Technical Field
The present disclosure generally relates to electronic communications during transactions, and more particularly, to techniques for providing bi-directional secure communications during a transaction.
Related Art
It is common for consumers and businesses to have electronic accounts to send and receive payments from other parties. One example includes credit cards, which are typically read electronically and transfer money electronically. Another example is a payment service, such as that offered under the name PayPal™, which provides electronic wallets that users can link to credit cards, bank accounts, and any other form of payment.
One technique of payment with a credit card includes a consumer or merchant swiping a consumer's credit card to read a magnetic strip on the credit card. The magnetic strip includes payment credentials (e.g., the credit card number, expiration date, etc.), which the merchant's Point of Sale (POS) passes to a payment processor (e.g., the consumer's bank) to request payment. Another technique of payment includes a credit card having a Radio Frequency ID (RFID) chip therein that transmits the credentials to a terminal at the merchant's POS as an alternative to swiping.
Recently, systems have been created to allow a mobile device, such as a phone, to emulate the RFID chip in a card. A consumer can save his or her credentials to the phone, and an application on the phone communicates with a terminal, just as an RFID chip credit card would. An example of such a system is that provided by the service Google Wallet™ Such systems allow a consumer to make payments at a POS using a mobile device, which may be more convenient in some instances than carrying and/or using physical credit cards.
Examples of communication protocols for card emulation include those promulgated by the NFC Forum under the label Near Field Communication (NFC). For instance, ISO/14443 is a standard covering card emulation, and ISO 18092 is a more general standard that includes both NFC card emulation as well as an NFC peer-to-peer (P2P) mode. Technologies that use the NFC P2P mode include Simple NDEF Exchange Protocol (SNEP) and NDEF Push Protocol (NPP, a proprietary technique from Google).
NFC P2P techniques are relatively low-bandwidth and are limited by being unidirectional. In other words, apart from session negotiation and acknowledgement messages, NFC P2P mode passes the data payload in one direction per session.
Unidirectional communication protocols are not designed for challenge-response communications and, therefore, may not be able to support encrypted and secure communications that assume bidirectional capability. Thus, NFC P2P mode has been unusable for secure transactions.