Visa has been granted a patent for a method of secure extended range application data exchange. The technique involves establishing a communication channel between an access device and a communication device, emulating a virtual access device on the communication device, and exchanging application data between the two devices. The method aims to enhance the security and efficiency of data exchange in point of sale transactions. GlobalData’s report on Visa gives a 360-degree view of the company including its patenting strategy. Buy the report here.
According to GlobalData’s company profile on Visa, contactless Card Payments was a key innovation area identified from patents. Visa's grant share as of June 2023 was 1%. Grant share is based on the ratio of number of grants to total number of patents.
Secured extended range application data exchange
A recently granted patent (Publication Number: US11689511B2) describes a method for secured extended range application data exchange. The method involves establishing a communication channel between an access device and a communication device, where the access device is a point of sale device. The access device provides an access device profile to the communication device, which then emulates a virtual access device based on this profile. The virtual access device issues a set of application commands to a transaction applet executing on the communication device and receives a set of application data responses from the applet. The communication device generates a data packet based on these responses, which is then received by the access device via the communication channel. The access device generates an authorization request message using the data in the data packet and sends it to an authorizing entity for authorization.
In addition to the above method, the patent also includes several additional claims. One claim involves providing an access device digital certificate to the communication device, which verifies the certificate before emulating the virtual access device. Another claim states that the access device profile includes a prioritized list of application identifiers supported by the access device. The virtual access device generates a select application identifier command based on this list to select an application identifier from a list of available identifiers associated with the transaction applet. The access device profile also includes an unpredictable number generated by the access device, which is used by the transaction applet to generate a transaction cryptogram included in the set of application data responses.
The patent also mentions that the communication device can be a mobile phone and that the communication channel established can be a wireless channel with a longer range than near field communication (NFC). The data packet transmitted between the communication device and the access device includes application data in a plurality of read record responses from the transaction applet.
Overall, this patent describes a method and an access device for secure extended range application data exchange, particularly in the context of point of sale devices. The method involves the use of access device profiles, virtual access devices, and communication channels to facilitate secure data exchange between the access device and a communication device executing a transaction applet.