This application is related to co-pending patent applications entitled “Fraud Prevention for Transit Fare Collection” to A. Hammad et al. filed Feb. 28, 2007 and “Authentication of a Data Card Using a Transit Verification Value” by A. Hammad et al. filed Feb. 28, 2007 and “Bank Issued Contactless Payment Card Used in Transit Fare Collection” to A. Hammad et al. U.S. patent application Ser. No. 11/566,614 filed Dec. 4, 2006 and “Mobile Transit Fare Payment” to A. Hammad et al. U.S. patent application Ser. No. 11/536,296 filed Sep. 28, 2006. The contents of these related applications is incorporated herein by reference in their entirety for all purposes.
In a conventional consumer card payment transaction, a cardholder presents a merchant with a portable consumer device such as a credit card to pay for goods or services. The processing of the transaction involves the merchant, an acquirer, a payment processing network, and a card issuer. The merchant initiates online processing and forwards an authorization request message to the acquirer, through the payment processing network, and to the issuer. The issuer verifies that the card number, transaction amount, and other information are valid and returns an authorization response message for the transaction back to the merchant. A variety of fraud prevention measures are used by issuers to guard against the unauthorized (or wrongly authorized) use of such cards.
Fraud prevention measures include a Cardholder Verification Value (CVV), which comprises a three-digit code that is stored within a magnetic stripe data (MSD) region of the card when the issuer provides the card for personalization. The issuer maintains a database of the CVV data for the issued cards and can therefore check an incoming request for authorization against the CVV data maintained at the issuer for the card in question. The issuer can safeguard the CVV data to ensure that such data is not shared outside of the issuer, thereby maintaining an increased level of security against fraud and counterfeit cards.
Under some situations, offline processing using a payment card is desirable. For example, transit fare processing from payment cards is typically conducted offline, because of transaction speed requirements at transit fare collection devices such as subway turnstiles or bus fareboxes For transit transactions, thirty to forty-five customers (passengers) are processed per minute, so there is insufficient time for the merchant (the transit system) to go online to the issuer for transaction authorization. Moreover, such transactions typically utilize some form of contactless card for payment that does not require physical contact between the card presented for payment and the transit fare collection device of the transit system. In these situations, some form of offline card authentication is desirable to prevent potential counterfeit card attacks and the potential organized fraud.
In this discussion, “contactless cards” for payment systems will include contactless “smart” cards and also contactless smart chips. A smart card is generally defined as a pocket-sized card (or other portable consumer device) that is embedded with either a microprocessor and one or more memory chips, or as one or more memory chips with non-programmable logic. The microprocessor-type smart card typically can implement certain data processing functions, such as to add, delete, or otherwise manipulate information stored in a memory location of the smart card. In contrast, the memory-chip-type card (for example, a pre-paid phone card) can only act as a file to hold data that is manipulated by the reading device to perform a predefined operation, such as debiting a charge from a pre-established balance held in the memory or secure memory. Smart cards, unlike magnetic stripe cards (such as conventional credit cards), can implement a variety of functions and contain a variety of types of information on the card. Therefore, in some applications they do not require access to remote databases for the purpose of user authentication or record keeping at the time of a transaction. A smart chip is a semiconductor device that is capable of performing most, if not all, of the functions of a smart card, but may be embedded in another device.
A contactless smart card is a smart card that incorporates a means of communicating with the card reader or terminal without the need for direct contact. Thus, such cards may effectively be “swiped” by passing them close to the card reader or terminal. Such contactless smart cards typically communicate with the card reader or terminal using RF (radio-frequency) technology, wherein proximity to an antenna causes data transfer between the card and the reader or terminal. Contactless smart cards have found uses in banking and other applications, as it may not be necessary to remove them from one's wallet or pocket in order to complete a transaction. Furthermore, because of the growing interest in such smart cards, standards have been developed that govern the operation and interfaces for contactless smart cards, such as the ISO 14443 standard. A variety of financial transactions, such as retail payment and transit fare collection, have adopted the ISO 14443 standard for contactless smart cards.
As noted above, an MSD area of a payment card can be used to store CVV data and the like to protect against fraudulent use in consumer transactions. In a contactless smart card, data for an additional, separate payment application, such as a transit application, might be stored in the card and might be feasible for performing offline authentication processing. The additional transit application data stored in the MSD area would require specialized readers that can detect and execute the offline-payment transit application. This would require additional effort on the part of the issuer to install and manage such applications, placing a burden on the issuer that may prevent widespread adoption of the solutions.
From the discussion above, it should be apparent that there is a need for transaction processing that can perform authorization operations in an offline transaction processing environment. Embodiments of the present invention satisfy this need.
One embodiment of the invention is directed to a method of processing a transaction, in which data is received from a portable consumer device at a reader, wherein the portable consumer device stores an issuer verification value associated with an issuer and a supplemental verification value, and wherein the supplemental verification value is verified using an offline processing system. The supplemental verification value is then processed at the reader, and the transaction is authorized if the processed supplemental verification value indicates that the portable consumer device is authenticated. A contactless smart card does not require a separate application area for storing application data in connection with the offline payment processing, so that specialized card readers for reading from a separate offline application area are not required. This facilitates performing authorization operations in an offline transaction processing environment.
Another embodiment of the invention is directed to a method of providing a portable consumer device, the method comprises receiving supplemental verification value associated with an offline processing system; and storing the supplemental verification value and issuer verification value in the portable consumer device.
Another embodiment of the invention is directed to a portable consumer device comprising a base, and a computer readable medium on the base, wherein the computer readable medium comprises code for an issuer verification value and a supplemental verification value, wherein the issuer verification value is used by an issuer to verify that the portable consumer device is authentic in an on-line transaction and wherein the supplemental verification value is used to verify that the portable consumer device is authentic in an off-line transaction.
Another embodiment of the invention is directed to a reader configured to: receive data from a portable consumer device at a reader, wherein the portable consumer device stores an issuer verification value associated with an issuer and a supplemental verification value, wherein the supplemental verification value is verified using an offline processing system; process the supplemental verification value at the reader; and authorize the transaction if the processed supplemental verification value indicates that the portable consumer device is authenticated.
Other objects and advantages of the present invention will be apparent to one of ordinary skill in the art upon review of the detailed description of the present invention and the included figures.
In embodiments of the invention, a portable consumer device (e.g., a contactless payment card or payment token device) includes a supplemental verification value that can be validated at a reader (e.g., a payment collection reader) that is offline. The supplemental verification value is preferably a transit verification value that is used in a transit environment. If the supplemental verification value is on a payment card, it may be referred to as a “supplemental card verification value.” The supplemental verification value may be in the form of a multi-digit number (e.g, a three-digit number) or some other data string.
If the portable consumer device is provided as a payment card, then the supplemental verification value can be stored in a computer readable medium (e.g., a memory chip, magnetic stripe media, etc.) of the payment card, along with a conventional card verification value (which may be referred to as an “issuer verification value” in some cases), which is used for conducting typical online financial transactions. Thus, a portable consumer device according to an embodiment of the invention may include both an issuer verification value for online transactions and a supplemental verification value for offline transactions. The issuer verification value is preferably not used for offline transactions and the supplemental verification value is not used for online transactions. In addition, the supplemental verification value as well as the issuer verification value may be static (will not change in normal operation after issuance of the portable consumer device) or may be dynamic (can change over time following issuance).
As used herein, an “online” transaction generally includes a transaction that would need an electronic authorization response from the issuer before the transaction could be conducted. An “offline” transaction is a transaction that does not require an issuer's response over an electronic communication medium before the transaction is conducted. An example of an offline transaction includes an attempt to gain access to a transit system, such as to a subway facility through a turnstile at a subway station. Another example of an offline transaction is an attempt to gain entry to a facility such as a building or venue through a closed gateway or door. A transaction may be considered “offline” if the decision as to whether or not the user may pass through the turnstile is made at the turnstile or at a computer that is proximate to the turnstile (e.g., at the same locale, such as at the same subway station), and the decision as to whether or not the user may pass through the turnstile is not made by the issuer of the portable consumer device. At some point after the user has gained access to the facility, the turnstile or the computer connected to the turnstile will communicate with the issuer so that the issuer may debit the account of the user for the entry or use of the facility.
In the context of a payment card, validation of a supplemental card verification value provides a mechanism for verification of the card authenticity at the time of use. If the card can be verified as authentic, then the potential for counterfeiting of cards for use in the offline transaction environment is reduced. This advantageously helps prevent runaway fraud. In addition, as will be explained in more detail below, the supplemental card verification value may be stored in a traditional magnetic stripe data format along with an issuer card verification value. Specialized security applications need not be stored on the portable consumer device, and can be used with conventional payment processing systems that process magnetic stripe credit card or debit card transactions. Major modifications to such systems are not needed to allow embodiments of the invention to operate. Lastly, the user of the portable consumer device benefits since the user may use the portable consumer device for both offline and online transactions.
Embodiments of the invention are described in further detail below with reference to the Figures.
The portable consumer device 102 according to embodiments of the invention may be in any suitable form for the processing described herein. For example, the portable consumer device can be hand-held and compact so that it can fit into a consumer's wallet and/or pocket (e.g., pocket-sized). Such portable consumer devices may include smart cards, ordinary credit or debit cards (with a magnetic strip and without a microprocessor), a token or keychain device (such as the Speedpass™ device commercially available from Exxon-Mobil Corp.), and the like. Other examples of portable consumer devices that can be constructed in accordance with the invention include consumer electronic devices such as cellular phones, personal digital assistants (PDAs), pagers, and the like. Other examples of portable consumer devices 102 include payment cards, security cards, access cards, smart media, transponders, and the like.
For purposes of illustration, embodiments of the invention are described in the context of contactless payment cards, but embodiments of the invention are not limited thereto, as noted above. Embodiments of the invention are configured for offline processing of transactions such as payment transactions, access transactions, and the like. For example, the supplemental verification value could be used for a non-financial transaction such as gaining access to a secure building or a venue where a ticket has already been prepaid. In the context of this description, the contactless card will be described in connection with readers of a transit fare collection system. Other offline systems in which the embodiments are useful include venue entrance locations, turnstiles, building entrances, vending machines, secured access areas, and the like.
In embodiments of the invention, the contactless payment card typically communicates with a reader that is part of a transit system fare collection mechanism using a short range communication method, such as a near field communications (NFC) capability. Examples of such NFC technologies include ISO standard 14443, RFID, Bluetooth™ and infra-red communications methods. A contactless payment card typically comprises a base and a computer readable medium. The computer readable medium can include logic circuitry and an antenna for contactless communication. If the payment card is a smart card, then the card may include a microprocessor to perform smart card functions. The computer readable medium may be in the form of a memory chip, magnetic stripe media, and the like. Some contactless payment cards may also have both an antenna for contactless-type transactions and a magnetic stripe or electrical contacts for contact-type transactions.
Referring to
The supplemental verification value is received by the reader 104 and the transaction is authorized if the processed supplemental verification value indicates that the portable consumer device 102 is authenticated. The reader operates in an offline mode, so that authentication can occur at minimal intervals, such as are needed in the transit fare collection environment and other offline operating modes. The reader 104 may also include a processor (not shown) and a computer readable medium (not shown). It may also comprise a single device, or multiple interconnected devices. In embodiments of the invention, the authentication of the portable consumer device 102 may take place solely at the reader 104. In another embodiment, the authentication of the portable consumer device 104 could even take place at the transit system central computer 108, if appropriate network communication or speed requirements are met. Generally, the authentication decision takes place at the same locale or site (e.g., the same train station, the same store, etc.) as the reader 104. In both of the above examples, however, the authentication decision in an “offline” transaction is not conducted by the issuer 112 before the user of the portable consumer device 102 is able to perform the requested transaction.
Although the reader 104 in this example is a contactless reader, it is understood that a contact-based reader (e.g., a magnetic stripe reader with a card-receiving slot) could be used in other embodiments of the invention.
In a typical transaction, the portable consumer device 102 interacts with the reader 104. The reader 104 receives magnetic stripe track data including Primary Account Number (PAN) information, expiration date, service codes, the supplemental verification value, and the like associated with the portable consumer device 102. The reader 104 (which may be considered to be a transit fare collection device in some cases) may also have any encryption keys and associated algorithms for processing the supplemental verification value on the card, and thus may authenticate the portable consumer device 102 at the time of the transaction with no online processing. If the PAN and expiry date information are validated at the reader 104 and the device is authenticated, then the user presenting the portable consumer device 102 is allowed access to conduct the transaction (e.g., pay a fare and gain entry into a transportation system).
In preferred embodiments, after the authentication of the portable consumer device 102, and after the transaction is conducted by the user of the portable consumer device 102, the reader 104 can forward the PAN information (or a proxy account number) over a transit system data network 106 to the transit central computer 108 along with the time, date, and location of the transaction. The transit central computer can perform a fare calculation based on the history of transactions for the portable consumer device 102 (which is uniquely identified by the PAN) along with the fare policy as defined by the transit agency.
Payment processing may be performed as defined by the transit agency. Payment models implemented with the card can include a variety of schemes, such as pay-as-you-go, one transaction at a time; aggregation of many transactions into an aggregated amount based on time or value; and pre-pay accounting, where a proxy account is created and is reduced by each transaction amount until a replenishment of the proxy account is required based on time or value. After the payment processing is complete, the transit agency computer 108 processes the payment total through the acquirer 110 and a payment processing network 111 (e.g., VisaNet™) for approval or decline by the issuer 112. Any of the transit system data network 106, the transit system central computer 108, the acquirer 110, the payment processing network 111, and the issuer 112, may have suitable computational apparatuses and computer readable media suitable for performing any of the functions described herein.
The system shown in
The portable consumer device constructed in accordance with the present invention provides a mechanism for insertion of the supplemental verification value into standard track data to be validated at the reader. Thus, the first operation represented in
In one embodiment, an encryption algorithm is used to create and decipher the supplemental verification value. A suitable encryption algorithm can utilize one or more encryption keys, and may be of either symmetric (e.g. DES or 3 DES) or asymmetric type (e.g. public key infrastructure). At box 204 of
In the illustrated embodiment, the TCVV data includes a full or partial cryptogram that could be based on a system-wide key, or unique card values and encryption keys. The use of encryption algorithms and keys may include symmetric (i.e. triple DES) or public key infrastructure (i.e. RSA). The issuer of the card places this data into the track data of the transit MSD application at the time of card personalization. In the case of public key infrastructure, additional data elements may be necessary and may be stored outside the track data and read by the transit contactless reader along with the track data during the transit fare transaction. The contactless reader or transit fare device will have the encryption keys and algorithm for the TCVV data, and may then authenticate the TCVV value at the time of the transaction. The authentication can take place in the short time interval necessary for processing in the transit and venue access environment, as described above.
In one embodiment, the supplemental verification value is placed into the standard Track 1 or Track 2 data elements within the primary MSD application. A variety of Track 1 and Track 2 positions can be used for storing the supplemental verification value. For example, positions 25 to 29 of the Track 2 data fields that would normally indicate PIN verification information may be used for storing the supplemental verification value. In another alternative, Track 1 issuer discretionary data locations may be used for this purpose. The exact positions of the code within the track data will be standardized so that the issuer and merchant transit agency (or other entity) will know where to load or retrieve the data. Alternatively, other data elements may be located outside of the Track 1 and Track 2 data fields, such as in supplemental data fields of the portable consumer device. The supplemental verification value also may comprise data elements that are split and stored in distributed locations so that the value is partially stored in track data (Track 1, or Track 2, or both) and is partially stored outside of the track data.
The supplemental verification value is also provided to the reader, at box 206. The reader will authenticate the contactless portable consumer device at the time of use. Thus, the supplemental verification value can be used in an offline transaction authorization process.
The operation at box 206 is to actually issue the portable consumer device with the supplemental verification value. Typically, the issuer mails the contactless portable consumer device to the user. Once received and activated, the card may be used in conventional online financial transactions using the issuer verification value (e.g., CVV) that is also stored on the portable consumer device. It may also be used in an offline transaction as described herein and illustrated in
In accordance with the offline authorization processing, the contactless payment card may be presented at a reader, represented by box 208. At the reader, the reader may receive information including the supplemental verification value and may receive other information such as the PAN, expiry date, service code, and the like.
After the track data is read by the transit fare collection device, at box 210, the reader will perform offline authorization processing and will utilize the supplemental verification value to determine if the portable consumer device is authentic. This provides a mechanism for authentication at the reader that provides for the ability to identify counterfeit cards that do not have the proper supplemental verification value. A transaction is authorized by the transit fare collection device if the processed supplemental verification value indicates that the portable consumer device is authentic. For example, authentication may include calculating a value at the reader as determined by appropriate keys and algorithms for the supplemental verification value read from the device, and comparing the calculated value with the value read from the card such that, if the calculated value matches an authentication or verification value, the portable consumer device is authenticated.
At the
At the box “3” of
At box “4” of
If desired, the reverse face 502 of the card 500 can include magnetic media or material 510 to store data for processing with a contact-type (online) reader of a payment system. Beneath the optional magnetic media 510 on the reverse face 502 is a signature block 512 on which the cardholder signature is written, and printed on the signature block is a four-digit card number value (shown as “9012” in
Embodiments of the invention have a number of advantages. For example, in the context of a contactless payment card as described herein, offline processing can be provided without the need for configuring a second application (e.g., a transit application) on the card in addition to a conventional payment application. In this way, the potential for counterfeiting cards is removed due to the inclusion of card authentication capability with the supplemental card verification value. There is also no need for the issuer to manage a second offline application on the card, thus saving space on the card. That is, a supplementary application can be configured with the primary (e.g. retail) application data without need for a separate application. For example, if the card is used by a transit agency, the transit agency may utilize the same payment application configuration as all other merchants capable of processing contactless payments. There is no need for preregistration of the card at each transit location. Any encryption algorithms and keys or the like necessary for offline processing will have been provided to the appropriate readers. This allows any transit system user to conduct transactions at any time using standard magnetic stripe type data. In addition, common key sets for the supplemental card verification value can be used and distributed to all issuers for personalization of the card and to all agencies for such validation. Moreover, there is no need for issuer/agency pre-agreement. Standardized MSD track data can be used for both offline and online transactions.
It should be understood that certain elements of the present invention as described above can be implemented in the form of control logic using computer software in a modular or integrated manner. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will know and appreciate other ways and/or methods to implement the present invention using hardware and a combination of hardware and software.
Any of the software components or functions described in this application, may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C++ or Perl using, for example, conventional or object-oriented techniques. The software code may be stored as a series of instructions, or commands on a computer readable medium, such as a random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such computer readable medium may reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
While certain exemplary embodiments have been described in detail and shown in the accompanying drawings, it is to be understood that such embodiments are merely illustrative of and not intended to be restrictive of the broad invention, and that this invention is not to be limited to the specific arrangements and constructions shown and described, since various other modifications may occur to those with ordinary skill in the art.
As used herein, the use of “a”, “an” or “the” is intended to mean “at least one”, unless specifically indicated to the contrary.
Number | Name | Date | Kind |
---|---|---|---|
2328654 | Lake et al. | Sep 1943 | A |
3008635 | Sakalay | Nov 1961 | A |
4303904 | Chasek | Dec 1981 | A |
4672182 | Hirokawa | Jun 1987 | A |
4736094 | Yoshida | Apr 1988 | A |
4822985 | Boggan et al. | Apr 1989 | A |
4851650 | Kitade | Jul 1989 | A |
4857893 | Carroll | Aug 1989 | A |
4870259 | Boggan et al. | Sep 1989 | A |
4899036 | McCrindle et al. | Feb 1990 | A |
4908521 | Boggan et al. | Mar 1990 | A |
4928001 | Masada | May 1990 | A |
4943707 | Boggan | Jul 1990 | A |
5103079 | Barakai et al. | Apr 1992 | A |
5191193 | Le Roux | Mar 1993 | A |
5286955 | Klosa | Feb 1994 | A |
5337063 | Takahira | Aug 1994 | A |
5360967 | Perkin et al. | Nov 1994 | A |
5396558 | Ishiguro et al. | Mar 1995 | A |
5477038 | Levine et al. | Dec 1995 | A |
5485520 | Chaum et al. | Jan 1996 | A |
5500513 | Langhans et al. | Mar 1996 | A |
5503774 | Brons et al. | Apr 1996 | A |
5550734 | Tarter et al. | Aug 1996 | A |
5562550 | Chartrand | Oct 1996 | A |
5585614 | VonBallmoos | Dec 1996 | A |
5585787 | Wallerstein | Dec 1996 | A |
5649118 | Carlisle et al. | Jul 1997 | A |
5801943 | Nasburg | Sep 1998 | A |
5828044 | Jun et al. | Oct 1998 | A |
5844230 | Lalonde | Dec 1998 | A |
5864830 | Armetta et al. | Jan 1999 | A |
5883377 | Chapin, Jr. | Mar 1999 | A |
5903830 | Joao et al. | May 1999 | A |
5917965 | Cahill et al. | Jun 1999 | A |
5929428 | Iijima | Jul 1999 | A |
5946669 | Polk | Aug 1999 | A |
5953710 | Fleming | Sep 1999 | A |
5984180 | Albrecht | Nov 1999 | A |
5984191 | Chapin, Jr. | Nov 1999 | A |
5991527 | Plint et al. | Nov 1999 | A |
5991749 | Morrill, Jr. | Nov 1999 | A |
6021943 | Chastain | Feb 2000 | A |
6038597 | Van Wyngarden | Mar 2000 | A |
6039245 | Symonds et al. | Mar 2000 | A |
6044360 | Picciallo | Mar 2000 | A |
6097292 | Kelly et al. | Aug 2000 | A |
6101477 | Hohle et al. | Aug 2000 | A |
6105009 | Cuervo | Aug 2000 | A |
6119107 | Polk | Sep 2000 | A |
6138917 | Chapin, Jr. | Oct 2000 | A |
6176425 | Harrison et al. | Jan 2001 | B1 |
6179205 | Sloan | Jan 2001 | B1 |
6185307 | Johnson, Jr. | Feb 2001 | B1 |
6199762 | Hohle | Mar 2001 | B1 |
6216227 | Goldstein et al. | Apr 2001 | B1 |
6402029 | Gangi | Jun 2002 | B1 |
6422462 | Cohen | Jul 2002 | B1 |
6453335 | Kaufmann | Sep 2002 | B1 |
6473500 | Risafi et al. | Oct 2002 | B1 |
6502745 | Stimson et al. | Jan 2003 | B1 |
6529725 | Joao et al. | Mar 2003 | B1 |
6549912 | Chen | Apr 2003 | B1 |
6577229 | Bonneau et al. | Jun 2003 | B1 |
6587835 | Treyz et al. | Jul 2003 | B1 |
6609655 | Harrell | Aug 2003 | B1 |
6615189 | Phillips et al. | Sep 2003 | B1 |
6615190 | Slater | Sep 2003 | B1 |
6629591 | Griswold et al. | Oct 2003 | B1 |
6655587 | Andrews et al. | Dec 2003 | B2 |
6685088 | Royer et al. | Feb 2004 | B1 |
6726098 | Schilling | Apr 2004 | B2 |
6729549 | Hamann et al. | May 2004 | B2 |
6732080 | Blants | May 2004 | B1 |
6859650 | Ritter | Feb 2005 | B1 |
6892187 | Phillips et al. | May 2005 | B2 |
6915277 | Manchester et al. | Jul 2005 | B1 |
6934689 | Ritter et al. | Aug 2005 | B1 |
6938821 | Gangi | Sep 2005 | B2 |
6970891 | Deo et al. | Nov 2005 | B1 |
7054838 | Sutton et al. | May 2006 | B2 |
7083087 | Gangi | Aug 2006 | B1 |
7092697 | Kupsh et al. | Aug 2006 | B1 |
7096003 | Joao et al. | Aug 2006 | B2 |
7114179 | Ritter et al. | Sep 2006 | B1 |
7130828 | Phillips et al. | Oct 2006 | B2 |
7163145 | Cohagan et al. | Jan 2007 | B2 |
7165049 | Slater | Jan 2007 | B2 |
7171388 | Phillips et al. | Jan 2007 | B2 |
7172112 | Bonalle et al. | Feb 2007 | B2 |
7174314 | Phillips et al. | Feb 2007 | B2 |
7174315 | Phillips et al. | Feb 2007 | B2 |
7174316 | Phillips et al. | Feb 2007 | B2 |
7174317 | Phillips et al. | Feb 2007 | B2 |
7209757 | Naghian et al. | Apr 2007 | B2 |
7225155 | Polk | May 2007 | B1 |
7268667 | Beenau et al. | Sep 2007 | B2 |
7268668 | Beenau et al. | Sep 2007 | B2 |
7317823 | Price et al. | Jan 2008 | B1 |
7360699 | Cohagan et al. | Apr 2008 | B2 |
7363273 | Phillips et al. | Apr 2008 | B2 |
7433452 | Taylor et al. | Oct 2008 | B2 |
7437362 | Ben-Natan | Oct 2008 | B1 |
7447662 | Gibson | Nov 2008 | B2 |
7469827 | Katragadda et al. | Dec 2008 | B2 |
7506804 | Zajkowski et al. | Mar 2009 | B2 |
7527208 | Hammad et al. | May 2009 | B2 |
7529563 | Pitroda | May 2009 | B1 |
7594611 | Arrington, III | Sep 2009 | B1 |
7959074 | Chopra et al. | Jun 2011 | B1 |
8118223 | Hammad et al. | Feb 2012 | B2 |
20010026679 | Koshino et al. | Oct 2001 | A1 |
20010033447 | Miles | Oct 2001 | A1 |
20010051920 | Joao et al. | Dec 2001 | A1 |
20010056536 | Everett et al. | Dec 2001 | A1 |
20020002534 | Davis et al. | Jan 2002 | A1 |
20020010603 | Doi et al. | Jan 2002 | A1 |
20020038336 | Abileah et al. | Mar 2002 | A1 |
20020050528 | Everett et al. | May 2002 | A1 |
20020077122 | Yule | Jun 2002 | A1 |
20020103865 | Lilly | Aug 2002 | A1 |
20020111919 | Weller et al. | Aug 2002 | A1 |
20020118118 | Myllymaki et al. | Aug 2002 | A1 |
20020145984 | Babu et al. | Oct 2002 | A1 |
20020152123 | Giordano et al. | Oct 2002 | A1 |
20020152163 | Bezos et al. | Oct 2002 | A1 |
20020156807 | Dieberger | Oct 2002 | A1 |
20020163884 | Peles et al. | Nov 2002 | A1 |
20020194138 | Dominguez et al. | Dec 2002 | A1 |
20030028814 | Carta et al. | Feb 2003 | A1 |
20030050087 | Kwon | Mar 2003 | A1 |
20030050906 | Clifton-Bligh | Mar 2003 | A1 |
20030053609 | Risafi et al. | Mar 2003 | A1 |
20030061111 | Dutta et al. | Mar 2003 | A1 |
20030083944 | Duvall et al. | May 2003 | A1 |
20030105711 | O'Neil | Jun 2003 | A1 |
20030135487 | Beyer et al. | Jul 2003 | A1 |
20030137435 | Haddad et al. | Jul 2003 | A1 |
20030144894 | Robertson et al. | Jul 2003 | A1 |
20030153330 | Naghian et al. | Aug 2003 | A1 |
20030174839 | Yamagata et al. | Sep 2003 | A1 |
20030181845 | Orton | Sep 2003 | A1 |
20030216927 | Sridhar et al. | Nov 2003 | A1 |
20030221195 | Bizet | Nov 2003 | A1 |
20040000585 | Silverbrook et al. | Jan 2004 | A1 |
20040006536 | Kawashima et al. | Jan 2004 | A1 |
20040016801 | Newsome et al. | Jan 2004 | A1 |
20040039686 | Klebanoff | Feb 2004 | A1 |
20040117300 | Jones et al. | Jun 2004 | A1 |
20040139021 | Reed | Jul 2004 | A1 |
20040155960 | Wren et al. | Aug 2004 | A1 |
20040256455 | Fukushima et al. | Dec 2004 | A1 |
20050018574 | Jenkins et al. | Jan 2005 | A1 |
20050036391 | Tomiie et al. | Feb 2005 | A1 |
20050053211 | Bevente et al. | Mar 2005 | A1 |
20050086160 | Wong et al. | Apr 2005 | A1 |
20050103839 | Hewel | May 2005 | A1 |
20050127168 | Phillips et al. | Jun 2005 | A1 |
20050165695 | Berardi et al. | Jul 2005 | A1 |
20050173518 | Takayama | Aug 2005 | A1 |
20050185774 | Grear et al. | Aug 2005 | A1 |
20050203842 | Sanchez et al. | Sep 2005 | A1 |
20050234778 | Sperduti et al. | Oct 2005 | A1 |
20050240743 | Eng et al. | Oct 2005 | A1 |
20050269417 | Wood | Dec 2005 | A1 |
20060000891 | Bonalle et al. | Jan 2006 | A1 |
20060100933 | Fujita et al. | May 2006 | A1 |
20060106650 | Bush | May 2006 | A1 |
20060161435 | Atef et al. | Jul 2006 | A1 |
20060240862 | Neven et al. | Oct 2006 | A1 |
20060258337 | Fujita et al. | Nov 2006 | A1 |
20060278704 | Saunders et al. | Dec 2006 | A1 |
20060282528 | Madams et al. | Dec 2006 | A1 |
20060287964 | Brown | Dec 2006 | A1 |
20070023504 | Blankenship et al. | Feb 2007 | A1 |
20070045403 | Slonecker, Jr. | Mar 2007 | A1 |
20070051797 | Randolph-Wall et al. | Mar 2007 | A1 |
20070075140 | Guez et al. | Apr 2007 | A1 |
20070076872 | Juneau | Apr 2007 | A1 |
20070087818 | Walker et al. | Apr 2007 | A1 |
20070100664 | Seib et al. | May 2007 | A1 |
20070100691 | Patterson | May 2007 | A1 |
20070100754 | Brown | May 2007 | A1 |
20070103277 | Yuk et al. | May 2007 | A1 |
20070145135 | Jogand-Coulomb et al. | Jun 2007 | A1 |
20070168674 | Nonaka et al. | Jul 2007 | A1 |
20080033880 | Fiebiger et al. | Feb 2008 | A1 |
20080054072 | Katragadda et al. | Mar 2008 | A1 |
20080116264 | Hammad et al. | May 2008 | A1 |
20080120214 | Steele et al. | May 2008 | A1 |
20080128513 | Hammad et al. | Jun 2008 | A1 |
20080156873 | Wilhelm et al. | Jul 2008 | A1 |
20080162295 | Bedier | Jul 2008 | A1 |
20080172341 | Crandell | Jul 2008 | A1 |
20080201212 | Hammad et al. | Aug 2008 | A1 |
20080203152 | Hammad et al. | Aug 2008 | A1 |
20080203170 | Hammad et al. | Aug 2008 | A1 |
20080208681 | Hammad et al. | Aug 2008 | A1 |
20080228600 | Treyz et al. | Sep 2008 | A1 |
20080230600 | Black et al. | Sep 2008 | A1 |
20090171682 | Dixon et al. | Jul 2009 | A1 |
20090184163 | Hammad et al. | Jul 2009 | A1 |
20090239512 | Hammad et al. | Sep 2009 | A1 |
Number | Date | Country |
---|---|---|
1436431 | Aug 2008 | CN |
0 254 595 | Jan 1988 | EP |
0 795 165 | Sep 2000 | EP |
2 267 626 | Dec 1993 | GB |
100287012 | Jan 2001 | KR |
2 222 046 | Jan 2004 | RU |
WO 0191485 | Nov 2001 | WO |
02093307 | Nov 2002 | WO |
02093307 | Nov 2002 | WO |
2005121975 | Dec 2002 | WO |
2004079611 | Sep 2004 | WO |
WO2006124808 | Nov 2006 | WO |
WO 2007139302 | Dec 2007 | WO |
Entry |
---|
“Understanding the Requirements of ISO/IEC 14443 for Type B Proximity Contactless Identification Cards” by ATMEL, revised in Nov. 2005. |
“The NYC Subway Trial | MasterCard® | About the Trial”, downloaded from the Internet at http://www.mastercard.com/us/paypass/subway/about/subwaytrial—newsrelease—30Jan2006 html on Jun. 11, 2008, pp. 1-2. |
“Metrorail, Washington, D.C.”, wwww.wikipedia.org, printed Jul. 31, 2008. |
Notice from the European Patent Office dated Oct. 1, 2007 concerning business methods, Official Journal EPO, Nov. 2007, p. 592-593. |
Supplementary European Search Report dated Jan. 5, 2011 for European Application No. 08743584, 5 pages. |
Chinese Office Action, with English Translation, mailed on Aug. 31, 2012, for CN Patent Application No. 200780043545.9, 13 pages. |
Russian Office Action, with English Translation, mailed on Jun. 27, 2012 for RU Patent Application No. 2010131458, 12 pages. |
“SmartTrip,” version edited by Schumin Web on Sep. 4, 2005, downloaded from the internet at http://www.wikipedia.org, on Feb. 24, 2011, 4 pages. |
American Public Transportation Association; “Account Linked Payment Service Concept White Paper”, downloaded from the internet at http://www.speacq.com/industry/APTA—FSP—ALPS—White—Paper.pdf ; (last modified Jan. 25, 2007), 33 pages. |
Australian Office Action mailed on Oct. 4, 2011, for AU Patent Application No. 2008221392, 2 pages. |
Australian Notice of Acceptance mailed on Jan. 15, 2012, for AU Patent Application No. 2008221392, 1 page. |
Chinese Office Action, with English Translation, mailed on Jun. 2, 2010, for CN Patent Application No. 200780043545.9, 9 pages. |
Chinese Office Action, with English Translation, mailed on Nov. 30, 2011, for CN Patent Application No. 200780043545.9, 10 pages. |
Chinese Office Action, with English Translation, mailed on Mar. 1, 2012, for CN Patent Application No. 200780043545.9, 8 pages. |
Definition of “Smart Card”; 2000; Collin's Dictionary of Computing; downloaded from the internet on Sep. 15, 2011; 1 page. |
Definition of “Smart Card”; 2001; Hargrave's Communications Dictionary; downloaded from the internet on Sep. 15, 2011; 1 page. |
Definition of “Smart Card”; 2003; Webster's New World Computer Dictionary; downloaded from the internet on Sep. 15, 2011; 1 page. |
Definition of “Smart Card”; Date Unknown; Netlingo.com; downloaded from the internet on Sep. 15, 2011; 1 page. |
Definition of “Smart Card”; Dictionary of Computing; 2008; downloaded from the internet on Sep. 15, 2011; 1 page. |
Extended European Search Report mailed Nov. 12, 2010, for EP Patent Application No. 07843170.7, 8 pages. |
Extended European Search Report mailed on Apr. 25, 2012, for EP Patent Application No. 07854911.0, 8 pages. |
International Preliminary Report on Patentability mailed Jun. 18, 2009 in Application No. PCT/US2007/086342, 7 pages. |
International Search Report mailed on Jul. 21, 2008, for PCT Patent Application No. PCT/US2007/086342, 1 page. |
International Search Report mailed on Jul. 31, 2008, for PCT Patent Application No. PCT/US2008/055195, 1 page. |
International Search Report mailed on Aug. 1, 2008, for PCT/US2008/055196, 1 page. |
International Search Report mailed on Aug. 4, 2008, for PCT Patent Application No. PCT/US2008/055192, 1 page. |
International Search Report mailed on Aug. 15, 2008, for PCT Patent Application No. PCT/US2007/079453, 1 page. |
International Search Report mailed on Jan. 9, 2009, for PCT/US2008/083181, 1 page. |
International Search Report and Written Opinion mailed Jul. 6, 2010 in SG Application No. 200902024-9, 19 pages. |
Schellhorn, Gerhard; “Verification of a Formal Security Model for Multiplicative Smart Cards”; Proceedings of the European Symposium on Research in Computersecurity; Oct. 4, 2000; pp. 17-36. |
Number | Date | Country | |
---|---|---|---|
20080203151 A1 | Aug 2008 | US |