Patents by Inventor Christian Aabye
Christian Aabye has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11720893Abstract: Embodiments of the present invention relate to systems and methods that allow users to use their communication devices to perform transactions (e.g., payment transactions, access transactions, etc.). To complete a transaction, a resource provider electronically generates a code representing transaction data and displays it on an access device. The user scans the code with his or her communication device using a camera associated with the communication device, for example. The code is interpreted by an application on the communication device. The user may request and receive a token at the communication device corresponding to sensitive information selected to perform the transaction (e.g., a primary account number). The user may then provide the token and the transaction data via the communication device to a server computer, which may facilitate completion of the transaction between the user and the resource provider using the transaction data and the token.Type: GrantFiled: June 16, 2021Date of Patent: August 8, 2023Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Christian Flurscheim, Glenn Powell, Christian Aabye, Jalpesh Chitalia, Erick Wong
-
Publication number: 20230247047Abstract: Systems, methods, and devices are disclosed for preventing relay attacks. A user device may receive (e.g., when proximate to the first access device), from an intervening device, device identification data for a first access device. A message may be received from a second access device via the intervening device. The message may include a digital signature generated based at least in part on second access device identification data. The user device may validate the message utilizing the digital signature and a public key. If the message is invalid, the user device may discard the message. If the message is valid, (e.g., unaltered), the user device may determine that the user has not confirmed an intent to interact with the second access device and may terminate an further interaction with the second access device accordingly.Type: ApplicationFiled: March 30, 2023Publication date: August 3, 2023Applicant: Visa International Service AssociationInventors: Brian Sullivan, Quan Wang, Yuexi Chen, Christian Aabye, Christian Flurscheim, Pasan Hapuarachchi
-
Patent number: 11714885Abstract: Encryption key exchange processes are disclosed. A disclosed method includes initiating communication between a portable communication device including a token and a first limited use encryption key, and an access device. After communication is initiated, the portable communication device receives a second limited use key from a remote server via the access device. The portable communication device then replaces the first limited use key with the second limited use key. The second limited use key is thereafter used to create access data such as cryptograms that can be used to conduct access transactions.Type: GrantFiled: December 13, 2021Date of Patent: August 1, 2023Assignee: Visa International Service AssociationInventors: Christopher Dean, Christian Aabye
-
Patent number: 11647042Abstract: Systems, methods, and devices are disclosed for preventing relay attacks. A user device may receive (e.g., when proximate to the first access device), from an intervening device, device identification data for a first access device. A message may be received from a second access device via the intervening device. The message may include a digital signature generated based at least in part on second access device identification data. The user device may validate the message utilizing the digital signature and a public key. If the message is invalid, the user device may discard the message. If the message is valid, (e.g., unaltered), the user device may determine that the user has not confirmed an intent to interact with the second access device and may terminate an further interaction with the second access device accordingly.Type: GrantFiled: November 28, 2018Date of Patent: May 9, 2023Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Brian Sullivan, Quan Wang, Yuexi Chen, Christian Aabye, Christian Flurscheim, Pasan Hapuarachchi
-
Publication number: 20230097712Abstract: A method includes forming a communication channel between a user device and an access device. The communication channel is then secured using a user device key pair in the user device and an access device ephemeral key pair in the access device. The access device then generates a session key using at least a private cryptographic key in the access device ephemeral key pair, and a public key in the user device key pair. The access device then uses the session key to secure an ultra-wideband communication channel between the user device and the access device.Type: ApplicationFiled: September 30, 2021Publication date: March 30, 2023Inventors: Brian Sullivan, Aparna Girish, Mark Rigby, Christian Aabye, Mustafa Top, Yuexi Chen, Dinah Sloan, Hao Ngo
-
Patent number: 11609978Abstract: A biometric verification system is disclosed. The system includes a portable device which stores a biometric reference template and authentication preferences, The portable device can be used with an access device. The access device can prompt the user for a biometric sample, The access device may create a biometric sample template from the biometric sample, and the biometric sample template can be compared to the biometric reference template to determine if a user is authentic.Type: GrantFiled: December 18, 2020Date of Patent: March 21, 2023Assignee: Visa International Service AssociationInventors: Kim R. Wagner, Jing Jin, Marcelo G. de Oliveira, Christian Aabye
-
Publication number: 20230062507Abstract: A method is disclosed. The method includes receiving, by an access control server, an authentication request message comprising a credential or a token from an access device, after the access device receives the credential or the token from a portable device of a user. The method also includes responsive to receiving the authentication request message, transmitting, by the access control server, a challenge message to a user device associated with the user; generating, by the access control server, an authentication indicator. The method also includes transmitting, by the access control server, an authentication response message including the authentication indicator to the access device.Type: ApplicationFiled: March 5, 2021Publication date: March 2, 2023Applicant: Visa International Service AssociationInventors: Christian Aabye, Alexandre Pierre, Pawel Chrobok
-
Patent number: 11587067Abstract: Embodiments of the present invention provide methods and systems to enable a digital wallet identifier to be present in communications associated with transaction data for transactions that are facilitated by a digital wallet provider. In one embodiment, a communication device of a user receives a request for payment credentials required to conduct a transaction and obtains the payment credentials. The payment credentials include a digital wallet identifier and at least some of the payment credentials are obtained from a trusted execution environment associated with the communication device. The obtained payment credentials are provided to an access device associated with a merchant. The access device is configured to initiate the transaction by generating an authorization request message including the payment credentials for onward transmission to an issuer computer.Type: GrantFiled: June 17, 2019Date of Patent: February 21, 2023Assignee: Visa International Service AssociationInventors: Christian Aabye, Kevin Weller
-
Publication number: 20230044616Abstract: Embodiments relate to systems, apparatuses, and methods for performing access interactions between a user device and an access device. A method comprises receiving, by an access device with a single universal kernel comprising a plurality of interaction functionalities and a plurality of sub-kernels, data comprising a kernel identifier identifying a requested kernel of a plurality of kernels to perform an interaction. The access device with the single kernel may determine a first sub-kernel of a plurality of sub-kernels corresponding to an interaction functionality based on the kernel identifier. The access device with the single universal kernel may then process the interaction according to the interaction functionality corresponding to the determined sub-kernel.Type: ApplicationFiled: January 6, 2021Publication date: February 9, 2023Applicant: Visa International Service AssociationInventor: Christian Aabye
-
Patent number: 11501274Abstract: A system, apparatus, and method for processing payment transactions that are conducted using a mobile device that includes a contactless element, such as an integrated circuit chip. The invention enables the updating, correction or synchronization of transaction data maintained by an Issuer with that stored on the device. This is accomplished by using a wireless (cellular) network as a data communication channel for data provided by an Issuer to the mobile device, and is particularly advantageous in circumstances in which the contactless element is not presently capable of communication with a device reader or point of sale terminal that uses a near field communications mechanism. Data transferred between the mobile device and Issuer may be encrypted and decrypted to provide additional security and protect the data from being accessed by other users or applications.Type: GrantFiled: May 3, 2017Date of Patent: November 15, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Christian Aabye, Hao Ngo, David William Wilson, Gustavo Mariath Zeiden, Chris Pitchford, Kiushan Pirzadeh
-
Patent number: 11461760Abstract: Systems, apparatuses, and methods for performing transactions through mobile communication devices using either telecommunications networks or proximity near-field communications systems are disclosed. A mobile communication device may display an application authentication element. The application authentication element may include a pre-selected authentication element and transaction data associated with a transaction conducted by a mobile communication device. The mobile communication device may obtain the pre-selected authentication element by either transmitting a request to a server computer or retrieving the pre-selected authentication element from a secure memory in the mobile communication device. A user authentication token may be received by the mobile communication device from the user. The mobile communication device may generate a secret token that is derived from the user authentication token. If the secret token is correlated to a secret reference token, then a transaction may be conducted.Type: GrantFiled: December 20, 2017Date of Patent: October 4, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: David William Wilson, John Francis Benedict Bourdillon, Christian Aabye
-
Patent number: 11443321Abstract: Methods and systems for dynamically generating a verification value for a transaction and for utilizing such value to verify the authenticity of the payment service application. The dynamically created verification value may be generated on a payment device, such as an integrated circuit credit card or smart card, embedded into the payment data, and transmitted to a point of sale terminal. Alternatively, payment data is sent by a payment device to a point of sale terminal, which generates a verification value and embeds it into the payment data. The embedded verification value is used by a service provider to verify the authenticity of the transaction. The methods and systems may be used in a contactless (wireless) environment or a non-wireless environment.Type: GrantFiled: November 22, 2019Date of Patent: September 13, 2022Assignee: Visa International Service AssociationInventors: Jagdeep Singh Sahota, Christian Aabye
-
Patent number: 11438766Abstract: A method is disclosed. The method includes receiving, by a user device from an access device, an available applications request message. The available applications request message includes an access device type identifier. The method also includes determining whether an association exists between the access device type identifier and one or more application identifiers of a plurality of application identifiers stored on the user device. The plurality of application identifiers respectively correspond to different applications on the user device. The method also includes transmitting, by the user device, to the access device, based in part on whether the association exists, an available applications response. The available applications response includes the one or more application identifiers of the plurality of application identifiers associated with the access device type identifier.Type: GrantFiled: August 18, 2020Date of Patent: September 6, 2022Assignee: Visa International Service AssociationInventors: Gavin Shenker, Brian Sullivan, Christian Aabye, Hao Ngo
-
Publication number: 20220198430Abstract: A reader device may include a midrange wireless transceiver, a controller coupled to the midrange wireless transceiver, and a memory coupled to the controller. The memory may store executable code, which when executed by the controller, causes the reader device to implement various operations including maintaining a transaction service attributes database in the memory. The operations may also include broadcasting a beacon including a transaction service indicator at a periodic interval using the midrange wireless transceiver, receiving a connection request from a communication device, and establishing a wireless connection with the communication device. The operations may further include performing an application selection process with the communication device, performing application data processing with the communication device, and performing authorization request processing for the communication device.Type: ApplicationFiled: March 11, 2022Publication date: June 23, 2022Inventors: Jing Jin, Thomas Bellenger, Christian Aabye, Bryan Carroll
-
Publication number: 20220129891Abstract: Embodiments of the invention provision multiple payment tokens on a communication device. The communication device may be provisioned with multiple limited use keys (LUK), each LUK being associated with a specific type of transaction. When the communication device is used for a transaction, the communication device automatically determines a type of the transaction and selects an appropriate LUK based on the determined transaction type. The selected LUK may be used to create a cryptogram, which can be used to verify the transaction.Type: ApplicationFiled: January 4, 2022Publication date: April 28, 2022Inventors: Gyan Prakash, Ajit Gaddam, Selim Aissi, Christian Aabye
-
Patent number: 11315099Abstract: A system, apparatus, and method for processing payment transactions that are conducted using a mobile device that includes a contactless element, such as an integrated circuit chip. The invention enables the updating, correction or synchronization of transaction data maintained by an Issuer with that stored on the device. This is accomplished by using a wireless (cellular) network as a data communication channel for data provided by an Issuer to the mobile device, and is particularly advantageous in circumstances in which the contactless element is not presently capable of communication with a device reader or point of sale terminal that uses a near field communications mechanism. Data transferred between the mobile device and Issuer may be encrypted and decrypted to provide additional security and protect the data from being accessed by other users or applications.Type: GrantFiled: July 24, 2020Date of Patent: April 26, 2022Assignee: Visa International Service AssociationInventors: Christian Aabye, Hao Ngo, David William Wilson, Gustavo Mariath Zeiden, Chris Pitchford, Kiushan Pirzadeh
-
Patent number: 11308478Abstract: A reader device may include a midrange wireless transceiver, a controller coupled to the midrange wireless transceiver, and a memory coupled to the controller. The memory may store executable code, which when executed by the controller, causes the reader device to implement various operations including maintaining a transaction service attributes database in the memory. The operations may also include broadcasting a beacon including a transaction service indicator at a periodic interval using the midrange wireless transceiver, receiving a connection request from a communication device, and establishing a wireless connection with the communication device. The operations may further include performing an application selection process with the communication device, performing application data processing with the communication device, and performing authorization request processing for the communication device.Type: GrantFiled: March 6, 2017Date of Patent: April 19, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Jing Jin, Thomas Bellenger, Christian Aabye, Bryan Carroll
-
Publication number: 20220101298Abstract: A system, apparatus, and method for processing payment transactions that are conducted using a mobile payment device that includes a contactless element, such as an integrated circuit chip. The invention enables one or more of the operations of activation of a payment application, transfer of transaction data, updating of account records, setting or re-setting of a payment application counter or register, or transfer or processing of a script, command, or instruction, with these functions being performed with minimal impact on a consumer. This is accomplished by introducing a pre-tap and/or two-tap operation prior to, or as part of, the transaction flow.Type: ApplicationFiled: December 9, 2021Publication date: March 31, 2022Inventors: Christian Aabye, Hao Ngo, David William Wilson
-
Publication number: 20220100828Abstract: Encryption key exchange processes are disclosed. A disclosed method includes initiating communication between a portable communication device including a token and a first limited use encryption key, and an access device. After communication is initiated, the portable communication device receives a second limited use key from a remote server via the access device. The portable communication device then replaces the first limited use key with the second limited use key. The second limited use key is thereafter used to create access data such as cryptograms that can be used to conduct access transactions.Type: ApplicationFiled: December 13, 2021Publication date: March 31, 2022Inventors: Christopher Dean, Christian Aabye
-
Patent number: 11257074Abstract: Embodiments of the invention provision multiple payment tokens on a communication device. The communication device may be provisioned with multiple limited use keys (LUK), each LUK being associated with a specific type of transaction. When the communication device is used for a transaction, the communication device automatically determines a type of the transaction and selects an appropriate LUK based on the determined transaction type. The selected LUK may be used to create a cryptogram, which can be used to verify the transaction.Type: GrantFiled: September 29, 2015Date of Patent: February 22, 2022Assignee: VISA INTERNATIONAL SERVICE ASSOCIATIONInventors: Gyan Prakash, Ajit Gaddam, Selim Aissi, Christian Aabye