Embodiments disclosed herein provide techniques for secure PIN management for contactless cards using an application on a computing device such as a mobile computing device. In some embodiments, the computing device may have an application installed enabling the computing device to act as a secure endpoint that enables communication between the contactless card and a backend server to facilitate PIN management. For example, the application may enable a mobile device to be utilized to view and/or change the PIN associated with a contactless card that is brought in proximity of the mobile device.

A system for accepting the input of a PIN comprises a first device receiving a randomized PIN layout derived on a fourth device. The randomized PIN layout is displayed on a display of the first device. A second device comprises an input for accepting a series of key presses to produce a PIN token. The PIN token indicating each of the series of key presses. A third device is in communication with the second device. The third device derives the randomized PIN layout and receives the PIN token from the second device without the PIN token being present on the first device. The third device combines the PIN layout and the PIN token to produce a PIN. The PIN is used to authenticate a transaction. The fourth and third devices each store a shared secret used to independently derive the randomized PIN layout on the fourth and third devices.

A credential reader update system includes a server operable to provide a credential reader update via a cellular telephone interface, and a plurality of credential readers. Each credential reader communicates with a presented credential at a credential reader frequency, wherein each credential reader has a credential reader interface having a range. A portable update device is movable into and out of the range, and is operable to receive the credential reader update via the cellular telephone interface. A credential reader update application is included in the portable update device, and is operable to uniquely identify the particular credential reader to be updated. The portable update device transfers the credential reader update to the credential reader via the credential reader interface, and the credential reader update includes firmware instructions that cause the credential reader to perform communications with the presented credential at a second frequency different than the credential reader frequency.

A shim detection device is selectively interfaced to a portion of a chip card reader that is integrated into a terminal. The shim detection device is configured to detect when a shimmer is inserted into the chip card reader during a card transaction at the terminal and take an automated action in response thereto.

A payment authentication service authenticates the identity of a payer during online transactions. The authentication service allows a card issuer to verify a cardholder's identity using a variety of authentication methods, such as the use of passwords. Also, the only system participant requiring a certificate is the issuing financial institution. Authenticating the identity of a cardholder during an online transaction involves querying an access control server to determine if a cardholder is enrolled in the payment authentication service, requesting a password from the cardholder, verifying the password, and notifying a merchant whether the cardholder's authenticity has been verified. A chip card and the authentication service independently generate cryptograms to match in order for the service to verify that the correct chip card is being used by the cardholder.

An electronic device may include a printed circuit board having a physically unclonable function (PUF) source. The electronic device may also include an integrated circuit (IC) chip positioned on the printed circuit board, and the first PUF source may be embedded in or formed on the printed circuit board external to the IC chip. The IC chip has processing circuitry that is configured to determine PUF data based on the PUF source. The processing circuitry is further configured to determine a cryptographic key or authentication token based on the PUF data and to perform at least one secure operation using the cryptographic key or authentication token.

A smart card (1) interfaces with a smart card reader (2) to generate an authentication message (PSRQ), which is sent to a PIN servicing centre (5, 6). If the authentication message (PSRQ) is validated by the PIN servicing centre (5, 6), a validation response message (PSRS) is sent back to the user (3). The user (3) enters the validation response message (PSRS) on the reader (2), which authenticates the validation response message (PSRS) with the smart card (1); the PIN servicing function may then be performed. The smart card cryptographic messages are generated internally and solely by the smart card (1)the reader (2) acts merely as an input mechanism into the smart card (1) or as an output mechanism from the smart card (1) to the display (10). The reader (2), therefore, does not need to contain any customer information or be personalised by the card issuer.

A system for accepting the input of a PIN comprises a first device receiving a randomized PIN layout derived on a fourth device. The randomized PIN layout is displayed on a display of the first device. A second device comprises an input for accepting a series of key presses to produce a PIN token. The PIN token indicating each of the series of key presses. A third device is in communication with the second device. The third device derives the randomized PIN layout and receives the PIN token from the second device without the PIN token being present on the first device. The third device combines the PIN layout and the PIN token to produce a PIN. The PIN is used to authenticate a transaction. The fourth and third devices each store a shared secret used to independently derive the randomized PIN layout on the fourth and third devices.

A card can include a processor; memory accessible to the processor; and instructions stored in the memory and executable by the processor to: decrypt a private key of a payor stored in memory of the card, where the private key is associated with digital cryptocurrency; use the decrypted private key to generate a signed message to transfer the digital cryptocurrency to an address of a payee; and output the signed message.

A ring type wearable terminal includes: a first ring that has a recessed portion formed on a side surface thereof; a second ring that is bonded to the first ring and that covers the recessed portion; and a communication unit that is housed in the recessed portion. The recessed portion is filled with an adhesive agent. The adhesive agent filling the recessed portion bonds the first ring and the second ring and also fixes the communication unit to the recessed portion so as to protect the communication unit. This allows the strength of the ring type wearable terminal to be improved.