US 9,813,245 B2
Methods for secure cryptogram generation
Eric Le Saint, Los Altos, CA (US); James Gordon, Lafayette, CA (US); and Roopesh Joshi, San Ramon, CA (US)
Assigned to VISA INTERNATIONAL SERVICE ASSOCIATION, San Francisco, CA (US)
Filed by VISA INTERNATIONAL SERVICE ASSOCIATION, San Francisco, CA (US)
Filed on Aug. 31, 2015, as Appl. No. 14/841,589.
Claims priority of provisional application 62/044,172, filed on Aug. 29, 2014.
Prior Publication US 2016/0065370 A1, Mar. 3, 2016
Int. Cl. H04L 29/00 (2006.01); H04L 9/32 (2006.01); H04L 29/06 (2006.01); H04L 9/08 (2006.01)
CPC H04L 9/321 (2013.01) [H04L 9/0841 (2013.01); H04L 9/0891 (2013.01); H04L 63/061 (2013.01); H04L 9/0861 (2013.01)] 38 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
determining, by a user device, an ephemeral key pair comprising an ephemeral public key and an ephemeral private key;
sending, by the user device, a provisioning request message including the ephemeral public key to a provisioning server computer;
receiving, by the user device, a provisioning response message including encrypted credentials from the provisioning server computer;
determining, by the user device, a response shared secret using the ephemeral private key and a static server public key;
decrypting, by the user device, the encrypted credentials using the response shared secret to determine credentials;
obtaining key derivation parameters from the credentials; and
deriving a first cryptogram key from the response shared secret using the key derivation parameters, the first cryptogram key operable to generate a first cryptogram for use in a first secure communication with a validation server computer.