HK40060197B - Secure password generation and management using nfc and contactless smart cards - Google Patents

Description

Secure password generation and management using NFC and contactless smart cards.

Related applications

This application claims priority to U.S. Patent Application Serial No. 16/725,866, filed December 23, 2019, entitled "Secure Password Generation and Management Using NFC and Contactless Smart Cards". The contents of the aforementioned application are incorporated herein by reference in their entirety.

Background Technology

Brute-force attacks are a common hacking technique used by hackers to gain access to computers, email accounts, online banking accounts, applications, websites, and more by manually guessing passwords. Therefore, strong, complex passwords can be crucial for protecting users from identity or financial theft.

A standard password manager helps generate and retrieve complex passwords, and can store such passwords in an encrypted database or perform calculations as needed. A standard password manager can be a locally installed software application, an online service accessed through a website portal, or a hardware device that acts as a local access key. Typically, a standard password manager requires the user to generate and remember a "master" password to unlock and access any information stored in its database.

However, conventional password managers have several problems. First, users may not always have the device to run the password manager. Second, the randomness of the password generator used by the password manager may not be verifiable. Third, a password manager (no matter how strong) is only as effective as the master password created by the user who protects it.

Summary of the Invention

Various embodiments involve using near-field communication (NFC) enabled contactless smart cards to securely generate and manage passwords. For example, a secure password can be generated by generating a random number via a random number generator on the contactless smart card and then converting that random number into one or more human-readable characters. In another example, the contactless smart card's secure cryptographic hash function can generate a hash output value that can be converted into one or more human-readable characters. These human-readable characters can be used as a secure password, or they can be transformed to add further layers of security and complexity.

Attached Figure Description

Figure 1A illustrates an example data transmission system according to one or more embodiments.

Figure 1B illustrates an example sequence diagram for providing authenticated access according to one or more embodiments.

Figure 2 illustrates an example system using a contactless card according to one or more embodiments.

Figure 3A illustrates an example contactless card according to one or more embodiments.

Figure 3B shows an example contact pad for a contactless card according to one or more embodiments.

Figure 4 shows an example sequence diagram related to secure password generation according to one or more embodiments.

Figure 5 illustrates an example password manager application and secure password generation according to one or more embodiments.

Figure 6 shows another example of a sequence diagram related to secure password generation according to one or more embodiments.

Figure 7 illustrates an example of secure password generation for a website according to one or more embodiments.

Figure 8 shows an example flowchart according to one or more embodiments.

Detailed Implementation

Various embodiments generally involve using near field communication (NFC) enabled contactless smart cards to securely generate and manage one or more passwords. For example, when authorized NFC communication is established between a computing device such as a mobile device (e.g., a smartphone, laptop, tablet, etc.) and a contactless card, the contactless card can use at least one applet stored therein to generate truly random, human-readable, and secure passwords.

According to one embodiment, when establishing and authenticating NFC communication between a mobile device and a card, the mobile device can request a security password from the contactless card. The contactless card's random number generator can generate a random number of a predefined length. This random number can be converted into one or more human-readable characters, which can be used as the security password. Alternatively, in other examples, the one or more human-readable characters can be transformed by a password transformer to add an additional layer of security to the password, such as rearranging the human-readable characters, replacing certain characters with other characters, etc. The security password can be delivered to the mobile device in at least one NFC data exchange format (NDEF) file.

In some examples, when a mobile device establishes authenticated communication with a specific contactless card, a password manager application can be automatically opened on the mobile device, allowing only that specific contactless card to access the application. Therefore, in certain situations, the physical contactless card itself can be used as the "master" password for the password manager, along with a regular master password. Furthermore, the contactless card can automatically and unilaterally generate and transmit one or more new security passwords, which can be managed, organized, or used by the user on the password manager application as needed.

According to another embodiment, a bidirectional communication protocol can be established between a mobile device and a contactless card for performing secure password generation. For example, during the establishment and authentication of NFC communication, the mobile device can send a password request and an identifier to the contactless card. The identifier can be any information associated with the application, website, or file requesting the password. For example, a Uniform Resource Locator (URL) associated with a website can be used as the identifier. The contactless card obtains and inputs the identifier into a secure cryptographic hash function, which outputs a hash value. The hash value can be converted into one or more human-readable characters, which can be used as the password itself, or can be further transformed by a password transformer to add an additional layer of security to the password. The password is then sent to the mobile device.

By requesting a secure password using an identifier, a contactless card (and only that contactless card) can generate the same password for the same requester based on a unique cryptographic hash function included in the card. Therefore, as long as the user uses the same contactless card, there is no need to store the secure password in the mobile device or the card itself, minimizing the overall password exposure to potential hackers.

In another example, when a contactless card for a mobile device is tapped or placed within a threshold distance of the mobile device, the mobile device can automatically fill in the password field with a secure PIN (also known as "autofill"). The PIN can be a new PIN generated by the contactless card and stored and managed by a password manager on the mobile device, as described above; or the PIN can be the same PIN that can be requested by the same requester (e.g., an app, website, file, etc.), as described above.

In previous solutions, the effectiveness of password managers was limited to the devices on which they were installed, as users did not always own these devices. Furthermore, the randomness of the password generator used by the password manager could not be verified. Moreover, the password manager was only as strong as the "master" password that protected the manager from unauthorized access. The embodiments and examples described herein overcome and surpass previous solutions because, in some examples, highly secure and verifiable hardware components, such as NFC-enabled contactless smart cards, can be used to generate truly random, human-readable passwords without having to store the generated passwords on the contactless card and/or mobile device. This minimizes vulnerability exposure by eliminating critical data fragments that could be hacked. Furthermore, since the contactless card itself (in some cases, along with the master password) can be used to open the password manager application on the mobile device, the physical card can act as the "master" password, overcoming the aforementioned weakest link problem associated with most password manager applications.

Referring now to the accompanying drawings, wherein the same reference numerals are used throughout to refer to the same elements. In the following description, numerous specific details are set forth for purposes of explanation in order to provide a thorough understanding thereof. However, it will be apparent, however, that novel embodiments may be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form for the purpose of description. The intention is to cover all modifications, equivalents, and alternatives within the scope of the claims.

Figure 1A illustrates an example data transmission system according to one or more embodiments. As will be discussed further below, system 100 may include a contactless card 105, a client device 110, a network 115, and a server 120. Although Figure 1A shows a single instance of the components, system 100 may include any number of components.

System 100 may include one or more contactless cards 105, which will be further explained below with reference to Figures 3A and 3B. In some embodiments, the contactless card 105 may wirelessly communicate with the client device 110 using NFC, as shown in the example.

System 100 may include client device 110, which may be a network-enabled computer. As described herein, a network-enabled computer may include, but is not limited to, computer equipment or communication equipment, including, for example, servers, network devices, personal computers, workstations, telephones, smartphones, handheld PCs, personal digital assistants, thin clients, thick clients, internet browsers, or other devices. Client device 110 may also be a mobile computing device; for example, an iPhone, iPod, iPad, or any other suitable device running Apple's operating system, any device running Microsoft Mobile's operating system, any device running Google's operating system, and/or any other suitable mobile computing device (such as a smartphone, tablet, or similar wearable mobile device).

Client device 110 may include a processor and memory, and it should be understood that the processing circuitry may include additional components necessary to perform the functions described herein, including a processor, memory, error and parity/CRC checkers, data encoders, anti-collision algorithms, controllers, command decoders, security primitives, and tamper-proof hardware. Client device 110 may also include a display and input devices. The display may be any type of device for presenting visual information, such as a computer monitor, flat panel display, and mobile device screen, including liquid crystal displays, light-emitting diode displays, plasma panels, and cathode ray tube displays. Input devices may include any device available and supported by the user's device for inputting information, such as a touchscreen, keyboard, mouse, cursor control device, microphone, digital camera, video recorder, or camcorder. These devices can be used to input information and interact with the software and other devices described herein.

In some examples, the client device 110 of system 100 may execute one or more applications, such as software applications, that implement network communication with one or more components of system 100 and transmit and/or receive data.

Client device 110 can communicate with one or more servers 120 via one or more networks 115 and can operate as a corresponding front-end to back-end pair with server 120. Client device 110 can, for example, transmit one or more requests to server 120 from a mobile device application running on client device 110. The one or more requests can be associated with retrieving data from server 120. Server 120 can receive one or more requests from client device 110. Based on the one or more requests from client device 110, server 120 can be configured to retrieve the requested data from one or more databases (not shown). Based on the received requested data from the one or more databases, server 120 can be configured to transmit the received data to client device 110 in response to the one or more requests.

System 100 may include one or more networks 115. In some examples, network 115 may be one or more of a wireless network, a wired network, or any combination of wireless and wired networks, and may be configured to connect client devices 110 to server 120. For example, network 115 may include a fiber optic network, a passive optical network, a cable network, the Internet, a satellite network, a wireless local area network (LAN), Global System for Mobile Communications (GSMA), a personal communications service, a personal area network (PAN), a wireless application protocol, a multimedia messaging service, an enhanced messaging service, a short message service (SMS), a time-division multiplexing-based system, a code division multiple access (CDMA)-based system, D-AMPS, Wi-Fi, fixed wireless data, IEEE 802.11b, 802.15.1, 802.11n, and 802.11g, Bluetooth, NFC, radio frequency identification (RFID), Wi-Fi, and/or one or more others.

Furthermore, network 115 may include, but is not limited to, telephone lines, fiber optic cables, IEEE Ethernet 802.3, wide area networks, wireless personal area networks, LANs, or global networks such as the Internet. Additionally, network 115 may support the Internet, wireless communication networks, cellular networks, or any combination thereof. Network 115 may also include a single network, or any number of networks of the aforementioned exemplary types operating as independent networks or cooperating with each other. Network 115 may utilize one or more protocols of one or more network elements to which it is communicatively coupled. Network 115 may convert or convert other protocols to one or more protocols of network devices. Although network 115 is depicted as a single network, it should be understood that, according to one or more examples, network 115 may include multiple interconnected networks, such as the Internet, service provider networks, cable television networks, corporate networks such as credit card association networks, and home networks.

System 100 may include one or more servers 120. In some examples, server 120 may include one or more processors coupled to memory. Server 120 may be configured as a central system, server, or platform for controlling and retrieving various data at different times to perform multiple workflow actions. Server 120 may be configured to connect to one or more databases. Server 120 may connect to at least one client device 110.

Figure 1B illustrates an example sequence diagram for providing authenticated access according to one or more embodiments. The diagram may include a contactless card 105 and a client device 110, which may include an application 122 and a processor 124. Figure 1B can be referenced to similar components as shown in Figure 1A.

In step 102, application 122 communicates with contactless card 105 (e.g., after card 105 is brought near device 110, after card 105 is tapped on device 110, etc.). Communication between application 122 and contactless card 105 may involve contactless card 105 being sufficiently close to a card reader (not shown) of client device 110 to enable NFC data transfer between application 122 and contactless card 105.

In step 104, after communication has been established between the client device 110 and the contactless card 105, the contactless card 105 generates a Message Authentication Code (MAC) ciphertext. In some examples, this may occur when the contactless card 105 is read by the application 122. In particular, this can occur when reading (such as NFC reading) an NDEF tag that can be created according to the NFC data exchange format.

For example, a reader such as application 122 can transmit a message (such as a applet selection message) with an applet ID that generates the applet's NDEF. After confirming the selection, a sequence of selected file messages, followed by a read file message, can be transmitted. For example, the sequence could include "Select function file", "Read function file", and "Select NDEF file". At this time, a counter value maintained by contactless card 105 can be updated or incremented, followed by "Read NDEF file". At this time, a message that may include a header and a shared secret can be generated. A session key can then be generated. MAC ciphertext can be created based on the message, which may include a header and a shared secret. The MAC ciphertext can then be concatenated with one or more random data blocks, and the MAC ciphertext and the random number (RND) can be encrypted with the session key. Subsequently, the ciphertext and header can be concatenated, encoded into ASCII hexadecimal, and returned in NDEF message format (in response to the "Read NDEF file" message).

In some examples, the MAC ciphertext can be transmitted as an NDEF label, and in other examples, the MAC ciphertext can be included along with a Uniform Resource Indicator (e.g., as a formatted string).

In some examples, application 122 can be configured to transmit a request to contactless card 105, which includes instructions for generating MAC ciphertext.

In step 106, the contactless card 105 sends the MAC ciphertext to the application 122. In some examples, the transmission of the MAC ciphertext is performed via NFC. However, this disclosure is not limited thereto. In other examples, this communication may be performed via Bluetooth, Wi-Fi, or other wireless data communication means.

In step 108, application 122 transmits the MAC ciphertext to processor 124. In step 112, processor 124 verifies the MAC ciphertext according to instructions from application 122. For example, the MAC ciphertext can be verified as explained below.

In some examples, MAC ciphertext verification can be performed by a device other than client device 110 (such as server 120 (as shown in Figure 1A) that communicates with client device 110). For example, processor 124 can output MAC ciphertext for transmission to server 120, which can verify the MAC ciphertext.

In some examples, MAC ciphertext can function as a digital signature for verification purposes. Other digital signature algorithms (such as public-key asymmetric algorithms, like the Digital Signature Algorithm and RSA algorithm, or zero-knowledge protocols) can be used to perform this verification.

Understandably, in some examples, the contactless card 105 can initiate communication after the contactless card is brought near the client device 110. As an example, the contactless card 105 can send a message to the client device 110, for example, indicating that communication has been established. Thereafter, in step 102, the application 122 of the client device 110 can continue communicating with the contactless card, as described above.

Figure 2 illustrates an example system 200 using a contactless card. System 200 may include a contactless card 205, one or more client devices 210, a network 215, servers 220 and 225, one or more hardware security modules 230, and a database 235. Although Figure 2 shows a single instance of the components, system 200 may include any number of components.

System 200 may include one or more contactless cards 205, which will be further explained below with reference to Figures 3A and 3B. In some examples, the contactless card 205 may wirelessly communicate with client device 210, such as via NFC communication. For example, the contactless card 205 may include one or more chips, such as RFID chips, configured to communicate via NFC or other short-range protocols. In other embodiments, the contactless card 205 may communicate with client device 210 by other means, including but not limited to Bluetooth, satellite, Wi-Fi, wired communication, and/or any combination of wireless and wired connections. According to some embodiments, the contactless card 205 may be configured to communicate via NFC with the reader 213 of client device 210 (which may be referred to herein as an NFC reader, NFC card reader, or reader) when the contactless card 205 is within range of the reader 213. In other examples, communication with the contactless card 205 may be implemented via a physical interface, such as a Universal Serial Bus interface or a card swipe interface.

System 200 may include client device 210, which may be a network-enabled computer. As described herein, a network-enabled computer may include, but is not limited to, computer equipment or communication equipment, including, for example, servers, network devices, personal computers, workstations, mobile devices, telephones, handheld PCs, personal digital assistants, thin clients, fat clients, internet browsers, or other devices. One or more client devices 210 may also be mobile devices; for example, mobile devices may include iPhones, iPods, iPads, or any other mobile devices running Apple's operating system, any device running Microsoft Mobile operating system, any device running Google's operating system, and/or any other smartphones or similar wearable mobile devices. In some examples, client device 210 may be the same as or similar to client device 110 described with reference to FIG1A or FIG1B.

Client device 210 can communicate with one or more servers 220 and 225 via one or more networks 215. Client device 210 can, for example, transmit one or more requests from application 211 running on client device 210 to one or more servers 220 and 225. The one or more requests can be associated with retrieving data from one or more servers 220 and 225. Servers 220 and 225 can receive one or more requests from client device 210. Based on the one or more requests from client device 210, one or more servers 220 and 225 can be configured to retrieve the requested data from one or more databases 235. Based on receiving the requested data from one or more databases 235, one or more servers 220 and 225 can be configured to transmit received data to client device 210 in response to the one or more requests.

System 200 may include one or more Hardware Security Modules (HSMs) 230. For example, one or more HSMs 230 may be configured to perform one or more cryptographic operations disclosed herein. In some examples, one or more HSMs 230 may be configured as dedicated security devices configured to perform one or more cryptographic operations. HSMs 230 may be configured such that keys are never exposed outside of HSMs 230, but instead remain within HSMs 230. For example, one or more HSMs 230 may be configured to perform at least one of key derivation, decryption, and MAC operations. One or more HSMs 230 may be contained within servers 220 and 225, or may communicate with these servers.

System 200 may include one or more networks 215. In some examples, network 215 may be one or more of a wireless network, a wired network, or any combination of wireless and wired networks, and may be configured to connect client devices 210 to servers 220 and/or 225. For example, network 215 may include one or more of the following: fiber optic network, passive optical network, cable network, cellular network, Internet, satellite network, wireless LAN, Global System for Mobile Communications (GSMA), personal communication service, personal area network, wireless application protocol, multimedia messaging service, enhanced messaging service, short message service, time division multiplexing-based system, code division multiple access (CDMA-based) system, D-AMPS, Wi-Fi, fixed wireless data, IEEE 802.11b, 802.15.1, 802.11n and 802.11g, Bluetooth, NFC, RFID, Wi-Fi and/or any combination of networks thereof. As a non-limiting example, communication from contactless card 205 and client device 210 may include NFC communication, cellular networks between client device 210 and the operator, and the Internet between the operator and the backend.

Furthermore, network 215 may include, but is not limited to, telephone lines, fiber optic cables, IEEE Ethernet 802.3, wide area networks, wireless personal area networks, local area networks, or global networks such as the Internet. Additionally, network 215 may support the Internet, wireless communication networks, cellular networks, or any combination thereof. Network 215 may also include a single network, or any number of networks of the aforementioned exemplary types operating as independent networks or cooperating with each other. Network 215 may utilize one or more protocols of one or more network elements to which it is communicatively coupled. Network 215 may convert or convert other protocols into one or more protocols of network devices. Although network 215 is depicted as a single network, it should be understood that, according to one or more examples, network 215 may include multiple interconnected networks, such as the Internet, service provider networks, cable television networks, corporate networks such as credit card association networks, and home networks.

In various examples according to this disclosure, the client device 210 of system 200 may execute one or more applications 211 and includes one or more processors 212 and one or more card readers 213. For example, one or more applications 211 (such as software applications) may be configured to implement, for example, network communication with one or more components of system 200 and to transmit and/or receive data. It should be understood that although only a single instance of the components of client device 210 is shown in FIG. 2, any number of devices 210 may be used. The card reader 213 may be configured to read from and/or communicate with contactless card 205. In conjunction with one or more applications 211, the card reader 213 may communicate with contactless card 205. In the example, the card reader 213 may include a circuit system or circuit system component, such as an NFC reader coil that generates a magnetic field to allow communication between client device 210 and contactless card 205.

Application 211 of any of the client devices 210 can communicate with the contactless card 205 using short-range wireless communication (e.g., NFC). Application 211 can be configured to interface with a card reader 213 of the client device 210 configured to communicate with the contactless card 205. It should be noted that those skilled in the art will understand that a distance of less than twenty centimeters is consistent with the NFC range.

In some embodiments, application 211 communicates with contactless card 205 via an associated reader (e.g., card reader 213).

In some embodiments, card activation can occur without user authentication. For example, contactless card 205 can communicate with application 211 via NFC through card reader 213 of client device 210. This communication (e.g., tapping the card near card reader 213 of client device 210) allows application 211 to read data associated with the card and perform activation. In some cases, a tap can activate or launch application 211 and then initiate one or more actions or communications with account server 225 to activate the card for subsequent use. In some cases, if application 211 is not installed on client device 210, a tap of the card against card reader 213 can initiate the download of application 211 (e.g., navigating to an application download page). After installation, tapping the card can activate or launch application 211 and then initiate (e.g., via application or other backend communications) card activation. After activation, the card can be used for various transactions, including commercial transactions.

According to some embodiments, the contactless card 205 may include a virtual payment card. In those embodiments, the application 211 can obtain information associated with the contactless card 205 by accessing a digital wallet implemented on the client device 210, wherein the digital wallet includes the virtual payment card. In some examples, the virtual payment card data may include one or more statically or dynamically generated virtual card numbers.

Server 220 may include a web server communicating with database 235. Server 225 may include an account server. In some examples, server 220 may be configured to verify one or more credentials from contactless card 205 and/or client device 210 by comparing them with one or more credentials in database 235. Server 225 may be configured to authorize one or more requests from contactless card 205 and/or client device 210, such as payments and transactions.

Figure 3A illustrates one or more contactless cards 300, which may include payment cards, such as credit cards, debit cards, or gift cards, issued by a service provider 305 displayed on the front or back of the card 300. In some examples, the contactless card 300 is not a payment card and may include, but is not limited to, an identification card. In some examples, the payment card may include a dual-interface contactless payment card. The contactless card 300 may include a substrate 310, which may include a single layer or one or more laminates made of plastic, metal, and other materials. Exemplary substrate materials include polyvinyl chloride, polyvinyl chloride acetate, acrylonitrile butadiene styrene, polycarbonate, polyester, anodized titanium, palladium, gold, carbon, paper, and biodegradable materials. In some examples, the contactless card 300 may have physical properties conforming to the ID-1 format of the ISO/IEC 7810 standard, and the contactless card may additionally conform to the ISO/IEC 14443 standard. However, it should be understood that the contactless card 300 according to this disclosure may have different characteristics, and this disclosure does not require the implementation of contactless cards in payment cards.

The contactless card 300 may also include identification information 315 displayed on the front and/or back of the card, and a contact pad 320. The contact pad 320 may be configured to communicate with another communication device, such as a user equipment, smartphone, laptop, desktop computer, or tablet computer. The contactless card 300 may also include a processing circuitry, an antenna, and other components not shown in Figure 3A. These components may be located behind the contact pad 320 or elsewhere on the substrate 310. The contactless card 300 may also include a magnetic stripe or magnetic tape that may be located on the back of the card (not shown in Figure 3A).

As shown in Figure 3B, the contact pad 320 of Figure 3A may include a processing circuitry system 325 for storing and processing information, which includes a microprocessor 330 and a memory 335. It should be understood that the processing circuitry system 325 may include additional components necessary to perform the functions described herein, including a processor, memory, error and parity/CRC checkers, a data encoder, anti-collision algorithms, a controller, a command decoder, security primitives, and tamper-proof hardware.

Memory 335 can be read-only memory, write-once-read-many memory, or read/write memory, such as RAM, ROM, and EEPROM, and the contactless card 300 may include one or more of these memories. Read-only memory can be factory-programmable or one-time programmable memory. One-time programmability provides the opportunity to write once and then read many times. Write-once/read-many memory can be programmed at some point after the memory chip has left the factory. Once programmed, the memory may not be rewritten, but it may be read multiple times. Read/write memory can be programmed and reprogrammed multiple times after leaving the factory. It can also be read multiple times.

Memory 335 may be configured to store one or more applets 340, one or more counters 345, customer identifier 350, and other types of data, information, code, etc., such as features related to security 360. One or more applets 340 may include one or more software applications, such as Java card applets, configured to execute on one or more contactless cards. However, it should be understood that applets 340 are not limited to Java card applets and may instead be any software application operable on a contactless card or other device with limited memory. One or more counters 345 may include numeric counters sufficient to store integers. Customer identifier 350 may include a unique alphanumeric identifier assigned to a user of contactless card 300, and this identifier may distinguish the user of the contactless card from other contactless card users. In some examples, customer identifier 350 may identify both the customer and the account assigned to that customer, and may further identify the contactless card associated with that customer's account.

Furthermore, security feature 360 may include a random number generator (RNG) 362, one or more cryptographic hash functions unique to the contactless card 300, a converter 336 for converting random number or hash output values into human-readable characters, and a password transformer 368 that optionally configures an additional security layer for the password by transforming the human-readable characters output by converter 366. It is understood that, for example, the random number generator 362 may be used and built into the contactless card 300 for other types of security-based functions (such as encryption).

The processor and memory elements of the foregoing exemplary embodiments have been described with reference to the contact pad, but this disclosure is not limited thereto. It should be understood that these elements may be implemented outside the pad 320, completely separate from the pad, or as other elements besides the processor 330 and memory 335 elements located within the contact pad 320.

In some examples, the contactless card 300 may include one or more antennas 355. The one or more antennas 355 may be housed within the contactless card 300 and surrounding the processing circuitry system 325 of the contact pad 320. For example, the one or more antennas 355 may be integrated with the processing circuitry system 325, and the one or more antennas 355 may be used in conjunction with an external boost coil. As another example, the one or more antennas 355 may be external to the contact pad 320 and the processing circuitry system 325.

In this embodiment, the coil of the contactless card 300 can act as the secondary coil of an air-core transformer. The terminal can communicate with the contactless card 300 by disconnecting power or by amplitude modulation. The contactless card 300 can infer data transmitted from the terminal using gaps in the power connection of the contactless card, which can be functionally maintained by one or more capacitors. The contactless card 300 can perform communication return by switching the load or load modulation on the coil of the contactless card. Load modulation can be detected in the coil of the terminal by interference.

As explained above, the contactless card 300 can be built on a software platform that operates on smart cards or other devices with limited memory (such as JavaCards) and can securely execute one or more applications or applets. Applets can be added to the contactless card to provide a one-time password (OTP) for multifactor authentication (MFA) in various mobile application-based use cases. The appletter can be configured to respond to one or more requests (such as near-field data exchange requests) from a reader (such as a mobile NFC reader) and generate an NDEF message that includes an encrypted and secure OTP encoded as an NDEF text tag.

Figure 4 illustrates an example sequence diagram 400 of a contactless card random number generator for generating a secure password according to one or more embodiments. Sequence diagram 400 illustrates the interaction between the contactless card 400 and the mobile computing device 404. It is understood that the mobile computing device 404 may be a client device, such as a smartphone configured to communicate with the contactless card 402. As described above, the mobile computing device 404 may include at least one NFC reader configured to establish NFC communication with the contactless card via an NFC reader coil.

In step 410, communication can be established between the contactless card 402 and the mobile computing device 404. In this example, communication can be established automatically when the contactless card enters the magnetic field generated by the NFC reader coil of the mobile computing device. In other examples, the mobile computing device 404 can establish communication first by sending a signal to the contactless card 402 when it detects that the contactless card 402 has entered the magnetic field generated by the NFC reader coil. It is understood that step 410 can be an optional step. In this example, once the card enters the magnetic field of the NFC reader coil of the mobile computing device, the contactless card can automatically begin providing messages to the mobile computing device 404.

In step 412, the mobile computing device 404 may request a security password from the contactless card 402. For example, a password manager application running on the mobile computing device may request a password for a new social media account being created. The password manager application may store and manage the security password on the mobile computing device 404. It is understood that step 412 may be an optional step, as indicated by the dashed arrow. In some examples, the mobile computing device may not need to request a password. The contactless card 402 may automatically generate and send a security password when establishing and authenticating NFC communication between the card and the mobile device, particularly when the contactless card 402 determines (e.g., via the NFC communication establishment and authentication process) that an application, program, website, file, etc., associated with the password is attempting to interface with the contactless card 402.

In step 414, the random number generator of the contactless card 402 can generate a random number with a predetermined or dynamic length. For example, if the aforementioned social media account requires a certain password length, the random number generator can output a random number of sufficient length accordingly. In the example, the secure random number can be converted into one or more human-readable characters. If the random number sequence is "123 456 789", the sequence can be converted into "AyTer" or any other combination of alphanumeric characters that can be read or retained by the user. For example, the conversion of the number can rely on a code-based encryption system, a key-based encryption system, etc.

In step 416, a security password is generated by contactless card 402. According to the example, the security password can be one or more human-readable characters generated in step 414 without any alteration. In other examples, and as will be further described below, one or more human-readable characters can be further transformed to add an additional layer of security. For example, the string "AyTer" mentioned above can be transformed into "YeRTAP!", which involves rearranging and capitalizing some letters, and adding a few more characters to the string. It is understood that this transformation can be any suitable modification that increases the overall security and complexity of the password.

In step 418, a secure password may be sent to mobile computing device 404 via one or more NDEF messages or files. The password itself or the entire NDEF message or file may be appropriately encrypted to further enhance the secure communication of the password. In step 420, mobile computing device 404 may optionally (as shown by the dashed arrow) transmit an acknowledgment (ACK) message to contactless card 402 indicating and confirming receipt of the secure password.

In step 420, the NDEF message is evaluated again. The mobile computing device 404 can calculate a new checksum for the NDEF message received in step 418 and determine if it matches the checksum provided in the NDEF message. If the checksum matches, in step 422, the mobile computing device 404 can optionally send an acknowledgment (ACK) message, as indicated by the dashed arrow. If the checksum does not match, the NDEF message can be provided to the mobile computing device 404 again for further evaluation. This process can continue until the entire NDEF message has been received by the mobile computing device 404. In other examples, the entire process can stop after a predetermined number of iterations or a predetermined duration. If the mobile computing device 404 fails to read the entire NDEF message after a predetermined number of iterations or a predetermined duration, an error message can be returned to the user via the user interface.

Figure 5 illustrates a password manager application 502 and secure password generation according to one or more embodiments. As shown, the password manager application 502 can be opened on a mobile computing device 504, which may be a smartphone belonging to a user. The password manager application 502 can maintain and organize various passwords for many services and display relevant information for each password. For example, the password "UtR4yzz7@wash" shown in the first example may correspond to a mobile banking application created on January 1, 2019, and is a second password that the password manager has created for the banking application.

As an example, a user might be setting up a new email account, which requires the user to choose a secure password. The user can tap the contactless smart card 510 against the mobile computing device 504, or place the card 510 near the mobile computing device 504 (e.g., at a predetermined value distance) to establish secure and authorized NFC communication between the card 510 and the mobile device 504. In an embodiment, when the contactless smart card 510 establishes secure and authorized NFC communication with the mobile computing device 502, various smartphone applications associated with the card 510 can be presented to the user, such as online banking applications, remittance applications, password manager applications 502, etc. The user can select the desired application, which allows the mobile computing device 504 to instruct the contactless smart card 510 to perform the appropriate function. Therefore, when the user selects the password manager application 502, the card 510 knows that a secure password has been generated (or will be generated). In an alternative embodiment, the password manager application 502 can be set as a default function, and thus, when a secure and authorized NFC communication is established between the mobile device 504 and the card 510, the contactless smart card 510 can automatically generate a secure password.

As shown, the contactless smart card 510 uses a random number generator 512 to generate random numbers. As mentioned above, it is understood that the random number generator 512 can be used for other purposes, such as encryption. This random number can then be converted by a converter 514 into one or more human-readable characters. For example, a random sequence of only numbers can be converted into a sequence of alphanumeric characters that are more relevant and useful to the user. At this point, one or more human-readable characters can be sent to a password manager application 502 as a password that the user can use for a new email account, as indicated by the dashed arrow. However, as mentioned above, one or more human-readable characters can be transformed by a password transformer 516, for example, by rearranging the characters, making some characters uppercase, making some characters lowercase, adding or removing some characters, etc. This transformation can add more complexity and security layers to the password.

The contactless smart card 510 can send a secure password to the mobile computing device 504 via at least one NDEF message or file. A password manager application 502 then stores and manages the password. As shown, the secure password generated for a new email account could be a transformed password and denoted as “MOZaRt_Song78”, which is indicated in the password manager as the password for the email account created for the user in the first instance on January 5, 2019. Creating and managing this password for the user is considered highly secure for various reasons. For example, the random number generator 512 of the contactless smart card 510 is verifiable and secure, and uniquely associated with the user, as the card belongs to the user and only to that user. In another example, the contactless smart card 510 itself can be used to open the password manager application 502 (along with an additional password input), effectively acting as the application's "master" password. Therefore, without the physical card, a fraudster cannot open the password manager application 502. Furthermore, in some examples, the contactless smart card 510 can store some or all of the passwords, which can then be managed by the password manager application 502 when the password manager application is opened on a mobile computing device. Therefore, without physical ownership of the card 510, a fraudster will not be able to access the passwords.

It is understood that the password manager application 502 shown in Figure 5 is for illustrative purposes only and is not limited thereto. This application may include additional features for secure storage and management of passwords. Furthermore, it is understood that all components shown in the contactless smart card 510 (e.g., random number generator 512, converter 514, password changer 516) can be executed or implemented by one or more processors or microprocessors integrated into the card 510.

Figure 6 illustrates an example sequence diagram 600 for generating a secure password using a cryptographic hash function of a contactless card according to one or more embodiments. Sequence diagram 600 illustrates a bidirectional communication protocol between a contactless card 602 and a mobile computing device 604.

In step 610, similar to the sequence diagram shown in FIG4, secure and authenticated NFC communication can be established between contactless card 602 and mobile computing device 604. For example, communication can be initiated by tapping contactless card 602 against mobile computing device 604 or by placing contactless card near device 604 (e.g., at a predetermined distance).

In step 612, mobile computing device 604 may request a secure password from contactless card 602. Upon or after the password request (step 614), mobile computing device 604 may transmit an identifier associated with the "requesting" component or entity. For example, if a user is creating a new account on a website, the website or the entity controlling the website may request the user to create a new password corresponding to this new account. Therefore, the "requesting" component or entity could be the website. The identifier can be any information that uniquely identifies a specific requesting component or entity or is associated with a specific requesting component or entity. For a website, the identifier could be characters in its URL address. If a mobile application is requesting a password, the identifier could be characters in the application's name, or any text or numbers unique to the application, website, file, program, etc. It is understood that mobile computing device 604 may encrypt the identifier using a public key.

In step 616, the contactless card 602 receives the encrypted identifier and can decrypt it using a private key. The card 602 can then input at least a unique identifier (and in some examples, along with other suitable types of information) as data input into a secure cryptographic hash function. The cryptographic hash function can be, for example, any SHA function (e.g., SHA-0, SHA-1, SHA-2, SHA-3). The hash output value can then be converted into one or more human-readable characters.

In step 618, one or more human-readable characters can be generated as a password. Alternatively, the characters can be further transformed to add more layers of security and complexity, and the transformed characters can then be used to generate a secure password. In step 620, the secure password is packaged in at least an NDEF file or message and sent to the mobile computing device 604. The NDEF message or file can also be encrypted by the contactless card 602 and decrypted on the mobile computing device side. Optionally, in step 622, the mobile computing device 604 can send an acknowledgment message to the contactless card 602 confirming receipt of the secure password.

Similar to the random number generator discussed above, the cryptographic hash function can be completely unique and integrated only into contactless card 602, not into other cards, which enhances security. Another advantage is that the identifier allows the cryptographic hash function or ciphertext to reliably and securely generate the same password for the same requesting component or entity. Therefore, the password does not need to be stored on the card or anywhere else. For example, if a user revisits a website and needs to log in with a secure password, the user can tap contactless card 602 on their mobile device, and the hash function can generate the required password, allowing the user to log in, as will be described further below. If the user desires a new password, a new and different identifier (optionally along with other types of data) can be used to create a new password via the cryptographic hash function.

Figure 7 illustrates an example secure password generation 700 for website 702 according to an embodiment. Website 702 may be a social media website and may be accessed via a mobile computing device 704 belonging to a user, as shown. If the user is a new user on website 702, the user may be required to create an account and protect that account with a username (e.g., user XYZ) and a secure password. The website may require the password to be of a specific length and contain specific characters. Therefore, it can be understood that the password "request" component or entity is website 702.

As shown, to initiate the generation of a secure password for website 702, the user can tap their contactless smart card 502 against mobile computing device 704 or place their contactless smart card near the mobile computing device, thereby establishing secure and authenticated NFC communication. The contactless smart card 710 can receive a website identifier 706 from website 702, which can be one or more unique characters contained in the URL of website 702. For example, if the URL is “www.chirp-network.com”, then the website identifier 706 could be “chirp-”.

A website identifier 706 (optionally along with other types of data, information, characters, numbers, etc.) can be fed as input data into a cryptographic hash function 712. The cryptographic hash function 712 can then provide a hash output value to a converter 714, which takes the hash output value and converts it into one or more human-readable characters. These one or more human-readable characters can be provided directly to the website 702 as a password, as shown by the dotted line. Furthermore, in some examples, the one or more human-readable characters can be provided to a password transformer 716 to transform the characters, adding further layers of security and complexity, before being provided to the website 702 as a password.

After creating a new account on website 702, the user is prompted to log in to their social media account using a user ID and a security password. The user can then tap the contactless smart card 710 against the mobile computing device 704 or place the user's contactless smart card near the mobile computing device, allowing website 702 to again provide the website identifier 706 to the contactless card 710. Therefore, the same previously created password for website 702 can be generated and provided to website 702.

In the example, the mobile computing device 704 can incorporate an autofill feature, where the PIN is automatically filled into the PIN field when the contactless card 710 is tapped again on the computing device 704, as shown. A series of asterisks can be used to obfuscate the PIN. Advantageously, at least in this way, the PIN does not need to be stored on the contactless card 710 or the mobile computing device 704, because the website identifier 706, which has a unique cryptographic hash function for the card 710, can generate the same PIN each time it is requested. If the user expects to generate a new PIN for website 702, a new website identifier can be used, such as “chirp-network”, etc.

Understandably, when using a random number generator to generate secure passwords, it can also be combined with an autofill feature. For example, tapping a contactless card on a mobile computing device or placing a contactless card near a mobile computing device can trigger this feature, which can prompt a password manager application to retrieve the appropriate password for, for example, the email account mentioned above, and automatically fill in or autofill the password field when logging into the email account.

Figure 8 illustrates an example flowchart 800 according to one or more embodiments. Flowchart 800 relates to securely generating and/or managing one or more passwords via an NFC-enabled contactless smart card. It is understood that the features associated with the illustrated blocks can be performed or operated by the contactless card and the processing circuitry system contained therein. Furthermore, it is understood that the blocks in flowchart 800 are not limited to any particular order, and one or more blocks can be performed or operated simultaneously.

In box 802, it can be determined whether at least one communication interface of the contactless card is in NFC communication with an NFC reader. The NFC reader may be included, incorporated into, or built into a mobile computing device (such as a smartphone). Therefore, when the contactless card enters the magnetic field generated by the NFC reader, the circuitry in the contactless card can be activated to initiate a secure password generation process. Furthermore, it can be verified whether the NFC communication between the card and the NFC reader is secure and/or authenticated.

In box 804, a password request from a mobile computing device can be received by the contactless card. Along with the request, an identifier associated with an application, website, file, or program can be received. As described above, the identifier can be any suitable information that uniquely identifies the application, website, file, or program "requesting" a secure password. For example, it can be the name associated with the application, website, file, or program; it can be the URL associated with the website; or it can be any number or text that is unique to the application, website, file, or program. The identifier can be received as an encrypted message (e.g., the mobile device can encrypt the identifier using a public key). The contactless card can decrypt the message using a private key to obtain the identifier.

In box 806, at least an identifier (optionally along with other types of data or information) can be input into a cryptographic hash function, such as SHA-0, SHA-1, SHA-2, SHA-3, or any other suitable ciphertext, to output a hash value. At least in this respect, the hash function is similar to a random number generator because it is highly secure, verifiable, and unique only to the contactless card that uses it.

In box 808, the hash output value can be transformed into one or more human-readable characters, which can serve as a secure password output, or can be further transformed to add additional complexity and security layers to the password. Transformations as described above can include rearranging characters, capitalizing, lowercase, adding, removing characters, etc.

In box 810, the security password can be encrypted and transmitted via at least one NDEF message or file. In some examples, the password may not be stored on the contactless card. The password can only be transmitted if the contactless card is determined to be in secure and authenticated NFC communication with the NFC reader of the computing device.

Furthermore, in the example, when a contactless card is tapped on a computing device or placed within a threshold distance of the computing device, the password field corresponding to an application, website, file, or program with a password can be automatically filled or automatically entered.

In another example, a second password request can be sent by the mobile computing device. This second request could be for a previously generated password, which would require the mobile computing device to send the previously used identifier for that password. Alternatively, if a new password is requested, a new identifier can be sent, which would generate a new hash output value and thus a new password.

The components and features of the device described above can be implemented using any combination of discrete circuit systems, application-specific integrated circuits (ASICs), logic gates, and/or single-chip architectures. Furthermore, where appropriate, the features of the device can be implemented using microcontrollers, programmable logic arrays, and/or microprocessors, or any combination thereof. Note that hardware, firmware, and/or software elements may be collectively or individually referred to herein as "logic" or "circuit".

At least one computer-readable storage medium may include instructions that, when executed, cause a system to perform any computer-implemented method described herein.

Some embodiments may be described using the expressions “one embodiment” or “embodiment” and their derivatives. These terms mean that a particular feature, structure, or characteristic described in connection with that embodiment is included in at least one embodiment. The appearance of the phrase “in one embodiment” in different places in the specification does not necessarily refer to the same embodiment. In addition, unless otherwise stated, the features described above are considered to be used in any combination. Therefore, any feature discussed individually may be used in combination with each other, unless it is noted that these features are incompatible with each other.

Generally, reference is made to the symbols and nomenclature used herein, and the detailed descriptions herein can be presented based on program procedures executed on a computer or a network of computers. These procedures and representations are used by those skilled in the art to most effectively communicate the substance of their work to others skilled in the art.

The procedure here is, and is generally considered, a self-consistent sequence of operations that leads to the desired result. These operations are those that require physical manipulation of physical quantities. Typically, though not always, these quantities take the form of electrical, magnetic, or optical signals that can be stored, transmitted, combined, compared, and otherwise manipulated. It is sometimes convenient to refer to these signals as bits, values, elements, symbols, characters, items, numbers, etc., primarily for general reasons. However, it should be noted that all these and similar terms are associated with the appropriate physical quantities and are merely convenient labels applied to them.

Furthermore, the operations performed are often referred to by terms such as addition or comparison, which are generally associated with mental operations performed by a human operator. In any of the operations described herein that form part of one or more embodiments, such ability of a human operator is not required, or in most cases not desired. Rather, these operations are machine operations.

Some embodiments may use the expressions “coupled” and “connected” and their derivatives for description. These terms are not necessarily intended to be synonymous with each other. For example, some embodiments may use the terms “connected” and/or “coupled” to indicate that two or more elements are in direct physical or electrical contact with each other. However, the term “coupled” may also mean that two or more elements are not in direct contact with each other, but still cooperate or interact with each other.

Various embodiments also relate to apparatus or systems for performing these operations. This apparatus may be specifically constructed for a desired purpose, and may be selectively activated or reconfigured by a computer program stored in a computer. The programs presented herein are not inherently associated with a particular computer or other apparatus. The necessary architecture for various machines will emerge from the given description.

It is important to emphasize that this abstract of the disclosure is provided to allow the reader to quickly determine the nature of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims. Furthermore, as can be seen from the foregoing detailed description, various features are combined in a single embodiment for the purpose of simplifying the disclosure. This method of disclosure should not be construed as reflecting an intention that the claimed embodiment requires more features than expressly stated in each claim. Rather, as reflected in the following claims, the subject matter of the invention lies in fewer than all the features of a single disclosed embodiment. Therefore, the following claims are thus incorporated into the detailed description, wherein each claim is independently presented as a separate embodiment. In the appended claims, the terms “including” and “inwhich” are used as concise English equivalents to the corresponding terms “comprising” and “wherein,” respectively. Moreover, the terms “first,” “second,” “third,” etc., are used merely as labels and are not intended to impose numerical requirements on their objects.

The above description includes examples of the disclosed architecture. It is certainly impossible to describe every conceivable combination of components and/or methods, but those skilled in the art will recognize that many further combinations and substitutions are possible. Therefore, the novel architecture is intended to encompass all such changes, modifications, and variations falling within the spirit and scope of the appended claims.

Claims (18)

1. A contactless card, comprising: Memory; At least one communication interface; and One or more processors are operable to execute stored instructions, which, when executed, cause the one or more processors to: Determine whether the at least one communication interface is in NFC communication with the near field communication (NFC) reader of the computing device; Random numbers are generated using a secure random number generator; The random number is converted into a sequence of one or more human-readable characters, wherein the one or more human-readable characters are alphanumeric characters that can be read by a user; A password is generated based on the one or more human-readable characters, wherein the password differs from a sequence of the one or more human-readable characters, and the generated password includes alphanumeric characters. The generation of the password includes transforming the one or more human-readable characters by: (i) rearranging at least a portion of the one or more human-readable characters or capitalizing them; and (ii) adding a predefined number of additional human-readable characters; and The password is transmitted to the computing device via the at least one communication interface. The transmitted password is a master password. The contactless card itself, together with the master password, is used to trigger the execution of at least one application on the computing device to manage one or more passwords for accessing at least another application, wherein the at least one application stores and manages the one or more passwords on the computing device. 2. The contactless card according to claim 1, wherein the random number generated by the secure random number generator has a predetermined length. 3. The contactless card of claim 1, wherein converting the random number into a sequence of one or more human-readable characters includes further causing one or more processors to apply a code-based or key-based encryption system to the random number. 4. The contactless card of claim 1, wherein the password is transmitted from the contactless card to the computing device via one or more NFC Data Exchange Format (NDEF) messages, wherein the password is included in the payload portion of one or more NDEF messages, and the payload portion is encrypted via a key. 5. The contactless card of claim 4, wherein the one or more processors are further configured to receive an acknowledgment (ACK) message from the computing device, the ACK message containing an indication that a first checksum value generated at the computing device matches a second checksum value provided in the one or more NDEF messages. 6. The contactless card of claim 1, wherein the one or more processors are further configured to receive a request or instruction to generate a password, or wherein the password is automatically generated when NFC communication is established and authenticated between the contactless card and the computing device. 7. The contactless card according to claim 1, wherein the random number generator is stored in the contactless card and the generated password is stored in the memory of the contactless card. 8. A method comprising: The contactless card's processing circuitry determines whether at least one communication interface of the contactless card is in NFC communication with a near field communication (NFC) reader of a computing device. Random numbers are generated via the secure random number generator of the contactless card; The random number is converted into a sequence of one or more human-readable characters via the processing circuit system, wherein the one or more human-readable characters are alphanumeric characters that can be read by a user; The processing circuitry system generates a password based on the one or more human-readable characters, wherein the password differs from a sequence of the one or more human-readable characters, and the generated password includes alphanumeric characters. The password generation involves transforming the one or more human-readable characters by: (i) rearranging at least a portion of the one or more human-readable characters or capitalizing them; and (ii) adding a predefined number of additional human-readable characters. The password is transmitted to the computing device via at least one communication interface of the contactless card. The transmitted password is a master password. The contactless card itself, together with the master password, is used to trigger the execution of at least one application on the computing device to manage one or more passwords for accessing at least another application, wherein the at least one application stores and manages the one or more passwords on the computing device. 9. The method of claim 8, wherein the random number generated by the secure random number generator has a predetermined length. 10. The method of claim 8, wherein converting the random number into a sequence of one or more human-readable characters comprises applying a code-based or key-based cryptographic system to the random number via one or more processors. 11. The method of claim 8, wherein the password is transmitted from the contactless card to the computing device via one or more NFC Data Exchange Format (NDEF) messages, wherein the password is included in the payload portion of one or more NDEF messages, and the payload portion is encrypted via a key. 12. The method of claim 11, further comprising receiving an acknowledgment (ACK) message from the computing device, the ACK message containing an indication that a first checksum value generated at the computing device matches a second checksum value provided in one or more NDEF messages. 13. The method of claim 8, further comprising receiving a request or instruction to generate a password, or wherein the password is automatically generated when NFC communication is established and authenticated between the contactless card and the computing device. 14. A computing device, comprising: Memory, used to store instructions; and One or more processors, coupled to the memory, are operable to execute the instructions, such that, when the instructions are executed, the one or more processors: Transmit a password request to a contactless card; An identifier associated with an application, website, file, or program is transmitted to the contactless card, wherein the contactless card is configured to generate a password based on the identifier. The generated password includes alphanumeric characters, wherein the generation of the password includes transforming the one or more human-readable characters by: (i) rearranging at least a portion of the one or more human-readable characters or capitalizing them, and (ii) adding a predefined number of additional human-readable characters; and The contactless card receives the password, which is a master password. The contactless card, together with the master password, is used to trigger the execution of at least one application on the computing device to manage one or more passwords for accessing at least another application, wherein the at least one application stores and manages the one or more passwords on the computing device. The identifier mentioned therein allows a secure cryptographic hash function to generate the same password for the same entity. 15. The computing device of claim 14, wherein the one or more processors are further configured to encrypt the identifier using a public key, and the contactless card is configured to decrypt the identifier using a private key associated with the public key. 16. The computing device of claim 14, wherein the identifier includes information identifying the application, the website, the file, or the program, the information including one or more of the following: (i) a name associated with the application, the website, the file, or the program; (ii) a Uniform Resource Locator (URL) corresponding to the website; and (iii) text or numbers unique to the application, the website, the file, or the program. 17. The computing device of claim 14, wherein the password is transmitted via at least one NFC Data Exchange Format (NDEF) message, the at least one NDEF message being readable by the computing device. 18. The computing device of claim 14, wherein when the contactless card is tapped onto the computing device or placed within a threshold distance from the computing device, the one or more processors are further configured to automatically populate a password field corresponding to the application, the website, the file, or the program using the password.