GB2457257A - Contact-less financial transactions using mobile devices - Google Patents

Contact-less financial transactions using mobile devices Download PDF

Info

Publication number
GB2457257A
GB2457257A GB0802257A GB0802257A GB2457257A GB 2457257 A GB2457257 A GB 2457257A GB 0802257 A GB0802257 A GB 0802257A GB 0802257 A GB0802257 A GB 0802257A GB 2457257 A GB2457257 A GB 2457257A
Authority
GB
United Kingdom
Prior art keywords
transactions
payment
transaction
user
payer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0802257A
Other versions
GB0802257D0 (en
Inventor
Janusz Adamson
Rashid Qajar
Andrew Churchill
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
FORTUNATUS HOLDINGS Ltd
Original Assignee
FORTUNATUS HOLDINGS Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by FORTUNATUS HOLDINGS Ltd filed Critical FORTUNATUS HOLDINGS Ltd
Priority to GB0802257A priority Critical patent/GB2457257A/en
Publication of GB0802257D0 publication Critical patent/GB0802257D0/en
Publication of GB2457257A publication Critical patent/GB2457257A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/223Payment schemes or models based on the use of peer-to-peer networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Telephone Function (AREA)

Abstract

A system. adds peer-to-peer (P2P) contactless financial transactions using a mobile device as a cashless payment device, by adopting open standards. The system also enables remote Card Not Present (CNP) transactions to be assimilated within a device, offering pseudonymity to the user and allowing almost complete customisability. The system involves the provision of real-time contactless financial transactions over a mobile device via either close proximity or remote transmission and reception of data. Using two proximity enabled devices (e.g. two mobile phones) as the means for communicating payment data between the payer of the transaction and the receiver of the transaction, an operating system and identity client software allow the user to select from a range of information cards, (e.g, a Barclaycard VISA, e-wallet or bank account) for use in the transaction, a process to debit and credit the respective information cards, a security component, and a process for uploading the financial transaction(s) to the requisite issuer (e.g. Barclaycard).

Description

* 2457257 CONTACT-LESS FINANCIAL TRANSACTIONS USING MOBILE DEVICES1
Description
This invention relates to a system that adds peer-to-peer (P2P) contactiess financial transactions using a mobile device as a cashless payment device, by adopting open standards2. The invention also enables remote Card Not Present (CNP) transactions to be assimilated within a device, offering pseudonymity to the user and allowing almost complete customisability.
The invention involves the provision of real-time3 contactless financial transactions over a mobile device via close proximity4 transmission and reception of data. Using two proximity enabled devices (e.g. two mobile phones) as the means for communicating payment data between the payer of the transaction and the receiver of the transaction, an operating system and identity client software allowing the user to select from a range of information cards5, (e.g. a Barclaycard VISA, c-wallet or bank account) for use in the transaction, a process to debit and credit the respective information cards, a security component6, and a process for uploading the financial transaction(s) to the requisite issuer (e.g. Barclaycard).
Financial institutions are encouraging consumers to migrate towards a cashless society, and we see real-time P2P contactiess financial transactions as the means of achieving this. Examples of real-time P2P contactless financial transactions include cash swap transactions for purchased items, services, products, and goods.
The term "device" is used within this document to refer to a computer (for example, as defined by the Computer Misuse Act 1990), but it is important to note that mobile phones are also computers in this regard. Mobiles would be expected to form the vast majority of these enabled devices, but PDAs, laptops, etc. also fit within the term "device".
2T innovation is in enabling P2P transactions through the mobile device, but it is obviously also possible for the system to be used for consumer to retailer, etc. in the same way, where the receiver's device is either mobile (as in portable card readers (as in restaurants)) or static (as in at checkouts (as in supermarkets)).
"Real-time" could be near instantaneous in some transactions, but includes transactions taking up to 15 **** minutes under the UK Payment Council "Faster Payments" standard due for adoption in May 2008. p...
Various technologies exist for proximity communications, including blue-tooth, infra-red, RFID, near- . : field, etc. The term "blue-tooth" is used for clarity in this document, but other proximity technologies are included in this meaning.
Pseudonymity is provided via the availability to "choose" an identity from a preset range, as with for example Microsoft CardSpace. Such identities could include credit/debit cards/Oyster or a default e- . : wallet. The invention utilises existing technology for CNP transactions, but with a simplified user interface to allow drawn out processes to be done in shorter order. * .
6 Low level transactions (as defined by the issuer/individual user) may function without a security component. These are single factor authentication in "what you have" (i.e. the device), therefore being no more (or less) secure then cash (though loss of device can be reported to freeze the c-wallet giving time limited vulnerability). Other transactions can adopt multi-factor authentication such as "what you know" (typically a PfN) or "what you are" (Biometrics such as fingerprint/iris/facial).
Contactiess financial transactions are already in use and include RFID-based PayPass credit cards (e.g. MasterCard), the recently rolled-out PayWave system by Barclays and Halifax banks, and pre-paid cards such as the Oyster Card.
Proximity enabled devices such as mobile phones provide an ideal alternative for providing real-time cashless and contactiess financial transactions/payments, including P2P. The mobile phone is effectively a compact multi-media mobile computer that has become a part of our daily life. It is therefore an ideal environment to capture and store multiple identities.
The blue-tooth enabled mobile phone could7 have facilities for Card Issuers to rent space on SIM cards and store various (credit, debit, etc.) card details. The mobile phone operating system would point to the identity client software, akin to Microsoft's Window CardSpace on PCs, to display one or more virtual cards and provide the user with the optiori to select an identity for the contactiess financial transaction/payment, including P2P.
In addition the mobile phone is an ideal environment to capture and hold personal details, card PINs, and biometric information for identification purposes and for verifying and validating transactions/payments. A biometric ready mobile phone could use a fingerprint capture device and/or could use the still camera option to capture the user's facial recognition, iris/retina, and signature data. Access to personal and biometric data can be rule based and PIN/fingerprint (or other biometric) protected. Potentially the mobile phone could be used to capture/store NHS card and driving licence details, employer details, access control details, government and administration details, etc., thus providing an alternative model for Government Identity initiatives.
Blue-tooth enabled mobile phones provide close proximity transmission and reception of data. They also use a technique called spread-spectrum frequency hopping which makes it highly improbable for two mobile phones to interfere with each other's transmissions.
If several blue-tooth enabled mobile phones are within a user's proximity area, the user will have the option to choose which one to communicate with. The user will identify/select the appropriate blue-tooth enabled mobile phone for the financial transaction/payment. * .*
Assuming devices are enabled8, both Payer and Receiver will select the contactiess payment option from the available menu9. The identity client software, will then display *S.
. : 7The Business model that might be adopted will of course depend on the service providers preferred route -at its simplest level the invention could rest on the mobile without the involvement of the service provider, whereby they would be unaware of the additional service being facilitated through their' device.
* Their only involvement would be in charging for data services as the device communicates with issuing bank servers. It is our anticipation, however, that the service providers would prefer to rent' out the use of : their sim cards to financial service providers to provide a more stable revenue stream.
ability to lock' device (especially in the case of a mobile phone) enables the device to shut itself down to malicious scanning, which has been rased as a potentially major issue with other contactless cards that can be skimmed remotely. Allowing the phone to set it's own rules based approach to contactless payments also allows a cautious user to set a �0 contactiess limit if they would prefer to enter a PIN/biometric second/third factor of authentication to all payments. This also addresses concerns raised in some quarters about contactless cards.
In a traditional retail environment (i.e. not P2P) the retailer currently requests the amount, say �50, to be settled and th consumer then selects payment method (be it cash or card). For cards, this request for �50 one or more virtual cards and provide an option for selecting the preferred virtual card (e.g. BarclayCard VISA virtual credit card or c-wallet)'°.
The intended Receiver of the financial transaction/payment requests the amount to be paid and the requisite data is transferred to the Payer's device. The Payer will then be asked to accept or decline the Receiver's request for funds.
Assuming acceptance of the request the Payer will then choose from a menu of available payment identities (and has the option to check available credit on credit cards/balance on accounts' I)* Depending on the rules based approach, the Payer may then be asked to insert a PIN (or biometric ID, e.g. fingerprint) which would be checked against the PiN (or biometric) which is stored in the mobile phone. Requisite data is then transferred back to the Receiver's device to complete the payment.
Both Payer and Receiver will be informed when the transaction is completed.
Where payment is by and to c-wallets (the Receiver will have the option as to which account his receipt is registered -default will be to e-wallet, but the system will, with the advent of the Payments Council's Faster Payment initiative enable real-time transfer of funds between the pseudonymous account identities'2) the process will be complete.
Where payment involves credit/debit card identities the devices will need to carry out a traditional card not present transaction'3.
Being a rules based system it will be possible for the individual user to set their own limits, against, for example, total value stored in c-wallet, number of transactions per day, or value of transactions per day.
As with Oyster-type systems, if the device is lost or stolen it can be remotely disabled or locked, providing a thief with only a time limited access to the c-wallet (and no access where the individual user has set a �0 limit for second factor authentication-less transactions).
Figures 1 to 8 inclusive illustrate an example of a P2P contactless financial transaction using mobile devices. * *. * . I ** p... S.. I. S
S S..
S
currently presents itself on the card reader, but here would be transmitted to the phone for the payment : method to be chosen.
°See illustrative examples in figure 1-8.
This is not novel in terms of PC based access as, for example, Egg bank has had a Money Manager' that acts as a macro to skim balances from individual banks' own systems.
2Subjcct to account parameters -some card companies may have charges for fund transfer, which may make this undesirable, if still technically possible (i.e. some would be presented as balance transfers' with, say, a 2% fee attached).
13As per existing EMV routes, ith mobile devices connecting to bank servers for authorisation (as with existing portable card readers/processors).

Claims (4)

  1. CLAIMSContact1 Financial Transactions using Mobile Devices I. A system for providing contactiess financial transactions using a proximity enabled mobile device as a cashless payment device, thus facilitating peer-to-peer (P2P) transactions in addition to traditional contactiess payment methods (e.g. Card Not Present (CNP) transactions), by adopting open standards comprising: (i) A payer and receiver of the transaction; and (ii) Two proximity enabled mobile devices; and (iii) An operating system; and (iv) A means for communicating payment data; and (v) A means for real-time transactions; and (vi) A facility to rent space on memory cards; and (vii) An identity client software component; and (viii) A process to debit and credit respective information cards; and (ix) A security component; and (x) A process for customising contactiess payment rules/limits; and (xi) A process for uploading the financial transaction(s).* **
  2. 2. A system according to claim 1(i), wherein the payer and receiver will agree on an amount to be exchanged and use a contactiess financial transactions/ payments, including P2P (which include cash swap transactions for purchased items, services, products, and goods); and
    S S..
  3. 3. A system according to claim 1 (ii), wherein the financial transaction is enabled' between two devices (typically a mobile phone for payer, but also other mobile devices include laptops, PDAs, etc., and typically a second mobile phone in P2P or a fixed device in other retail environJnen) using close proximity technologies such as blue-tooth, infta-red, near-field, etc.; and
  4. 4. A system according to claim 1(iii), wherein an operating system is used to enable the selection of a number of user options including a payments option; and S. A system according to claim I (iv), wherein data communicatjous are provided to enable a payment request to be transmitted between the payer and the receiver of the transaction; and 6. A system according to claim 1(v), wherein real-time financial transactions are used for providing payment(s) between the payer and receiver of the transaction; and 7. A system according to claim 1(vi), wherein a mobile device, for example a blue-tooth enabled mobile phone, could have facilities for Card Issuers to rent space'4 on SIM cards and store various (credit, debit, etc.) card details; and 8. A system according to claim 1 (vii), wherein identity client software, akin to Microsoft Cardspace, is used for providing a user option to select a payment identity from a preset range of infonnatjon cards, for example creditldebit cards/Oyster or a default c-wallet, for use in the payment transaction; and * ..9. A system according to claim 1(viii), wherein a process is used to debit and S...* credit the respective payer and receiver information cards by the agreed amount; and a 10. A system according to claim l(ix), wherein a multi-level security component will capture and hold personal details, card PINs, and potentially biometric information for identification purposes and for verifying and validating transactions/payments; and 11. A system according to claim 1(x), wherein a cautious user could use the "lock" facility to shut the device down to malicious scanning and set a �0 contactiess limit in order to use a PIN/biometric second/third factor of authentication to all payments; and 12. A system according to claim I (xi), wherein at a user instigated time (the default being real-time as transactions are processed), the mobile device will upload financial/payment transactions to the information card issuers (e.g. Barclaycard VISA, e-wallet or bank account) for audit/statement provision purposes; and 13. A system according to claim 6, wherein real-time financial transactions between two parties could be near instantaneous in some transactions, but includes transactions taking up to 15 minutes under the UK Payment Council "Faster Payments" standard due for adoption in May 2008; and 14. A system according to claim 7, wherein the service provider might charge for the additional services as the device communicates with issuing bank servers15; and 15. A system according to claim 8, wherein a simplified user interface will be used to allow drawn out processes to be performed in shorter order; and * S.S * *. S...16. A system according to claim 10, wherein the mobile device could use a fingerprint capture device and/or could use the still camera option to capture the user's facial recognition, iris/retina and signature data; and p. * 17. A system according to claim 10, wherein low level transactions (as defined by the issuer/individual user) could function without a security component, while other transactions could adopt multi-factor authentication such as "what you know" (typically a PiN) or "what you are" (Biometrics such as fingerprint/iris/facial); and 18. A system according to claim 10, wherein should the user report that the mobile device is lost or stolen, the device could be remotely disabled or locked thus providing limited vulnerability/access to the e-wallet; and 19. A system according to claim 16, wherein the biometric data could potentially be used to safeguard additional user information profiles (alternate identities' through pseudonymity) such as NHS card, driving licence details, employer details, access control details, government and administration details, etc., thus providing an alternative model for the Government National Identity initiatives. * S. * . * *. S... S... S. * * 5*S S.. * S S. I. I. S * * *.
GB0802257A 2008-02-06 2008-02-06 Contact-less financial transactions using mobile devices Withdrawn GB2457257A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0802257A GB2457257A (en) 2008-02-06 2008-02-06 Contact-less financial transactions using mobile devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0802257A GB2457257A (en) 2008-02-06 2008-02-06 Contact-less financial transactions using mobile devices

Publications (2)

Publication Number Publication Date
GB0802257D0 GB0802257D0 (en) 2008-03-12
GB2457257A true GB2457257A (en) 2009-08-12

Family

ID=39204395

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0802257A Withdrawn GB2457257A (en) 2008-02-06 2008-02-06 Contact-less financial transactions using mobile devices

Country Status (1)

Country Link
GB (1) GB2457257A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2372629A1 (en) * 2010-04-02 2011-10-05 Gemalto SA Method and subscriber identity module for performing financial transactions by use of mobile communication devices.
EP2672442A1 (en) * 2012-06-05 2013-12-11 Nxp B.V. Multi-protocol communication circuit
WO2016001821A1 (en) * 2014-07-01 2016-01-07 Francesco Ricci Electronic payment system and relative method
US10454693B2 (en) 2009-09-30 2019-10-22 Visa International Service Association Mobile payment application architecture

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10454693B2 (en) 2009-09-30 2019-10-22 Visa International Service Association Mobile payment application architecture
US11057229B2 (en) 2009-09-30 2021-07-06 Visa International Service Association Mobile payment application architecture
EP2372629A1 (en) * 2010-04-02 2011-10-05 Gemalto SA Method and subscriber identity module for performing financial transactions by use of mobile communication devices.
WO2011120919A1 (en) * 2010-04-02 2011-10-06 Gemalto Sa Method and subscriber identity module for performing financial transactions by use of mobile communication devices
EP2672442A1 (en) * 2012-06-05 2013-12-11 Nxp B.V. Multi-protocol communication circuit
US10496981B2 (en) 2012-06-05 2019-12-03 Nxp B.V. Multi-protocol communication circuit
WO2016001821A1 (en) * 2014-07-01 2016-01-07 Francesco Ricci Electronic payment system and relative method

Also Published As

Publication number Publication date
GB0802257D0 (en) 2008-03-12

Similar Documents

Publication Publication Date Title
CA2992421C (en) Secure real-time payment transactions
US11935017B2 (en) System, method, and apparatus for reprogramming a transaction card
US9842356B2 (en) System, method, apparatus and computer program product for interfacing a multi-card radio frequency (RF) device with a mobile communications device
RU2659024C2 (en) System and method of safe downloading, storage and transmission of data from magnetic strips in the device working with the mobile wallet system
US8095113B2 (en) Onetime passwords for smart chip cards
US10692081B2 (en) Local management of payment transactions
US20140279534A1 (en) System and method for providing an account holder a notification
US20130046690A1 (en) System and method for credential lending
US20120030121A1 (en) Secure activation before contactless banking smart card transaction
WO2011128913A1 (en) Secure and shareable payment system using trusted personal device
JP2013229879A (en) Portable payment device
US20160189127A1 (en) Systems And Methods For Creating Dynamic Programmable Credential and Security Cards
WO2016033513A1 (en) System and method of electronic authentication at a computer initiated via mobile
KR20070006942A (en) Method of anti-fraud for credit card
GB2457257A (en) Contact-less financial transactions using mobile devices
US20190378115A1 (en) Electronic payment apparatus
Chuang Adopt m-banking as a successful business strategy
US20180374065A1 (en) Resource distribution channel authorization through third party system integration
Ondrus et al. An architecture for mobile payments and couponing in the retail industry
ENNAFIRI et al. Towards Secure Transactions with IoT: An Advanced Smart Payment Solution
RU2816675C2 (en) System and method for protection against theft of funds during contact and contactless payment from bank card
Rizvi et al. Smart Cards: The Future Gate
Tkachenko et al. ONLINE BANKING SERVICES IN ECONOMICS
GB2620114A (en) Electronic payment apparatus
Chen Information Security of Apple Pay

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)