FR2822264A1 - System for controlling access to commercial sites and for securing commercial transactions based on use of a removable data drive and associated removable data disk, so that a chip card reader is not required - Google Patents

Abstract

System for securing transactions comprises a plurality of transaction terminals (101), a plurality of removal data supports (100) each containing information for effecting a commercial transaction, a control site (102) and a third party site (10), the various parties being connected by a communication network. The data supports, such as CDs, DVDs, diskettes, PCMCIA cards, etc. have corresponding readers or drives that are not normally used for payments and contain at least an identification element permitting the opening of transaction sessions. Independent claims are made for a data support (100) comprising data that allows commercial transactions to be carried out and a control site (102) for ensuring the security of transactions.

Description

<Desc / Clms Page number 1>

System for securing transactions and access control, data support and corresponding control site.

 The present invention relates to the field of transactions and access controls to telematic services.

fournis par des sites de type internet. More specifically, the invention relates to remote transactions, in particular on the Internet, between a customer and a merchant or supplier of goods and / or services and access control to remote services in particular

provided by internet-type sites.

 It should be noted that distance transactions include in particular electronic transaction operations such as online commerce (purchase of goods via an electronic medium), but also services (insurance, credit, money order, etc.).

 Access controls to telematic services generally consist first of a first operation of the subscription contract type (which is a transaction) then, of a simple access control for the later uses of the service.

 Traditionally, transactions or access controls on the internet can only be done securely using a customer-owned smart card. This customer inserts his smart card into a dedicated smart card reader, connected to or present in a computer and performs the transaction.

 This prior art transaction security technique has a major drawback. In fact, computers are very often without a smart card reader; thus, an addition of a peripheral is then necessary, this limits the number of users, since most of the potential users do not have at their disposal a chip card reader.

 Another drawback of this technique of the prior art is that the current smart card reader system simply transmits an encrypted message containing the identity of the holder and the amount of the transaction, without additional guarantee.

<Desc / Clms Page number 2>

 The invention according to its different aspects aims in particular to overcome these drawbacks of the prior art.

 More specifically, an objective of the invention is to provide a system and means for securing transactions between a client and a merchant or supplier of goods and / or services, in particular remotely, using for example the internet network, and requiring neither smart card nor corresponding reader. The merchant can sell goods or the supplier can provide services and / or goods, for example, through a trading site.

 Another objective of the invention is to provide such a system, and such means of securing transactions which can be used by most holders of computer terminals, in particular of microcomputer type, without requiring these holders to equip themselves with peripherals. dedicated or private.

 The invention also aims to secure the contract that can be concluded between a customer and a merchant or a supplier of goods and / or services within the framework of a transaction.

 Another objective of the invention is to provide proof of the formation of the contract and of the extent of the obligations of the parties.

 An additional objective of the invention is to provide the customer with a means of identification for the transaction which is easy to use and in particular to transport and / or store.

une seconde pluralité de terminaux de transactions ; - au moins un site de contrôle relié par un premier moyen de communication au terminal ; et To this end, the invention provides a transaction security system comprising: a first plurality of removable data carriers each comprising information making it possible to carry out transactions;

a second plurality of transaction terminals; - at least one control site connected by a first means of communication to the terminal; and

<Desc / Clms Page number 3>

contient au moins un élément d'identification permettant l'ouverture de sessions de transaction. at least one third-party contracting site linked by a second means of communication to the control site and by a third means of communication to the terminal remarkable in that the removable data medium: is readable by reading means not usually intended for payments and equipping the terminals; and

contains at least one identifying element allowing the opening of transaction sessions.

It is noted that a transaction is understood in particular: as a purchase of goods and / or services; and / or - as an access to a service for example telematics.

une carte de type PCMCIA (c'est-à-dire compatible avec la norme internationale"Personal Computer Memory Card International Association"ou en français"Association Internationale pour la carte à Mémoire pour Ordinateur Personnel"). It should also be noted that the removable data medium readable by reading means not usually intended for payments and fitted to the terminals is for example: a removable magnetic medium such as in particular a floppy disk; - a removable optical medium such as in particular a CD-ROM or a
DVD-ROM;

a PCMCIA type card (that is to say compatible with the international standard "Personal Computer Memory Card International Association" or in French "International Association for the Memory Card for Personal Computer").

 On the other hand, bank card readers are not part of the reading means not usually intended for payments and are therefore not concerned with the invention.

 The means of communication used are in particular Internet-type networks, mobile telecommunications networks, telephone networks, specialized telecommunications lines, etc.

 According to a particular characteristic, the system is remarkable in that each terminal includes means for managing a transaction session.

<Desc / Clms Page number 4>

 According to a particular characteristic, the system is remarkable in that the means for managing a transaction session include computer program code instructions to be executed on the terminal.

 According to a particular characteristic, the system is remarkable in that the computer program code instructions are provided by at least one of the data carriers.

 Thus, the invention advantageously allows the use of the type of removable data carriers which are not normally used for carrying out transactions. Thus, the invention is implemented in many terminals, for example of the microcomputer type. Users of these terminals do not need to invest in additional equipment to carry out transactions. The invention therefore allows the simple and economical use of terminals for carrying out transactions.

 In addition, the removable data medium preferably contains information not only of identifications but also of management means comprising in particular computer program instructions which can be loaded and executed on the terminal. Thus, the removable data medium can easily be provided to any user, transported, and used from most computer type terminals.

 According to a particular characteristic, the system is remarkable in that during a transaction session opening step, one of the terminals performs an operation of verifying the validity of one of the removable media; - the terminal sends to one of the control sites a validity control message containing a key provided by the removable medium; and the control site verifies the validity control message and, if the verification is positive, sends a valid medium message to the terminal to authorize the use of the medium for at least one transaction.

<Desc / Clms Page number 5>

 Thus, the invention advantageously makes it possible to authenticate the user of the removable medium and more generally to secure transactions.

si l'utilisation du support est autorisée et si le terminal accepte la proposition de contrat, le terminal ajoute une signature prenant en compte l'élément d'identification pour former une proposition de contrat signée et effectue le cryptage de la proposition de contrat signée à partir d'une clé contenue dans le support amovible pour former un contrat accepté. According to a particular characteristic, the system is remarkable in that during the transaction session, one of the third party contracting sites transmits a message containing a contract proposal to the terminal; and

if the use of the medium is authorized and if the terminal accepts the contract proposal, the terminal adds a signature taking into account the identification element to form a signed contract proposal and performs the encryption of the signed contract proposal to from a key contained in the removable medium to form an accepted contract.

 Thus, during each transaction between a third party contracting site and the terminal (under the control of its user), the invention makes it possible to form a secure contract accepted by the parties.

le site de contrôle compare le premier et le deuxième message reçus lors d'une première étape de comparaison permettant au moins une transaction lorsque la comparaison donne un résultat positif. According to a particular characteristic, the system is remarkable in that, to carry out a transaction between one of the terminals and one of the sites of third-party contracting parties, during a transaction session, the terminal transmits a first message containing an accepted contract to one of the control sites via the first means of communication and a second message containing the accepted contract to the site of third parties; the third party contracting site transmits the second message received to the control site via the second means of communication; and

the control site compares the first and the second message received during a first comparison step allowing at least one transaction when the comparison gives a positive result.

 Thus, the invention advantageously makes it possible to control the transactions which are transmitted by two separate communication means from the terminal to a trusted third party, one of the means passing through the third party contracting site and

<Desc / Clms Page number 6>

 the other does not pass through the third party contracting site. In this way, falsifications are avoided by the third-party merchant site while giving it a sufficient transaction guarantee.

 According to a particular characteristic, the system is remarkable in that when the first comparison step gives a negative result, the control site sends a negative first comparison result signal to the terminal.

 According to a particular characteristic, the system is remarkable in that, in order to carry out a transaction between one of the terminals and one of the sites of third party contractors, the terminal establishes an accepted contract; the terminal transmits the accepted contract to one of the control sites and to the third party contracting site; - the contracting site transmits the accepted contract to the control site; and the control site compares the accepted contract which is transmitted to it by the terminal and the accepted contract which is transmitted to it by the contracting site during a second comparison step.

 According to a particular characteristic, the system is remarkable in that, when the result of the second comparison step is positive, the control site: transmits to the contracting site a transaction validation message; and / or transmits a transaction signal to the terminal.

 According to a particular characteristic, the system is remarkable in that, when the result of the second comparison step is negative, the control site transmits to the terminal at least one signal indicating a result of a negative second comparison.

 According to a particular characteristic, the system is remarkable in that the terminal closes the transaction session when the terminal has received: at least one negative first comparison result signal.

<Desc / Clms Page number 7>

 at least one negative second comparison result signal; and / or at least one transaction carried out signal.

- dès qu'un signal indiquant un problème est reçu par le terminal. Thus, the invention advantageously makes it possible to implement secure transaction sessions, each session being closed by the terminal: - when the transaction is carried out without detected problem; or

- as soon as a signal indicating a problem is received by the terminal.

 According to a particular characteristic, the system is remarkable in that it comprises a means of recording and / or duplicating the data exchanged with the control site.

 According to a particular characteristic, the system is remarkable in that it comprises a dating means which certainly dates at least part of the data taken into account by the recording and / or duplication means.

 Thus, the system can be advantageously used for probative purposes attesting for example the precise date and / or time, the nature, the contractors of transactions carried out.

comprenant des informations permettant d'effectuer des transactions ; lisible par les moyens de lecture non destinés habituellement à des paiements ; et contenant au moins un élément d'identification permettant l'ouverture de sessions de transaction entre : un terminal adapté à la lecture du support de données ; un site de contrôle relié par un premier moyen de communication au terminal ; et un site de tiers contractant relié par un deuxième moyen de communication au terminal et par un troisième moyen de communication au site de contrôle. The invention also relates to a data carrier:

including information for carrying out transactions; readable by means of reading not normally intended for payments; and containing at least one identification element allowing the opening of transaction sessions between: a terminal suitable for reading the data medium; a control site connected by a first means of communication to the terminal; and a third-party contracting site linked by a second means of communication to the terminal and by a third means of communication to the control site.

 According to a particular characteristic, the data medium is an optical reading medium.

<Desc / Clms Page number 8>

 According to a particular characteristic, the data carrier is part of the group comprising: - CD-ROMs; and - DVD-ROMs.

 According to a particular characteristic, the data carrier is in business card format for easy storage and / or transport.

 According to a particular characteristic, the data medium is a magnetic medium.

 According to a particular characteristic, the data carrier, the data carrier is a computer diskette.

 According to a particular characteristic, the data carrier is a PCMCIA type card.

 Thus, according to the invention, many supports are advantageously usable on most terminals of the microcomputer type, the readers of these supports not being dedicated to payment.

- reliés par un deuxième moyen de communication, à au moins un site de tiers contractant relié lui-même par un troisième moyen de communication à au moins un des terminaux de transaction ; le site de contrôle étant remarquable en ce qu'il est adapté à contrôler des sessions de transaction mettant en oeuvre au moins un support de données amovible : lisible par les moyens de lecture non destinés habituellement à des paiements et équipant les terminaux ; et

- contenant au moins un élément d'identification permettant l'ouverture de sessions de transaction. The invention further relates to a control site for transaction security is - connected by a first communication means, to a first plurality of transaction terminals; and

- linked by a second means of communication, to at least one third-party contracting site linked itself by a third means of communication to at least one of the transaction terminals; the control site being remarkable in that it is adapted to control transaction sessions using at least one removable data medium: readable by the reading means not usually intended for payments and equipping the terminals; and

- containing at least one identification element allowing the opening of transaction sessions.

<Desc / Clms Page number 9>

 The advantages of data carriers and transaction security sites are the same as those of the transaction security system, they are not described in more detail.

 Other characteristics and advantages of the invention will appear more clearly on reading the following description of a preferred embodiment, given by way of simple illustrative and nonlimiting example, and of the appended drawings, among which: - the figure 1 presents a network architecture according to the invention, according to a particular embodiment; - Figure 2 illustrates a communication protocol between different elements of the network described with reference to Figure 1, according to the invention, according to a particular embodiment; - Figure 3 shows an optical medium according to the invention, according to a particular embodiment.

 The general principle of the invention is based on the use of a current medium such as for example a CD-ROM, a DVD-ROM or a computer diskette which can be read by most of the computer terminals available today.

 According to the invention, a customer wishing to carry out a transaction, for example on the Internet, has a terminal (typically a microcomputer) connected via a network on the one hand to a commercial site and on the other hand to a site control. The customer also has a medium, for example an optical medium or CDROM, containing in particular identification information.

 Before carrying out a transaction, the customer inserts the optical medium into a CD-ROM drive of the terminal. Transaction management software present on the terminal allows the transaction to be carried out (for example for delivery of goods and / or access to services) while maintaining a sufficient level of guarantee for the merchant.

 The software opens a transaction session:

<Desc / Clms Page number 10>

 - by first entering a two-part access code known to the holder of the optical medium; then by reading thereon data allowing the software to verify the validity of the first part of the code entered; then by transmitting to the control site the second part of the code which after verification sends a valid support message to the terminal which can thus "unblock" the support and open a session.

 Then, after receiving the contract data for a transaction or a service with a trade site, the terminal sends the data of the accepted contract on the one hand to the control site and on the other hand to the trade site, here site of the co-contractor, who relays it himself to the control site. The control site verifies that the accepted contracts received directly and through the trade site are identical in order to send an operation validation message to the trade site and an operation message carried out to the terminal.

 Following the reception of the operation message carried out, the software closes the session by "blocking" the support.

- vérification de la validité du contrat accepté transmis d'une part directement du terminal et d'autre part par transit par le site de commerce et reçu par le site de contrôle. Thus, according to the invention, a triple verification is carried out by the control site: - verification of the validity of the medium by the transaction management software present on the terminal which verifies in particular the first part of the code entered; - verification of the validity of the card (date and regularity) by the control site; and

- verification of the validity of the accepted contract transmitted on the one hand directly from the terminal and on the other hand by transit through the trade site and received by the control site.

 Thus, the trade site obtains a high level of guarantee, considered sufficient, on the part of the control site, trustworthy, to be able to deliver the goods and / or offer the service which was the subject of the transaction.

<Desc / Clms Page number 11>

 A preferred embodiment of the invention is now presented.

 According to FIG. 1, describing a network architecture, a computer 101 provided with a CD-ROM drive 104, a business site 103 and a control site 102 are linked together via an Internet network 105 The commerce site 103 is of the Internet type and can be consulted online via any navigation tool present on the computer 101. In general (not shown for the sake of clarity), the network 105 preferably allows the connection of a plurality of terminals provided with at least one CD-ROM drive to a plurality of commercial sites and to a plurality of control sites.

 The trade site 103 is any site that can offer in particular any type of service and / or goods.

 The computer 101 can read via its reader 104 an optical medium 100.

The computer 101 is used by the holder 106 of the support.

un logiciel de déblocage de la carte par insertion d'un code correct et d'une date valide ; - des données comprenant la signature électronique du titulaire de la carte ; - un moyen de communication capable notamment d'émettre et de recevoir des données relatives à l'opération envisagée (contrat, condition d'utilisation du service, descriptifs...) qu'il s'agisse d'une transaction de type achat et/ou contrôle d'accès ; et un moyen de chiffrement capable de crypter un contrat ainsi qu'une signature électronique et de l'envoyer, grâce au moyen de communication, vers le site du tiers contractant et vers le site de contrôle. The optical support 100 notably comprises:

software to unlock the card by inserting a correct code and a valid date; - data including the electronic signature of the card holder; - a means of communication capable in particular of transmitting and receiving data relating to the envisaged operation (contract, condition of use of the service, descriptions, etc.) whether it is a purchase-type transaction and / or access control; and an encryption means capable of encrypting a contract as well as an electronic signature and sending it, by means of communication, to the site of the third party contracting party and to the control site.

 The communication means notably comprises a computer program executable on the terminal 101.

<Desc / Clms Page number 12>

Likewise, the encryption means notably comprises a computer program executable on the terminal 101.

According to a variant, the support 100 does not contain the transaction means.

This is loaded into the memory of the terminal 101 according to any means well known to those skilled in the art, for example from any removable medium (CD-ROM, Floppy disk, etc.), or by downloading from a remote site (in particular from the control site 102).

 According to a variant, the computer 101 comprises a PCMCIA interface (that is to say compatible with the international standard "Personal Computer Memory Card International Association" or in French "International Association for the Memory Card for Personal Computer"). The reader 104 is then no longer essential and the support 100 is replaced by a PCMCIA card. The communication and encryption means can then be electronic means implemented on the PCMCIA card itself.

destinée à valider l'utilisation du support 100 par le terminal 101 ; et - la seconde est délivrée par une société gérant le site 102 de contrôle et permet une autorisation de transaction par le site 102 de contrôle. The holder 106 of the support 100 knows a confidential code consisting of two parts: - the first is delivered by an electronic notary or a trusted third party at the same time as the support to the holder 106 and is

intended to validate the use of the support 100 by the terminal 101; and - the second is issued by a company managing the control site 102 and allows transaction authorization by the control site 102.

 The control site 102 is a site dedicated to the validation of transactions that can be carried out by the computer 101 or more generally by any computer connected to the network 105 having a reader.

 FIG. 2 illustrates a communication protocol between the main elements of the network described with reference to FIG. 1.

 During an operation 201, after insertion of the optical medium 100 in the reader 104, the holder 106 launches on the computer 101 the transaction management application present on the medium 100.

<Desc / Clms Page number 13>

 Then during an operation 202, he consults via the computer 101 the trade site 103 which in particular offers him goods and / or services.

 When the holder 106 of the support 100 decides to carry out a transaction on the site 103, he gives a first part of code to the computer 101 which enters it during an operation 203.

 Then, during an operation 204, the terminal accesses the medium 100 to read the data 205 to be checked.

 Then, the computer 101 performs a verification 207 of the code provided by the support 100 and of its validity date.

 When the verification 207 gives a negative result, the transaction is canceled and the session is closed. The computer 100 then indicates to the holder 106 the reason for which the session has been closed.

 When the verification 207 gives a positive result, the holder 106 of the support 100 gives a second part of code to the computer 101. The computer 101 then transmits to the control site 102, an encrypted message 208 containing the second part of the code, the identity of the holder and an expiration date of the support 100.

 The control site then verifies the validity of the second part of the code received, the identity of the holder and the expiration date of the medium 100. When the verification is positive, the control site 102 transmits an encrypted message 209 of valid medium to computer 101. In the case of a verification having given a negative result, an invalid support message is transmitted to the computer which does not authorize the transaction.

 On receipt of a valid support message, the computer allows the use of the support 100 for the transaction during a support release operation 210.

 Then, the trade site 103 transmits to the computer 101 the data 211 of the contract (that is to say in particular the consent and the extent of the commitment) containing all the elements linked to the transaction which have been carried. to the knowledge of the holder 106 of the support 100 (typically the precise nature of the

<Desc / Clms Page number 14>

 goods and / or the conditions of use of the services which are the subject of the current transaction, the date, the identity of the contracting parties, ...).

 During a step 221, the transaction management application determines a signature of the contract received. The signature is made by affixing a computer key contained in the support 100 and integrated into the contract. Then, the management application constructs an accepted contract 212 comprising the data 211 of the original contract and the signature, the whole being encrypted according to an algorithm contained in the support 100.

 This new message of the accepted and encrypted contract type is then sent both to the control site 102 and to the trade site 103 (third party contracting).

It is an electronic notary who issues the encryption code, keeps a copy of the encryption of the electronic signature and the name of the card holder. It is he who, in the event of a dispute, will provide proof of the "ownership" of the card (adequacy of the electronic signature and the name of the user).

 According to a preferred embodiment, the electronic notary (not shown in the figures) is a third party connected to the control site 102, which in particular makes it possible to have increased security.

 Alternatively, the electronic notary is included in the control site 102.

 Upon receipt of the accepted contract 212, the trade site 103 transmits the received contract to the control site 102.

 Then during an operation 214, the control site 102 checks whether the accepted contracts 212 and 213 issued respectively by the computer 101 and the trade site 103 are identical.

 If not, the control site 102 sends an indication of invalidation of the contract to the computer 101 and the trade site 103 according to an operation not shown. The computer 101 then invalidates the transaction and closes the open session by prohibiting the use of the support 100 before any new validation by blocking the support 100. The trade site 103 also invalidates the transaction.

<Desc / Clms Page number 15>

 If so, the control site 102 updates the account statements of the holder 106 of the support 100 during an operation 215.

 Then, the control site 102 sends to the commerce site 216 a message 216 of validation of the operation, encrypted.

 Furthermore, the control site 102 sends an encrypted message 217, indicating that the operation has been carried out, to the computer 101.

 On receipt of the message 217, the control site 102 ends the current session by prohibiting the use of the medium 100 before any new validation during an operation 218 for blocking the medium.

 The message 216 having been received by the trade site 103, the latter delivers the goods / or service to the holder 106 of the support 100 during a delivery operation 219.

 A financial settlement 220 is then made between the holder 106 of the support 100 and the trading site 103 by any means.

 According to a variant not shown, the data received and / or transmitted by the control site 102 and / or the commercial site 103 are partially or entirely recorded continuously by a computer system on a medium, for example of CD-ROM type. not rewritable. This medium may subsequently be kept for probative purposes to establish certain date and / or time traces and of contract content established respectively by the control site 102 and / or the trade site 103.

 FIG. 3 describes an optical medium which is particularly advantageous to use in the transactions illustrated with reference to FIGS. 1 and 2.

 Indeed, according to the invention, it is advantageous to use an optical medium 100 in business card format. This support is in the form of a rectangle 300 perforated at its center with a circular hole 301 15 mm in diameter. Note that the rectangle 300 with a width of 4.5 cm and a length of 8.5 cm fits completely into a circle of 12 cm in diameter which is the usual size of a CD-ROM and the central hole is identical to that of a CD-ROM. The optical support 100 also has the usual characteristics of presentation of

<Desc / Clms Page number 16>

 data in CD-ROMs and can therefore be read by most CD-ROM drives on microcomputers. However, when a CD-ROM reader cannot read the optical medium 100 for reasons of physical format of the medium, the medium 100 is inserted into an adapter which is preferably in the form of a thick flexible plastic disc. and of radius equal respectively to the thickness and to the radius of standard CDROMs and comprising on the one hand in its center a recess making it possible to receive the support 100 and on the other hand on the edge of the edes means for holding the support 100 in the form for example of plastic lugs.

 The optical medium is of course not limited to the CD-ROM type and, as a variant, the optical medium is of the DVD-ROM type readable by a DVDROM reader.

 Of course, the invention is not limited to the embodiments mentioned above.

 In particular, a person skilled in the art can make any variant in the type of terminal used by the holder of an optical medium. Thus, the terminal is not necessarily a computer, but is more generally any terminal provided with an optical (for example CD-ROM or DVD-ROM) and / or magnetic (for example computer diskette) reader and / or a PCMCIA interface and the terminal can be connected to a commercial site and a control site.

 It should also be noted that the various connections between a terminal of the holder of the medium, the control site and a commercial site are not limited to the connections via a network of Internet type but extends to any type of connection using or not the same network. One or more of these connections may in particular be direct, for example by dedicated line or use one or more types of network such as in particular a public switched telephone network, an intranet network, etc.

<Desc / Clms Page number 17>

 The invention is not limited either to the case where the merchant offers a service or offers a good to the holder of the medium but extends to all types of transactions (for example access to a database).

Claims (22)

 1. Transaction security system comprising: - a first plurality of removable data carriers (100) each comprising information making it possible to carry out transactions; a second plurality of transaction terminals (101); - at least one control site (102) connected by a first communication means (105) to said terminal; and

 at least one third-party contracting site linked by a second means (105) of communication to said control site and by a third means (105) of communication with said terminal characterized in that said removable data medium (100): is readable by reading means (104) not usually intended for payments and fitted to said terminals; and

 contains at least one identifying element allowing the opening of transaction sessions. 2. System according to claim 1 characterized in that each terminal comprises means for managing a transaction session. 3. System according to claim 2 characterized in that said means for managing a transaction session include computer program code instructions to be executed on said terminal. 4. System according to claim 3 characterized in that said computer program code instructions are provided by at least one of said data carriers. 5. System according to any one of claims 1 to 4 characterized in that during an opening step (206) of transaction session, one of said terminals (101) performs an operation (207) of validity verification one of said removable supports; <Desc / Clms Page number 19>  said terminal transmits to one of said control sites (102) a validity control message (208) containing a key provided by said removable medium; and said control site verifies said validity control message and, if the verification is positive, transmits a valid medium message (209) to said terminal to authorize the use of said medium for at least one transaction.  6. System according to claim 5 characterized in that during said transaction session, one of said third party sites (103) contracting transmits a message (211) containing a contract proposal to said terminal; and - if the use of said medium is authorized and if said terminal accepts said contract proposal, said terminal adds (221) a signature taking into account said identification element to form a signed contract proposal and performs the encryption of said proposal contract signed from a key contained in said removable medium to form an accepted contract. 7. System according to any one of claims 1 to 6 characterized in that, to carry out a transaction between one of said terminals and one of said third party contracting sites, during a transaction session, - said terminal transmits a first message ( 212) containing a contract accepted at one of said control sites via the first means of communication and a second message (212) containing said contract accepted at said third party contracting site; - said third party contracting site transmits (213) said second message received to said control site via the second means of communication; and - said control site compares the first (212) and the second (213) message received during a first comparison step (214) <Desc / Clms Page number 20>  allowing (216, 217) at least one transaction when the comparison gives a positive result. 8. System according to claim 7 characterized in that when said first comparison step gives a negative result, said control site sends a signal of negative first comparison result to said terminal. 9. System according to any one of claims 1 to 8 characterized in that to carry out a transaction between one of said terminals (101) and one of said third party contracting sites (103), - said terminal establishes an accepted contract (212); - said terminal transmits to one of said control sites and to said third party contracting site, said accepted contract; - said contracting site transmits said accepted contract to said control site; and - said control site compares said accepted contract which is transmitted to it by said terminal and said accepted contract which is transmitted to it by said contracting site during a second comparison step. 10. System according to claim 9 characterized in that, when the result of said second comparison step is positive, said control site: transmits to said contracting site a transaction validation message; and or

 transmits to said terminal a transaction carried out signal. 11. System according to any one of claims 9 and 10 characterized in that, when the result of said second comparison step is negative, said control site transmits to said terminal at least one signal indicating a result of negative second comparison. 12. System according to any one of claims 5 to 8 characterized in that said terminal closes (218) said transaction session when said terminal has received: at least one negative first comparison result signal according to claim 7; <Desc / Clms Page number 21>  at least one negative second comparison result signal according to claim 11; and / or - at least one transaction signal carried out according to claim 10. 13. System according to any one of claims 1 to 12 characterized in that it comprises a means of recording and / or duplicating the data exchanged with said control site. 14. The system as claimed in claim 13, characterized in that it comprises a dating means which certainly dates at least part of the data taken into account by said recording and / or duplication means. 15. Data carrier (100) comprising information allowing transactions to be carried out characterized in that said data carrier: is readable by the reading means (104) not usually intended for payments;

 contains at least one identification element allowing the opening of transaction sessions between: a terminal (101) suitable for reading said data medium; a control site (102) connected by a first means of communication to said terminal; and - a third-party contracting site (103) linked by a second means of communication to said terminal and by a third means of communication to said control site. 16. Data medium according to claim 15 characterized in that said data medium is an optical reading medium (300). 17. Data carrier according to claim 16 characterized in that said data carrier is part of the group comprising: - CD-ROMs; and - DVD-ROMs. 18. Data medium according to any one of claims 16 and 17 characterized in that said medium (300) is in business card format for easy storage and / or transport. <Desc / Clms Page number 22>  19. Data medium according to claim 15 characterized in that the data medium is a magnetic medium. 20. Data carrier according to claim 19 characterized in that the data carrier is a computer diskette. 21. Data carrier according to claim 15 characterized in that the data carrier is a card of the PCMCIA type. 22. Control site (102) for transaction security is - connected by a first communication means, to a first plurality of transaction terminals; and

 - linked by a second means of communication, to at least one third-party contracting site linked itself by a third means of communication to at least one of said transaction terminals; said control site being characterized in that it is adapted to control transaction sessions using at least one removable data medium: - readable by the reading means not usually intended for payments and equipping said terminals; and containing at least one identification element allowing the opening of said transaction sessions.