EP2904558A4 - Secure entry of pin using a smart card - Google Patents

Secure entry of pin using a smart card

Info

Publication number
EP2904558A4
EP2904558A4 EP13841562.5A EP13841562A EP2904558A4 EP 2904558 A4 EP2904558 A4 EP 2904558A4 EP 13841562 A EP13841562 A EP 13841562A EP 2904558 A4 EP2904558 A4 EP 2904558A4
Authority
EP
European Patent Office
Prior art keywords
pin
smart card
secure entry
entry
secure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP13841562.5A
Other languages
German (de)
French (fr)
Other versions
EP2904558A2 (en
Inventor
Bjorn Markus Jakobsson
James Roy Palmer
William Leddy
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PayPal Inc
Original Assignee
eBay Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/826,570 external-priority patent/US9390256B2/en
Application filed by eBay Inc filed Critical eBay Inc
Publication of EP2904558A2 publication Critical patent/EP2904558A2/en
Publication of EP2904558A4 publication Critical patent/EP2904558A4/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/306Payment architectures, schemes or protocols characterised by the use of specific devices or networks using TV related infrastructures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/321Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wearable devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1033Details of the PIN pad
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1091Use of an encrypted form of the PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)
  • Cash Registers Or Receiving Machines (AREA)
EP13841562.5A 2012-09-27 2013-09-05 Secure entry of pin using a smart card Withdrawn EP2904558A4 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201261706691P 2012-09-27 2012-09-27
US13/826,570 US9390256B2 (en) 2012-03-06 2013-03-14 System and methods for secure entry of a personal identification number (PIN)
PCT/US2013/058321 WO2014051961A2 (en) 2012-09-27 2013-09-05 System and methods for secure entry of a personal identification number (pin)

Publications (2)

Publication Number Publication Date
EP2904558A2 EP2904558A2 (en) 2015-08-12
EP2904558A4 true EP2904558A4 (en) 2016-04-13

Family

ID=50389113

Family Applications (1)

Application Number Title Priority Date Filing Date
EP13841562.5A Withdrawn EP2904558A4 (en) 2012-09-27 2013-09-05 Secure entry of pin using a smart card

Country Status (4)

Country Link
EP (1) EP2904558A4 (en)
AU (1) AU2013324127B2 (en)
CA (1) CA2884617C (en)
WO (1) WO2014051961A2 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10535066B2 (en) * 2013-06-17 2020-01-14 Paypal, Inc. Systems and methods for securing pins during EMV chip and pin payments
US9779225B2 (en) 2015-04-08 2017-10-03 Google Inc. Method and system to provide access to secure features of a device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030076300A1 (en) * 2000-05-16 2003-04-24 Eric Lauper Method and terminal for entering instructions
WO2011066381A2 (en) * 2009-11-25 2011-06-03 Visa International Service Association Transaction using a mobile device with an accelerometer
WO2012048087A2 (en) * 2010-10-06 2012-04-12 Citrix Systems, Inc. Mediating resource access based on a physical location of a mobile device

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6209102B1 (en) * 1999-02-12 2001-03-27 Arcot Systems, Inc. Method and apparatus for secure entry of access codes in a computer environment
WO2006115984A2 (en) * 2005-04-21 2006-11-02 Securedpay Solutions, Inc. Portable handheld device for wireless order entry and real time payment authorization and related methods
WO2008081452A2 (en) * 2007-01-03 2008-07-10 Ron Gal-Ezer Article authentication system and method
EP2480957B1 (en) * 2009-09-22 2017-08-09 Apple Inc. Device, method, and graphical user interface for manipulating user interface objects
PT2559012E (en) * 2010-07-09 2014-09-18 Izettle Merchant Services Ab System for secure payment over a wireless communication network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030076300A1 (en) * 2000-05-16 2003-04-24 Eric Lauper Method and terminal for entering instructions
WO2011066381A2 (en) * 2009-11-25 2011-06-03 Visa International Service Association Transaction using a mobile device with an accelerometer
WO2012048087A2 (en) * 2010-10-06 2012-04-12 Citrix Systems, Inc. Mediating resource access based on a physical location of a mobile device

Also Published As

Publication number Publication date
CA2884617C (en) 2022-10-04
AU2013324127A1 (en) 2015-03-19
WO2014051961A3 (en) 2014-05-08
CA2884617A1 (en) 2014-04-03
EP2904558A2 (en) 2015-08-12
WO2014051961A2 (en) 2014-04-03
AU2013324127B2 (en) 2016-04-28

Similar Documents

Publication Publication Date Title
TWI560616B (en) Biometric-enabled smart card
GB2519046B (en) Weighted transaction card
PL2780854T3 (en) A smart card reader with a secure logging feature
ZA201409529B (en) Pin verification
PT2673741T (en) A smart card with verification means
TWI561151B (en) Chip card holding assembly
EP2902946A4 (en) Card reader
EP2874103A4 (en) Card reader
IL224909A (en) Card incorporating a visible valuable object
AU348311S (en) Comparison card
EP2902945A4 (en) Card reader
EP2908270A4 (en) Card reader
GB201211315D0 (en) Smart gold card
EP2813975A4 (en) Ic tag
TWM432992U (en) Card connector
GB2502444B (en) Model card
EP2820887A4 (en) Smart 3gdt
PL2489985T3 (en) Metering infrastructure smart cards
AU348310S (en) Two color comparison card
PL2915093T3 (en) Secure connector for a memory card
EP2904558A4 (en) Secure entry of pin using a smart card
GB2499502B (en) Signature identification
SI2706485T1 (en) Determining electrical parameters of a contactless card
SG11201506612VA (en) Card
AU345887S (en) Smart card reader

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20150423

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20160314

RIC1 Information provided on ipc code assigned before grant

Ipc: G06Q 20/40 20120101AFI20160308BHEP

Ipc: G06Q 20/12 20120101ALI20160308BHEP

Ipc: G06Q 20/34 20120101ALI20160308BHEP

Ipc: G06F 21/34 20130101ALI20160308BHEP

Ipc: G06Q 20/32 20120101ALI20160308BHEP

Ipc: G06Q 20/10 20120101ALI20160308BHEP

Ipc: G07F 7/10 20060101ALI20160308BHEP

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: PAYPAL, INC.

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20161015