IE20050125A1 - System for payment transaction authentication - Google Patents

System for payment transaction authentication Download PDF

Info

Publication number
IE20050125A1
IE20050125A1 IE20050125A IE20050125A IE20050125A1 IE 20050125 A1 IE20050125 A1 IE 20050125A1 IE 20050125 A IE20050125 A IE 20050125A IE 20050125 A IE20050125 A IE 20050125A IE 20050125 A1 IE20050125 A1 IE 20050125A1
Authority
IE
Ireland
Prior art keywords
user
payment transaction
wireless communication
communication device
transaction
Prior art date
Application number
IE20050125A
Other versions
IE84324B1 (en
Inventor
Thomas Peter Cronin
Original Assignee
Thomas Peter Cronin
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thomas Peter Cronin filed Critical Thomas Peter Cronin
Priority to IE2005/0125A priority Critical patent/IE84324B1/en
Priority claimed from IE2005/0125A external-priority patent/IE84324B1/en
Publication of IE20050125A1 publication Critical patent/IE20050125A1/en
Publication of IE84324B1 publication Critical patent/IE84324B1/en

Links

Abstract

An apparatus and method for payment transaction authentication is provided. The apparatus comprises a wireless communication device including means for inputting biometrically identifiable information relating to a user. The identity of the user is verified by comparing the inputted biometrically identifiable information to unique biometric information relating to an authorised user stored in a memory of the wireless communication device. Upon verification of a user's identity, the user can request a payment transaction using the wireless communication device which connects to a remote merchant server. Confirmation of successfully completed payment transaction is sent to a transaction validation device normally retained by a retailer. <Figure 1>

Description

SYSTEM FOR PAYMENT TRANSACTION AUTHENTICATION The present invention relates to an apparatus and method for payment transaction authentication, and more particularly to a secure authentication of a payment transaction using a wireless communication device.
A majority of credit based payment transactions are currently conducted using credit cards. Although the advantages of such cards are well known, they are highly susceptible to fraud. Once lost, stolen, or even when correctly used the information retained by the card is available and can be copied and passed on to third parties. Additionally, once the card details of a user are known they can be used unknown to the cardholder in any one of a number of non-face-to-face or card-not-present (CNP) payment transactions. No absolute authentication of a user is carried out before processing a payment transaction.
A number of security features have been added to credit cards and transaction processing systems over time to alleviate these problems including PIN numbers and most recently the use of biometric signals for authentication of users. Emerging smart card technologies incorporating such security features are now replacing conventional magnetic strip type cards. However, neither card provides a system in which there is no need for a person to produce any physical or numerical information to a third party so that their identity and authorisation can be ascertained prior to a credit-based transaction. It is the object of the present invention to provide such a system.
Accordingly, the present invention provides an apparatus for payment transaction authentication comprising: a wireless communication device including means for inputting biometrically identifiable information relating to a user; means for verifying the identity of the user; means for connecting with a remote merchant server; a user interface for effecting a payment transaction; and a transaction validation device.
Preferably, unique biometric information relating to an authorised user is stored in memory 35 of the wireless communication device. ma T £050125 The primary advantages of the apparatus for payment transaction authentication of the present invention is that the identity of the customer is ascertained quickly and the inputted biometrically identifiable information required for authentication is stored on the wireless communication device itself. In other known biometric authentication processes, inputted biometrically identifiable information such as a scanned fingerprint is transmitted digitally to a remote server storing millions of fingerprint records. A remote computer must then scan through these records to confirm the identity of a customer.
Ideally, the inputted biometrically identifiable information consists of one or more fingerprints.
Preferably, the means for inputting biometrically identifiable information relating to a user comprises an apparatus for scanning a fingerprint using a linear sensor. A suitable apparatus for this purpose is disclosed in United States Patent Specification no. 6,324,310.
Ideally, the means for inputting biometrically identifiable information relating to a user is integrally formed with the wireless communication device.
Alternatively, the means for inputting biometrically identifiable information relating to a user is attachable to the wireless communication device.
Ideally, the means for verifying the identity of the user compares the inputted biometrically identifiable information to the unique biometric information of an authorised user stored in a memory of the wireless communication device.
Conveniently, the means for verifying the identity of the user is stored in a processing unit of the wireless communication device.
Alternatively, the means for verifying the identity of the user and the unique biometric information relating to an authorised user is stored in a SIM (Subscriber Identification Module) card within the wireless communication device.
Ideally, the means for connecting to a remote merchant server includes a wireless local area network (WLAN) or a wireless personal area network (WPAN).
IE 0 5 01 2 5 Conveniently, the user interface for effecting a payment transaction is displayed on the visual display unit (VDU) of the wireless communication device.
Preferably, the transaction validation device receives confirmation when a transaction has been successfully processed.
Ideally, the transaction validation device is retained by the retailer.
The present invention also provides a method of making a payment transaction comprising the steps of; inputting biometrically identifiable information and initiating an identity verification algorithm stored in a wireless communication device; upon verification of the identity of the user, selecting a payment transaction type and inputting a retailer account number and transaction amount; automatically dialling a secure merchant server; the merchant server identifying the user and checking the user’s account for transaction authorisation; the merchant server authorising or refusing the transaction; upon authorising the transaction, conducting the further steps of: the merchant server validating the retailer account number and transferring the transaction value to the retailer account; the merchant server debiting the user account of the transaction value; and the merchant server sending confirmation to the transaction validation device that a transaction has been processed.
The present invention allows convenient application of credit based payments with a wireless communication device by connecting to a remote merchant server. No tangible information (eg. a credit card) or numerical information (eg. P.I.N.) is passed to the retailer. The only information required by an authorised user to make a credit based payment is an unique retailer account number. This makes the system of the present invention ideal for use in CNP and non-face-to-face payment transactions which prevail in e-commerce.
IE 0 5 01 2 5 The invention will hereinafter be more particularly described with reference to the accompanying drawing which shows by way of example only, one embodiment of an apparatus and method for payment transaction authentication according to the invention.
In the drawings: Figure 1 shows a schematic illustration of a system for payment transaction authentication using the apparatus and method of the invention; Figure 2 is a flowchart illustrating the operation of the system of Figure 1; and Figure 3-8 are flowcharts illustrating the steps involved in a credit-based payment transaction using the apparatus and method of the invention.
Referring initially to Figures 1 and 2, an embodiment of a system for payment transaction authentication using the apparatus and method of the present invention is shown. The system includes any suitable wireless communication device such as for instance, a mobile phone 10. An apparatus for scanning a fingerprint (not shown) using a linear sensor is incorporated into the mobile phone 10 and allows a customer 9 to scan a fingerprint by rolling a finger end over the apparatus.
Once a fingerprint is scanned, authentication of the identity of the customer takes place internally within the mobile phone. The means for verifying the identity of the customer uses a program stored on the processing unit of the mobile phone. The program initiates an identity matching algorithm. One or a number of fingerprints of the customer 9 are stored in the memory of the mobile phone and the scanned fingerprint(s) are compared with the stored fingerprint(s) during the verification/identity matching stage. If the scanned fingerprint(s) match one or a predetermined number of the stored prints, the identity of the customer is verified and the customer can proceed to request a payment transaction.
If the identity of a customer has been successfully verified, a user portal 11 is displayed on the visual display unit of the mobile phone and requests the customer to input transaction details. As illustrated in Figure 2, the customer selects a payment transaction type and inputs a retailer account number and transaction amount. The user portal 11 may take the form of a WAP (Wireless Application Protocol) site. When the transaction details have been entered, the mobile phone 10 automatically dials a remote merchant server 12 and once a connection is established, the transaction details are sent to the merchant server 12 as an encrypted file. External identification of the customer is carried out by the merchant server by identifying the origin of the call and checking for authorisation on the customer’s account for the required amount.
If the payment transaction request is approved by the merchant server 12 and the customer elects to proceed with the transaction, the merchant server 12 validates the retailer account number and transfers the transaction amount to the retailer account. At the same time, the transaction amount is debited from the customer’s account. The retailer account number is issued to retailers by the financial or credit institution operating the merchant server 12.
When a payment transaction has been successfully completed, the merchant server 12 sends confirmation to a transaction validation device 14 associated with the retailer account number and normally retained by the retailer at their place of business. This confirmation provides proof of a completed transaction to the retailer.
Figures 2 to 8 are flow charts illustrating the steps involved in a method of conducting a credit-based payment transaction according to the invention. The sub-menus displayed by the user portal 11 of the apparatus are also shown. It also possible to conduct a debitbased payment transaction or credit an account of a third party using the apparatus and method of the invention by selecting the appropriate options from the sub-menus.
In a further embodiment of the invention, a fingerprint of a customer is scanned using an external biometric input device which is attachable to the customer’s mobile phone. Such an external input device may be provided in-store and used by the customer to initiate a payment transaction by scanning a fingerprint and completing verification of their identity. The external input device may also be connected to the customer’s mobile phone via an external processor which pre-processes the scanned fingerprint before the identity matching algorithm is initiated on the mobile phone.
It is to be understood that the invention is not limited to the specific details described herein which are given by way of example only and that various modifications and alterations are possible without departing from the scope of the invention as defined in the appended claims.

Claims (16)

CLAIMS:
1. An apparatus for payment transaction authentication comprising: a wireless communication device including means for inputting biometrically identifiable information relating to a user; means for verifying the identity of the user; means for connecting with a remote merchant server; a user interface for effecting a payment transaction; and a transaction validation device.
2. An apparatus for payment transaction authentication as claimed in Claim 1, in which unique biometric information relating to an authorised user is stored in a memory of the wireless communication device.
3. An apparatus for payment transaction authentication as claimed in Claim 1 and Claim 2, in which the means for verifying the identity of the user compares the inputted biometrically identifiable information to the unique biometric information of an authorised user stored in a memory of the wireless communication device.
4. An apparatus for payment transaction authentication as claimed in any preceding claim, in which the means for verifying the identity of the user is stored in a processing unit of the wireless communication device.
5. An apparatus for payment transaction authentication as claimed in any preceding claim, in which the means for verifying the identity of the user and the unique biometric information relating to an authorised user is stored in a SIM (Subscriber Identification Module) card within the wireless communication device.
6. An apparatus for payment transaction authentication as claimed in any preceding claim, in which the means for connecting to a remote merchant server includes a wireless local area network (WLAN) or a wireless personal area network (WPAN).
7. An apparatus for payment transaction authentication as claimed in any preceding claim, in which the user interface for effecting a payment transaction is displayed on the visual display unit (VDU) of the wireless communication device. £0 5 0 1 2 5
8. An apparatus for payment transaction authentication as claimed in any preceding claim, in which the transaction validation device receives confirmation when a transaction has been successfully processed.
9. An apparatus for payment transaction authentication as claimed in any preceding claim, in which the means for inputting biometrically identifiable information relating to a user comprises an apparatus for scanning a fingerprint.
10. An apparatus for payment transaction authentication as claimed in claim 9, in which the apparatus for scanning a fingerprint comprises a linear sensor.
11. An apparatus for payment transaction authentication as claimed in any preceding claim, in which the means for inputting biometrically identifiable information relating to a user is integrally formed with the wireless communication device.
12. An apparatus for payment transaction authentication as claimed in any of claims 110, in which the means for inputting biometrically identifiable information relating to a user is attachable to the wireless communication device.
13. An apparatus for payment transaction authentication as claimed in any preceding claim, in which the wireless communication device is a mobile phone.
14. An apparatus for payment transaction authentication, substantially in accordance with any of the embodiments herein described with reference to and as shown in the accompanying drawings.
15. A method of making a payment transaction comprising the steps of: inputting biometrically identifiable information and initiating an identity verification algorithm stored in a wireless communication device; upon verification of the identity of the user, selecting a payment transaction type and inputting a retailer account number and transaction amount; automatically dialling a secure merchant server; the merchant server identifying the user and checking the user’s account for transaction authorisation; the merchant server authorising or refusing the transaction; IE Ο 5 Ο 1 2 5 upon authorising the transaction, conducting the further steps of: the merchant server validating the retailer account number and transferring the transaction value to the retailer account; the merchant server debiting the user account of the transaction value; and 5 the merchant server sending confirmation to the transaction validation device that a transaction has been processed.
16. A method of making a payment transaction as claimed in claim 14, substantially in accordance with any of the embodiments herein described with reference to and as 10 shown in the accompanying drawings.
IE2005/0125A 2005-03-09 System for payment transaction authentication IE84324B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
IE2005/0125A IE84324B1 (en) 2005-03-09 System for payment transaction authentication

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
IEIRELAND09/03/2004S2004/0140
IE20040140 2004-03-09
IE2005/0125A IE84324B1 (en) 2005-03-09 System for payment transaction authentication

Publications (2)

Publication Number Publication Date
IE20050125A1 true IE20050125A1 (en) 2005-11-02
IE84324B1 IE84324B1 (en) 2006-08-23

Family

ID=

Similar Documents

Publication Publication Date Title
EP1004099B1 (en) A portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US9483764B1 (en) Biometric financial transaction system and method
US8489513B2 (en) Methods and apparatus for conducting electronic transactions
US8818907B2 (en) Limiting access to account information during a radio frequency transaction
US7269737B2 (en) System and method for biometric authorization for financial transactions
US20090150248A1 (en) System for enhancing payment security, method thereof and payment center
US20060059110A1 (en) System and method for detecting card fraud
US20060173791A1 (en) System for providing cardless payment
MXPA04009725A (en) System and method for secure credit and debit card transactions.
US8099363B1 (en) Methods and systems for processing card-not-present financial transactions as card-present financial transactions
US11004074B1 (en) Payment devices with enhanced security features
US10373166B2 (en) System for managing personal identifiers and financial instrument use
US20160328717A1 (en) BioWallet Biometrics Platform
US20170169424A1 (en) Delegation of transactions
KR101878968B1 (en) Banking Payment Syatem by Using Body Information and Method thereof
CN109426957B (en) System for authenticating a user of a payment device
EP3660771A1 (en) Online authentication
US20150317627A1 (en) Method and system for preventing fraud
US20030083945A1 (en) Transaction authorization method, system and device
IE20050125A1 (en) System for payment transaction authentication
IE84324B1 (en) System for payment transaction authentication
GB2412001A (en) System for payment transaction authentication
US11367062B2 (en) Using low energy beacons to enable a streamlined checkout process
KR200176146Y1 (en) Apparatus for confirming credit card user
KR20030006463A (en) An settlement system and method using image information

Legal Events

Date Code Title Description
MM4A Patent lapsed