Transaction application with a tokenized identifier

Abstract

A Digital Transaction Processing Unit (DTPU) including a plurality of transaction applications operable for a digital transaction with a Digital Transaction Device (DTD), each of the plurality of transaction applications being associated with a tokenised primary identifier.

Description

CROSS REFERENCE TO RELATED APPLICATIONS[0001]Continuation of International Application No. PCT / AU2020 / 050302 filed on Mar. 27, 2020. Priority is claimed from Australian Application No. 2019901029 filed on Mar. 27, 2019. Both the foregoing applications are incorporated herein by reference in their entirety.STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT[0002]Not Applicable.NAMES OF THE PARTIES TO A JOINT RESEARCH AGREEMENT[0003]Not Applicable.FIELD OF THE INVENTION[0004]The present invention relates generally to digital payment devices (DPDs). In at least some embodiments, the invention relates to methods of configuring or operating DPDs.[0005]In at least some embodiments, the invention may have application to DPDs capable of hosting credit cards, debit cards, mobile payment cards or non-payment cards and / or documents (including licences, ID cards, passports, and the like). In at least some embodiments, the invention may also have applications to DPDs which operate in...

AI Technical Summary

Benefits of technology

The present invention and related technologies provide enhanced privacy and security for transaction applications, particularly in payment transactions. This is achieved by using tokenized transaction applications, which allow for the actual PAN of the application to be hidden from view. The invention also includes a security hierarchy with a lock SSD that can lock all other SSDs in the hierarchy, as well as a mechanism for passing control of a security domain to another party without revealing the cryptographic key for the SSD. The invention also includes a data container for providing functions for the DTP / PDTP, as well as multiple personalities for different functions such as payments and identification. These technical effects provide improved security and privacy for transaction applications and enhance the overall performance and reliability of the payment system.

Problems solved by technology

Such non-payment transaction SEs are usually not operable for hosting EMVCo compliant applications.

Security of payment transactions is a major concern as there have been many instances of fraudulent transaction with stolen physical cards / documents or stolen physical or digital card / document details.

Credit / debit cards may also have a CVV (or CVC on the magnetic stripe) to make it more difficult to replicate a card for fraudulent purposes.

If the counter value is incorrect, the derived session key will be incorrect, and the setup of the secure session will fail.

Further, if the script is encrypted, an incorrect session key will not allow decryption.

However, the Plastc solution had operational limitations, and the Wocket solution requires a specific Wocket device.

None of these solutions has gained wide market acceptance, and some have now closed or ceased operating.

One serious problem causing failure of such prior solutions is not attaining certification from organizations, such as EMVCo, and thus are unsuited to operate with the corresponding payment schemes requiring EMVCo certification and the DTDs in a payment network, which also require compliance with EMVCo standards.

Another problem facing such proposals is that the Service Code includes a requirement that a particular kind of chip is present, and the DTD must request that this type of chip is used, however, as these cards have only a copy of the magnetic stripe (the magnetic stripe card), the required type chip is not present, which will cause transactions to fail.

Further, such proposals do not work because issuer (who owns the cardholders' data) cannot be convinced that:the ISD keys and SSDs of the chip are tightly controlled by the issuer only or an agreed agent of the issuer;the issuer can use their SSD key (key rotation);the card meets all the finance standards;the card Is capable of holding the issuers data and is able to securely generate issuer cryptograms;the proposed cards are capable of having the data installed in a secure personalisation bureau facility to the issuer's specifications; and,the lifecycle of the SE altered by the personalisation bureau is locked to any other changes.

In contrast, a scheme container for a SE of a chipped card is limited to the matching of the issued scheme of the single digital card to the scheme's container, wherein all other containers installed on the SE and not containing the matched digital card are disabled or locked after the personalization process.

Many other operations available to Perso Bureaus and TSMs are not available to others.

This can be difficult if the user is not in a location where a communication link to the TSM can be established.

Notably, SEs (or finance chips) on chipped cards do not have a CASD installed.

Despite the apparent convenience of digital wallets, each MPC in a digital wallet can only be used for contactless payments (and in some instances, in online payments).

Some POS / EFTPOS terminals do not support the type of contactless payment required and ATMs generally do not support contactless transactions.

Further, not all smartphones support NFC or digital wallets, and cannot be used for such transactions with any such DTDs.

As a result, the establishment and use of digital wallets has experienced limited commercial success.

However, a major disadvantage of chipped cards with a SE is that they cannot support multiple digital cards in the SE.

Further, there is no known method or infrastructure for having a chipped card (or other type of DPD) in the field with everything needed to provision a new digital card (including instantiation of a new payment application and personalization of that new payment application) to the chipped card, and / or for selecting and activating a personality from multiple personalities hosted on the chipped card.

There is also no known method or infrastructure for provisioning a chipped card in the field with everything needed to change to a different digital card while in the field (that is, remote from and not connected to a provisioning network).

Even if a SE were not locked before leaving a Perso Bureau, there is no way to form communication links with chipped cards while in the field (remote from a provisioning network).

Yet another problem with some existing and / or some proposed chipped cards is that the means and / or methods they employ to host multiple digital cards or magnetic stripe cards on a SE are not compliant with any of the existing (including past and / or proposed / future) required standards, such as GP standards and EMVCo standards.

Further, the existing and / or proposed chipped cards, if effecting digital card changes as they specify, would fail when faced with a DTD which tries to effect direct selection as the DTD would be presented with a list of AIDs from all the installed digital cards or magnetic stripe cards in the SE or other chip on the chipped card.

This can be inefficient for a cardholder wishing to make a quick change to the MPC of their multi-MPC smartphone.

In some circumstances, a smartphone user will be in a location where it is not possible to make contact with the agent (TSM or other agent), and so it will not be possible to change the MPC of the smartphone.

Further, as a TSM does not manage contact MPCs (or digital cards which have contact and contactless interfaces) a cardholder cannot use the TSM to change contact MPCs / digital cards.

Further, there is no means or method for selecting between a plurality of tokenized primary identifier payment applications (on non-payment applications) if the enhanced privacy and / or security of using different tokenized primary identifier payment applications (on non-payment applications) is desired.

Images