EA200000073A1 - METHOD AND PAYMENT SYSTEM - Google Patents

METHOD AND PAYMENT SYSTEM

Info

Publication number
EA200000073A1
EA200000073A1 EA200000073A EA200000073A EA200000073A1 EA 200000073 A1 EA200000073 A1 EA 200000073A1 EA 200000073 A EA200000073 A EA 200000073A EA 200000073 A EA200000073 A EA 200000073A EA 200000073 A1 EA200000073 A1 EA 200000073A1
Authority
EA
Eurasian Patent Office
Prior art keywords
terminal
cryptogram
organization
card
requesting organization
Prior art date
Application number
EA200000073A
Other languages
Russian (ru)
Inventor
Джон Чарльз Вайнер
Дэвид Баррингтон Эверетт
Original Assignee
Нэшнл Вестминстер Бэнк ПЛС
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Нэшнл Вестминстер Бэнк ПЛС filed Critical Нэшнл Вестминстер Бэнк ПЛС
Publication of EA200000073A1 publication Critical patent/EA200000073A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor

Abstract

Способ и система платежа, использующие интеллектуальную карточку (1), которая осуществляет доступ к дистанционному счету в организации, выпускающей карточки (20), через запрашивающую организацию (18). Карточка считывается в терминале (6), который находится в двунаправленной связи (17) с запрашивающей организацией (18). В качестве части процесса платежа криптограмма данных операций выполняется интеллектуальной карточкой и используется в терминале (6) в качестве кода для шифрования ПИН, вводимого владельцем карточки, для передачи в запрашивающую организацию (18). Запрашивающая организация также создает криптограмму, используя данные операции, посылаемые в нее терминалом (6), и использует эту криптограмму (которая должна быть такой же, как создаваемая интеллектуальной карточкой) для расшифровывания зашифрованного ПИН. Таким образом, исключается использование дорогой устойчивой к подделке клавиатуры шифрования ПИН в терминале (6), в то же время поддерживая безопасность.Международная заявка была опубликована вместе с отчетом о международном поиске.Method and system of payment using an intellectual card (1), which provides access to a remote account in the organization that issues cards (20), through the requesting organization (18). The card is read in terminal (6), which is in bi-directional communication (17) with the requesting organization (18). As part of the payment process, the cryptogram of these transactions is executed by a smart card and is used in the terminal (6) as a code to encrypt a PIN entered by the cardholder for transmission to the requesting organization (18). The requesting organization also creates a cryptogram using these operations sent to it by the terminal (6) and uses this cryptogram (which must be the same as the one created by the smart card) to decrypt the encrypted PIN. This eliminates the use of an expensive fake-resistant PIN encryption keypad in the terminal (6), while at the same time maintaining security. The international application was published along with an international search report.

EA200000073A 1997-06-27 1998-06-26 METHOD AND PAYMENT SYSTEM EA200000073A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB9713743.4A GB9713743D0 (en) 1997-06-27 1997-06-27 A cryptographic authentication process
PCT/GB1998/001865 WO1999000775A1 (en) 1997-06-27 1998-06-26 Payment process and system

Publications (1)

Publication Number Publication Date
EA200000073A1 true EA200000073A1 (en) 2000-06-26

Family

ID=10815113

Family Applications (1)

Application Number Title Priority Date Filing Date
EA200000073A EA200000073A1 (en) 1997-06-27 1998-06-26 METHOD AND PAYMENT SYSTEM

Country Status (22)

Country Link
EP (1) EP0992026A1 (en)
JP (1) JP2002507297A (en)
KR (1) KR20010014257A (en)
CN (1) CN1260894A (en)
AU (1) AU8122598A (en)
BG (1) BG104041A (en)
BR (1) BR9810486A (en)
CA (1) CA2295032A1 (en)
EA (1) EA200000073A1 (en)
EE (1) EE9900598A (en)
GB (1) GB9713743D0 (en)
HU (1) HUP0003227A2 (en)
IS (1) IS5307A (en)
MX (1) MXPA99011836A (en)
NO (1) NO996488L (en)
NZ (1) NZ501887A (en)
PL (1) PL337533A1 (en)
SK (1) SK176199A3 (en)
TR (1) TR199903243T2 (en)
TW (1) TW411427B (en)
WO (1) WO1999000775A1 (en)
ZA (1) ZA985628B (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8108307B1 (en) * 1998-03-30 2012-01-31 Citicorp Development Center, Inc. System, method and apparatus for value exchange utilizing value-storing applications
AUPQ556600A0 (en) * 2000-02-14 2000-03-02 Ong, Yong Kin (Michael) Electronic funds transfers-zipfund
US7103575B1 (en) 2000-08-31 2006-09-05 International Business Machines Corporation Enabling use of smart cards by consumer devices for internet commerce
KR100420600B1 (en) * 2001-11-02 2004-03-02 에스케이 텔레콤주식회사 METHOD FOR PROCESSING EMV PAYMENT BY USING IrFM
GB0305806D0 (en) * 2003-03-13 2003-04-16 Ecebs Ltd Smartcard based value transfer
US8407097B2 (en) 2004-04-15 2013-03-26 Hand Held Products, Inc. Proximity transaction apparatus and methods of use thereof
US8549592B2 (en) 2005-07-12 2013-10-01 International Business Machines Corporation Establishing virtual endorsement credentials for dynamically generated endorsement keys in a trusted computing platform
GB2435951A (en) 2006-02-23 2007-09-12 Barclays Bank Plc System for PIN servicing
US7873835B2 (en) * 2006-03-31 2011-01-18 Emc Corporation Accessing data storage devices
CN102024288B (en) * 2009-09-11 2014-02-26 中国银联股份有限公司 Safe payment method and system using smart card
GB2476065A (en) * 2009-12-09 2011-06-15 Pol Nisenblat A multi-currency cash deposit and exchange method and system
CN102096968A (en) * 2009-12-09 2011-06-15 中国银联股份有限公司 Method for verifying accuracy of PIN (Personal Identification Number) in agent authorization service
EP2426652A1 (en) * 2010-09-06 2012-03-07 Gemalto SA Simplified method for customising a smart card and associated device
CN102968865B (en) * 2012-11-23 2016-08-31 易联支付有限公司 The authentication method of a kind of mobile payment and system
US10147087B2 (en) * 2015-03-06 2018-12-04 Mastercard International Incorporated Primary account number (PAN) length issuer identifier in payment account number data field of a transaction authorization request message
CN106991346A (en) * 2017-04-18 2017-07-28 东信和平科技股份有限公司 The method and device of a kind of smart card issuing

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0198384A3 (en) * 1985-04-09 1988-03-23 Siemens Aktiengesellschaft Berlin Und Munchen Method and device for enciphering data
US4965568A (en) * 1989-03-01 1990-10-23 Atalla Martin M Multilevel security apparatus and method with personal key
NL1001659C2 (en) * 1995-11-15 1997-05-21 Nederland Ptt Method for writing down an electronic payment method.

Also Published As

Publication number Publication date
BR9810486A (en) 2000-09-12
NO996488L (en) 2000-02-28
EE9900598A (en) 2000-08-15
TW411427B (en) 2000-11-11
SK176199A3 (en) 2000-07-11
WO1999000775A1 (en) 1999-01-07
CA2295032A1 (en) 1999-01-07
EP0992026A1 (en) 2000-04-12
HUP0003227A2 (en) 2001-02-28
CN1260894A (en) 2000-07-19
NZ501887A (en) 2001-05-25
BG104041A (en) 2000-05-31
JP2002507297A (en) 2002-03-05
IS5307A (en) 1999-12-17
NO996488D0 (en) 1999-12-27
MXPA99011836A (en) 2002-04-19
GB9713743D0 (en) 1997-09-03
ZA985628B (en) 1999-01-26
AU8122598A (en) 1999-01-19
TR199903243T2 (en) 2000-04-21
PL337533A1 (en) 2000-08-28
KR20010014257A (en) 2001-02-26

Similar Documents

Publication Publication Date Title
EA200000073A1 (en) METHOD AND PAYMENT SYSTEM
TR200002758T2 (en) Credit card system and method
HK1014216A1 (en) Funds transaction device
FR2601476B1 (en) METHOD FOR AUTHENTICATING EXTERNAL AUTHORIZATION DATA BY A PORTABLE OBJECT SUCH AS A MEMORY CARD
WO2002086826A8 (en) Financial information input method using symmetrical key security algorithm and commercial transaction system for mobile communications
NO996147L (en) Transaction procedure for a mobile device, as well as identification element for its use
NO881437D0 (en) PROCEDURE FOR ROUTING SECRET DATA KEYS TO SECURITY MODULES AND USER CARDS IN AN INFORMATION PROCESSING NETWORK.
BR9611535A (en) Processes of carrying out a transaction using an electronic payment method and a payment and debit station protected from an electronic payment method using a smart financial transaction payment station and payment station
EP0957651A3 (en) Mobile telephone with cypher card
AU687622B2 (en) Method and arrangement for providing selective access to a security system
SE9702216D0 (en) security module
SE0002416D0 (en) Communication method and device
SE9500697D0 (en) Electronic transaction system
BR9808120A (en) Method for authenticating a run on a reader
AP2002002502A0 (en) Centralised cryptographic system and method with high cryptographic rate.
NO941774L (en) Process system for secure, decentralized smart card personalization