Abstract: A method is disclosed. The method includes generating, by a communication device during an interaction with an access device, a cryptogram using transaction level data and interoperability level data; transmitting the transaction level data and interoperability level data to the access device; and transmitting the cryptogram the access device, wherein the access device or a remote server computer in communication with the access device validates the received cryptogram before allowing the transaction to proceed.

Abstract: A method includes forming a communication channel between a user device and an access device. The communication channel is then secured using a user device key pair in the user device and an access device ephemeral key pair in the access device. The access device then generates a session key using at least a private cryptographic key in the access device ephemeral key pair, and a public key in the user device key pair. The access device then uses the session key to secure an ultra-wideband communication channel between the user device and the access device.

Abstract: Systems and methods for securing data transmissions using distance measurements are disclosed. A mobile device (such as a smart phone) and a base station can use ultra-wideband technology to determine the distance between the two devices. The distance measurements produced by the mobile device and the base station can be compared, directly or indirectly by the mobile device, the base station, and/or an access device to determine whether the mobile device is present at an access device or if the mobile device is not present at the access device (as expected during a relay attack). If the mobile device is not present at the access device, the access device can prevent or cancel an interaction based on the data transfer (e.g., opening a locked door of a secure building in response to receiving an access credential from the mobile device).

Abstract: Techniques for enabling usage of an Ultra-Wideband (UWB) chip on a passive device are disclosed. The passive device comprises a substrate including a first electronic component, and a second electronic component. The first electronic component is programmed to communicate with an access device using a first communication protocol, and the second electronic component is programmed to communicate with the access device using a second wireless communication protocol. The passive device includes a first antenna electrically coupled to at least the first electronic component or the second electronic component, and a second antenna electrically coupled to at least the second electronic component. The first antenna is adapted to receive a first signal from the access device, which powers at least the second electronic component, thereby causing the second electronic component to cause the second antenna to emit a second signal that is received by the access device.

Abstract: Systems and methods for securing data transmissions using distance measurements are disclosed. A mobile device (such as a smart phone) and a base station can use ultra-wideband technology to determine the distance between the two devices. The distance measurements produced by the mobile device and the base station can be compared, directly or indirectly by the mobile device, the base station, and/or an access device to determine whether the mobile device is present at an access device or if the mobile device is not present at the access device (as expected during a relay attack). If the mobile device is not present at the access device, the access device can prevent or cancel an interaction based on the data transfer (e.g., opening a locked door of a secure building in response to receiving an access credential from the mobile device).

Abstract: Systems and methods for securing data transmissions using distance measurements are disclosed. A mobile device (such as a smart phone) and a base station can use ultra-wideband technology to determine the distance between the two devices. The distance measurements produced by the mobile device and the base station can be compared, directly or indirectly by the mobile device, the base station, and/or an access device to determine whether the mobile device is present at an access device or if the mobile device is not present at the access device (as expected during a relay attack). If the mobile device is not present at the access device, the access device can prevent or cancel an interaction based on the data transfer (e.g., opening a locked door of a secure building in response to receiving an access credential from the mobile device).

Abstract: A method includes forming a communication channel between a user device and an access device. The communication channel is then secured using a user device key pair in the user device and an access device ephemeral key pair in the access device. The access device then generates a session key using at least a private cryptographic key in the access device ephemeral key pair, and a public key in the user device key pair. The access device then uses the session key to secure an ultra-wideband communication channel between the user device and the access device.

Abstract: Provided are methods, systems, and computer program products for verifying a payment device using a magnetometer. The method includes detecting a magnetic signature of a payment device based on a magnetic field of the payment device affecting the magnetometer. The magnetic signature may be determined based on the structural composition of the payment device or a circuit arranged on or embedded in the payment device. The method also includes receiving payment device data for a transaction requested between an account associated with the payment device and an account of a merchant. The method further includes comparing the magnetic signature detected from the payment device with a stored magnetic signature associated with the payment device. The method further includes, in response to determining that the magnetic signatures match, approving the transaction.

Abstract: A method includes forming a communication channel between a user device and an access device. The communication channel is then secured using a user device key pair in the user device and an access device ephemeral key pair in the access device. The access device then generates a session key using at least a private cryptographic key in the access device ephemeral key pair, and a public key in the user device key pair. The access device then uses the session key to secure an ultrawideband communication channel between the user device and the access device.

Abstract: A method includes forming a communication channel between a user device and an access device. The communication channel is then secured using a user device key pair in the user device and an access device ephemeral key pair in the access device. The access device then generates a session key using at least a private cryptographic key in the access device ephemeral key pair, and a public key in the user device key pair. The access device then uses the session key to secure an ultra-wideband communication channel between the user device and the access device.

Abstract: NFC terminal devices and corresponding integrated circuit cards (ICCs) use NFC Type 4 tags as a protocol interface for complex or encrypted communication protocols that are not natively supported by the NFC terminal devices. A smartphone acting as an NFC terminal may block applications and/or protocols other than NFC data exchange formatted (NDEF) messages. An ICC applet supporting an advanced function uses designated memory locations for the transfer of commands normally supported at an application level. Both the terminal side and the ICC applet may check the designated memory locations for updated data in the absence of protocol-level message controls.

Abstract: A method is disclosed. The method includes generating, by a communication device during an interaction with an access device, a cryptogram using transaction level data and interoperability level data; transmitting the transaction level data and interoperability level data to the access device; and transmitting the cryptogram the access device, wherein the access device or a remote server computer in communication with the access device validates the received cryptogram before allowing the transaction to proceed.

Abstract: NFC terminal devices and corresponding integrated circuit cards (ICCs) use NFC Type 4 tags as a protocol interface for complex or encrypted communication protocols that are not natively supported by the NFC terminal devices. A smartphone acting as an NFC terminal may block applications and/or protocols other than NFC data exchange formatted (NDEF) messages. An ICC applet supporting an advanced function uses designated memory locations for the transfer of commands normally supported at an application level. Both the terminal side and the ICC applet may check the designated memory locations for updated data in the absence of protocol-level message controls.

Abstract: A method preventing relay attacks between first and second devices is disclosed. The method includes providing, by a first device, a command message, receiving a request message and providing a response message to a second device. The time period between the receipt of the command message and the transmission of the response message by the first device is compared to another time period between the time when the command message was sent and the response message was received by the second device. If those times substantially match, then the first device can have assurance that a relay attack is not occurring.

Abstract: A method is disclosed. The method includes generating, by a communication device during an interaction with an access device, a cryptogram using transaction level data and interoperability level data; transmitting the transaction level data and interoperability level data to the access device; and transmitting the cryptogram the access device, wherein the access device or a remote server computer in communication with the access device validates the received cryptogram before allowing the transaction to proceed.

Abstract: NFC terminal devices and corresponding integrated circuit cards (ICCs) use NFC Type 4 tags as a protocol interface for complex or encrypted communication protocols that are not natively supported by the NFC terminal devices. A smartphone acting as an NFC terminal may block applications and/or protocols other than NFC data exchange formatted (NDEF) messages. An ICC applet supporting an advanced function uses designated memory locations for the transfer of commands normally supported at an application level. Both the terminal side and the ICC applet may check the designated memory locations for updated data in the absence of protocol-level message controls.

Abstract: A bridge device acts as a link between generic wireless protocols of mobile devices and available communication components of access devices. The bridge device can be an attachment to existing access devices and enables a transaction using any available communication components on an access device and a bridge device mobile application on a mobile device. The bridge device notifies the mobile device which communication components are available for the transaction. The mobile device then sends a selection of a communication component to the bridge device. To conduct the transaction, the bridge device converts data received from the mobile device and sends it to the access device using a protocol compatible with the selected communication component. The bridge device also converts data received from the access device and sends it to the mobile device using a generic wireless protocol supported by the mobile device.

Abstract: A method preventing relay attacks between first and second devices is disclosed. The method includes providing, by a first device, a command message, receiving a request message and providing a response message to a second device. The time period between the receipt of the command message and the transmission of the response message by the first device is compared to another time period between the time when the command message was sent and the response message was received by the second device. If those times substantially match, then the first device can have assurance that a relay attack is not occurring.

Abstract: A method is disclosed. The method includes generating, by a communication device during an interaction with an access device, a cryptogram using transaction level data and interoperability level data; transmitting the transaction level data and interoperability level data to the access device; and transmitting the cryptogram the access device, wherein the access device or a remote server computer in communication with the access device validates the received cryptogram before allowing the transaction to proceed.

Abstract: Embodiments of the invention relate to payment cards and methods for making payment cards. In one embodiment, a card comprises a first layer and a second layer adjacent to the first layer. The second layer comprises a plurality of particles comprising metal, and the plurality of particles comprise at least about 15 volume % of the second layer. In another embodiment, a mixture is prepared comprising polymer and a plurality of particles comprising metal. The plurality of particles comprise at least about 15 volume % of the mixture. The mixture is pressed and an outer layer is applied. The mixture and outer layer are then cut to form the card.