Patents by Inventor Christian Aabye

Christian Aabye has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11164176
    Abstract: Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include encrypting account information with a first encryption key to generate a second encryption key, and encrypting key index information using the second key to generate a limited-use key (LUK). The key index information may include a key index having information pertaining to generation of the LUK. The LUK and the key index can be provided to the communication device to facilitate generation of a transaction cryptogram for a transaction conducted using the communication device, and the transaction can be authorized based on the transaction cryptogram generated from the LUK.
    Type: Grant
    Filed: December 19, 2014
    Date of Patent: November 2, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Hao Ngo, Christian Aabye, John Sheets, Oleg Makhotin
  • Publication number: 20210326866
    Abstract: Systems and methods are disclosed for securely communicating sensitive such as an identifier. An encrypted value may be generated utilizing at least a portion of the identifier, a dynamic value, and an encryption key. An obfuscated identifier may be generated using at least a portion of the unencrypted identifier and a portion of the encrypted value. The obfuscated identifier and the encrypted value may be provided in a message to inhibit potential fraudsters from obtaining the identifier.
    Type: Application
    Filed: August 17, 2018
    Publication date: October 21, 2021
    Inventors: Simon Hurry, Christian Aabye
  • Patent number: 11151533
    Abstract: A computer-implemented method of communicating with a point of sale terminal. The method includes establishing wireless communication with a point of sale terminal using a first communication channel, and establishing communication with the point of sale terminal using a second communication channel. The method also includes transmitting a first section of communication data via the first communication channel; and transmitting a second section of the communication data using the second communication channel.
    Type: Grant
    Filed: March 31, 2016
    Date of Patent: October 19, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Christopher Jones, Sanjeev Sharma, Christian Flurscheim, Chandra Srivastava, Vishwanath Shastry, Kiushan Pirzadeh, Christian Aabye
  • Publication number: 20210312433
    Abstract: Embodiments of the present invention relate to systems and methods that allow users to use their communication devices to perform transactions (e.g., payment transactions, access transactions, etc.). To complete a transaction, a resource provider electronically generates a code representing transaction data and displays it on an access device. The user scans the code with his or her communication device using a camera associated with the communication device, for example. The code is interpreted by an application on the communication device. The user may request and receive a token at the communication device corresponding to sensitive information selected to perform the transaction (e.g., a primary account number). The user may then provide the token and the transaction data via the communication device to a server computer, which may facilitate completion of the transaction between the user and the resource provider using the transaction data and the token.
    Type: Application
    Filed: June 16, 2021
    Publication date: October 7, 2021
    Inventors: Christian Flurscheim, Glenn Powell, Christian Aabye, Jalpesh Chitalia, Erick Wong
  • Patent number: 11138605
    Abstract: Embodiments of the invention are directed to access transactions. A gate access device may interact with a payment card such as a credit card. The gate access device may generate and transmit a first authorization request message to a payment processing network computer. The first authorization request message does not include an amount for the transaction, but only contains identification information. A first authorization response message is transmitted back to the gate access device. At a later point in time, a second authorization request message containing the transaction amount is transmitted from the gate access device to the issuer, and a response is received from the issuer.
    Type: Grant
    Filed: June 25, 2014
    Date of Patent: October 5, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Christian Aabye, Eric Schindewolf
  • Publication number: 20210295305
    Abstract: Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device comprising a server computer receiving a payment request including encrypted payment information. The encrypted payment information being generated by a mobile payment application of the mobile device and being encrypted using a third party key. The method further comprises decrypting the encrypted payment information using the third party key, determining a transaction processor public key associated with the payment information, and re-encrypting the payment information using the transaction processor public key. The method further comprises sending a payment response including the re-encrypted payment information to a transaction processor.
    Type: Application
    Filed: June 1, 2021
    Publication date: September 23, 2021
    Inventors: John Sheets, Kim Wagner, Christian Aabye, Frederick Liu, Igor Karpenko, Glenn Powell, Kiushan Pirzadeh
  • Publication number: 20210287211
    Abstract: A process for combining domain restriction and remote authentication may include receiving a token from a plug-in application to conduct a transaction associated with a user of a communicating device. The process may include sending an authentication request to a remote access control sever to authenticate the user, and receiving, from the remote access control server, an authentication tracking value that the remote access control server used in generation of an authentication cryptogram. The process may also include generating, using the authentication tracking value, a domain restriction cryptogram that is used for domain restriction of the token, and sending, to the plug-in application, the domain restriction cryptogram.
    Type: Application
    Filed: June 2, 2021
    Publication date: September 16, 2021
    Inventors: Christian Aabye, Christopher Jones
  • Publication number: 20210264404
    Abstract: A method is disclosed. The method includes determining whether the counter has reached a threshold value. The method also includes sending a request to reset the counter, to a payment authorizing entity, if it is determined that the counter has reached the threshold value, and then receiving, from the payment authorizing entity, a script in response to the request.
    Type: Application
    Filed: May 10, 2021
    Publication date: August 26, 2021
    Inventors: Christian Aabye, Olivier Brand, Michael Lindelsee, Joseph J. Mirizzi, Hao Ngo, Lauren White, David William Wilson
  • Patent number: 11086980
    Abstract: Enhance authentication techniques may include receiving credential data of a secondary device by a primary device, generating a cryptogram using the credential data of the secondary device, and transmitting the cryptogram to an access device to request for authorization to use an account associated with a user of the primary device. The authorization can be granted based on verification of the cryptogram and an interaction activity pattern of interactions between the primary device and a set of communication devices including the secondary device.
    Type: Grant
    Filed: February 7, 2020
    Date of Patent: August 10, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Eric Le Saint, Dominique Fedronic, Christian Aabye
  • Patent number: 11080696
    Abstract: Embodiments of the present invention relate to systems and methods that allow users to use their communication devices to perform transactions (e.g., payment transactions, access transactions, etc.). To complete a transaction, a resource provider electronically generates a code representing transaction data and displays it on an access device. The user scans the code with his or her communication device using a camera associated with the communication device, for example. The code is interpreted by an application on the communication device. The user may request and receive a token at the communication device corresponding to sensitive information selected to perform the transaction (e.g., a primary account number). The user may then provide the token and the transaction data via the communication device to a server computer, which may facilitate completion of the transaction between the user and the resource provider using the transaction data and the token.
    Type: Grant
    Filed: February 1, 2017
    Date of Patent: August 3, 2021
    Assignee: Visa International Service Association
    Inventors: Christian Flurscheim, Glenn Powell, Christian Aabye, Jalpesh Chitalia, Erick Wong
  • Patent number: 11055694
    Abstract: Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for securely processing remote transactions. One embodiment of the invention is directed to a method of processing a remote transaction initiated by a mobile device comprising a server computer receiving a payment request including encrypted payment information. The encrypted payment information being generated by a mobile payment application of the mobile device and being encrypted using a third party key. The method further comprises decrypting the encrypted payment information using the third party key, determining a transaction processor public key associated with the payment information, and re-encrypting the payment information using the transaction processor public key. The method further comprises sending a payment response including the re-encrypted payment information to a transaction processor.
    Type: Grant
    Filed: November 27, 2019
    Date of Patent: July 6, 2021
    Assignee: Visa International Service Association
    Inventors: John Sheets, Kim Wagner, Christian Aabye, Frederick Liu, Igor Karpenko, Glenn Powell, Kiushan Pirzadeh
  • Patent number: 11055705
    Abstract: A process for combining domain restriction and remote authentication may include receiving a token from a plug-in application to conduct a transaction associated with a user of a communicating device. The process may include sending an authentication request to a remote access control sever to authenticate the user, and receiving, from the remote access control server, an authentication tracking value that the remote access control server used in generation of an authentication cryptogram. The process may also include generating, using the authentication tracking value, a domain restriction cryptogram that is used for domain restriction of the token, and sending, to the plug-in application, the domain restriction cryptogram.
    Type: Grant
    Filed: March 19, 2019
    Date of Patent: July 6, 2021
    Assignee: Visa International Service Association
    Inventors: Christian Aabye, Christopher Jones
  • Patent number: 11037128
    Abstract: Systems, apparatus, and methods for managing an application installed on a mobile device, such as a mobile phone are provided, so as to prevent or limit unauthorized use of the application, for example, when the mobile device is lost, stolen, or otherwise subject to unauthorized use. A request to enable or disable user access to a function of the application can be received by a server computer. A command message responsive to the request can be generated by the server computer, the command message comprising control data for enabling or disabling user access to the function of the application. The generated command message can be transmitted to the mobile device over a wireless network.
    Type: Grant
    Filed: September 28, 2018
    Date of Patent: June 15, 2021
    Assignee: Visa International Service Association
    Inventors: Christian Aabye, Olivier Brand, Michael Lindelsee, Joseph J. Mirizzi, Hao Ngo, Lauren White, David William Wilson
  • Publication number: 20210176062
    Abstract: Techniques are described for managing master keys for token requestors to use in generating cryptograms such as TAVVs. A processor computer generates a first master key for a token requestor, the first master key being generated based on (a) a second master key managed by the processor computer and (b) an identifier of the token requestor. The processor computer transmits, to a token requestor computer corresponding to the token requestor, the first master key. The processor computer receives, from the token requestor computer, a request for a token. Responsive to receiving the request for the token, the processor computer transmits the token to the token requestor computer; and receives, from the token requestor computer, an authorization request message comprising the token and a cryptogram generated by the token requestor computer using the first master key and the token.
    Type: Application
    Filed: August 13, 2019
    Publication date: June 10, 2021
    Inventors: Jalpesh Chitalia, Eduardo Lopez, Christian Flurscheim, Sayeed Mohammed, Christian Aabye, Christoffel Jacobs, Phillip Lavender
  • Patent number: 11030608
    Abstract: A system, apparatus, and method for processing payment transactions that are conducted using a mobile device that includes a contactless element, such as an integrated circuit chip. An account holder is enabled to generate transaction related data and append that data to a transaction record or transaction identifier. The appended data and transaction record or identifier may be stored in the mobile payment device and/or provided to an Issuer. If provided to an Issuer, the transaction related data generated by the account holder may be used to supplement an account statement. The additional information generated by the account holder may be used to assist the account holder in determining if a transaction is valid by providing information that helps the account holder to recall the location or other aspect of the transaction.
    Type: Grant
    Filed: May 30, 2019
    Date of Patent: June 8, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Christian Aabye, Hao Ngo, David William Wilson, Guido Mangiagalli
  • Patent number: 11017386
    Abstract: Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and transmitting a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction. The token and the transaction cryptogram can be transmitted to a magnetic stripe reader by generating an emulated magnetic signal. The LUK may be associated with a set of one or more limited-use thresholds that limits usage of the LUK, and the transaction can be authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds.
    Type: Grant
    Filed: February 7, 2018
    Date of Patent: May 25, 2021
    Assignee: Visa International Service Association
    Inventors: Christian Flurscheim, Christian Aabye
  • Patent number: 11010747
    Abstract: Methods, systems, apparatuses, and computer-readable mediums for selecting multiple payment applications and preparing multiple transaction payloads for a transaction during interaction between a mobile device and an access device. A merchant may prepare multiple transaction payloads for a single transaction, and initiate transactions using each of the prepared transaction payloads in order of preference. If a transaction initiated using payment credentials associated with a preferred application is unsuccessful for any reason, a transaction may be initiated using payment credentials associated with an alternate application automatically, and without additional interaction by the mobile device and/or access device.
    Type: Grant
    Filed: August 29, 2019
    Date of Patent: May 18, 2021
    Assignee: Visa International Service Association
    Inventors: Christopher Jones, Christian Aabye, Oleg Makhotin
  • Publication number: 20210126939
    Abstract: Systems, methods, and devices are disclosed for preventing relay attacks. A user device may receive (e.g., when proximate to the first access device), from an intervening device, device identification data for a first access device. A message may be received from a second access device via the intervening device. The message may include a digital signature generated based at least in part on second access device identification data. The user device may validate the message utilizing the digital signature and a public key. If the message is invalid, the user device may discard the message. If the message is valid, (e.g., unaltered), the user device may determine that the user has not confirmed an intent to interact with the second access device and may terminate an further interaction with the second access device accordingly.
    Type: Application
    Filed: November 28, 2018
    Publication date: April 29, 2021
    Inventors: Brian Sullivan, Quan Wang, Yuexi Chen, Christian Aabye, Christian Flurscheim, Pasan Hapuarachchi
  • Publication number: 20210103648
    Abstract: A biometric verification system is disclosed. The system includes a portable device which stores a biometric reference template and authentication preferences, The portable device can be used with an access device. The access device can prompt the user for a biometric sample, The access device may create a biometric sample template from the biometric sample, and the biometric sample template can be compared to the biometric reference template to determine if a user is authentic.
    Type: Application
    Filed: December 18, 2020
    Publication date: April 8, 2021
    Inventors: Kim R. Wagner, Jing Jin, Marcelo G. de Oliveira, Christian Aabye
  • Publication number: 20210072972
    Abstract: Embodiments of the present invention are directed at methods and systems for providing a partial personalization process that allows for more efficient and effective personalization of a application on a communication device. For example, personalization profiles associated with multiple versions of the application may be stored at a provisioning system and the provisioning system may determine the appropriate partial provisioning information to update the application for each migration notification. Partial personalization information that is to be updated for the updated version of the application may be generated and installed to enable new functionality and/or update the information contained within an updated application without requiring re-personalization of all personalized information.
    Type: Application
    Filed: October 27, 2020
    Publication date: March 11, 2021
    Inventors: Christian Aabye, Kiushan Pirzadeh, Glenn Powell, Igor Karpenko