1. Field of the Invention
The present invention relates generally to a method and apparatus for providing increased security for users of electronic equipment, such as, for example, mobile wireless communications devices, that include embedded circuits for enabling use with contactless payment systems. In particular, the disclosure is directed to methods and apparatus for providing authentication capability for devices that include contactless payment functionality.
2. Related Art
Contactless payment systems are gaining widespread acceptance by retailers and are becoming increasingly popular among consumers. In contactless payment systems, also known as “Tap-and-Go” or “Pay and Wave” payment systems, consumers use a payment card or other device that is equipped with an integrated chip and antenna that securely communicates consumer account information via a radio frequency communication link to a retailer's payment terminal. The payment terminal then connects to an appropriate financial network or other back-end processing system via, for example, a communication network, to authorize the transaction. Once authorized, the consumer completes the transaction. This scheme of contactless payment accomplishes a transaction in a fraction of the time required by cash, traditional credit cards or debit card transactions, which require a card to be swiped through a reader.
Contactless payment devices typically include a chip and antenna. The chip includes, for example, consumer account information. When the chip is brought into close enough proximity to a suitable reader, the antenna will be activated and will transmit the consumer account information residing on the chip to the reader. Of course, to avoid errors and ensure that the reader is communicating with the correct device, the proximity of the contactless payment device to the reader required to activate the antenna is typically on the order of a very few inches at most.
The chip and antenna of known contactless payment systems may be incorporated into any of a number of form factors that are convenient for consumers. For example, these chips and antenna have been embedded into key fobs, contactless smart cards, and even cellular telephones. In the future, these chips and antenna may be incorporated into any of a variety of forms due to their small size. Because mobile wireless communications devices, such as, for example, cellular telephones, personal digital assistants, mobile e-mail devices, and the like, are being carried by more and more consumers, inclusion of the contactless payment system chips and antenna in these devices is becoming increasingly common.
However, such contactless payment systems suffer from a serious disadvantage that may result in unauthorized use of the device and significant loss of money or credit. For example, if a contactless payment device is lost, there is no quick and reliable way to avoid unauthorized use of the contactless payment device before the issuer of the account associated with the device is contacted by the user and the system cancels use of that particular device. In particular, there is no known solution for ensuring that the user of the contactless payment device is authorized to make payment using the contactless payment device. Of course, one solution may be to have the user enter a personal identification number or other like code at the point of sale to ensure that the user is authorized to make payment using the contactless device. This may be accomplished, for example, via a keypad associated with a contactless payment device reader. However, this solution may be somewhat at odds with the advantages associated with the use of such contactless payment systems in which speed and ease of use are paramount. Entering identifying information would slow the transaction speed down, and would not result in any more convenience than that associated with swiping a conventional credit or debit card to read its magnetic stripe.
Therefore, what is needed is a transparent way to authenticate a user of a contactless payment device that maintains the speed and convenience of contactless payment, while maintaining an acceptable level of security to ensure that unauthorized use of the device is restricted.