scoped to the individual delivery transaction.


Example embodiments of the present disclosure can promote the efficiency and security of transactions, such as package pickup and delivery transactions and the purchase of goods or services subject to age restrictions, quantity restrictions, and other restrictions. In addition, the identity verification can be carried out without the need for consumers and employees or other personnel to come within close proximity to each other. Further, the identity verification can be carried out quickly, without degrading the user experience and without the need for consumers, employees, and other personnel to carry identification documents and other materials. It is understood that example embodiments of the present disclosure are applicable to a wide range of purposes where identity verification is required, including, without limitation, package pickup, package delivery, security (e.g., building or restricted area access), and travel (e.g., ticket purchases, plane or train boarding).



FIG. 1 illustrates a system 100 for contactless package delivery according to an example embodiment. As further discussed below, the system 100 may include a contactless card 110, a delivery device 120, a server 130, and a database 140 in communication using a network 150. Although FIG. 1 illustrates single instances of the components, the system 100 may include any number of components.


The contactless card 110 can be configured to transmit a cryptogram to the delivery device 120 upon tapping to the delivery device 120. The delivery device 120 may be configured to read the cryptogram from the contactless card 110 after entry of the contactless card 110 into a communication field of the delivery device 120. The delivery device 120 may then transmit the cryptogram to the server 130. The server 130 may be configured to verify the cryptogram by searching the database 140.


The contactless card 110 can perform authentication and numerous other functions that may otherwise require a user to carry a separate physical token in addition to the contactless card 110. By employing a contactless interface, the contactless card 110 may be provided with a method to interact and communicate between a user's device (such as a mobile phone or the delivery device 120) and the card itself. For example, the Europay, Mastercard, and Visa (EMV) protocol, which underlies many credit card transactions, includes an authentication process which suffices for operating systems for Android® but presents challenges for iOS®, which is more restrictive regarding near field communication (NFC) usage, as it can be used only in a read-only manner. Exemplary embodiments of the contactless card 110 described herein utilize NFC technology.


The contactless card 110, which may comprise a payment card, such as a credit card, debit card, or gift card, may be issued by a service provider displayed on the front or back of the contactless card 110. In some examples, the contactless card 110 is not related to a payment card, and may comprise, without limitation, an identification card, a membership card, and a travel card. In some examples, the contactless card 110 may comprise a dual interface contactless payment card. The contactless card 110 may comprise a substrate, which may include a single layer or one or more laminated layers composed of plastics, metals, and other materials. Exemplary substrate materials include polyvinyl chloride, polyvinyl chloride acetate, acrylonitrile butadiene styrene, polycarbonate, polyesters, anodized titanium, palladium, gold, carbon, paper, and biodegradable materials. In some examples, the contactless card 110 may have physical characteristics compliant with the ID-1 format of the ISO/IEC 7810 standard, and the contactless card 110 may otherwise be compliant with the ISO/IEC 14443 standard. However, it is understood that the contactless card 110 according to the present disclosure may have different characteristics, and the present disclosure does not require the contactless card 110 to be implemented in a payment card.


The contactless card 110 may also include identification information displayed on the front and/or back of the contactless card 110, and a contact pad. The contact pad may be configured to establish contact with another communication device, such as a user device, smart phone, laptop, desktop, or tablet computer. The contactless card 110 may also include processing circuitry, antenna and other components. These components may be located behind the contact pad or elsewhere on the substrate. The contactless card 110 may also include a magnetic strip or tape, which may be located on the back of the contactless card 110.


The contact pad of the contactless card 110 may include processing circuitry for storing and processing information, including a processor 111 and a memory 112. It is understood that the processing circuitry may contain additional components, including processors, memories, error and parity/CRC checkers, data encoders, anticollision algorithms, controllers, command decoders, security primitives and tamperproofing hardware, as necessary to perform the functions described herein.


The memory 112 may be a read-only memory, write-once read-multiple memory or read/write memory, e.g., RAM, ROM, and EEPROM, and the contactless card 110 may include one or more of these memories. A read-only memory may be factory programmable as read-only or one-time programmable. One-time programmability provides the opportunity to write once then read many times. A write once/read-multiple memory may be programmed at a point in time after the memory chip has left the factory. Once the memory is programmed, it may not be rewritten, but it may be read many times. A read/write memory may be programmed and re-programed many times after leaving the factory. It may also be read many times.


The memory 112 may be configured to store one or more applets 113, one or more counters 114, and a unique customer identifier 115. The one or more applets 113 may comprise one or more software applications configured to execute on one or more contactless cards, such as Java Card applet. However, it is understood that the one or more applets 113 are not limited to Java Card applets, and instead may be any software application operable on contactless cards or other devices having limited memory. The one or more counters 114 may comprise a numeric counter sufficient to store an integer. The unique customer identifier 115 may comprise a unique alphanumeric identifier assigned to a user of the contactless card 110, and the identifier may distinguish the user of the contactless card 110 from other contactless card users. In some examples, the customer identifier 115 may identify both a customer and an account assigned to that customer and may further identify the contactless card 110 associated with the customer's account.


The processor 111 and memory 112 elements of the foregoing exemplary embodiments are described with reference to the contact pad, but the present disclosure is not limited thereto. It is understood that these elements may be implemented outside of the contact pad or entirely separate from it, or as further elements in addition to the processor 111 and the memory 112 elements located within the contact pad.


In some examples, the contactless card 110 may comprise one or more antennas. The one or more antennas may be placed within the contactless card 110 and around the processing circuitry of the contact pad. For example, the one or more antennas may be integral with the processing circuitry and the one or more antennas may be used with an external booster coil. As another example, the one or more antennas may be external to the contact pad and the processing circuitry.


In an embodiment, the coil of contactless card 110 may act as the secondary of an air core transformer. A terminal may communicate with the contactless card 110 by cutting power or amplitude modulation. The contactless card 110 may infer the data transmitted from the terminal using the gaps in the contactless card's power connection, which may be functionally maintained through one or more capacitors. The contactless card 110 may communicate back by switching a load on the contactless card's coil or load modulation. Load modulation may be detected in the terminal's coil through interference.


As explained above, the contactless card 110 may be built on a software platform operable on smart cards or other devices having limited memory, such as JavaCard, and one or more or more applications or applets may be securely executed. Applets may be added to contactless cards to provide a one-time password (OTP) for multifactor authentication (MFA) in various mobile application-based use cases. Applets may be configured to respond to one or more requests, such as near field data exchange requests, from a reader, such as a mobile NFC reader, and produce an NDEF message that comprises a cryptographically secure OTP encoded as an NDEF text tag.


The delivery device 120 may be a network-enabled computer device. Exemplary network-enabled computer devices include, without limitation, a server, a network appliance, a personal computer, a workstation, a phone, a handheld personal computer, a personal digital assistant, a thin client, a fat client, an Internet browser, a mobile device, a kiosk, a contactless card, or other a computer device or communications device. For example, network-enabled computer devices may include an iPhone, iPod, iPad from Apple® or any other mobile device running Apple's iOS® operating system, any device running Microsoft's Windows® Mobile operating system, any device running Google's Android® operating system, and/or any other smartphone, tablet, or like wearable mobile device.


The delivery device 120 may include a processor 121, a memory 122, and an application 123. The processor 121 may be a processor, a microprocessor, or other processor, and the delivery device 120 may include one or more of these processors. The processor 121 may include processing circuitry, which may contain additional components, including additional processors, memories, error and parity/CRC checkers, data encoders, anti-collision algorithms, controllers, command decoders, security primitives and tamper-proofing hardware, as necessary to perform the functions described herein.


The processor 121 may be coupled to the memory 122. The memory 122 may be a read-only memory, write-once read-multiple memory or read/write memory, e.g., RAM, ROM, and EEPROM, and the delivery device 120 may include one or more of these memories. A read-only memory may be factory programmable as read-only or one-time programmable. One-time programmability provides the opportunity to write once then read many times. A write-once read-multiple memory may be programmed at a point in time after the memory chip has left the factory. Once the memory is programmed, it may not be rewritten, but it may be read many times. A read/write memory may be programmed and re-programed many times after leaving the factory. It may also be read many times. The memory 122 may be configured to store one or more software applications, such as the application 123, and other data, such as user's shopping and financial account information.


The application 123 may comprise one or more software applications, such as a package delivery application and a contactless card reading application, comprising instructions for execution on the delivery device 120. In some examples, the delivery device 120 may execute one or more applications, such as software applications, that enable, for example, network communications with one or more components of the system 100, transmit and/or receive data, and perform the functions described herein. Upon execution by the processor 121, the application 123 may provide the functions described in this specification, specifically to execute and perform the steps and functions in the process flows described below. For example, the package delivery application of the application 123 may be executed to perform retrieving information of a package delivery stored in the database 140; the contactless card reading application of the application 123 may be executed to perform communications with the contactless card 110. Such processes may be implemented in software, such as software modules, for execution by computers or other machines. The application 123 may provide GUIs through which a user may view and interact with other components and devices within the system 100. The GUIs may be formatted, for example, as web pages in HyperText Markup Language (HTML), Extensible Markup Language (XML) or in any other suitable form for presentation on a display device depending upon applications used by users to interact with the system 100.


The delivery device 120 may further include a display 124 and input devices 125. The display 124 may be any type of device for presenting visual information such as a computer monitor, a flat panel display, and a mobile device screen, including liquid crystal displays, light-emitting diode displays, plasma panels, and cathode ray tube displays. The input devices 125 may include any device for entering information into the delivery device 120 that is available and supported by the delivery device 120, such as a touch-screen, keyboard, mouse, cursor-control device, touch-screen, microphone, digital camera, video recorder or camcorder. These devices may be used to enter information and interact with the software and other devices described herein. For example, the input devices 125 may comprise a card reader. The card reader may be configured to read from and/or communicate with the contactless card 110. In conjunction with the application 123, the card reader may communicate with the contactless card 110 using short-range wireless communication (e.g., NFC).


The server 130 may be a network-enabled computer device. Exemplary network-enabled computer devices include, without limitation, a server, a network appliance, a personal computer, a workstation, a phone, a handheld personal computer, a personal digital assistant, a thin client, a fat client, an Internet browser, a mobile device, a kiosk, a contactless card, or other a computer device or communications device. For example, network-enabled computer devices may include an iPhone, iPod, iPad from Apple® or any other mobile device running Apple's iOS® operating system, any device running Microsoft's Windows® Mobile operating system, any device running Google's Android® operating system, and/or any other smartphone, tablet, or like wearable mobile device.


The server 130 may include a processor 131, a memory 132, and an application 133. The processor 131 may be a processor, a microprocessor, or other processor, and the server 130 may include one or more of these processors. The processor 131 may include processing circuitry, which may contain additional components, including additional processors, memories, error and parity/CRC checkers, data encoders, anti-collision algorithms, controllers, command decoders, security primitives and tamper-proofing hardware, as necessary to perform the functions described herein.


The processor 131 may be coupled to the memory 132. The memory 132 may be a read-only memory, write-once read-multiple memory or read/write memory, e.g., RAM, ROM, and EEPROM, and the server 130 may include one or more of these memories. A read-only memory may be factory programmable as read-only or one-time programmable. One-time programmability provides the opportunity to write once then read many times. A write-once read-multiple memory may be programmed at a point in time after the memory chip has left the factory. Once the memory is programmed, it may not be rewritten, but it may be read many times. A read/write memory may be programmed and re-programed many times after leaving the factory. It may also be read many times. The memory 132 may be configured to store one or more software applications, such as the application 133, and other data, such as user's shopping and financial account information.


The application 133 may comprise one or more software applications comprising instructions for execution on the server 130. In some examples, the server 130 may execute one or more applications, such as software applications, that enable, for example, network communications with one or more components of the system 100, transmit and/or receive data, and perform the functions described herein. Upon execution by the processor 131, the application 133 may provide the functions described in this specification, specifically to execute and perform the steps and functions in the process flows described below. For example, the application 133 may be executed to perform verifying a cryptogram. Such processes may be implemented in software, such as software modules, for execution by computers or other machines. The application 133 may provide GUIs through which a user may view and interact with other components and devices within the system 100. The GUIs may be formatted, for example, as web pages in HyperText Markup Language (HTML), Extensible Markup Language (XML) or in any other suitable form for presentation on a display device depending upon applications used by users to interact with the system 100.


The server 130 may further include a display 134 and input devices 135. The display 134 may be any type of device for presenting visual information such as a computer monitor, a flat panel display, and a mobile device screen, including liquid crystal displays, light-emitting diode displays, plasma panels, and cathode ray tube displays. The input devices 135 may include any device for entering information into the server 130 that is available and supported by the server 130, such as a touch-screen, keyboard, mouse, cursor-control device, touch-screen, microphone, digital camera, video recorder or camcorder. These devices may be used to enter information and interact with the software and other devices described herein.


The database 140 may be one or more databases configured to store data, including without limitation, private information of users, financial accounts of users, identities of users, transactions of users, and certified and uncertified documents. The database 140 may comprise a relational database, a non-relational database, or other database implementations, and any combination thereof, including a plurality of relational databases and non-relational databases. In some examples, the database 140 may comprise a desktop database, a mobile database, or an in-memory database. Further, the database 140 may be hosted internally by the server 130 or may be hosted externally of the server 130, such as by a server, by a cloud-based platform, or in any storage device that is in data communication with the server 130.


The system 100 may include one or more networks 150. In some examples, the network 150 may be one or more of a wireless network, a wired network or any combination of wireless network and wired network, and may be configured to connect the delivery device 120, the server 130, and the database 140. For example, the network 150 may include one or more of a fiber optics network, a passive optical network, a cable network, an Internet network, a satellite network, a wireless local area network (LAN), a Global System for Mobile Communication, a Personal Communication Service, a Personal Area Network, Wireless Application Protocol, Multimedia Messaging Service, Enhanced Messaging Service, Short Message Service, Time Division Multiplexing based systems, Code Division Multiple Access based systems, D-AMPS, Wi-Fi, Fixed Wireless Data, IEEE 802.11b, 802.15.1, 802.11n and 802.11g, Bluetooth, NFC, Radio Frequency Identification (RFID), Wi-Fi, and/or the like.


In addition, the network 150 may include, without limitation, telephone lines, fiber optics, IEEE Ethernet 902.3, a wide area network, a wireless personal area network, a LAN, or a global network such as the Internet. In addition, the network 150 may support an Internet network, a wireless communication network, a cellular network, or the like, or any combination thereof. The network 150 may further include one network, or any number of the exemplary types of networks mentioned above, operating as a stand-alone network or in cooperation with each other. The network 150 may utilize one or more protocols of one or more network elements to which they are communicatively coupled. The network 150 may translate to or from other protocols to one or more protocols of network devices. Although the network 150 is depicted as a single network, it should be appreciated that according to one or more examples, the network 150 may comprise a plurality of interconnected networks, such as, for example, the Internet, a service provider's network, a cable television network, corporate networks, such as credit card association networks, and home networks. The network 150 may further comprise, or be configured to create, one or more front channels, which may be publicly accessible and through which communications may be observable, and one or more secured back channels, which may not be publicly accessible and through which communications may not be observable.


In some examples, communications between the delivery device 120, server 130, and the database 140 using the network 150 can occur using one or more front channels and one or more secure back channels. A front channel may be a communication protocol that employs a publicly accessible and/or unsecured communication channel such that a communication sent to the delivery device 120, server 130, and/or database 140 may originate from any other device, whether known or unknown to the delivery device 120, server 130, and/or database 140, if that device possesses the address (e.g., network address, Internet Protocol (IP) address) of the delivery device 120, server 130, and/or database 140. Exemplary front channels include, without limitation, the Internet, an open network, and other publicly-accessible communication networks. In some examples, communications sent using a front channel may be subject to unauthorized observation by another device. In some examples, front channel communications may comprise Hypertext Transfer Protocol (HTTP) secure socket layer (SSL) communications, HTTP Secure (HTTPS) communications, and browser-based communications with a server or other device.


A secure back channel may be a communication protocol that employs a secured and/or publicly inaccessible communication channel. A secure back channel communication sent to the delivery device 120, server 130, and/or database 140 may not originate from any device, and instead may only originate from a selective number of parties. In some examples, the selective number of devices may comprise known, trusted, or otherwise previously authorized devices. Exemplary secure back channels include, without limitation, a closed network, a private network, a virtual private network, an offline private network, and other private communication networks. In some examples, communications sent using a secure back channel may not be subject to unauthorized observation by another device. In some examples, secure back channel communications may comprise Hypertext Transfer Protocol (HTTP) secure socket layer (SSL) communications, HTTP Secure (HTTPS) communications, and browser-based communications with a server or other device.


In some examples, the contactless card 110 may be associated with a user and can be used by that user, for example, a customer to whom a package is delivered. The delivery device 120 can be associated with a package delivery person and may be operated by that person, such as a delivery person of a courier. The server 130 can be associated with a financial institution, such as a bank or a credit card company that offers financial services to the user of the contactless card 110. The contactless card 110 may be issued by the financial institution. However, it is understood that the present disclosure encompasses any entities, and is not limited to financial institutions.



FIG. 2 illustrates a sequence diagram 200 of contactless package delivery according to an example embodiment. FIG. 2 may reference the same or similar components as those illustrated in FIG. 1, including a contactless card, a delivery device, a server, a database, and a network.


In step 210, a contactless card (e.g., the contactless card 110) transmits a cryptogram after entry of the contactless card into a communication field of a delivery device (e.g., the delivery device 120). The contactless card may be tapped by a user to the delivery device. The delivery device may be configured to have a card reader to read a cryptogram from the contactless card upon the tap. The card reader may comprise a communication interface to generate a communication field of the card reader. As used herein, a tap of the contactless card to the delivery device may not indicate that the contactless card is in a physical contact with the delivery device. A tap of the contactless card to the delivery device may refer to entry of the contactless card into the communication field of the card reader. The cryptogram may be stored in a memory of the contactless card. The cryptogram may be associated with a unique identifier of a user account.


In step 215, the delivery device may transmit the cryptogram to a server (e.g., the server 130). Upon reading the cryptogram from the contactless card, the delivery device transmits the cryptogram to the server via a network (e.g., the network 150). Prior to transmission, the cryptogram may be encrypted by the contactless card.


In step 220, the server validates the cryptogram, decrypts the cryptogram and extracts the unique identifier. When the server receives the cryptogram, the server may decrypt the cryptogram after verifying the cryptogram. The server may then extract the unique identifier of the user account.


In step 225, the server 130 may query, using the unique identifier, for an identity of the user account. In this step, the server communicates with a database (e.g., the database 140) for searching for the identity of the user account. The identity of the user account is stored on the database. The identity of the user account may comprise a name of the user who taps the contactless card. The user account may comprise one or more email addresses associated with the user, a phone number of the user, a mailing address of the user, and so forth. Once the identity of the user account matches the unique identifier of the user account, the user of the contactless card is verified.


In step 230, the server may generate a digital signature based on the identity of the user account. After obtaining and verifying the identity of the user account, the server may be configured to generate a digital signature of the identity. The digital signature may be a signature of the user name or other signatures associated with the user name.


In step 235, the server may transmit a verification notification including the identity of the user account and the digital signature to the delivery device. The verification notification may indicate that the user of the contactless card has been verified, what the identity of the user is, and the digital signature of the identity.


When the delivery device receives the verification notification, the delivery device may display the verification notification on the display of the delivery device. The delivery device may be configured to sign a package receipt document using the digital signature.



FIG. 3 illustrates a flow chart for a method 300 of contactless package delivery according to an example embodiment. FIG. 3 may reference the same or similar components as those illustrated in FIG. 1 and FIG. 2, including a contactless card, a delivery device, a server, a database, and a network. The method 300 may be implemented in the system 100 and may comprise the following steps.


In step 305, a contactless card transmits a cryptogram to a server via one or more intermediary device. As used herein, the contactless card, which may comprise a payment card, such as a credit card, debit card, or gift card, issued by a service provider displayed on the front or back of the contactless card. In some examples, the contactless card is not related to a payment card, and may comprise, without limitation, an identification card. In some examples, the payment card may comprise a dual interface contactless payment card. The contactless card may store the cryptogram in its memory and transmit the cryptogram to the server upon being tapped to the one or more intermediary device. The one or more intermediary device may comprise a delivery device (e.g., the delivery device 120).


The cryptogram may contain a unique identifier associated with a user/customer account. The cryptogram may further contain a counter value and a plurality of keys, and the processor of the contactless card is configured to generate the cryptogram using the counter value, the plurality of keys, and the unique identifier.


The counter value may be updated by the contactless card with every conversation between the contactless card and the one or more intermediary device.


For example, the contactless card communicates with the one or more intermediary device after being brought near the contactless card. Communication between the one or more intermediary device and the contactless card may involve the contactless card being sufficiently close to a card reader of the one or more intermediary device to enable near field communication (NFC) data transfer between the one or more intermediary device and the contactless card.


In other embodiments, the contactless card may communicate with the intermediary device through other means including, but not limited to, Bluetooth, satellite, Wi-Fi, wired communications, and/or any combination of wireless and wired connections. According to some embodiments, the contactless card may be configured to communicate with the card reader of the intermediary device through NFC when the contactless card is within range of card reader. In other examples, communications with the contactless card may be accomplished through a physical interface, e.g., a universal serial bus interface or a card swipe interface.


In step 310, the server validates the cryptogram. In some examples, the cryptogram may be a message authentication code (MAC) cryptogram. The MAC cryptogram may be created from a message including a shared secret. The server may generate an additional MAC cryptogram based on the shared secret, and compare the additional MAC cryptogram with the MAC cryptogram received from the contactless card. If the additional MAC cryptogram matches with the MAC cryptogram received from the contactless card, the MAC cryptogram received from the contactless card is validated.


In some embodiments, each time the contactless card is read, the counter value is transmitted to the server. This may be done in order to determine whether the counter value is equal to a counter value maintained by the server for validation and security purposes. The one or more counters may be configured to prevent a replay attack. For example, if the cryptogram has been obtained and replayed, that cryptogram is immediately rejected if the counter has been read or used or otherwise passed over. If the counter has not been used, it may be replayed. In some examples, the counter value that is updated on the contactless card is different from the counter that is updated for transactions. In some examples, the contactless card may comprise a first applet, which may be a transaction applet, and a second applet. Each applet may comprise a counter.


In some examples, the counter may get out of sync between the contactless card and the server. For example, the contactless card may be activated causing the counter to be updated and a new communication to be generated by the contactless card, but the communication may be not be transmitted for processing at the server. This may cause the counter of the contactless card and the counter maintained at the server to get out of sync. This may occur unintentionally including, for example, where a contactless card is stored adjacent to a device (e.g., carried in a pocket with a device) and where the contactless card is read at an angle may include the card being misaligned or not positioned such that the contactless card is powered up an the NFC field but is not readable. If the contactless card is positioned adjacent to a device, the device's NFC field may be turned on to power the contactless card causing the counter therein to be updated, but no application on the device receives the communication.


To keep the counter in sync, an application, such as a background application, may be executed that would be configured to detect when the intermediary device wakes up and synchronize with the server indicating that a read that occurred due to detection to then move the counter forward. Since the counters of the contactless card and the server may get out of sync, the server may be configured to allow the counter of the contactless card to be updated a threshold or predetermined number of times before it is read by the server and still be considered valid. For example, if the counter is configured to increment (or decrement) by one for each occurrence indicating activation of the contactless card, the server may allow any counter value it reads from the contactless card as valid, or any counter value within a threshold range (e.g., from 1 to 10). Moreover, the server may be configured to request a gesture associated with the contactless card, such as a user tap, if it reads a counter value which has advanced beyond 10, but below another threshold range value (such as 1000). From the user tap, if the counter value is within a desired or acceptance range, authentication succeeds.


In step 315, the server decrypts the cryptogram. The cryptogram may be encrypted by the contactless card prior to transmission to the server. The cryptogram may be encrypted using one or more cryptographic algorithms which may comprise at least one of a symmetric encryption algorithm, a hash-based message authentication code (HMAC) algorithm, and a cipher-based message authentication code (CMAC) algorithm. The server may decrypt the cryptogram using the one or more cryptographic algorithms.


In step 320, the server extracts the unique identifier from the decrypted cryptogram. The unique identifier may comprise a unique alphanumeric identifier assigned to a user of the contactless card. The unique identifier may distinguish the user of the contactless card from other contactless card users. In some examples, the unique identifier may identify both a customer and an account assigned to that customer and may further identify the contactless card associated with the customer's account.


In step 325, the server queries, using the unique identifier, a database for an identity of the user account. In some embodiments, the unique identifier that is cryptographically secure and not susceptible to interception may be transmitted to one or more backend services. The unique identifier may be configured to look up secondary information about individual. The secondary information may comprise personally identifiable information about the user (e.g., an identity of the user). In some examples, the secondary information may be stored within the contactless card.


In step 330, the server generates a digital signature based on the identity of the user account. After verifying and retrieving the identity of the user account, the server may generate a digital signature of the user using the identity. The identity of the user may be the name of the user. The digital signature can a signature in any suitable form.


In step 335, the server transmits a verification notification including the identity of the user account and the digital signature to the delivery device. The verification notification may indicate that the user/customer who tapped the contactless card to the delivery device has been verified. When receiving the verification notification, the delivery device may display the verification notification on a display of the delivery device. The delivery device may display the digital signature next to the user/customer name to whom the package is delivered. This digital signature may be considered as an authorization and verification for releasing the package to the user.



FIG. 4 illustrates a flow chart for a method 400 of contactless package delivery according to an example embodiment. FIG. 4 may reference the same or similar components as those illustrated in FIGS. 1-3, including a contactless card, a delivery device, a server, a database, and a network. The method 400 may comprise the following steps.


In some embodiments, one or more authentication factors may be used to verify an identity of the user in addition to the unique identifier of the user account. The one or more authentication factors may be any suitable factors as described below.


In step 405, a contactless card transmits a cryptogram to a server via one or more intermediary devices. The contactless card may store the cryptogram in its memory and transmit the cryptogram to the server upon being tapped to the one or more intermediary device. The cryptogram may contain a unique identifier associated with a user/customer account. The one or more intermediary device may comprise a delivery device (e.g., the delivery device 120).


In step 410, the server validates the cryptogram. The cryptogram may be a MAC cryptogram. The MAC cryptogram may be created from a message including a shared secret. The server may generate an additional MAC cryptogram based on the shared secret, and compare the additional MAC cryptogram with the MAC cryptogram received from the contactless card. If the additional MAC cryptogram matches with the MAC cryptogram received from the contactless card, the MAC cryptogram received from the contactless card is validated.


In step 415, the server decrypts the cryptogram. The cryptogram may be encrypted using one or more cryptographic algorithms prior to transmission to the server. The server may decrypt the cryptogram using the one or more cryptographic algorithms.


In step 420, the server extracts the unique identifier. The unique identifier may be used to distinguish the user of the contactless card from other contactless card users. The unique identifier may identify both a customer and an account assigned to that customer and may further identify the contactless card associated with the customer's account.


In step 425, the server queries, using the unique identifier, a database for an identity of the user account. The unique identifier may be configured to look up secondary information about an individual. The secondary information may comprise personally identifiable information about the user (e.g., an identity of the user).


In step 430, the server receives from the database, one or more documents to verify the identity of the user account. The one or more documents may be stored in the database. In other embodiments, the one or more documents may be stored in the contactless card and are transmitted to the server when the contactless card is read by the intermediary device (e.g., the delivery device). In other embodiments, the one or more documents may be stored in the delivery device and are transmitted to the server along with the cryptogram when the contactless card is read by the delivery device.


The one or more documents may be certified documents, such as certificates signed by an employer (e.g., a courier). The one or more documents may also induce information on a delivery package stored on the delivery device, which may be transmitted to the server by the delivery device as an authentication factor for verifying the identity of the user. The information on the delivery package may include the name of the user, a delivery address of the user, a phone number of the user, and so forth. The one or more documents may also be uncertified documents such as a copy of a driver license of the user. In some embodiments, the one or more documents may include a profile picture of the user account, which can be transmitted to the server for verifying the identity of the user account.


In step 435, the server generates a digital signature based on the identity of the user account. The identity of the user may be the name of the user. The digital signature can a signature in any suitable form.


In step 440, the server transmits a verification notification including the identity of the user account and the digital signature. When receiving the verification notification, the delivery device may display the digital signature next to the user/customer name to whom the package is delivered. This digital signature may be considered as an authorization and verification for releasing the package to the user.


Unlike the system 100 in FIG. 1, in some embodiments, the intermediary device may be a user device other than the delivery device. The contactless card may be tapped to the user device that transmits the cryptogram to the server. The delivery device can receive the verification notification. FIG. 5 illustrates such a system 500 of contactless package delivery according to an example embodiment. As further discussed below, the system 500 may include a contactless card 510, a user device 520, a server 530, a database 540, and a delivery device 550 in communication using a network 560. Although FIG. 5 illustrates single instances of the components, the system 500 may include any number of components.


The contactless card 510 can be configured to transmit a cryptogram to the user device 520 upon tapping to the user device 520. The user device 520 may be configured to read the cryptogram from the contactless card 510 after entry of the contactless card 510 into a communication field of the user device 520. The user device 520 may then transmit the cryptogram to the server 530. The server 530 may be configured to verify the cryptogram by searching the database 540. The server 530 may transmit a verification notification including a digital signature to the delivery device 550.


The contactless card 510 can include processing circuitry for storing and processing information, including a microprocessor 511 and a memory 512. The memory 512 may be configured to store one or more applets 513, one or more counters 514, and a unique customer identifier 515. In some examples, the contactless card 510 is similar to the contactless card 110 in FIG. 1.


The user device 520 may be a network-enabled computer device. The user device 520 may include a processor 521, a memory 522, and an application 523. The application 523 may comprise one or more software applications, such as a contactless card reading application, comprising instructions for execution on the user device 520. The user device 520 may further include a display 524 and input devices 525.


The user device 520 may be a network-enabled computer device. Exemplary network-enabled computer devices include, without limitation, a server, a network appliance, a personal computer, a workstation, a phone, a handheld personal computer, a personal digital assistant, a thin client, a fat client, an Internet browser, a mobile device, a kiosk, a contactless card, or other a computer device or communications device. For example, network-enabled computer devices may include an iPhone, iPod, iPad from Apple® or any other mobile device running Apple's iOS® operating system, any device running Microsoft's Windows® Mobile operating system, any device running Google's Android® operating system, and/or any other smartphone, tablet, or like wearable mobile device.


The user device 520 may include a processor 521, a memory 522, and an application 523. The processor 521 may be a processor, a microprocessor, or other processor, and the user device 520 may include one or more of these processors. The processor 521 may include processing circuitry, which may contain additional components, including additional processors, memories, error and parity/CRC checkers, data encoders, anti-collision algorithms, controllers, command decoders, security primitives and tamper-proofing hardware, as necessary to perform the functions described herein.


The processor 521 may be coupled to the memory 522. The memory 522 may be a read-only memory, write-once read-multiple memory or read/write memory, e.g., RAM, ROM, and EEPROM, and the user device 520 may include one or more of these memories. A read-only memory may be factory programmable as read-only or one-time programmable. One-time programmability provides the opportunity to write once then read many times. A write-once read-multiple memory may be programmed at a point in time after the memory chip has left the factory. Once the memory is programmed, it may not be rewritten, but it may be read many times. A read/write memory may be programmed and re-programed many times after leaving the factory. It may also be read many times. The memory 522 may be configured to store one or more software applications, such as the application 523, and other data, such as user's shopping and financial account information.


The application 523 may comprise one or more software applications, such as a package delivery application and a contactless card reading application, comprising instructions for execution on the user device 520. In some examples, the user device 520 may execute one or more applications, such as software applications, that enable, for example, network communications with one or more components of the system 500, transmit and/or receive data, and perform the functions described herein. Upon execution by the processor 521, the application 523 may provide the functions described in this specification, specifically to execute and perform the steps and functions in the process flows described below. For example, the package delivery application of the application 523 may be executed to perform retrieving information of a package delivery stored in the database 540; the contactless card reading application of the application 523 may be executed to perform communications with the contactless card 510. Such processes may be implemented in software, such as software modules, for execution by computers or other machines. The application 523 may provide GUIs through which a user may view and interact with other components and devices within the system 500. The GUIs may be formatted, for example, as web pages in HyperText Markup Language (HTML), Extensible Markup Language (XML) or in any other suitable form for presentation on a display device depending upon applications used by users to interact with the system 500.


The user device 520 may further include a display 524 and input devices 525. The display 524 may be any type of device for presenting visual information such as a computer monitor, a flat panel display, and a mobile device screen, including liquid crystal displays, light-emitting diode displays, plasma panels, and cathode ray tube displays. The input devices 525 may include any device for entering information into the user device 520 that is available and supported by the user device 520, such as a touch-screen, keyboard, mouse, cursor-control device, touch-screen, microphone, digital camera, video recorder or camcorder. These devices may be used to enter information and interact with the software and other devices described herein. For example, the input devices 525 may comprise a card reader. The card reader may be configured to read from and/or communicate with the contactless card 510. In conjunction with the application 523, the card reader may communicate with the contactless card 510 using short-range wireless communication (e.g., NFC).


The server 530 may be a network-enabled computer device. The server 530 may include a processor 531, a memory 532, and an application 533. The server 530 may further include a display 534 and input devices 535. In some examples, the server 530 is similar to the server 130 in FIG. 1.


The database 540 may be one or more databases configured to store data, including without limitation, private information of users, financial accounts of users, identities of users, transactions of users, and certified and uncertified documents. In some examples, the database 540 is similar to the database 140 in FIG. 1.


The delivery device 550 may be a network-enabled computer device. The delivery device 550 may include a processor 551, a memory 552, and an application 553. The delivery device 550 may further include a display 554 and input devices 555. In some example, the delivery device 550 is similar to the delivery device 120 in FIG. 1.


The system 500 may include one or more networks 560. The one or more networks 560 are similar to the networks 150 in FIG. 1.


In some examples, the contactless card 510 may be associated with a user and can be used by that user, for example, a customer to whom a package is delivered. The user device 520 may be associated with the user that owns the contactless card 510. The server 530 can be associated with a financial institution, such as a bank or a credit card company that offers financial services to the user of the contactless card 510. The contactless card 510 may be issued by the financial institution. The delivery device 550 can be associated with a package delivery person and may be operated by that person, such as a delivery person of a courier.



FIG. 6 illustrates a sequence diagram 600 of contactless package delivery according to an example embodiment. FIG. 6 may reference the same or similar components as those illustrated in FIGS. 1-5, including a contactless card, a user device, a delivery device, a server, a database, and a network.


In step 610, a contactless card (e.g., the contactless card 510) transmits a cryptogram after entry of the contactless card into a communication field of a user device (e.g., the user device 520). The contactless card may be tapped by a user to the user device. The user device may be configured to have a card reader to read a cryptogram from the contactless card upon the tap. The card reader may comprise a communication interface to generate a communication field of the card reader. As used herein, a tap of the contactless card to the user device may not indicate that the contactless card is in a physical contact with the user device. A tap of the contactless card to the user device may refer to entry of the contactless card into the communication field of the card reader. The cryptogram may be stored in a memory of the contactless card. The cryptogram may be associated with a unique identifier of a user account.


In step 615, the user device may transmit the cryptogram to a server (e.g., the server 530). Upon reading the cryptogram from the contactless card, the user device transmits the cryptogram to the server via a network (e.g., the network 560). Prior to transmission, the cryptogram may be encrypted by the contactless card.


In step 620, the server validates the cryptogram, decrypts the cryptogram and extracts the unique identifier. When the server receives the cryptogram, the server may decrypt the cryptogram after verifying the cryptogram. The server may then extract the unique identifier of the user account.


In step 625, the server may query, using the unique identifier, for an identity of the user account. In this step, the server communicates with a database (e.g., the database 540) for searching for the identity of the user account. The identity of the user account is stored on the database. The identity of the user account may comprise a name of the user who taps the contactless card. The user account may comprise one or more email addresses associated with the user, a phone number of the user, a mailing address of the user, and so forth. Once the identity of the user account matches the unique identifier of the user account, the user of the contactless card is verified.


In step 630, the server may generate a digital signature based on the identity of the user account. After obtaining and verifying the identity of the user account, the server may be configured to generate a digital signature of the identity. The digital signature may be a signature of the user name or other signatures associated with the user name.


In step 635, the server may transmit a verification notification including the identity of the user account and the digital signature to the delivery device. The verification notification may indicate that the user of the contactless card has been verified, what the identity of the user is, and the digital signature of the identity. When the delivery device receives the verification notification, the delivery device may display the verification notification on the display of the delivery device. The delivery device may be configured to sign a package receipt document using the digital signature.



FIG. 7 illustrates a flow chart for a method 700 of contactless package delivery according to an example embodiment. FIG. 7 may reference the same or similar components as those illustrated in FIGS. 1-6, including a contactless card, a user device, a delivery device, a server, a database, and a network. The method 700 may be implemented in the system 500 and may comprise the following steps.


In step 705, a contactless card transmits a cryptogram to a server via an intermediary device. The intermediary device may comprise a user device (e.g., the user device 520). Communication between the user device and the contactless card may involve the contactless card being sufficiently close to a card reader of the user device to enable near field communication (NFC) data transfer between the user device and the contactless card.


In step 710, the server validates the cryptogram. In step 715, the server decrypts the cryptogram. In step 720, the server extracts the unique identifier from the decrypted cryptogram. In step 725, the server queries, using the unique identifier, a database (e.g., the database 540) for an identity of the user account. In step 730, the server generates a digital signature based on the identity of the user account. The steps 705-730 are similar to the steps 305-330 in FIG. 3. Details of the steps 705-730 are not repeated herein.


In step 735, the server transmits a verification notification including the identity of the user account and the digital signature to the delivery device. The verification notification may indicate that the user/customer who tapped the contactless card to the user device has been verified. When receiving the verification notification, the delivery device may display the verification notification on a display of the delivery device. The delivery device may display the digital signature next to the user/customer name to whom the package is delivered. This digital signature may be considered as an authorization and verification for releasing the package to the user.


In some embodiments, one or more authentication factors may be used to verify the identity of the user/user account in addition to the unique identifier as used in FIG. 7. FIG. 8 illustrates a flow chart for a method 800 of contactless package delivery according to an example embodiment. In the method 800, one or more authentication factors may be used to verify the identity of the user/user account. FIG. 8 may reference the same or similar components as those illustrated in FIGS. 1-7, including a contactless card, a user device, a delivery device, a server, a database, and a network. The method 800 may be implemented in the system 500 and may comprise the following steps.


The method 800 may include: a contactless card transmits a cryptogram to a server via an intermediate device (the user device 520; step 805); the server validates the cryptogram (step 810); the server decrypts the cryptogram (step 815); the server extracts the unique identifier (step 820); the server queries, using the unique identifier, a database for an identity of the user account (step 825); the server receives from the database, one or more authentication factors to verify the identity of the user account (step 830); the server generates a digital signature based on the identity of the user account (step 835); and the server transmits a verification notification including the identity of the user account and the digital signature (step 840). The steps 805-825 and 835-840 are similar to the corresponding steps 705-725 and 730-735, details of which are not repeated herein.


In step 830, the one or more authentication factors may be provided by the user device 520 and/or the delivery device 550. For example, the user device 520 may transmit to the server a geo-signature of the user device 520; and the delivery device 550 may transmit to the server a geo-signature of the delivery device 550. The server may compare the geo-signature of the user device with the geo-signature of the delivery device, and generate the digital signature based on the comparison.


The one or more authentication factors may also comprise at least one selected from the group of a password, a personal identification (PIN), and a biometric feature. The server may verify the identity of the user account based on the one or more authentication factors.


In some embodiments, the delivery device 550 may transmit a card tapping notification through the server to the user device 520. For example, when a package delivery person is approaching or at a package pickup location (e.g., the user's home address/the package delivery address), the delivery person may operate the delivery device to transmit a card tapping notification to the user device. When receiving the card tapping notification, the user may tap the contactless card to the user device. FIG. 9 describes a method 900 of contactless package delivery based on a card tapping notification according to an example embodiment. FIG. 9 may reference the same or similar components as those illustrated in FIGS. 1-8, including a user device, a server, a database, and a delivery device.


In step 905, the server may receive a card tapping notification. The card tapping notification may be initiated by the delivery device and transmitted to the server. Upon receiving the card tapping notification, the server may forward/transmit the card tapping notification to the user device and prompt to read the contactless card. The user of the user device may then tap the contactless card to the user device in accordance with the card tapping notification.


In step 910, the server may read the contactless card based on the card tapping notification. For example, after the contactless card being tapped to the user device, the user device may receive a cryptogram from the contactless card and then transmit the cryptogram to the server.


In step 915, the server may receive a tapping-completed notification from the user device. After the contactless card being tapped, the user device may generate a card tapping-completed notification that is then transmitted to the server. The server may transmit the card tapping-completed notification to the delivery device, such that the delivery person is informed that the contactless card has been tapped to the user device.


In step 920, the server may generate the digital signature of the identity of the user account using the tapping-completed notification. For example, the cryptogram may be verified by the server and the identity of the user account may be retrieved by the server, as described above. The server may further verify the identity of the user account/user based on the card tapping-completed notification, and then generate the digital signature of the identity of the user.


In some embodiments, the delivery device 550 may transmit a universal resource locator (URL) link for card tapping through the server to the user device 520. For example, when a package delivery person is approaching or at a package pickup location (e.g., the user's home address/the package delivery address), the delivery person may operate the delivery device to transmit a URL link for card tapping to the user device. When receiving the URL link for card tapping, the user may tap the contactless card to the user device. FIG. 10 describes a method 1000 of contactless package delivery based on a URL link for card tapping according to an example embodiment. FIG. 10 may reference the same or similar components as those illustrated in FIGS. 1-9, including a user device, a server, a database, and a delivery device.


In step 1005, the server may receive a URL link for card tapping. The URL link for card tapping may be initiated and transmitted by the delivery device to the server. Upon receiving the URL link, the server may forward/transmit the URL link to the user device.


In step 1010, the user of the user device may open the URL link to display a web page, and then tap the contactless card to the user device via the web page.


In step 1015, the server may read the contactless card. For example, after the contactless card being tapped to the user device via the web page, the user device may receive a cryptogram from the contactless card and then transmit the cryptogram to the server. For example, the web page may comprise java script, and the java script interacts with the underlying native platform of the web browser to trigger the NFC read. The web page would then take the contents of that NFC read and deliver it to the server.


In step 1020, the server may receive a tapping-completed notification from the user device. After the contactless card being tapped, the user device may generate a card tapping-completed notification via the web page that is then transmitted to the server. The server may transmit the card tapping-completed notification to the delivery device, such that the delivery person is informed that the contactless card has been tapped to the user device.


In step 1025, the server may generate the digital signature of the identity of the user account using the tapping-completed notification. For example, the cryptogram may be verified by the server and the identity of the user account may be retrieved by the server, as described above. The server may further verify the identity of the user account/user based on the card tapping-completed notification, and then generate the digital signature of the identity of the user.


In some embodiments, the contactless card may embody host card emulation. For example, the user device 520 in FIG. 5 may emulate the contactless card, as opposed to functioning as a reader for the contactless card. In this example, the user device 520 may function as the contactless card and can be tapped to other devices (e.g., the delivery device 120 or the delivery device 550). Accordingly, instead of authenticating the user through one or more second factors, the delivery device can communicate with the server to determine the identity of the user and verify against an expected delivery.


In some examples, the user device emulating the contactless card can also operate anonymously or in an identified manner, but in either case can limit personal information exposure. The delivery device may access the server using a request service for verifying the user. The server may reply with a determination indicating whether the user is verified. The delivery device may also submit the delivery address for the package to the server that can be used to match on the database the identity with the contactless card identifier.


In some embodiments, a profile picture of the user may be transmitted after tapping a contactless card. For example, when the user enters or drives towards a store, the user could tap his/her contactless card on a card reader and the contactless card may send the profile picture of the user to a store employee. The store employee may send the user a picture of himself or herself based on information that is stored with the user's profile. In this way, the user is able to recognize the store employee from across the store without a physical contact with the person. If some close interaction is required, the user and the store employee will have been informed of each other and expeditiously proceed with the interaction without passing by or encountering other people.


In some embodiments, the digital signature can be a direct or indirect signature. For example, the direct signature refers to a signature of the known recipient of the delivery package (or someone associated with the known recipient's account), and the indirect signature refers to a signature of a person other than the known recipient of the delivery package. For example, if a person who is not on the delivery package can tap his or her contactless card, his or her name can be applied as an indirect signature. If this indirect signature can satisfy the delivery condition, a notification may be sent to the known recipient of the delivery package indicating the package has been signed by that person. But if the delivery requires a direct signature, the system can require the known recipient to sign, and the known recipient who is on the delivery package can then tap his/her contactless card.


In some embodiments, multiple tapping of a contactless card may be desired to prevent a replay attack. As used herein, the replay attack may refer to the unauthorized interception of a cryptogram message and cloning of this message for use in signing for packages. For example, the cryptogram message can be read and then statically programmed into a writable NFC tag, which can provide the same cryptogram when read repeatedly (without generating a new counter).


By tapping the contactless card multiple times (e.g., twice by the user), the cryptogam messages can be verified to be genuinely generated by the contactless card even if no a second authentication factor is entered, because if the contactless card is tapped multiple times, then the server has multiple successive cryptogram messages to compare. In this way, the multiple successive cryptogram messages can be validated that they were actually generated by the card and not a static replay of a single cryptogram message.


This can enhance security when second authentication factors are not available. For example, when a user taps his or her random card to some random person's device, a second authentication factor is not available. In such scenarios, by tapping a card multiple times, the card can be validated to be a card that is being used to generate the cryptograms.


In some embodiments, after recording the digital signature that this has happened, the actual cryptogram message that was used to generate that signature may be stored, for example, on the database. The stored cryptogram message can serve as an audit mechanism because the stored cryptogram message can be revalidated. With the authentication mechanism of the contactless card, the current cryptogram message being authenticated is in the right counter range. Accordingly, the validation is able to establish that that message was once created by the contactless card.


In some embodiments, the recording of the cryptogram messages may act as a ledger of confirmation that the package was delivered if, for example, there is a dispute over whether or when a package has been delivered and who signed for it. For example, a customer may claim he or she received the package on a particular day within the time window specified by a return policy. However, referencing the stored cryptogram message, the merchant that shipped the package may establish that the customer in fact received the package on a prior day and therefore the return policy does not apply.


In some embodiments, a delivery address may be certified to act as a delivery requirement. For example, a package may be required to deliver to the certified address (e.g., a digitally signed address).


In some embodiments, certain conditions may need to be met for the digital signature to be applicable. For example, a product may have an expiration date, a guaranteed delivery date, and/or restrictions about how long it can be in transportation. For example, if a product subject to such restrictions (e.g., medicine, test samples, or perishable items) is not delivered within a certain time then, the conditions will not allow a consumer to sign for that product.


In some embodiments, the signed certificates can be scoped to a particular delivery transaction and enforce conditions and requirements of the delivery transaction. For example, a merchant can apply requirements that a package be delivered to a certain address or that the package delivery has these particular restrictions, the identity of that person signing for the package can be validated against those requirements. For example, a customer expecting a time-sensitive package may contract with a delivery company for a particular delivery date and time and the customer may not wish to take delivery of a package after the specified time. In such an example, the customer can prove at the time of delivery that the contract has been violated.


Throughout the disclosure, the term merchant is used, and it is understood that the present disclosure is not limited to a particular merchant or type of merchant. Rather, the present disclosure includes any type of merchant, vendor, or other entity involving in activities where products or services are sold or otherwise provided.


In some examples, exemplary procedures in accordance with the present disclosure described herein can be performed by a processing arrangement and/or a computing arrangement (e.g., computer hardware arrangement). Such processing/computing arrangement can be, for example entirely or a part of, or include, but not limited to, a computer/processor that can include, for example one or more microprocessors, and use instructions stored on a computer-accessible medium (e.g., RAM, ROM, hard drive, or other storage device). For example, a computer-accessible medium can be part of the memory of the delivery device 120 or 550, the user device 520, the server 130 or 530, and/or the contactless card 110 or 510 or other computer hardware arrangement.


In some examples, a computer-accessible medium (e.g., as described herein above, a storage device such as a hard disk, floppy disk, memory stick, CD-ROM, RAM, ROM, etc., or a collection thereof) can be provided (e.g., in communication with the processing arrangement). The computer-accessible medium can contain executable instructions thereon. In addition or alternatively, a storage arrangement can be provided separately from the computer-accessible medium, which can provide the instructions to the processing arrangement so as to configure the processing arrangement to execute certain exemplary procedures, processes, and methods, as described herein above, for example.


Throughout the disclosure, the following terms take at least the meanings explicitly associated herein, unless the context clearly dictates otherwise. The term “or” is intended to mean an inclusive “or.” Further, the terms “a,” “an,” and “the” are intended to mean one or more unless specified otherwise or clear from the context to be directed to a singular form.


In this description, numerous specific details have been set forth. It is to be understood, however, that implementations of the disclosed technology may be practiced without these specific details. In other instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description. References to “some examples,” “other examples,” “one example,” “an example,” “various examples,” “one embodiment,” “an embodiment,” “some embodiments,” “example embodiment,” “various embodiments,” “one implementation,” “an implementation,” “example implementation,” “various implementations,” “some implementations,” etc., indicate that the implementation(s) of the disclosed technology so described may include a particular feature, structure, or characteristic, but not every implementation necessarily includes the particular feature, structure, or characteristic. Further, repeated use of the phrases “in one example,” “in one embodiment,” or “in one implementation” does not necessarily refer to the same example, embodiment, or implementation, although it may.


As used herein, unless otherwise specified the use of the ordinal adjectives “first,” “second,” “third,” etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.


While certain implementations of the disclosed technology have been described in connection with what is presently considered to be the most practical and various implementations, it is to be understood that the disclosed technology is not to be limited to the disclosed implementations, but on the contrary, is intended to cover various modifications and equivalent arrangements included within the scope of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.


This written description uses examples to disclose certain implementations of the disclosed technology, including the best mode, and also to enable any person skilled in the art to practice certain implementations of the disclosed technology, including making and using any devices or systems and performing any incorporated methods. The patentable scope of certain implementations of the disclosed technology is defined in the claims, and may include other examples that occur to those skilled in the art. Such other examples are intended to be within the scope of the claims if they have structural elements that do not differ from the literal language of the claims, or if they include equivalent structural elements with insubstantial differences from the literal language of the claims.

Claims
  • 1. A contactless delivery system, comprising: a contactless card comprising a card processor and a card memory, the card memory storing a first cryptogram that contains an unique identifier associated with a user account and a profile picture associated with the user account;a server, comprising a server processor and a server memory,wherein, after entry into a communication field generated by a card reader, the contactless card: transmits the profile picture to the card reader,transmits the first cryptogram to the card reader, andreceives a picture of an employee associated with the card reader, andwherein the server:receives the first cryptogram from the card reader,validates the first cryptogram,decrypts the first cryptogram and extracts the unique identifier,queries, using the unique identifier, a database for an identity of the user account, the database containing one or more documents associated with the user account,receives, from the database, the one or more documents to verify the identity of the user account,receives a universal resource locator (URL) associated with a web page,transmits the URL to a user device,receives, via an input to the webpage, card information associated with the contactless card,generates a digital signature based on the identity of the user account and the card information, andtransmits a verification notification including the identity of the user account and the digital signature.
  • 2. The contactless delivery system of claim 1, wherein: the system further comprises the user device, and the user device generates the communication field.
  • 3. The contactless delivery system of claim 1, wherein: the card memory further contains a counter value and a plurality of keys, andthe card processor generates the first cryptogram using the counter value, the plurality of keys, and the unique identifier.
  • 4. The contactless delivery system of claim 3, wherein the card processor updates the counter value.
  • 5. The contactless delivery system of claim 1, wherein: the verification notification is transmitted to the user device storing information on a delivery package, andthe server receives the information on the delivery package as an authentication factor to verify the identity of the user account.
  • 6. The contactless delivery system of claim 1, wherein the one or more documents comprises a copy of a driver license.
  • 7. The contactless delivery system of claim 1, wherein: the server transmits the verification notification to the user device, andthe digital signature is displayed on a display of the user device, the digital signature being used to sign a package receipt document displayed on the display of the user device.
  • 8. The contactless delivery system of claim 1, wherein the contactless card includes a host card emulation device emulating the contactless card.
  • 9. The contactless delivery system of claim 1, wherein the server: retrieves a document of the user account from the database, andtransmits the document to verify the identity of the user account.
  • 10. The system of claim 1, wherein: the contactless card transmits, after entry into the communication field, the profile picture to the database.
  • 11. The system of claim 1, wherein: the digital signature comprises the signature of a user not associated with the user account, andthe server transmits an indirect signature notification to a user associated with the user account.
  • 12. The system of claim 1, wherein the server: stores the first cryptogram and a time of receipt associated with the first cryptogram in the database, andestablishes, based on the stored first cryptogram and time of receipt, a delivery date associated with a package.
  • 13. The system of claim 12, wherein the server applies a return policy to the package based on the delivery date.
  • 14. The system of claim 1, wherein the server: receives, from the read of the contactless card based on a card tap notification, a second cryptogram,validates the second cryptogram, anddetermines, based on the validation of the first cryptogram and the validation of the second cryptogram, that the first cryptogram and the second cryptogram were generated by the contactless card.
  • 15. A contactless delivery method, comprising: transmitting, by a contactless card after entry into a communication field generated by a card reader, a profile picture associated with a user account and a cryptogram containing a unique identifier associated with the user account;receiving, by a server the profile picture and the cryptogram;validating, by the server, the cryptogram;decrypting, by the server, the cryptogram;extracting, by the server from the cryptogram, the unique identifier;querying, by the server using the unique identifier, a database for an identity of the user account;receiving, by the server from the database, one or more documents to verify the identity of the user account;receiving, by the server from a delivery device, a universal resource locator (URL) associated with a webpage;transmitting, by the server, the URL to a user device;receiving, via an input to the webpage, card information associated with the contactless card;generating, by the server, a digital signature based on the identity of the user account and the card information;transmitting, by the server, a verification notification including the identity of the user account and the digital signature; andreceiving, by the contactless card, a picture of an employee associated with the card reader.
  • 16. The contactless delivery method of claim 15, further comprising: receiving, by the server, a card tap notification;prompting, to read the contactless card, by the server, based on the card tap notification;receiving, by the server, a tap-completed notification; andgenerating, by the server, the digital signature based on the identity of the user account and the tap-completed notification.
  • 17. A non-transitory computer-accessible medium storing executable instructions that, when executed by a server, cause the server to perform procedures comprising: receiving, from a contactless card after entry into a communication field generated by a card reader, a profile picture associated with a user account and a first cryptogram containing a unique identifier associated with the user account;validating the first cryptogram;decrypting the first cryptogram;extracting, from the first cryptogram, the unique identifier;querying, using the unique identifier, a database for an identity of the user account;receiving, from the database, one or more documents to verify the identity of the user account;receiving, from a delivery device, a universal resource locator (URL) associated with a webpage;transmitting the URL to a user device;receiving, via an input to the webpage, card information associated with the contactless card;generating a digital signature based on the identity of the user account and the card information;transmitting a verification notification including the identity of the user account and the digital signature; andreceiving, by the contactless card, a picture of an employee associated with the card reader.
  • 18. The contactless delivery method of claim 16, further comprising transmitting, by the server, the tap-completed notification to the delivery device.
  • 19. The computer-accessible medium of claim 17, wherein: the digital signature comprises the signature of a user not associated with the user account, andtransmitting an indirect signature notification to a user associated with the user account.
  • 20. The computer-accessible medium of claim 17, the procedures further comprising: storing the first cryptogram in the database;after receiving of a second cryptogram, revalidating the first cryptogram;identifying a counter range based on the revalidation of the first cryptogram;validating the second cryptogram; andassociating the second cryptogram with the contactless card based on the counter range.
US Referenced Citations (554)
Number Name Date Kind
4683553 Mollier Jul 1987 A
4827113 Rikuna May 1989 A
4910773 Hazard et al. Mar 1990 A
5036461 Elliott et al. Jul 1991 A
5363448 Koopman, Jr. et al. Nov 1994 A
5377270 Koopman, Jr. et al. Dec 1994 A
5533126 Hazard Jul 1996 A
5537314 Kanter Jul 1996 A
5592553 Guski et al. Jan 1997 A
5616901 Crandall Apr 1997 A
5666415 Kaufman Sep 1997 A
5764789 Pare, Jr. et al. Jun 1998 A
5768373 Lohstroh et al. Jun 1998 A
5778072 Samar Jul 1998 A
5796827 Coppersmith et al. Aug 1998 A
5832090 Raspotnik Nov 1998 A
5883810 Franklin et al. Mar 1999 A
5901874 Deters May 1999 A
5929413 Gardner Jul 1999 A
5960411 Hartman et al. Sep 1999 A
6021203 Douceur et al. Feb 2000 A
6049328 Vanderheiden Apr 2000 A
6058373 Blinn et al. May 2000 A
6061666 Do et al. May 2000 A
6105013 Curry et al. Aug 2000 A
6199114 White et al. Mar 2001 B1
6199762 Hohle Mar 2001 B1
6216227 Goldstein et al. Apr 2001 B1
6227447 Campisano May 2001 B1
6282522 Davis et al. Aug 2001 B1
6324271 Sawyer et al. Nov 2001 B1
6342844 Rozin Jan 2002 B1
6367011 Lee et al. Apr 2002 B1
6402028 Graham, Jr. et al. Jun 2002 B1
6438550 Doyle et al. Aug 2002 B1
6501847 Helot et al. Dec 2002 B2
6631197 Taenzer Oct 2003 B1
6641050 Kelley et al. Nov 2003 B2
6655585 Shinn Dec 2003 B2
6662020 Aaro et al. Dec 2003 B1
6721706 Strubbe et al. Apr 2004 B1
6731778 Oda et al. May 2004 B1
6779115 Naim Aug 2004 B1
6792533 Jablon Sep 2004 B2
6829711 Kwok et al. Dec 2004 B1
6834271 Hodgson et al. Dec 2004 B1
6834795 Rasmussen et al. Dec 2004 B1
6852031 Rowe Feb 2005 B1
6865547 Brake, Jr. et al. Mar 2005 B1
6873260 Lancos et al. Mar 2005 B2
6877656 Jaros et al. Apr 2005 B1
6889198 Kawan May 2005 B2
6905411 Nguyen et al. Jun 2005 B2
6910627 Simpson-Young et al. Jun 2005 B1
6971031 Haala Nov 2005 B2
6990588 Yasukura Jan 2006 B1
7006986 Sines et al. Feb 2006 B1
7085931 Smith et al. Aug 2006 B1
7127605 Montgomery et al. Oct 2006 B1
7128274 Kelley et al. Oct 2006 B2
7140550 Ramachandran Nov 2006 B2
7152045 Hoffman Dec 2006 B2
7165727 de Jong Jan 2007 B2
7175076 Block et al. Feb 2007 B1
7202773 Oba et al. Apr 2007 B1
7206806 Pineau Apr 2007 B2
7232073 de Jong Jun 2007 B1
7246752 Brown Jul 2007 B2
7254569 Goodman et al. Aug 2007 B2
7263507 Brake, Jr. et al. Aug 2007 B1
7270276 Vayssiere Sep 2007 B2
7278025 Saito et al. Oct 2007 B2
7287692 Patel et al. Oct 2007 B1
7290709 Tsai et al. Nov 2007 B2
7306143 Bonneau, Jr. et al. Dec 2007 B2
7319986 Praisner et al. Jan 2008 B2
7325132 Takayama et al. Jan 2008 B2
7373515 Owen et al. May 2008 B2
7374099 de Jong May 2008 B2
7375616 Rowse et al. May 2008 B2
7380710 Brown Jun 2008 B2
7424977 Smets et al. Sep 2008 B2
7453439 Kushler et al. Nov 2008 B1
7472829 Brown Jan 2009 B2
7487357 Smith et al. Feb 2009 B2
7568631 Gibbs et al. Aug 2009 B2
7584153 Brown et al. Sep 2009 B2
7597250 Finn Oct 2009 B2
7628322 Hohmanns et al. Dec 2009 B2
7652578 Braun et al. Jan 2010 B2
7689832 Talmor et al. Mar 2010 B2
7703142 Wilson et al. Apr 2010 B1
7748609 Sachdeva et al. Jul 2010 B2
7748617 Gray Jul 2010 B2
7748636 Finn Jul 2010 B2
7762457 Bonalle et al. Jul 2010 B2
7789302 Tame Sep 2010 B2
7793851 Mullen Sep 2010 B2
7796013 Murakami et al. Sep 2010 B2
7801799 Brake, Jr. et al. Sep 2010 B1
7801829 Gray et al. Sep 2010 B2
7805755 Brown et al. Sep 2010 B2
7809643 Phillips et al. Oct 2010 B2
7827115 Weller et al. Nov 2010 B2
7828214 Narendra et al. Nov 2010 B2
7848746 Juels Dec 2010 B2
7882553 Tuliani Feb 2011 B2
7900048 Andersson Mar 2011 B2
7908216 Davis et al. Mar 2011 B1
7922082 Muscato Apr 2011 B2
7933589 Mamdani et al. Apr 2011 B1
7949559 Freiberg May 2011 B2
7954716 Narendra et al. Jun 2011 B2
7954723 Charrat Jun 2011 B2
7962369 Rosenberg Jun 2011 B2
7993197 Mamdani et al. Aug 2011 B2
8005426 Huomo et al. Aug 2011 B2
8010405 Bortolin et al. Aug 2011 B1
RE42762 Shin Sep 2011 E
8041954 Plesman Oct 2011 B2
8060012 Sklovsky et al. Nov 2011 B2
8074877 Mullen et al. Dec 2011 B2
8082450 Frey et al. Dec 2011 B2
8095113 Kean et al. Jan 2012 B2
8099332 Lemay et al. Jan 2012 B2
8103249 Markison Jan 2012 B2
8108687 Ellis et al. Jan 2012 B2
8127143 Abdallah et al. Feb 2012 B2
8135648 Oram et al. Mar 2012 B2
8140010 Symons et al. Mar 2012 B2
8141136 Lee et al. Mar 2012 B2
8150321 Winter et al. Apr 2012 B2
8150767 Wankmueller Apr 2012 B2
8186602 Itay et al. May 2012 B2
8196131 von Behren et al. Jun 2012 B1
8215563 Levy et al. Jul 2012 B2
8224753 Atef et al. Jul 2012 B2
8232879 Davis Jul 2012 B2
8233841 Griffin et al. Jul 2012 B2
8245292 Buer Aug 2012 B2
8249654 Zhu Aug 2012 B1
8266451 Leydier et al. Sep 2012 B2
8285329 Zhu Oct 2012 B1
8302872 Mullen Nov 2012 B2
8312519 Bailey et al. Nov 2012 B1
8316237 Felsher et al. Nov 2012 B1
8332272 Fisher Dec 2012 B2
8365988 Medina, III et al. Feb 2013 B1
8369960 Tran et al. Feb 2013 B2
8371501 Hopkins Feb 2013 B1
8381307 Cimino Feb 2013 B2
8391719 Alameh et al. Mar 2013 B2
8417231 Sanding et al. Apr 2013 B2
8439271 Smets et al. May 2013 B2
8475367 Yuen et al. Jul 2013 B1
8489112 Roeding et al. Jul 2013 B2
8511542 Pan Aug 2013 B2
8559872 Butler Oct 2013 B2
8566916 Vernon et al. Oct 2013 B1
8567670 Stanfield et al. Oct 2013 B2
8572386 Takekawa et al. Oct 2013 B2
8577810 Dalit et al. Nov 2013 B1
8583454 Beraja et al. Nov 2013 B2
8589335 Smith et al. Nov 2013 B2
8594730 Bona et al. Nov 2013 B2
8615468 Varadarajan Dec 2013 B2
8620218 Awad Dec 2013 B2
8667285 Coulier et al. Mar 2014 B2
8723941 Shirbabadi et al. May 2014 B1
8726405 Bailey et al. May 2014 B1
8740073 Vijay shankar et al. Jun 2014 B2
8750514 Gallo et al. Jun 2014 B2
8752189 De Jong Jun 2014 B2
8794509 Bishop et al. Aug 2014 B2
8799668 Cheng Aug 2014 B2
8806592 Ganesan Aug 2014 B2
8807440 Von Behren et al. Aug 2014 B1
8811892 Khan et al. Aug 2014 B2
8814039 Bishop et al. Aug 2014 B2
8814052 Bona et al. Aug 2014 B2
8818867 Baldwin et al. Aug 2014 B2
8850538 Vernon et al. Sep 2014 B1
8861733 Benteo et al. Oct 2014 B2
8880027 Darringer Nov 2014 B1
8888002 Chesney et al. Nov 2014 B2
8898088 Springer et al. Nov 2014 B2
8934837 Zhu et al. Jan 2015 B2
8977569 Rao Mar 2015 B2
8994498 Agrafioti et al. Mar 2015 B2
9004365 Bona et al. Apr 2015 B2
9038894 Khalid May 2015 B2
9042814 Royston et al. May 2015 B2
9047531 Showering et al. Jun 2015 B2
9069976 Toole et al. Jun 2015 B2
9081948 Magne Jul 2015 B2
9104853 Venkataramani et al. Aug 2015 B2
9118663 Bailey et al. Aug 2015 B1
9122964 Krawczewicz Sep 2015 B2
9129280 Bona et al. Sep 2015 B2
9152832 Royston et al. Oct 2015 B2
9203800 Izu et al. Dec 2015 B2
9209867 Royston Dec 2015 B2
9251330 Boivie et al. Feb 2016 B2
9251518 Levin et al. Feb 2016 B2
9258715 Borghei Feb 2016 B2
9270337 Zhu et al. Feb 2016 B2
9306626 Hall et al. Apr 2016 B2
9306942 Bailey et al. Apr 2016 B1
9324066 Archer et al. Apr 2016 B2
9324067 Van OS et al. Apr 2016 B2
9332587 Salahshoor May 2016 B2
9338622 Bjontegard May 2016 B2
9373141 Shakkarwar Jun 2016 B1
9379841 Fine et al. Jun 2016 B2
9413430 Royston et al. Aug 2016 B2
9413768 Gregg et al. Aug 2016 B1
9420496 Indurkar Aug 2016 B1
9426132 Alikhani Aug 2016 B1
9432339 Bowness Aug 2016 B1
9455968 Machani et al. Sep 2016 B1
9473509 Arsanjani et al. Oct 2016 B2
9491626 Sharma et al. Nov 2016 B2
9553637 Yang et al. Jan 2017 B2
9619952 Zhao et al. Apr 2017 B1
9635000 Muftic Apr 2017 B1
9665858 Kumar May 2017 B1
9674705 Rose et al. Jun 2017 B2
9679286 Colnot et al. Jun 2017 B2
9680942 Dimmick Jun 2017 B2
9710804 Zhou et al. Jul 2017 B2
9740342 Paulsen et al. Aug 2017 B2
9740988 Levin et al. Aug 2017 B1
9763097 Robinson et al. Sep 2017 B2
9767329 Forster Sep 2017 B2
9769662 Queru Sep 2017 B1
9773151 Mil'shtein et al. Sep 2017 B2
9780953 Gaddam et al. Oct 2017 B2
9891823 Feng et al. Feb 2018 B2
9940571 Herrington Apr 2018 B1
9953323 Candelore et al. Apr 2018 B2
9961194 Wiechman et al. May 2018 B1
9965756 Davis et al. May 2018 B2
9965911 Wishne May 2018 B2
9978058 Wurmfeld et al. May 2018 B2
10043164 Dogin et al. Aug 2018 B2
10075437 Costigan et al. Sep 2018 B1
10129648 Hernandez et al. Nov 2018 B1
10133979 Eidam et al. Nov 2018 B1
10217105 Sangi et al. Feb 2019 B1
10541995 Mossler et al. Jan 2020 B1
11055713 Dowling Jul 2021 B1
20010010723 Pinkas Aug 2001 A1
20010029485 Brody et al. Oct 2001 A1
20010034702 Mockett et al. Oct 2001 A1
20010054003 Chien et al. Dec 2001 A1
20020078345 Sandhu et al. Jun 2002 A1
20020093530 Krothapalli et al. Jul 2002 A1
20020100808 Norwood et al. Aug 2002 A1
20020120583 Keresman, III et al. Aug 2002 A1
20020152116 Yan et al. Oct 2002 A1
20020153424 Li Oct 2002 A1
20020165827 Gien et al. Nov 2002 A1
20030023554 Yap et al. Jan 2003 A1
20030034873 Chase et al. Feb 2003 A1
20030055727 Walker et al. Mar 2003 A1
20030078882 Sukeda et al. Apr 2003 A1
20030167350 Davis et al. Sep 2003 A1
20030208449 Diao Nov 2003 A1
20040015958 Veil et al. Jan 2004 A1
20040039919 Takayama et al. Feb 2004 A1
20040127256 Goldthwaite et al. Jul 2004 A1
20040215674 Odinak et al. Oct 2004 A1
20040230799 Davis Nov 2004 A1
20050044367 Gasparini et al. Feb 2005 A1
20050075985 Cartmell Apr 2005 A1
20050081038 Arditti Modiano et al. Apr 2005 A1
20050138387 Lam et al. Jun 2005 A1
20050156026 Ghosh et al. Jul 2005 A1
20050160049 Lundholm Jul 2005 A1
20050195975 Kawakita Sep 2005 A1
20050247797 Ramachandran Nov 2005 A1
20060006230 Bear et al. Jan 2006 A1
20060040726 Szrek et al. Feb 2006 A1
20060041402 Baker Feb 2006 A1
20060044153 Dawidowsky Mar 2006 A1
20060047954 Sachdeva et al. Mar 2006 A1
20060085848 Aissi et al. Apr 2006 A1
20060136334 Atkinson et al. Jun 2006 A1
20060173985 Moore Aug 2006 A1
20060174331 Schuetz Aug 2006 A1
20060242698 Inskeep et al. Oct 2006 A1
20060280338 Rabb Dec 2006 A1
20070033642 Ganesan et al. Feb 2007 A1
20070055630 Gauthier et al. Mar 2007 A1
20070061266 Moore et al. Mar 2007 A1
20070061487 Moore et al. Mar 2007 A1
20070116292 Kurita et al. May 2007 A1
20070118745 Buer May 2007 A1
20070197261 Humbel Aug 2007 A1
20070224969 Rao Sep 2007 A1
20070241182 Buer Oct 2007 A1
20070256134 Lehtonen et al. Nov 2007 A1
20070258594 Sandhu et al. Nov 2007 A1
20070278291 Rans et al. Dec 2007 A1
20080008315 Fontana et al. Jan 2008 A1
20080011831 Bonalle et al. Jan 2008 A1
20080014867 Finn Jan 2008 A1
20080035738 Mullen Feb 2008 A1
20080071681 Khalid Mar 2008 A1
20080072303 Syed Mar 2008 A1
20080086767 Kulkarni et al. Apr 2008 A1
20080103968 Bies et al. May 2008 A1
20080109309 Landau et al. May 2008 A1
20080110983 Ashfield May 2008 A1
20080120711 Dispensa May 2008 A1
20080156873 Wilhelm et al. Jul 2008 A1
20080162312 Sklovsky et al. Jul 2008 A1
20080164308 Aaron et al. Jul 2008 A1
20080207307 Cunningham, II et al. Aug 2008 A1
20080209543 Aaron Aug 2008 A1
20080223918 Williams et al. Sep 2008 A1
20080285746 Landrock et al. Nov 2008 A1
20080308641 Finn Dec 2008 A1
20090037275 Pollio Feb 2009 A1
20090048026 French Feb 2009 A1
20090132417 Scipioni et al. May 2009 A1
20090143104 Loh et al. Jun 2009 A1
20090171682 Dixon et al. Jul 2009 A1
20090210308 Toomer et al. Aug 2009 A1
20090235339 Mennes et al. Sep 2009 A1
20090249077 Gargaro et al. Oct 2009 A1
20090282264 Amiel et al. Nov 2009 A1
20100023449 Skowronek et al. Jan 2010 A1
20100023455 Dispensa et al. Jan 2010 A1
20100029202 Jolivet et al. Feb 2010 A1
20100033310 Narendra et al. Feb 2010 A1
20100036769 Winters et al. Feb 2010 A1
20100078471 Lin et al. Apr 2010 A1
20100082491 Rosenblatt et al. Apr 2010 A1
20100094754 Bertran et al. Apr 2010 A1
20100095130 Bertran et al. Apr 2010 A1
20100100480 Altman et al. Apr 2010 A1
20100114731 Kingston et al. May 2010 A1
20100192230 Steeves et al. Jul 2010 A1
20100207742 Buhot et al. Aug 2010 A1
20100211797 Westerveld et al. Aug 2010 A1
20100240413 He et al. Sep 2010 A1
20100257357 McClain Oct 2010 A1
20100312634 Cervenka Dec 2010 A1
20100312635 Cervenka Dec 2010 A1
20110028160 Roeding et al. Feb 2011 A1
20110035604 Habraken Feb 2011 A1
20110060631 Grossman et al. Mar 2011 A1
20110068170 Lehman Mar 2011 A1
20110084132 Tofighbakhsh Apr 2011 A1
20110101093 Ehrensvard May 2011 A1
20110113245 Varadrajan May 2011 A1
20110125638 Davis et al. May 2011 A1
20110131415 Schneider Jun 2011 A1
20110153437 Archer et al. Jun 2011 A1
20110153496 Royyuru Jun 2011 A1
20110208658 Makhotin Aug 2011 A1
20110208965 Machani Aug 2011 A1
20110211219 Bradley Sep 2011 A1
20110218911 Spodak Sep 2011 A1
20110238564 Lim et al. Sep 2011 A1
20110246780 Yeap et al. Oct 2011 A1
20110258452 Coulier et al. Oct 2011 A1
20110280406 Ma et al. Nov 2011 A1
20110282785 Chin Nov 2011 A1
20110294418 Chen Dec 2011 A1
20110312271 Ma et al. Dec 2011 A1
20120024947 Naelon Feb 2012 A1
20120030047 Fuentes et al. Feb 2012 A1
20120030121 Grellier Feb 2012 A1
20120047071 Mullen et al. Feb 2012 A1
20120079281 Lowenstein et al. Mar 2012 A1
20120109735 Krawczewicz et al. May 2012 A1
20120109764 Martin et al. May 2012 A1
20120143754 Patel Jun 2012 A1
20120150737 Rottink Jun 2012 A1
20120178366 Levy et al. Jul 2012 A1
20120196583 Kindo Aug 2012 A1
20120207305 Gallo et al. Aug 2012 A1
20120209773 Ranganathan Aug 2012 A1
20120238206 Singh et al. Sep 2012 A1
20120239560 Pourfallah et al. Sep 2012 A1
20120252350 Steinmetz et al. Oct 2012 A1
20120254394 Barras Oct 2012 A1
20120284194 Liu et al. Nov 2012 A1
20120290472 Mullen et al. Nov 2012 A1
20120296818 Nuzzi et al. Nov 2012 A1
20120316992 Oborne Dec 2012 A1
20120317035 Royyuru et al. Dec 2012 A1
20120317628 Yeager Dec 2012 A1
20130005245 Royston Jan 2013 A1
20130008956 Ashfield Jan 2013 A1
20130026229 Jarman et al. Jan 2013 A1
20130048713 Pan Feb 2013 A1
20130054474 Yeager Feb 2013 A1
20130065564 Conner et al. Mar 2013 A1
20130080228 Fisher Mar 2013 A1
20130080229 Fisher Mar 2013 A1
20130099587 Lou Apr 2013 A1
20130104251 Moore et al. Apr 2013 A1
20130106576 Hinman et al. May 2013 A1
20130119130 Braams May 2013 A1
20130130614 Busch-Sorensen May 2013 A1
20130144793 Royston Jun 2013 A1
20130171929 Adams et al. Jul 2013 A1
20130179351 Wallner Jul 2013 A1
20130185772 Jaudon et al. Jul 2013 A1
20130191279 Caiman et al. Jul 2013 A1
20130200999 Spodak et al. Aug 2013 A1
20130212025 Tanner Aug 2013 A1
20130216108 Hwang et al. Aug 2013 A1
20130226791 Springer et al. Aug 2013 A1
20130226796 Jiang et al. Aug 2013 A1
20130232082 Krawczewicz et al. Sep 2013 A1
20130238894 Ferg et al. Sep 2013 A1
20130282360 Shimota et al. Oct 2013 A1
20130303085 Boucher et al. Nov 2013 A1
20130304651 Smith Nov 2013 A1
20130312082 Izu et al. Nov 2013 A1
20130314593 Reznik et al. Nov 2013 A1
20130344857 Berionne et al. Dec 2013 A1
20140002238 Taveau et al. Jan 2014 A1
20140019352 Shrivastava Jan 2014 A1
20140027506 Heo et al. Jan 2014 A1
20140032409 Rosano Jan 2014 A1
20140032410 Georgiev et al. Jan 2014 A1
20140040120 Cho et al. Feb 2014 A1
20140040139 Brudnicki et al. Feb 2014 A1
20140040147 Varadarakan et al. Feb 2014 A1
20140047235 Lessiak et al. Feb 2014 A1
20140067690 Pitroda et al. Mar 2014 A1
20140074637 Hammad Mar 2014 A1
20140074655 Lim et al. Mar 2014 A1
20140081720 Wu Mar 2014 A1
20140138435 Khalid May 2014 A1
20140171034 Aleksin et al. Jun 2014 A1
20140171039 Bjontegard Jun 2014 A1
20140172700 Teuwen et al. Jun 2014 A1
20140180851 Fisher Jun 2014 A1
20140208112 McDonald et al. Jul 2014 A1
20140214674 Narula Jul 2014 A1
20140229375 Zaytzsev et al. Aug 2014 A1
20140245391 Adenuga Aug 2014 A1
20140256251 Caceres et al. Sep 2014 A1
20140258099 Rosano Sep 2014 A1
20140258113 Gauthier et al. Sep 2014 A1
20140258125 Gerber et al. Sep 2014 A1
20140274179 Zhu et al. Sep 2014 A1
20140279479 Maniar et al. Sep 2014 A1
20140337235 Van Heerden et al. Nov 2014 A1
20140339315 Ko Nov 2014 A1
20140346860 Aubry et al. Nov 2014 A1
20140365780 Movassaghi Dec 2014 A1
20140379361 Mahadkar et al. Dec 2014 A1
20150012444 Brown et al. Jan 2015 A1
20150032635 Guise Jan 2015 A1
20150071486 Rhoads et al. Mar 2015 A1
20150088757 Zhou et al. Mar 2015 A1
20150089586 Ballesteros Mar 2015 A1
20150134452 Williams May 2015 A1
20150140960 Powell et al. May 2015 A1
20150154595 Collinge et al. Jun 2015 A1
20150170138 Rao Jun 2015 A1
20150178724 Ngo et al. Jun 2015 A1
20150186871 Laracey Jul 2015 A1
20150205379 Mag et al. Jul 2015 A1
20150302409 Malek Oct 2015 A1
20150317626 Ran et al. Nov 2015 A1
20150332266 Friedlander et al. Nov 2015 A1
20150339474 Paz et al. Nov 2015 A1
20150371234 Huang et al. Dec 2015 A1
20160012465 Sharp Jan 2016 A1
20160026997 Tsui et al. Jan 2016 A1
20160048913 Rausaria et al. Feb 2016 A1
20160055480 Shah Feb 2016 A1
20160057619 Lopez Feb 2016 A1
20160065370 Le Saint et al. Mar 2016 A1
20160087957 Shah et al. Mar 2016 A1
20160092696 Guglani et al. Mar 2016 A1
20160148193 Kelley et al. May 2016 A1
20160232523 Venot et al. Aug 2016 A1
20160239672 Khan et al. Aug 2016 A1
20160253651 Park et al. Sep 2016 A1
20160255072 Liu Sep 2016 A1
20160267486 Mitra et al. Sep 2016 A1
20160277383 Guyomarc'h et al. Sep 2016 A1
20160277388 Lowe et al. Sep 2016 A1
20160307187 Guo et al. Oct 2016 A1
20160307189 Zarakas et al. Oct 2016 A1
20160314472 Ashfield Oct 2016 A1
20160330027 Ebrahimi Nov 2016 A1
20160335531 Mullen et al. Nov 2016 A1
20160379217 Hammad Dec 2016 A1
20170004502 Quentin et al. Jan 2017 A1
20170011395 Pillai et al. Jan 2017 A1
20170011406 Tunnell et al. Jan 2017 A1
20170017957 Radu Jan 2017 A1
20170017964 Janefalkar et al. Jan 2017 A1
20170024716 Jiam et al. Jan 2017 A1
20170039566 Schipperheijn Feb 2017 A1
20170041759 Gantert et al. Feb 2017 A1
20170068950 Kwon Mar 2017 A1
20170103388 Pillai et al. Apr 2017 A1
20170104739 Lansler et al. Apr 2017 A1
20170109509 Baghdasaryan Apr 2017 A1
20170109730 Locke et al. Apr 2017 A1
20170116447 Cimino et al. Apr 2017 A1
20170124568 Moghadam May 2017 A1
20170140379 Deck May 2017 A1
20170154328 Zarakas et al. Jun 2017 A1
20170154333 Gleeson et al. Jun 2017 A1
20170180134 King Jun 2017 A1
20170230189 Toll et al. Aug 2017 A1
20170237301 Elad et al. Aug 2017 A1
20170289127 Hendrick Oct 2017 A1
20170295013 Claes Oct 2017 A1
20170316696 Bartel Nov 2017 A1
20170317834 Smith et al. Nov 2017 A1
20170330173 Woo et al. Nov 2017 A1
20170374070 Shah et al. Dec 2017 A1
20180034507 Wobak et al. Feb 2018 A1
20180039986 Essebag et al. Feb 2018 A1
20180068316 Essebag et al. Mar 2018 A1
20180129945 Saxena et al. May 2018 A1
20180160255 Park Jun 2018 A1
20180191501 Lindemann Jul 2018 A1
20180205712 Versteeg et al. Jul 2018 A1
20180240106 Garrett et al. Aug 2018 A1
20180254909 Hancock Sep 2018 A1
20180268132 Buer et al. Sep 2018 A1
20180270214 Caterino et al. Sep 2018 A1
20180285653 Li Oct 2018 A1
20180294959 Traynor et al. Oct 2018 A1
20180300716 Carlson Oct 2018 A1
20180302396 Camenisch et al. Oct 2018 A1
20180315050 Hammad Nov 2018 A1
20180316666 Koved et al. Nov 2018 A1
20180322486 Deliwala et al. Nov 2018 A1
20180359100 Gaddam et al. Dec 2018 A1
20190014107 George Jan 2019 A1
20190019375 Foley Jan 2019 A1
20190036678 Ahmed Jan 2019 A1
20190156335 Safak May 2019 A1
20190238517 D'Agostino et al. Aug 2019 A1
20190354665 Haslam Nov 2019 A1
20200104474 Duane Apr 2020 A1
20200104891 Rule Apr 2020 A1
20200320598 Rule et al. Oct 2020 A1
20220014912 Wilson Jan 2022 A1
Foreign Referenced Citations (38)
Number Date Country
3010336 Jul 2017 CA
101192295 Jun 2008 CN
103023643 Apr 2013 CN
103417202 Dec 2013 CN
1 085 424 Mar 2001 EP
1 223 565 Jul 2002 EP
1 265 186 Dec 2002 EP
1 783 919 May 2007 EP
2 852 070 Jan 2009 EP
2 139 196 Dec 2009 EP
1 469 419 Feb 2012 EP
2 457 221 Aug 2009 GB
2 516 861 Feb 2015 GB
2 551 907 Jan 2018 GB
101508320 Apr 2015 KR
WO 0049586 Aug 2000 WO
WO 2006070189 Jul 2006 WO
WO 2008055170 May 2008 WO
WO 2009025605 Feb 2009 WO
WO 2010049252 May 2010 WO
WO 2011112158 Sep 2011 WO
WO 2012001624 Jan 2012 WO
WO 2013039395 Mar 2013 WO
WO 2013155562 Oct 2013 WO
WO 2013192358 Dec 2013 WO
WO 2014043278 Mar 2014 WO
WO 2014170741 Oct 2014 WO
WO 2015179649 Nov 2015 WO
WO 2015183818 Dec 2015 WO
WO 2016097718 Jun 2016 WO
WO 2016160816 Oct 2016 WO
WO 2016168394 Oct 2016 WO
WO 2017042375 Mar 2017 WO
WO 2017042400 Mar 2017 WO
WO 2017157859 Sep 2017 WO
WO 2017208063 Dec 2017 WO
WO 2018063809 Apr 2018 WO
WO 2018137888 Aug 2018 WO
Non-Patent Literature Citations (42)
Entry
Batina, Lejla and Poll, Erik, “SmartCards and RFID,” PowerPoint Presentation for IPA Security Course, Digital Security at University of Nijmegen, Netherlands (date unknown), 75 pages.
Haykin M. and Warnar, R., “Smart Card Technology: New Methods for Computer Access Control,” Computer Science and Technology NIST Special Publication 500-157:1-60 (1988).
Lehpamer, Harvey, “Component of the RFID System,” RFID Design Principles, 2nd edition pp. 133-201 (2012).
Pourghomi, Pardis et al., “A Proposed NFC Payment Application,” International Journal of Advanced Computer Science and Applications, vol. 4, No. 8 (2013).
Author Unknown, “CardrefresherSM from American Express®,” [online] 2019 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://merchant-channel.americanexpress.com/merchant/en_US/cardrefresher, 2 pages.
Author Unknown, “Add Account Updater to your recurring payment tool,” [online] 2018-19 [retrieved on Mar. 26, 2019]. Retrieved from Internet URL: https://www.authorize.net/our-features/account-updater/, 5 pages.
Author Unknown, “Visa® Account Updater for Merchants,” [online] 2019 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://usa.visa.com/dam/VCOM/download/merchants/visa-account-updater-product-information-fact-sheet-for-merchants.pdf, 2 pages.
Author Unknown, “Manage the cards that you use with Apple Pay,” Apple Support [online] 2019 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://support.apple.com/en-us/HT205583, 5 pages.
Author Unknown, “Contactless Specifications for Payment Systems,” EMV Book B—Entry Point Specification [online] 2016 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://www.emvco.com/wp-content/uploads/2017/05/BookB_Entry_Point_Specification_v2_6_20160809023257319.pdf, 52 pages.
Author Unknown, “EMV Integrated Circuit Card Specifications for Payment Systems, Book 2, Security and Key Management,” Version 3.4, [online] 2011 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://www.emvco.com/wp-content/uploads/2017/05/EMV_v4.3_Book_2_Security_and_Key_Management_20120607061923900.pdf, 174 pages.
Author unknown, “NFC Guide: All You Need to Know About Near Field Communication” Square Guide [online] 2018[retrieved on Nov. 13, 2018]. Retrieved from Internet URL: https://squareup.com/guides/nfc, 8 pages.
Profis, S., “Everything you need to know about NFC and mobile payments” CNET Directory [online], 2014 [retrieved on Mar. 25, 2019]. Retrieved from the Internet URL: https://www.cnet.com/how-to/how-nfc-works-and-mobile-payments/, 6 pages.
Cozma, N., “Copy data from other devices in Android 5.0 Lollipop setup” CNET Directory [online] 2014 [retrieved on Mar. 25, 2019]. Retrieved from the Internet URL: https://www.cnet.com/how-to/copy-data-from-other-devices-in-android-5-0-lollipop-setup/, 5 pages.
Kevin, Android Enthusiast, “How to copy text string from nfc tag” StackExchange [online] 2013 [retrieved on Mar. 25, 2019]. Retrieved from the Internet URL: https://android.stackexchange.com/questions/55689/how-to-copy-text-string-from-nfc-tag, 11 pages.
Author unknown, “Tap & Go Device Setup” Samsung [online] date unknown [retrieved on Mar. 25, 2019]. Retrieved from the Internet URL: https://www.samsung.com/us/switch-me/switch-to-the-galaxy-s-5/app/partial/setup-device/tap-go.html, 1 page.
Author Unknown, “Multiple encryption”, Wikipedia [online] 2019 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://en.wikipedia.org/wiki/Multiple_encryption, 4 pages.
Krawczyk, et al., “HMAC: Keyed-Hashing for Message Authentication”, Network Working Group RFC:2104 memo [online] 1997 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://tools.ietf.org/html/rfc2104, 12 pages.
Song, et al., “The AES-CMAC Algorithm”, Network Working Group RFC: 4493 memo [online] 2006 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://tools.ietf.org/html/rfc4493, 21 pages.
Katz, J., and Lindell, Y., “Aggregate Message Authentication Codes”, Topics in Cryptology [online] 2008 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://www.cs.umd.edu/˜jkatz/papers/aggregateMAC.pdf, 11 pages.
Adams, D., and Maier, A-K, “Goldbug Big Seven open source crypto-messengers to be compared—: or Comprehensive Confidentiality Review & Audit of GoldBug Encrypting E-Mail-Client & Secure Instant Messenger”, Big Seven Study 2016 [online] [retrieved on Mar. 25, 2018], Retrieved from Internet URL: https://sf.net/projects/goldbug/files/bigseven-crypto-audit.pdf, 309 pages.
Author Unknown, “Triple DES”, Wikipedia [online] 2018 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://simple.wikipedia.org/wiki/Triple_DES, 2 pages.
Song, F., and Yun, A.l, “Quantum Security of NMAC and Related Constructions—PRF domain extension against quantum attacks”, IACR Cryptology ePrint Archive [online] 2017 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://eprint.iacr.org/2017/509.pdf, 41 pages.
Saxena, N., “Lecture 10: NMAC, HMAC and Number Theory”, CS 6903 Modern Cryptography [online] 2008 [retrieved on Mar. 25, 2019], Retrieved from Internet URL: http://isis.poly.edu/courses/cs6903/Lectures/lecture10.pdf, 8 pages.
Berg, Guy, “Fundamentals of EMV” Smart Card Alliance [online] date unknown [retrieved on Mar. 27, 2019]. Retrieved from Internet URL: https://www.securetechalliance.org/resources/media/scap13_preconference/02.pdf, 37 pages.
Pierce, Kevin, “Is the amazon echo NFC compatible,?” Amazon.com Customer Q&A [online] 2016 [retrieved on Mar. 26, 2019]. Retrieved from Internet URL: https://www.amazon.com/ask/questions/Tx1RJXYSPE6XLJD?_encodi . . . , 2 pages.
Author Unknown, “Multi-Factor Authentication”, idaptive [online] 2019 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://www.centrify.com/products/application-services/adaptive-multi-factor-authentication/risk-based-mfa/, 10 pages.
Author Unknown, “Adaptive Authentication”, SecureAuth [online] 2019 [retrieved on Mar. 25, 2019}. Retrieved from Internet URL: https://www.secureauth.com/products/access-management/adaptive-authentication, 7 pages.
Van den Breekel, J., et al., “EMV in a nutshell”, Technical Report, 2016 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://www.es.ru.nl/E.Poll/papers/EMVtechreport.pdf, 37 pages.
Author Unknown, “Autofill”, Computer Hope [online] 2018 [retrieved on Mar. 25, 2019], Retrieved from Internet URL: https://www.computerhope.eom/jargon/a/autofill.htm, 2 pages.
Author Unknown, “Fill out forms automatically”, Google Chrome Help [online] 2019 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://support.google.com/chrome/answer/142893?co-GENIE.Platform%3DDesktop&hl=en, 3 pages.
Author unknown, “Autofill credit cards, contacts, and passwords in Safari on Mac”, Apple Safari User Guide [online] 2019 [retrieved on Mar. 25, 2019], Retrieved from Internet URL: https://support.apple.com/guide/safari/use-autofill-ibrw1103/mac, 3 pages.
Menghin, M.J., “Power Optimization Techniques for Near Field Communication Systems” 2014 Dissertation at Technical University of Graz [online]. Retrieved from Internet URL: https://diglib.tugraz.at/download.php?id=576a7b910d2d6&location=browse, 135 pages.
Mareli, M., et al., “Experimental evaluation of NFC reliability between an RFID tag and a smartphone” Conference paper (2013) IEEE Africon at Mauritius [online] [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://core.ac.uk/download/pdf/54204839.pdf, 5 pages.
Davison, A., et al., “MonoSLAM: Real-Time Single Camera SLAM”, IEEE Transactions on Pattern Analysis and Machine Intelligence 29(6): 1052-1067 (2007).
Barba, R., “Sharing your location with your bank sounds creepy, but it's also useful”, Bankrate, LLC [online] 2017 [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://www.bankrate.com/banking/banking-app-location-sharing/, 6 pages.
Author unknown: “onetappayment™”, [online] Jan. 24, 2019, [retrieved on Mar. 25, 2019]. Retrieved from Internet URL: https://www.payubiz.in/onetap, 4 pages.
Vu et al., (2012). “Distinguishing users with capacitive touch communication” Proceedings of the Annual International Conference on Mobile Computing and Networking, MOBICOM. 10.1145/2348543.2348569.
EMVCo, EMV Card Personalization Specification, version 1.0 (Jun. 2003), 81 pages.
Ullmann et al., (2012). “On-Card” User Authentication for Contactless Smart Cards based on Gesture Recognition, LNI, 223-234, 12 pages.
Faraj et al. (2008). “Investigation of Java Smart Card Technology for Multi-Task Applications” J. of Al-Anbar University for Pure Science, vol. 2: No. 1: 2008, 11 pages.
Dhamdhere (2017) “Key Benefits of a Unified Platform for Loyalty, Referral Marketing, and UGC” Annex Cloud [retrieved on Jul. 3, 2019]. Retrieved from Internet URL: https://www.annexcloude.com/blog/benefits-unified-platform/, 13 pages.
International Search Report and the Written Opinion of the International Searching Authority issued in related PCT Application No. PCT/US2022/013640 dated May 11, 2022.
Related Publications (1)
Number Date Country
20220237607 A1 Jul 2022 US