System for loading value onto in-vehicle device
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Applications
- Current Assignee / Owner
- CAPITAL ONE SERVICES LLC
- Filing Date
- 2025-07-17
- Publication Date
- 2026-07-10
AI Technical Summary
Existing methods for loading value into in-vehicle devices, such as toll transponders, are cumbersome and inefficient, particularly in time-sensitive situations, often requiring users to log into online accounts and enter payment information manually.
A system utilizing a near-field communication (NFC) contactless smart card for one-tap authentication and payment to quickly load value onto in-vehicle devices, eliminating the need for manual account access and enabling secure, efficient transactions.
Enables fast and secure loading of value onto in-vehicle devices, allowing transactions to be completed even under time constraints, such as approaching a toll booth, by using NFC-enabled contactless smart cards for authentication and payment.
Smart Images

Figure 00000000_0000_ABST
Abstract
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application claims priority to U.S. Patent Application No. 16 / 514,427, entitled "SYSTEM FOR LOADING VALUE INTO AN IN-VEHICLE DEVICE," filed July 17, 2019. The contents of the aforementioned patent application are incorporated herein by reference in their entirety. [Background technology]
[0002] Today, an increasing number of transactions are being performed in vehicles. For example, a toll transponder located in a vehicle may be used to pay a toll when the vehicle passes a toll booth or transponder reader. In another example, a garage transponder or badge may be used to enter and park a vehicle in a parking garage. Other types of in-vehicle transactions may involve payment for drive-through services and event access parking passes, etc.
[0003] Typically, customers load value onto the aforementioned toll and garage transponders, badges, and other payment devices by logging into an online account and entering payment information. However, in many cases, customers need to load payment onto the device in time-sensitive situations, such as just before approaching a toll booth.
[0004] Therefore, there is a need for a fast and efficient method for loading value into an in-vehicle device. Summary of the Invention
[0005] Various embodiments are directed to using a near-field communication (NFC) contactless card to perform one or more transactions in a vehicle. For example, a user can load value (money, funds, digital currency, etc.) onto an in-vehicle device (e.g., a transponder, badge, card, etc.) by performing one-tap authentication and / or one-tap payment via the contactless card. Thus, even under time-sensitive circumstances, payments can be loaded onto the in-vehicle device in a fast, efficient, and secure manner. [Brief explanation of the drawings]
[0006] [Figure 1A] FIG. 1A illustrates an exemplary data transmission system according to one or more embodiments. [Figure 1B] FIG. 1B illustrates an exemplary sequence diagram for providing authenticated access according to one or more embodiments. [Figure 2] FIG. 2 illustrates an exemplary system for using contactless cards according to one or more embodiments. [Figure 3A] FIG. 3A illustrates an example of a contactless card according to one or more embodiments. [Figure 3B] FIG. 3B illustrates an example of a contact pad of a contactless card according to one or more embodiments. [Figure 4] FIG. 4 illustrates an exemplary sequence diagram for secure password generation according to one or more embodiments. [Figure 5] FIG. 5 illustrates an example of password generation for a password manager application according to one or more embodiments. [Figure 6] FIG. 6 illustrates another example sequence diagram for secure password generation according to one or more embodiments. [Figure 7] FIG. 7 illustrates another example of website password generation according to one or more embodiments. DETAILED DESCRIPTION OF THE INVENTION
[0007] Various embodiments are generally directed to a system for loading value (e.g., money) into an in-vehicle device using at least a contactless Near Field Communication (NFC) smart card. In examples, the in-vehicle device may be any suitable device disposed or located within a vehicle and may be used to perform various transactions. In some examples, the in-vehicle device may be integrated into the vehicle.
[0008] According to one embodiment, the in-vehicle device may be a toll transponder. When a user wants to reload or add funds to an existing web-based account corresponding to the toll transponder, the user can tap a mobile computing device, such as a smartphone, to the toll transponder to read one or more types of account-related information so that the mobile computing device can access the account. Thus, for example, when the smartphone is tapped, the smartphone can read a uniform resource locator (URL) from the toll transponder, which can then launch a toll-specific payment application or website. The user can then tap a contactless smart card to the smartphone to reload the account. In an example, the reload amount may be a predetermined value set by the user, e.g., $20. It can be understood that the toll transponder is merely an example of an in-vehicle device and is not limited thereto. The in-vehicle device may be any type of transponder that allows payments to be debited from an associated account.
[0009] According to another embodiment, a contactless card can be tapped directly onto an in-vehicle device without the use of a mobile computing device. For example, value (e.g., funds) can be loaded directly onto an in-vehicle transponder via "contactless" authentication and payment (e.g., using a contactless smart card) without the use of an external web-based account.
[0010] According to further embodiments, the in-vehicle device may be integrated into a vehicle and coupled to various electronic components of the vehicle. For example, the vehicle may have an interface point for reading a contactless smart card and loading value therein. The interface point may be located on the dashboard or center console of the vehicle. In another example, a secure interface may be located within the vehicle to secure the contactless smart card in place while the user is in the vehicle and may be removed when the user leaves the vehicle. In a further example, the in-vehicle device integrated into the vehicle may be used as an authentication mechanism to authenticate the vehicle, for example, when entering and parking in a parking lot.
[0011] Previous solutions have made the value loading process cumbersome. As discussed above, users typically had to log into their online account and enter payment information, all of which had to be done before driving the vehicle. And, previous solutions generally failed to effectively coordinate and facilitate transactions within the vehicle. The embodiments and examples described herein offer an advantage over previous solutions in that they allow value to be quickly loaded onto an in-vehicle device using an NFC-enabled contactless smart card, even under time-sensitive circumstances (e.g., as the vehicle approaches a toll booth or transponder reader). Additionally, because the contactless card itself is uniquely associated with the user, the card can be used to quickly authenticate the user within the vehicle, for example, in a parking lot.
[0012] Reference is now made to the drawings, in which like reference numerals are used to refer to like elements throughout. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding thereof. It will be apparent, however, that the novel embodiments may be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form to facilitate description. The intention is to cover all modifications, equivalents, and alternatives within the scope of the claims.
[0013] 1A illustrates an exemplary data transmission system according to one or more embodiments. As described further below, system 100 may include contactless card 105, client device 110, network 115, and server 120. Although FIG. 1A illustrates a single instance of the components, system 100 may include any number of components.
[0014] System 100 may include one or more contactless cards 105, which are further described below with reference to Figures 3A and 3B. In some embodiments, contactless card 105 may communicate wirelessly with client device 110, using, by way of example, NFC.
[0015] System 100 may include client device 110, which may be a network-enabled computer. As referred to herein, a network-enabled computer may include a computing or communication device, including, but not limited to, a server, a network appliance, a personal computer, a workstation, a telephone, a smartphone, a handheld PC, a personal digital assistant, a thin client, a fat client, an Internet browser, or other device. Client device 110 may also be a mobile computing device, such as an Apple iPhone®, iPod®, iPad®, or other suitable device running Apple's iOS® operating system, a device running Microsoft's Windows® Mobile operating system, a device running Google's Android® operating system, and / or other suitable mobile computing devices such as a smartphone, tablet, or similar wearable mobile device.
[0016] It is understood that the client device 110 apparatus includes a processor and memory, and that the processing circuitry may include additional components, including processors, memory, error and parity / CRC checkers, data encoders, anti-collision algorithms, controllers, command decoders, security primitives, and tamper-proof hardware, necessary to perform the functions described herein. The client device 110 may further include a display and input devices. The display may be any type of device for presenting visual information, such as a computer monitor, flat-panel display, and mobile device screen, including liquid crystal displays, light-emitting diode displays, plasma panels, and cathode ray tube displays. The input devices may include any device for inputting information into a user's device that is available and supported by the user's device, such as a touchscreen, keyboard, mouse, cursor control device, touchscreen, microphone, digital camera, video recorder, camcorder, etc. These devices can be used to input information and interact with the software and other devices described herein.
[0017] In some examples, client device 110 of system 100 may execute one or more applications, such as software applications, that enable network communication with one or more components of system 100 and transmit and / or receive data, for example.
[0018] The client device 110 may communicate with one or more servers 120 via one or more networks 115, each operating as a front-end and back-end pair with the server 120. The client device 110 may send one or more requests to the server 120, for example, from a mobile device application executing on the client device 110. The one or more requests may relate to retrieving data from the server 120. The server 120 may receive one or more requests from the client device 110. Based on the one or more requests from the client device 110, the server 120 may be configured to retrieve the requested data from one or more databases (not shown). Based on receiving the requested data from the one or more databases, the server 120 may be configured to transmit the received data to the client device 110, the received data responding to the one or more requests.
[0019] System 100 may include one or more networks 115. In some examples, network 115 may be one or more of a wireless network, a wired network, or any combination of wireless and wired networks and may be configured to connect client device 110 to server 120. For example, network 115 may include one or more of an optical fiber network, a passive optical network, a cable network, an Internet network, a satellite network, a wireless local area network (LAN), a global system for mobile communications, a personal communication service, a personal area network, a wireless application protocol, a multimedia messaging service, an enhanced messaging service, a short message service, a time division multiplexing-based system, a code division multiple access (CDMA)-based system, D-AMPS, Wi-Fi, fixed wireless data, IEEE 802.11b, 802.15.1, 802.11n, 802.11g, Bluetooth, NFC, radio frequency identification (RFID), and / or Wi-Fi, etc.
[0020] Additionally, network 115 may include, but is not limited to, a telephone line, fiber optics, IEEE Ethernet 802.3, a wide area network, a wireless personal area network, a LAN, or a global network such as the Internet. Furthermore, network 115 may support an Internet network, a wireless communication network, a cellular network, or the like, or any combination thereof. Network 115 may also include one or any number of the exemplary types of networks described above, operating as independent networks or in coordination with one another. Network 115 may utilize one or more protocols of one or more network elements communicatively coupled to it. Network 115 may translate from other protocols to one or more protocols of the network devices, or from other protocols to one or more protocols of the network devices. While network 115 is shown as a single network, it is understood that, according to one or more examples, network 115 may include multiple interconnected networks, such as the Internet, a service provider network, a cable television network, an enterprise network such as a credit card association network, a home network, etc.
[0021] The system 100 may include one or more servers 120. In some examples, the server 120 may include one or more processors coupled to a memory. The server 120 may be configured as a central system, server, or platform that controls and invokes various data at different times to perform multiple workflow actions. The server 120 may be configured to connect to one or more databases. The server 120 may be connected to at least one client device 110.
[0022] 1B shows an example sequence diagram for providing authenticated access according to one or more embodiments. The diagram includes a contactless card 105 and a client device 110, which may include an application 122 and a processor 124. FIG. 1B may reference similar components to FIG. 1A.
[0023] In step 102, application 122 communicates with contactless card 105 (e.g., after being brought into proximity to contactless card 105). Communication between application 122 and contactless card 105 may include contactless card 105 being close enough to a card reader (not shown) of client device 110 to enable NFC data transfer between application 122 and contactless card 105.
[0024] In step 104, after communication is established between the client device 110 and the contactless card 105, the contactless card 105 generates a message authentication code (MAC) cryptogram. In some examples, this may occur when the contactless card 105 is read by the application 122. In particular, this may occur upon reading, such as an NFC read, of a Near Field Data Exchange (NDEF) tag generated according to the NFC data exchange format.
[0025] For example, a reader such as application 122 may send a message such as an applet selection message with the applet ID of the NDEF generation applet. Once the selection is confirmed, a sequence of file selection messages followed by file read messages may be sent. For example, the sequence may include "select feature file," "read feature file," and "select NDEF file." At this point, a counter value maintained by contactless card 105 may be updated or incremented, followed by "read NDEF file." At this point, a message may be generated that may include a header and a shared secret. A session key may then be generated. A MAC cipher may then be concatenated with one or more blocks of random data, and the MAC cipher and random number (RND) may be encrypted with the session key. The ciphertext and header may then be concatenated, ASCII hex-encoded, and returned in the form of an NDEF message (in response to the "read NDEF file" message).
[0026] In some examples, the MAC cryptogram may be transmitted as an NDEF tag, and in other examples, the MAC cryptogram may be included with the uniform resource indicator (e.g., as a formatted string).
[0027] In some examples, the application 122 may be configured to send a request to the contactless card 105, the request including instructions to generate a MAC cryptogram.
[0028] In step 106, contactless card 105 transmits the MAC code to application 122. In some examples, the transmission of the MAC code occurs via NFC, although the disclosure is not limited in this respect. In other examples, this communication may occur via Bluetooth, Wi-Fi, or other means of wireless data communication.
[0029] In step 108, application 122 communicates the MAC cryptogram to processor 124. In step 112, processor 124 verifies the MAC cryptogram according to instructions from application 122. For example, verification of the MAC cryptogram may be performed as described below.
[0030] In some examples, verification of the MAC cipher may be performed by a device other than client device 110, such as a server 120 in data communication with client device 110 (as shown in FIG. 1A). For example, processor 124 may output the MAC cipher for transmission to server 120, and server 120 may verify the MAC cipher.
[0031] In some instances, the MAC cipher may act as a digital signature for verification purposes, which may be accomplished using a public key asymmetric algorithm, such as the Digital Signature Algorithm and the RSA algorithm, or other digital signature algorithms such as zero-knowledge protocols.
[0032] It will be appreciated that in some examples, contactless card 105 may initiate communication after the contactless card is brought close to client device 110. For example, contactless card 105 may send a message to client device 110 indicating, for example, that the contactless card has established communication. Application 122 on client device 110 may then proceed with communication with the contactless card at step 102, as described above.
[0033] 2 illustrates an example of a contactless card-based system 200. System 200 may include a contactless card 205, one or more client devices 210, a network 215, servers 220 and 225, one or more hardware security modules 230, and a database 235. While FIG. 2 illustrates a single instance of the components, system 200 may include any number of components.
[0034] 3A and 3B , described further below. In some examples, the contactless card 205 may communicate wirelessly with the client device 210, such as, for example, near field communication (NFC). For example, the contactless card 205 may include one or more chips, such as an RFID chip, configured to communicate via NFC or other short-range protocols. In other embodiments, the contactless card 205 may communicate with the client device 210 via other means, including, but not limited to, Bluetooth, satellite, Wi-Fi, wired communication, and / or any combination of wireless and wired connections. According to some embodiments, the contactless card 205 may be configured to communicate with the card reader 213 (also referred to herein as an NFC reader, NFC card reader, or reader) of the client device 210 via NFC when the contactless card 205 is within range of the card reader 213. In other examples, communication with the contactless card 205 may be achieved through a physical interface, such as a universal serial bus interface or a card swipe interface.
[0035] System 200 may include client device 210, which may be a network-enabled computer. As referred to herein, a network-enabled computer may include, for example, a computing or communication device, including, but not limited to, a server, a network appliance, a personal computer, a workstation, a mobile device, a telephone, a handheld PC, a personal digital assistant, a thin client, a fat client, an Internet browser, or other device. One or more client devices 210 may also be mobile devices. For example, the mobile devices may include an Apple iPhone®, an iPod®, an iPad®, or other mobile devices running Apple's iOS operating system, any device running Microsoft's Windows Mobile operating system, any device running Google's Android operating system, and / or other smartphones or similar wearable mobile devices. In some examples, client device 210 may be the same as or similar to client device 110 as described with reference to FIG. 1A or FIG. 1B.
[0036] The client device 210 may communicate with one or more servers 220 and 225 via one or more networks 215. The client device 210 may send one or more requests to the one or more servers 220 and 225, for example, from an application 211 executing on the client device 210. The one or more requests may relate to retrieving data from the one or more servers 220 and 225. The servers 220 and 225 may receive one or more requests from the client device 210. Based on the one or more requests from the client device 210, the one or more servers 220 and 225 may be configured to retrieve the requested data from one or more databases 235. Based on receiving the requested data from the one or more databases 235, the one or more servers 220 and 225 may be configured to transmit the received data to the client device 210, the received data being responsive to the one or more requests.
[0037] System 200 may include one or more hardware security modules (HSMs) 230. For example, one or more HSMs 230 may be configured to perform one or more cryptographic operations disclosed herein. In some examples, one or more HSMs 230 may be configured as special-purpose security devices configured to perform one or more cryptographic operations. HSMs 230 may be configured such that keys are not revealed outside of HSMs 230 but instead are maintained within HSMs 230. For example, one or more HSMs 230 may be configured to perform at least one of key derivation, decryption, and MAC operations. One or more HSMs 230 may be included within or in data communication with servers 220 and 225.
[0038] System 200 may include one or more networks 215. In some examples, network 215 may be one or more of a wireless network, a wired network, or any combination of wireless and wired networks and may be configured to connect client device 210 to server 220 and / or 225. For example, network 215 may include one or more of an optical fiber network, a passive optical network, a cable network, a cellular network, an Internet network, a satellite network, a wireless LAN, a Global System for Mobile Communications (GSM), a personal communications service, a personal area network, a wireless application protocol, a multimedia messaging service, an enhanced messaging service, a short message service, a time division multiplexing-based system, a code division multiple access (CDMA)-based system, D-AMPS, Wi-Fi, fixed wireless data, IEEE 802.11b, 802.15.1, 802.11n and 802.11g, Bluetooth, NFC, RFID, Wi-Fi, and / or any combination of these networks. As non-limiting examples, communication between the contactless card 205 and the client device 210 may include NFC communication, a cellular network between the client device 210 and a carrier, and the Internet between the carrier and a backend.
[0039] Further, network 215 may include, but is not limited to, telephone lines, fiber optics, IEEE Ethernet 802.3, wide area networks, wireless personal area networks, local area networks, or global networks such as the Internet. In addition, network 215 may support an Internet network, a wireless communication network, a cellular network, or the like, or any combination thereof. Network 215 may further include one or any number of the above-mentioned exemplary types of networks operating as independent networks or in cooperation with one another. Network 215 may utilize one or more protocols of one or more network elements communicatively coupled thereto. Network 215 may translate from other protocols to one or more protocols of the network devices or from one or more protocols of the network devices to other protocols. Although network 215 is shown as a single network, according to one or more examples, it is understood that network 215 may include multiple interconnected networks, such as the Internet, a service provider network, a cable television network, an enterprise network such as a credit card association network, and a home network.
[0040] In various examples according to the present disclosure, client device 210 of system 200 may execute one or more applications 211 and include one or more processors 212 and one or more card readers 213. For example, one or more applications 211, such as software applications, may be configured to, for example, enable network communication with one or more components of system 200 and transmit and / or receive data. While only a single instance of the components of client device 210 is illustrated in FIG. 2 , it will be understood that any number of devices 210 may be used. Card reader 213 may be configured to read from and / or communicate with contactless card 205. In cooperation with one or more applications 211, card reader 213 may communicate with contactless card 205. In an example, card reader 213 may include circuitry or circuit components, such as an NFC reader coil, that generate a magnetic field to enable communication between client device 210 and contactless card 205.
[0041] Any application 211 on the client device 210 may communicate with the contactless card 205 using near field communication (e.g., NFC). The application 211 may be configured to interact with a card reader 213 on the client device 210 configured to communicate with the contactless card 205. Note that one skilled in the art will understand that a distance of less than 20 cm is consistent with the range of NFC.
[0042] In some embodiments, the application 211 communicates with the contactless card 205 via an associated reader (eg, card reader 213).
[0043] In some embodiments, card activation may occur without user authentication. For example, contactless card 205 may communicate with application 211 via card reader 213 of client device 210 using NFC. This communication (e.g., tapping the card in proximity to card reader 213 of client device 210) allows application 211 to read data associated with the card and perform activation. In some cases, the tap may activate or launch application 211, which may then initiate one or more actions or communications with account server 225 to activate the card for subsequent use. In some cases, if application 211 is not installed on client device 210, tapping the card against card reader 213 may initiate download of application 211 (e.g., navigation to an application download page). Following installation, tapping the card may activate or launch application 211, which may then initiate card activation (e.g., via application or other back-end communication). After activation, the card can be used in various transactions, including commercial transactions.
[0044] According to some embodiments, contactless card 205 may include a virtual payment card. In those embodiments, application 211 may obtain information related to contactless card 205 by accessing a digital wallet implemented on client device 210, the digital wallet including the virtual payment card. In some examples, the virtual payment card data may include one or more statically or dynamically generated virtual card numbers.
[0045] Server 220 may include a web server in communication with database 235. Server 225 may include an account server. In some examples, server 220 may be configured to verify one or more credentials from contactless card 205 and / or client device 210 by comparison with one or more credentials in database 235. Server 225 may be configured to authorize one or more requests, such as payments and transactions, from contactless card 205 and / or client device 210.
[0046] FIG. 3A illustrates one or more contactless cards 300, which may include payment cards such as credit cards, debit cards, or gift cards issued by a service provider 305 displayed on the front or back of the card 300. In some examples, the contactless card 300 may include, but is not limited to, an ID card independent of the payment card. In some examples, the payment card may include a dual-interface contactless payment card. The contactless card 300 includes a substrate 310, which may include a single layer or one or more laminates composed of plastic, metal, and other materials. Exemplary substrate materials include polyvinyl chloride, polyvinyl chloride acetate, acrylonitrile butadiene styrene, polycarbonate, polyester, anodized titanium, palladium, gold, carbon, paper, and biodegradable materials. In some examples, contactless card 300 may have physical characteristics that conform to the ID-1 format of the ISO / IEC 7810 standard, or the contactless card may conform to the ISO / IEC 14443 standard. However, it is understood that contactless card 300 according to the present disclosure may have different characteristics, and the present disclosure does not require that the contactless card be implemented as a payment card.
[0047] Contactless card 300 may include identification information 315 displayed on the front and / or back of the card and a contact pad 320. Contact pad 320 may be configured to establish contact with another communication device, such as a user device, smartphone, laptop, desktop, or tablet computer. Contactless card 300 may include processing circuitry, an antenna, and other components not shown in FIG. 3A . These components may be located behind contact pad 320 or elsewhere on substrate 310. Contactless card 300 may include a magnetic strip or tape (not shown in FIG. 3A ) that may be located on the back of the card.
[0048] As shown in Figure 3B, the contact pad 320 of Figure 3A may include processing circuitry 325 for storing and processing information, including a microprocessor 330 and memory 335. It will be understood that the processing circuitry 325 may include additional components, including processors, memory, error and parity / CRC checkers, data encoders, anti-collision algorithms, controllers, command decoders, security primitives, and anti-tamper hardware, as needed to perform the functions described herein.
[0049] The memory 335 may be read-only memory, write-once / read multiple memory, or read / write memory, such as RAM, ROM, and EEPROM, and the contactless card 300 may include one or more of these memories. Read-only memory may be programmable as read-only at the factory or may be programmable only once. If programmable only once, it can be written once and then read many times. Write-once / read multiple memory may be programmed at some point after the memory chip leaves the factory. Once the memory is programmed, it cannot be rewritten, but it can be read many times. Read / write memory can be programmed and reprogrammed many times after leaving the factory. Read / write memory can also be read many times after leaving the factory.
[0050] The memory 335 may be configured to store one or more applets 340, one or more counters 345, and one or more customer identifiers 350. The one or more applets 340 may include one or more software applications configured to run on one or more contactless cards, such as a Java Card applet. However, it is understood that the applet 340 is not limited to a Java Card applet and may instead be any software application capable of operating on a contactless card or other device with limited memory. The one or more counters 345 may include a numeric counter sufficient to store an integer. The customer identifier 350 may include a unique alphanumeric identifier assigned to a user of the contactless card 300, which may distinguish the contactless card user from other contactless card users. In some examples, the customer identifier 350 may identify both the customer and the account assigned to the customer, and may further identify the contactless card associated with the customer's account.
[0051] While the processor and memory elements of the foregoing exemplary embodiments are described with reference to contact pads, the present disclosure is not limited thereto, and it is understood that these elements may be implemented outside of the pads 320, completely separate from the pads 320, or as additional elements in addition to the processor 330 and memory 335 elements disposed within the contact pads 320.
[0052] In some examples, the contactless card 300 may include one or more antennas 355. The one or more antennas 355 may be disposed within the contactless card 300 and around the processing circuit 325 of the contact pad 320. For example, the one or more antennas 355 may be integral with the processing circuit 325, or the one or more antennas 355 may be used with an external booster coil. As another example, the one or more antennas 355 may be external to the contact pad 320 and the processing circuit 325.
[0053] In one embodiment, the coil of the contactless card 300 may function as the secondary of an air-core transformer. The terminal may communicate with the contactless card 300 by cutting power or amplitude modulation. The contactless card 300 may infer data transmitted from the terminal using gaps in the contactless card's power connection, which are maintained functionally through one or more capacitors. The contactless card 300 may communicate back by switching or load modulating the load on the contactless card's coil. The load modulation may be detected by interference in the terminal's coil.
[0054] As described above, contactless card 300 is built on a software platform operable on a smart card or other device with limited memory, such as a smart card or JavaCard, on which one or more applications or applets can be securely executed. An applet can be added to the contactless card to provide a one-time password (OTP) for multi-factor authentication (MFA) in various mobile application-based use cases. The applet can be configured to generate an NDEF message containing a cryptographically secure OTP encoded as an NDEF text tag in response to one or more requests, such as a near-field data exchange request, from a reader, such as a mobile NFC reader.
[0055] 4 shows an exemplary sequence diagram 400 for loading value onto an in-vehicle device 404 using a mobile computing device 402 and a contactless card 406, according to one or more embodiments. The mobile computing device 402 may be a client device, such as a smartphone, laptop, tablet computer, wearable computer, etc., configured to send and receive information from the in-vehicle device 404 and the contactless card 406. As described above, the mobile computing device 402 may include at least an NFC card reader configured to establish NFC communication with the contactless card 406.
[0056] At step 412, the mobile computing device 402 may receive or acquire a unique identifier (ID) associated with the in-vehicle device 404. For example, the in-vehicle device 404 may be a toll transponder, a device for a drive-through payment service, a garage access transponder or badge, a parking pass, etc. The unique ID associated with the in-vehicle device 404 may be derived from one or more barcodes displayed thereon or other suitable identifiers, such as an in-vehicle device number, a name, a transponder identification number, an account number associated with a drive-through payment service, a badge number associated with a garage access transponder or badge, or a pass number corresponding to a parking pass. In other examples, the in-vehicle device 404 may include one or more NFC tags or radio frequency identification (RFID) tags capable of transmitting unique ID information. Additionally, the computing device 402 may receive or acquire information for accessing an account (online or otherwise) associated with the in-vehicle device 404. For example, the information may include at least a uniform resource locator (URL) for accessing the online account.
[0057] Upon receiving the unique ID of the in-vehicle device 404 and information to access the account associated with the device, in step 414, the mobile computing device 402 may access the account associated with the device and load at least funds into the account.
[0058] At step 416, communication may be established between the mobile computing device 402 and the contactless card 406. In an example, communication may be established automatically when the contactless card enters a magnetic field generated by an NFC reader of the mobile computing device 402. In another example, the mobile computing device 402 may initially establish communication by sending a signal to the contactless card 406 when the computing device 402 detects that the contactless card 406 has entered the magnetic field of the NFC reader. As described below, a user may use the contactless card 406 for one-tap authentication and one-tap payment on the mobile computing device 402, which advantageously makes the value loading process quick and simple while the user is in the vehicle.
[0059] At step 418, value (e.g., funds, digital currency, entity- or business-specific value, etc.) may be loaded into the account via tapping the contactless card 406 to the mobile computing device 402. Upon loading the account, at step 420, the account associated with the in-vehicle device 404 may be updated to reflect the added value. Thereafter, at step 422, the in-vehicle device 404 may communicate with one or more readers to process or debit the payment from the account.
[0060] It can be appreciated that the steps illustrated in sequence diagram 400 are for illustrative purposes and are not intended to be limiting in any way, and thus, these procedures do not have to be performed in any particular order.
[0061] 5 illustrates an example of a value loading process using one-tap authentication and one-tap payment according to one or more embodiments. In FIG. 5, a view 500 is shown that visually represents what a user (e.g., driver, passenger, etc.) would see in a vehicle as they approach a toll booth 504 and transponder reader 506. In the example, as the user approaches the toll booth, the user may realize that their online toll payment account has insufficient funds to pay the toll.
[0062] As shown, to initiate the one-tap value load process, the user can tap the smartphone 506 to the toll transponder 508. Alternatively, the smartphone 506 may capture one or more images of the toll transponder. In either or both examples, the smartphone may receive at least two pieces of information, as described above. First, the smartphone 506 may receive a unique identifier associated with the transponder, e.g., so that the correct transponder can be identified and loaded. This may be a transponder number, a barcode number, or any other type of information that specifically identifies the transponder 508. Second, the smartphone 506 may receive information regarding where and how to access the user's online toll payment account. In an example, the information may be in the form of a URL that links to the online account, a mobile application, or the like. The information may also be physically displayed or located on the transponder 508 itself. It is understood that the transponder ID and account-related information may be stored on the smartphone 506 for future use. Additionally, it will be appreciated that the aforementioned transponder ID and information may be received, accessed, or obtained wirelessly from the transponder 508 via NFC and / or RFID communications.
[0063] Upon accessing a toll account corresponding to a user, one-tap user authentication and one-tap value loading (e.g., account loading or reloading, one-time payments, etc.) may be performed using contactless card 510. It is understood that contactless card 510 may be similar to or identical to contactless card 300 described above. It is further understood that funds or money loaded into the toll payment account may be linked to one or more bank accounts corresponding to contactless card 510.
[0064] As shown, to perform one-tap authentication and one-tap payment, a toll payment account website, mobile application, or any other suitable payment application or website may be displayed in a graphical user interface (GUI) module 512. In an example, a notification (not shown) may instruct the user to tap the contactless card 510 on the smartphone 506 to authenticate to the user's toll account. When the user taps the contactless card 510 on the smartphone 506, the contactless card 510 may generate encrypted data and transmit it to the smartphone 506. Upon receiving, the one-tap GUI module 512 may transmit at least the encrypted data to one or more authentication servers. The authentication server may decrypt the data and authenticate the data with a private key stored in the server's memory. The authentication server may then authenticate the user of the contactless card 510 and transmit a confirmation thereof to the smartphone 506.
[0065] Additionally, confirmation of a user's authentication through one-tap authentication may also be used, for example, to authenticate a user and automatically log into the user's toll account without the user having to enter login information and a password. In an example, an authentication server may communicate with one or more account servers to verify or confirm such authentication, and in another example, a user may previously identify or register a contactless card 510 with a toll account as an authentication tool.
[0066] As shown, after a user is authenticated and logged into the toll payment account, the GUI module 512 can display various information, such as the account's current balance and a preset load value; as shown in FIG. 5, the account's current balance may be $50. Additionally, the GUI module 512 may display a notification 514 instructing the user to tap the contactless card 510 to pay the account or to load or reload the account. It can be appreciated that in some examples, both the authentication and value load processes may be performed automatically based on a single tap of the contactless card 510, as opposed to a separate tap for authentication and another tap for payment. Additionally, the one-tap authentication and payment function may be presented audibly to the user so that the user does not need to look at the smartphone 506 or otherwise become distracted while driving.
[0067] Additionally, when the contactless card 506 is tapped to the smartphone 506, the merchant ID and transaction ID may be transmitted to the one or more authentication servers. A virtual account number (VAN) generator may be used to generate virtual card data (e.g., a virtual card number, expiration date, and / or CVV) associated with the contactless card 510. The VAN generator may then transmit the virtual card data, the merchant ID, the transaction ID, and any username and / or address corresponding to the user to one or more merchant servers (e.g., a toll payment merchant or provider). The merchant server may then process the transaction using the data received from the VAN generator, for example, by generating a transaction record in a transaction database using at least the received virtual card number, expiration date, CVV, etc. The transaction record may further include the user's name, billing address, shipping address, and an indication of each product and / or service purchased. The merchant server may then transmit an order (e.g., value reload) confirmation to the mobile computing device 404.
[0068] One-tap authentication and payment via smartphone 506, transponder 508, and contactless card 510 may be used, performed, operated, completed, etc., in the vehicle before the user passes through the toll booth 504 and / or transponder reader 516, at which point the required fare may be debited from the user's online account. Thus, the use of contactless card 510 and the user's mobile computing device advantageously enables the value loading process to be quick, easy, and secure.
[0069] 6 illustrates an example of a direct loading process between a contactless card 601 and an in-vehicle device 602, according to one or more embodiments. As described above, the in-vehicle device 602 may be a toll transponder, a garage access transponder or badge, a device for drive-through payment services, a parking pass, or the like. As shown, the in-vehicle device 602 may include various components, such as one or more processors 604, memory 606, an NFC reader 608, an insertion interface 610 (which may be optional in some examples), a power interface 612, and an amplifier 614. It will be understood that the contactless card 601 may be similar to or identical to the contactless card 300 described above.
[0070] In an example, a user can tap the contactless card 601 directly to the in-vehicle device 602 without using a mobile computing device. In an alternative example, the contactless card 601 may be inserted into an insertion interface 610, which may be a card slot for accommodating the contactless card 601. The bank account associated with the contactless card 601 may be linked (e.g., upon contact or in advance) to an account associated with the in-vehicle device 602, or in other examples, funds in the bank account may be accessed by the in-vehicle device 602 in real time or near real time to load the account associated with the in-vehicle device 602.
[0071] According to an embodiment, the in-vehicle device 602 may determine whether the contactless card 601 has established communication with the in-vehicle device via the NFC reader or insertion interface. A value loading process may be initiated if communication is determined to have been established. Additionally, the in-vehicle device 602 may determine whether communication has been established with an external in-vehicle device reader (not shown). It may be appreciated that once a user initiates a value loading process by tapping the contactless card 601 or inserting it into the insertion interface 610, the in-vehicle device 602 may "look for" communication with the external reader for a predetermined period of time (e.g., 10 minutes, 5 minutes, 1 minute, 30 seconds, etc.), for example, if it takes a long time for the user to pass through or by the external reader.
[0072] Once communication between the in-vehicle device 602 and the external reader is established, one or more payment values may be loaded from a linked user bank account into an account associated with the in-vehicle device 602, such that the loaded value may be debited by the external reader. For example, the presence of a communicative external reader may trigger the in-vehicle device 602 to transmit data to the external reader indicating at least that the user has specified and assigned the required payment value from their authorized bank account, and will load and debit the in-vehicle device account with that payment value. Thus, for example, if a toll fee is $5, the data transmitted to the toll transponder reader may be that the user has authorized a $5 toll payment from their user's contactless card, and will load and debit that amount. At least in that respect, the account associated with the in-vehicle device may not be a traditional web-based account as described above in FIGS. 4 and 5, but rather a "pass-through" account that simply passes the required payment value from the contactless card's bank account to an entity requesting payment.
[0073] In some examples, the facilitation of value loading and debiting may be performed by one or more server computers (which may be managed by the entity requesting and receiving payments) based at least in part on data transmitted from the in-vehicle device 602 to an external reader (which may be in communication with one or more servers).
[0074] As shown, the in-vehicle device 602 may include or incorporate a power interface 612 for drawing power from the vehicle, which may be via a vehicle power socket, or in other examples, power may be provided by one or more energy storage components, such as a battery, a capacitor, etc. Additionally, an amplifier 614 may be configured to amplify signals from the in-vehicle device 602 to an external reader, for example, to improve or extend communication capabilities between the in-vehicle device 602 and the external reader.
[0075] 7 illustrates an exemplary authentication and / or value loading process using components integrated into a vehicle 700 according to one or more embodiments. As shown from view 702, an in-vehicle device 710 may be integrated into the vehicle 700 on the driver's side of the center console. While the device 710 is shown as having a generally oval shape, it may be understood that the reader may be rectangular, square, or any other suitable shape, design, or configuration. An NFC reader and / or an RFID reader may be incorporated into the in-vehicle device 710. Additionally, the vehicle 700 may include one or more vehicle computing devices (not shown) and other components for at least performing and facilitating transactions within the vehicle.
[0076] In one example, a user can authenticate by tapping a contactless card 720 to the in-vehicle device 710. For example, the in-vehicle device 710 can be used to authenticate the user upon entering a parking lot by providing authentication information to an external reader. In another example, the vehicle 700 can include a secure storage area 712 where the contactless card 720 can be locked in place. The storage area 712 can also include an NFC reader and / or an RFID reader.
[0077] In a further example, the in-vehicle device 710, the vehicle computing device, and the mobile computing device 722 may all separately include Bluetooth interfaces (or any other suitable interfaces) for near-field communication. Authentication information may be transmitted, for example, from the in-vehicle device 710 to the vehicle computing device via their respective near-field communication interfaces. Additionally, the mobile computing device 722 may communicate with the vehicle computing device and / or the in-vehicle device 710. For example, a user may use the mobile computing device 722 to control or manage the loading of value into an account associated with the in-vehicle device 710, such as by transferring money from a contactless card 720 to the in-vehicle device 710 via the vehicle computing device's Bluetooth interface. It is understood that near-field communication between the interfaces of the in-vehicle device 710, the vehicle computing device, and the mobile computing device 722 may be authenticated and secure.
[0078] Thus, the user may optionally tap the contactless card 720 to either the in-vehicle device 710 or the mobile computing device 722 to enable authentication and / or value loading. Additionally, in some examples, the user may use the vehicle computing device (e.g., via an in-vehicle display device) to control authentication and value loading functions, and / or the user may use the mobile computing device 722 to control such functions, as described above.
[0079] The components and functionality of the devices described above may be implemented using any combination of discrete circuits, application-specific integrated circuits (ASICs), logic gates, and / or single-chip architectures. Furthermore, device functionality may preferably be implemented using a microcontroller, programmable logic array, and / or microprocessor, or any combination of the foregoing. Note that hardware, firmware, and / or software elements may be referred to herein collectively or individually as "logic" or "circuitry."
[0080] At least one computer-readable storage medium may contain instructions that, when executed, cause the system to perform any of the computer-implemented methods described herein.
[0081] Some embodiments, along with variations thereof, may be described using the phrase "one embodiment" or "embodiment." These terms mean that a particular feature, structure, or characteristic described in connection with an embodiment is included in at least one embodiment. The appearance of the phrase "in one embodiment" in various places throughout this specification does not necessarily all refer to the same embodiment. Furthermore, unless otherwise specified, it is recognized that the features described above may be used together in any combination. Thus, features discussed separately can be employed in combination with each other unless it is indicated that the features are incompatible with each other.
[0082]
[0013] Referring generally to the notation and nomenclature used herein, the detailed descriptions herein may be presented in terms of program procedures executed on a computer or network of computers. These procedural descriptions and representations are used by those skilled in the art to most effectively convey the substance of their work to others skilled in the art.
[0083] A procedure, as used herein, is generally conceived to be a self-consistent sequence of operations leading to a desired result. These operations are those requiring physical manipulation of physical quantities. Usually, though not necessarily, these quantities take the form of electrical, magnetic, or optical signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It is sometimes convenient, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers, or the like. It should be noted, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities.
[0084] Further, the manipulations performed are often referred to in terms, such as adding or comparing, which are commonly associated with mental activities performed by a human operator. However, no such capability of a human operator is necessary, or desirable in most cases, in any of the operations described herein that form part of one or more embodiments. Rather, these operations are machine operations.
[0085] Some embodiments may be described using the terms "coupled" and "connected," along with derivatives thereof. These terms are not necessarily intended as synonyms for each other. For example, some embodiments may be described using the terms "connected" and / or "coupled" to indicate that two or more elements are in direct physical or electrical contact with each other. However, the term "coupled" may also mean that two or more elements are not in direct contact with each other, but yet still cooperate or interact with each other.
[0086] Various embodiments relate to apparatus or systems for performing these operations. This apparatus may be specially constructed for the required purposes, or it may be selectively activated or reconfigured by a computer program stored in a computer. The procedures presented herein are not inherently related to any particular computer or other apparatus. The required structure for these machines will be apparent from the description given.
[0087] It is emphasized that the Abstract of the Disclosure is provided to enable the reader to quickly grasp the contents of the technical disclosure. It is submitted with the understanding that it will not be used to limit the interpretation or meaning of the claims. Moreover, in the foregoing Detailed Description, it can be seen that various features are grouped together in a single embodiment for the purpose of streamlining the disclosure. This method of disclosure is not to be interpreted as reflecting an intention that the claimed embodiments require more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive subject matter lies in fewer than all features of a single disclosed embodiment. Accordingly, the following claims are hereby incorporated into the Detailed Description, with each claim standing on its own as a separate embodiment. In the appended claims, the terms "including" and "in which" are used as the plain-English equivalents of the terms "comprising" and "wherein," respectively. Furthermore, the terms "first," "second," "third," etc. are used merely as labels and are not intended to impose numerical requirements on their subject matter.
[0088] The foregoing description includes examples of the disclosed architecture. Of course, it is not possible to describe every conceivable combination of components and / or methodologies, but one of ordinary skill in the art will recognize that many further combinations and permutations are possible. Accordingly, the novel architecture is intended to embrace all such alterations, modifications, and variations that fall within the spirit and scope of the appended claims.
Claims
1. A system for loading value into in-vehicle devices, A computing device comprising a near-field communication (NFC) reader and one or more processors, Equipped with a contactless card, The one or more processors described above are The unique identifier associated with the in-vehicle device is received, Based on the aforementioned unique identifier, it is configured to access the account associated with the in-vehicle device, The aforementioned contactless card is NFC communication is established between the computing device and the NFC reader. It is configured to authorize the transfer of funds to the account associated with the in-vehicle device, system.
2. The in-vehicle device is a toll transponder, a garage access badge, or a parking pass device. The system according to claim 1.
3. The computing device is a smartphone, a tablet computer, or a wearable computer. The system according to claim 1.
4. The computing device is configured to receive the unique identifier by being physically tapped onto the in-vehicle device to initiate wireless data transfer. The system according to claim 1.
5. The computing device is configured to further receive information from the in-vehicle device for accessing the account. The aforementioned information includes a uniform resource locator (URL) for the payment website or application. The system according to claim 1.
6. The contactless card authorizes the transfer of funds via a one-tap payment operation performed on the computing device. The system according to claim 1.
7. The one or more processors of the computing device further, In response to the establishment of the aforementioned NFC communication, encrypted data is received from the contactless card. The encrypted data is sent to the remote authentication server to generate a virtual account number. The system is configured to process the fund transfer using the aforementioned virtual account number. The system according to claim 1.
8. It is a system for in-vehicle transactions, The first communication interface, Near-field communication (NFC) reader and One or more processors, Equipped with an in-car device that has the following features: The one or more processors described above are Communication with the contactless card is established via the aforementioned NFC reader. Upon establishing communication with the aforementioned contactless card, the financial account linked to the contactless card is associated with the local account of the in-vehicle device. Communication with an external reader is established via the first communication interface described above. The transfer of payment amounts from the associated financial account is configured to be initiated to the external reader via the local account. system.
9. The in-vehicle device is a toll transponder, and the external reader is a toll booth reader. The system according to claim 8.
10. The aforementioned local account is a pass-through account that facilitates the transfer of the payment amount without retaining the stored balance. The system according to claim 8.
11. The in-vehicle device further comprises a physical insertion interface configured to accept the contactless card and to communicate operably with the contactless card. The system according to claim 8.
12. The aforementioned in-vehicle device is integrated into the vehicle and is configured to receive power from the vehicle's power socket. The system according to claim 8.
13. The one or more processors are configured to establish communication with the contactless card in response to the tapping of the contactless card on the NFC reader. The system according to claim 8.
14. A computer implementation method for enabling vehicle access to a protected space, The steps include establishing a first communication link with the in-vehicle device so that the computing device receives a unique identifier associated with the in-vehicle device, The computing device accesses the account associated with the in-vehicle device using the received unique identifier; The computing device establishes a second communication link with a contactless payment card via a near-field communication (NFC) interface. The steps include receiving authorization for a payment transaction to fund the account from the contactless payment card via the second communication link, The step includes transmitting credentials from the in-vehicle device to the access control system of the protected space, thereby causing the access control system to authorize the vehicle access. method.
15. The protected space is a parking facility, a toll road, or a gated residential area, and the in-vehicle device is a corresponding transponder. The method according to claim 14.
16. The step of establishing the first communication link includes tapping the computing device to the in-vehicle device to initiate wireless data transfer. The method according to claim 14.
17. The authorization from the contactless payment card is provided in response to a single tap of the contactless payment card on the computing device. The method according to claim 14.
18. The authorization is provided in accordance with the biometric authentication operation performed on the computing device. The method according to claim 14.
19. The process further includes the step of generating a virtual account number based on encrypted data received from the contactless payment card via a remote server, The payment transaction for providing funds to the account is processed using the generated virtual account number. The method according to claim 14.
20. The step of transmitting the credentials is performed in response to the in-vehicle device detecting an external reader associated with the access control system of the protected space. The method according to claim 14.