Patents by Inventor Mehdi Collinge

Mehdi Collinge has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20170046715
    Abstract: Back-up credentials data is stored for a user. A communication channel is established with a mobile device. A cryptogram is received from the mobile device, such that the cryptogram is relayed by the mobile device from an authentication device that interacted with the mobile device. The authentication device is associated with the user. The cryptogram is verified. In response to the verification of the cryptogram, the stored back-up credentials data is made accessible to the mobile device.
    Type: Application
    Filed: October 26, 2016
    Publication date: February 16, 2017
    Inventors: Simon Phillips, Mark Britten, Mehdi Collinge
  • Patent number: 9508071
    Abstract: Back-up credentials data is stored for a user. A communication channel is established with a mobile device. A cryptogram is received from the mobile device, such that the cryptogram is relayed by the mobile device from an authentication device that interacted with the mobile device. The authentication device is associated with the user. The cryptogram is verified. In response to the verification of the cryptogram, the stored back-up credentials data is made accessible to the mobile device.
    Type: Grant
    Filed: March 3, 2015
    Date of Patent: November 29, 2016
    Assignee: MasterCard International Incorporated
    Inventors: Simon Phillips, Mark Britten, Mehdi Collinge
  • Publication number: 20160260078
    Abstract: Back-up credentials data is stored for a user. A communication channel is established with a mobile device. A cryptogram is received from the mobile device, such that the cryptogram is relayed by the mobile device from an authentication device that interacted with the mobile device. The authentication device is associated with the user. The cryptogram is verified. In response to the verification of the cryptogram, the stored back-up credentials data is made accessible to the mobile device.
    Type: Application
    Filed: March 3, 2015
    Publication date: September 8, 2016
    Inventors: Simon Phillips, Mark Britten, Mehdi Collinge
  • Publication number: 20160155112
    Abstract: A first mobile phone is used to scan a barcode to launch a first mobile payment application on the first mobile device. A payment request is transmitted from the first mobile device to a second mobile device. The second mobile device is operated by a payment account holder. A second mobile payment application is launched in the second mobile device in response to receipt of the payment request. The payment request includes data obtained by the first mobile device scanning the barcode. A response is received from the payment account holder to the second mobile payment application. Payment account credentials are supplied via the second mobile device to conduct a transaction in accordance with the payment request. The payment account credentials identify a payment account belonging to the payment account holder.
    Type: Application
    Filed: December 28, 2015
    Publication date: June 2, 2016
    Inventors: Simon Phillips, Mehdi Collinge, Jonathan J. Main
  • Publication number: 20160110711
    Abstract: A method for generating cryptograms in a webservice environment includes: receiving, in a first environment of a computing system, a credential request transmitted by an external computing device using a secure communication protocol, the credential request including a transaction identifier and account identifier; transmitting, by the first environment, a data request to a second environment of the computing system, the data request including the account identifier; receiving, by the first environment, an account profile and session key from the second environment; transmitting, by the first environment, a cryptogram request to a third environment of the computing system, the cryptogram request including the account profile and session key; receiving, by the first environment, a cryptogram from the third environment generated using the account profile and session key; and transmitting, by the first environment, the cryptogram and transaction identifier to the external computing device via the secure communic
    Type: Application
    Filed: October 21, 2015
    Publication date: April 21, 2016
    Applicant: MasterCard International Incorporated
    Inventors: Mehdi COLLINGE, Patrik SMETS
  • Publication number: 20160071076
    Abstract: A transaction processing system for sending user information data to a personal device, and an associated method are provided. The system comprises: a personal device, such as a balance display card; an interface device, such as a card reader for transmitting data to and from the card; a communications network connecting to the interface device; an issuer processor connected to the communications network; and a trusted network processor (TNP) processor connected to the communications network, interposed between the interface device and the issuer processor. The TNP processor is arranged to receive a transaction request message from a card user and to transmit a response message back to the personal device, the response message typically being a transaction authorization together with information for display on the card.
    Type: Application
    Filed: October 16, 2015
    Publication date: March 10, 2016
    Inventors: Sebastien Pochic, Barry Alan Maidment, Mehdi Collinge, Fikret Ates
  • Patent number: 9218479
    Abstract: A method for authenticating a computing device includes: storing an account profile, the profile including data related to a service account including an alphanumeric code; generating a session identifier and a seed value; computing a first hash using the session identifier; computing a second hash using the session identifier and the alphanumeric code; computing a third hash using the second hash and a utilized seed value; transmitting the session identifier to a computing device via a first communication protocol; transmitting the session identifier and first hash to a remote notification service for transmission to the computing device via a second communication protocol; receiving a fourth hash and the session identifier from the computing device via the first communication protocol; validating the fourth hash based on a comparison of the fourth hash and the computed third hash; and transmitting a validation result to the computing device based on the validation step.
    Type: Grant
    Filed: August 19, 2014
    Date of Patent: December 22, 2015
    Assignee: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Mehdi Collinge, Susan Thompson, Axel Emile Jean Charles Cateland
  • Publication number: 20150348026
    Abstract: A mobile computing device has at least one processor and at least one memory together providing a first execution environment and a second execution environment logically isolated from the first execution environment. The following approach is taken to manage data items for an application executing the first execution environment. A trust relationship is established between a trust client in the second execution environment and a remote trusted party and the trust client receives one or more data items from the remote trusted party. On executing the application in the first execution environment, the trust client provides the data items or further data items derived therefrom to the application 213. Provision of these data items may be conditional upon a user authentication process. A suitable mobile computing device is also described.
    Type: Application
    Filed: May 14, 2015
    Publication date: December 3, 2015
    Inventors: David A. Roberts, Patrik Smets, Mehdi Collinge, Axel Cateland
  • Patent number: 9195975
    Abstract: A transaction processing system for sending user information data to a personal device, and an associated method are provided. The system comprises: a personal device, such as a balance display card; an interface device, such as a card reader for transmitting data to and from the card; a communications network connecting to the interface device; an issuer processor connected to the communications network; and a trusted network processor (TNP) processor connected to the communications network, interposed between the interface device and the issuer processor. The TNP processor is arranged to receive a transaction request message from a card user and to transmit a response message back to the personal device, the response message typically being a transaction authorization together with information for display on the card.
    Type: Grant
    Filed: March 22, 2011
    Date of Patent: November 24, 2015
    Assignee: MasterCard International Incorporated
    Inventors: Sebastien Pochic, Barry Alan Maidment, Mehdi Collinge, Fikret Ates
  • Publication number: 20150248668
    Abstract: A mobile computing device has a processor and a memory. The processor is programmed with a mobile transaction application 101. The memory comprises a local database 102 to hold data items for use by the mobile transaction application 101. The mobile transaction application 101 is adapted to encrypt data items for storage in the local database 102 and to decrypt data items stored in the local database 102 using white-box cryptographic techniques.
    Type: Application
    Filed: March 3, 2015
    Publication date: September 3, 2015
    Inventors: Cristian Radu, Mehdi Collinge
  • Publication number: 20150244718
    Abstract: Instead of requiring key exchange between a trusted biometric application in a TEE and an external application outside of the TEE that provides access to a secured function, the trusted application is preconfigured with security data such as (in a first implementation) authentication credentials (e.g. a PIN) or (in a second implementation) a cryptographic key. This security data is then used to authenticate a biometric validation obtained by the trusted application to the external application.
    Type: Application
    Filed: February 4, 2015
    Publication date: August 27, 2015
    Inventors: Patrik Smets, Mehdi Collinge
  • Publication number: 20150154596
    Abstract: A method for building an advanced storage key includes: storing, in a mobile device, at least (i) device information associated with the mobile device, (ii) program code associated with a first program including an instance identifier, and (iii) program code associated with a second program including a first key; generating a device fingerprint associated with the mobile device based on the device information via execution of the code associated with the first program; generating a random value via execution of the code associated with the first program; building a diversifier value based on the generated device fingerprint, the generated random value, and the instance identifier included in the code associated with the first program; and decrypting the built diversifier value using the first key stored in the code associated with the second program via execution of the code associated with the second program to obtain a storage key.
    Type: Application
    Filed: December 2, 2014
    Publication date: June 4, 2015
    Applicant: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Mehdi COLLINGE, Cristian RADU
  • Publication number: 20150154595
    Abstract: A method for generating payment credentials in a payment transaction includes: storing, in a memory, at least a single use key associated with a transaction account; receiving, by a receiving device, a personal identification number; identifying, by a processing device, a first session key; generating, by the processing device, a second session key based on at least the stored single use key and the received personal identification number; generating, by the processing device, a first application cryptogram based on at least the first session key; generating, by the processing device, a second application cryptogram based on at least the second session key; and transmitting, by a transmitting device, at least the first application cryptogram and second application cryptogram for use in a payment transaction.
    Type: Application
    Filed: December 2, 2014
    Publication date: June 4, 2015
    Inventors: Mehdi COLLINGE, Patrik SMETS, Axel Emile Jean Charles CATELAND
  • Publication number: 20150156176
    Abstract: A method for receiving and processing a data message includes: storing at least an encryption key; receiving a data message, the data message including at an encrypted message and a message authentication code, the message authentication code generated using at least a portion of the encrypted message; generating a reference authentication code using at least a portion of the encrypted message included in the received data message; validating the received data message based on a check of the message authentication code included in the received data message against the generated reference authentication code; and decrypting the encrypted message included in the received data message using the stored encryption key to obtain a decrypted message.
    Type: Application
    Filed: December 2, 2014
    Publication date: June 4, 2015
    Applicant: MASTERCARD INTERNATIONAL INCORPORATED
    Inventors: Mehdi COLLINGE, Michael Christopher Ward
  • Publication number: 20150058949
    Abstract: A method for authenticating a computing device includes: storing an account profile, the profile including data related to a service account including an alphanumeric code; generating a session identifier and a seed value; computing a first hash using the session identifier; computing a second hash using the session identifier and the alphanumeric code; computing a third hash using the second hash and a utilized seed value; transmitting the session identifier to a computing device via a first communication protocol; transmitting the session identifier and first hash to a remote notification service for transmission to the computing device via a second communication protocol; receiving a fourth hash and the session identifier from the computing device via the first communication protocol; validating the fourth hash based on a comparison of the fourth hash and the computed third hash; and transmitting a validation result to the computing device based on the validation step.
    Type: Application
    Filed: August 19, 2014
    Publication date: February 26, 2015
    Applicant: MasterCard International Incorporated
    Inventors: Mehdi COLLINGE, Susan THOMPSON, Axel Emile Jean Charles CATELAND
  • Patent number: 8909557
    Abstract: A system and method for generating an authentication token which is used by an issuer associated with a integrated circuit card to authenticate a transaction. A personal card reader receives data, including an authentication cryptogram, from the integrated circuit card. The personal card reader uses the data received from the integrated circuit card to select one of at least two default bitmaps stored in a memory portion of the personal card reader. The personal card reader uses the selected default bitmap and the authentication cryptogram to build the authentication token.
    Type: Grant
    Filed: September 9, 2009
    Date of Patent: December 9, 2014
    Assignee: MasterCard International Incorporated
    Inventors: Mehdi Collinge, Jean-Paul Edmond Rans, Paul Vanneste, John Beric, Dave Roberts, Thomas Tan, Fikret Ates, Jonathan Grossar
  • Publication number: 20140344166
    Abstract: The present invention relates to a method and system for synchronising a personal identification number (PIN) value stored in a mobile computing device, with a PIN value stored on a remote server. The remote server receives a request from the mobile computing device to record a PIN value, the request comprising the PIN value. The PIN value is recovered from the received request and stored at the remote server. An instruction set arranged to record the PIN value in a secure hardware element comprised within the mobile computing device is generated and transmitted to the mobile computing device. The instruction set executes on the mobile computing device in order to record the PIN value on the secure hardware element.
    Type: Application
    Filed: May 14, 2014
    Publication date: November 20, 2014
    Applicant: MasterCard International Incorporated
    Inventors: Ian Maddocks, Simon Phillips, David A. Roberts, Mehdi Collinge, Sandra Jansen, Patrick Mestré
  • Publication number: 20140101036
    Abstract: Systems, methods, apparatus and computer program code are provided for operating a mobile device to conduct a transaction which include obtaining, by a mobile device operating a mobile payment application, a transaction payload from a merchant, extracting a payment gateway identifier from the transaction payload and establishing a secure communication channel with a payment gateway identified by the payment gateway identifier, receiving, from the payment gateway, item data associated with the transaction, the item data obtained by the payment gateway from the merchant, and receiving, from a user operating the mobile device, a confirmation to complete the transaction using a payment account associated with the user and transmitting the confirmation to the payment gateway with payment account credentials associated with the payment account.
    Type: Application
    Filed: October 10, 2013
    Publication date: April 10, 2014
    Applicant: MasterCard International Incorporated
    Inventors: Simon Phillips, Mehdi Collinge, Jonathan James Main
  • Publication number: 20140037220
    Abstract: A service card image repository and directory is described. A process includes receiving a request to store at least one service image and related data, determining that the service image has been approved, and then uploading the service image and related data. The method also includes assigning a unique identifier to the service image and related data, and storing the service image and related data in an image repository. Some embodiments include receiving a request to download a service image and related data, locating the requested service image, determining that the requested service image requires transcoding and/or scaling, and then transcoding and/or scaling the requested service image to form a modified service image. The modified service image is then transmitted to an entity.
    Type: Application
    Filed: August 1, 2012
    Publication date: February 6, 2014
    Inventors: Simon Phillips, Mark Britten, Mehdi Collinge
  • Publication number: 20130262317
    Abstract: A method for generating and provisioning payment credentials to a mobile device lacking a secure element includes: generating a card profile associated with a payment account, wherein the card profile includes at least payment credentials corresponding to the associated payment account and a profile identifier; provisioning, to a mobile device lacking a secure element, the generated card profile; receiving, from the mobile device, a key request, wherein the key request includes at least a mobile identification number (PIN) and the profile identifier; using the mobile PIN; generating a single use key, wherein the single use key includes at least the profile identifier, an application transaction counter, and a generating key for use in generating a payment cryptogram valid for a single financial transaction; and transmitting the generated single use key to the mobile device.
    Type: Application
    Filed: March 14, 2013
    Publication date: October 3, 2013
    Applicant: MasterCard International Incorporated
    Inventors: Mehdi COLLINGE, Susan Thompson, Patrik Smets, David Anthony Roberts, Michael Christopher Ward