NO996488L - Payment process and system - Google Patents

Payment process and system

Info

Publication number
NO996488L
NO996488L NO996488A NO996488A NO996488L NO 996488 L NO996488 L NO 996488L NO 996488 A NO996488 A NO 996488A NO 996488 A NO996488 A NO 996488A NO 996488 L NO996488 L NO 996488L
Authority
NO
Norway
Prior art keywords
acquirer
terminal
cryptogram
smart card
payment process
Prior art date
Application number
NO996488A
Other languages
Norwegian (no)
Other versions
NO996488D0 (en
Inventor
John Charles Viner
David Barrington Everett
Original Assignee
Nat Westminster Bank Plc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nat Westminster Bank Plc filed Critical Nat Westminster Bank Plc
Publication of NO996488D0 publication Critical patent/NO996488D0/en
Publication of NO996488L publication Critical patent/NO996488L/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor

Abstract

Betalingsprosess og betalingssystem som bruker et smartkort (1) som via en erverver (18) har tilgang til en fjernkonto som befinner seg ved en kortutsteder (20) . Kortet lekses i en terminal (6) som står i en toveis kommunikasjon (17) med erververen (18). Som en del av betalingsprosessen dannes et kryptogram av smartkortets transaksjonsdata og brukes i terminalen (6) som en nøkkel for å kryptere PIN-koden som tastes inn av korteieren for overføring til erververen (18). Erververen danner også et kryptogram ved hjelp av transaksjonsdataen som sendes fra terminal (6), og bruker dette kryptogram (som bør være den samme som den som ble dannet av smartkortet) til å dekryptere den krypterte PIN- kode. På denne måte unngår man bruken av et kostbart, klus- sesikkert krypterings-PIN-kodetastatur ved terminalen (6) , idet man opprettholder sikkerheten.Payment process and payment system using a smart card (1) which, through an acquirer (18), has access to a remote account located at a card issuer (20). The card is leaked in a terminal (6) which is in two-way communication (17) with the acquirer (18). As part of the payment process, a cryptogram of the smart card transaction data is generated and used in the terminal (6) as a key to encrypt the PIN entered by the cardholder for transfer to the acquirer (18). The acquirer also creates a cryptogram using the transaction data sent from terminal (6), and uses this cryptogram (which should be the same as that created by the smart card) to decrypt the encrypted PIN. In this way, the use of an expensive, reliable, encryption PIN code keypad at the terminal (6) is avoided, while maintaining security.

NO996488A 1997-06-27 1999-12-27 Payment process and system NO996488L (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB9713743.4A GB9713743D0 (en) 1997-06-27 1997-06-27 A cryptographic authentication process
PCT/GB1998/001865 WO1999000775A1 (en) 1997-06-27 1998-06-26 Payment process and system

Publications (2)

Publication Number Publication Date
NO996488D0 NO996488D0 (en) 1999-12-27
NO996488L true NO996488L (en) 2000-02-28

Family

ID=10815113

Family Applications (1)

Application Number Title Priority Date Filing Date
NO996488A NO996488L (en) 1997-06-27 1999-12-27 Payment process and system

Country Status (22)

Country Link
EP (1) EP0992026A1 (en)
JP (1) JP2002507297A (en)
KR (1) KR20010014257A (en)
CN (1) CN1260894A (en)
AU (1) AU8122598A (en)
BG (1) BG104041A (en)
BR (1) BR9810486A (en)
CA (1) CA2295032A1 (en)
EA (1) EA200000073A1 (en)
EE (1) EE9900598A (en)
GB (1) GB9713743D0 (en)
HU (1) HUP0003227A2 (en)
IS (1) IS5307A (en)
MX (1) MXPA99011836A (en)
NO (1) NO996488L (en)
NZ (1) NZ501887A (en)
PL (1) PL337533A1 (en)
SK (1) SK176199A3 (en)
TR (1) TR199903243T2 (en)
TW (1) TW411427B (en)
WO (1) WO1999000775A1 (en)
ZA (1) ZA985628B (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8108307B1 (en) * 1998-03-30 2012-01-31 Citicorp Development Center, Inc. System, method and apparatus for value exchange utilizing value-storing applications
AUPQ556600A0 (en) * 2000-02-14 2000-03-02 Ong, Yong Kin (Michael) Electronic funds transfers-zipfund
US7103575B1 (en) 2000-08-31 2006-09-05 International Business Machines Corporation Enabling use of smart cards by consumer devices for internet commerce
KR100420600B1 (en) * 2001-11-02 2004-03-02 에스케이 텔레콤주식회사 METHOD FOR PROCESSING EMV PAYMENT BY USING IrFM
GB0305806D0 (en) * 2003-03-13 2003-04-16 Ecebs Ltd Smartcard based value transfer
US8407097B2 (en) 2004-04-15 2013-03-26 Hand Held Products, Inc. Proximity transaction apparatus and methods of use thereof
US8549592B2 (en) 2005-07-12 2013-10-01 International Business Machines Corporation Establishing virtual endorsement credentials for dynamically generated endorsement keys in a trusted computing platform
GB2435951A (en) 2006-02-23 2007-09-12 Barclays Bank Plc System for PIN servicing
US7873835B2 (en) * 2006-03-31 2011-01-18 Emc Corporation Accessing data storage devices
CN102024288B (en) * 2009-09-11 2014-02-26 中国银联股份有限公司 Safe payment method and system using smart card
GB2476065A (en) * 2009-12-09 2011-06-15 Pol Nisenblat A multi-currency cash deposit and exchange method and system
CN102096968A (en) * 2009-12-09 2011-06-15 中国银联股份有限公司 Method for verifying accuracy of PIN (Personal Identification Number) in agent authorization service
EP2426652A1 (en) * 2010-09-06 2012-03-07 Gemalto SA Simplified method for customising a smart card and associated device
CN102968865B (en) * 2012-11-23 2016-08-31 易联支付有限公司 The authentication method of a kind of mobile payment and system
US10147087B2 (en) * 2015-03-06 2018-12-04 Mastercard International Incorporated Primary account number (PAN) length issuer identifier in payment account number data field of a transaction authorization request message
CN106991346A (en) * 2017-04-18 2017-07-28 东信和平科技股份有限公司 The method and device of a kind of smart card issuing

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0198384A3 (en) * 1985-04-09 1988-03-23 Siemens Aktiengesellschaft Berlin Und Munchen Method and device for enciphering data
US4965568A (en) * 1989-03-01 1990-10-23 Atalla Martin M Multilevel security apparatus and method with personal key
NL1001659C2 (en) * 1995-11-15 1997-05-21 Nederland Ptt Method for writing down an electronic payment method.

Also Published As

Publication number Publication date
BR9810486A (en) 2000-09-12
EE9900598A (en) 2000-08-15
TW411427B (en) 2000-11-11
SK176199A3 (en) 2000-07-11
WO1999000775A1 (en) 1999-01-07
CA2295032A1 (en) 1999-01-07
EP0992026A1 (en) 2000-04-12
HUP0003227A2 (en) 2001-02-28
CN1260894A (en) 2000-07-19
NZ501887A (en) 2001-05-25
BG104041A (en) 2000-05-31
JP2002507297A (en) 2002-03-05
IS5307A (en) 1999-12-17
NO996488D0 (en) 1999-12-27
EA200000073A1 (en) 2000-06-26
MXPA99011836A (en) 2002-04-19
GB9713743D0 (en) 1997-09-03
ZA985628B (en) 1999-01-26
AU8122598A (en) 1999-01-19
TR199903243T2 (en) 2000-04-21
PL337533A1 (en) 2000-08-28
KR20010014257A (en) 2001-02-26

Similar Documents

Publication Publication Date Title
NO996488L (en) Payment process and system
US4536647A (en) Pocket banking terminal, method and system
WO2002086826A8 (en) Financial information input method using symmetrical key security algorithm and commercial transaction system for mobile communications
US20070262138A1 (en) Dynamic encryption of payment card numbers in electronic payment transactions
US4408203A (en) Security system for electronic funds transfer system
US20070260544A1 (en) Method and system for performing a transaction using a dynamic authorization code
US20050149739A1 (en) PIN verification using cipher block chaining
CN104094302A (en) Data protection with translation
TWI229279B (en) System and method for secure credit and debit card transactions
JPH11203358A (en) Certification settling method using portable terminal equipment and portable terminal equipment
KR101316489B1 (en) Method for processing transaction using variable pan
CN103905196A (en) PIN switch encryption method
EP0138320B1 (en) Cryptographic key management system
CN106600274B (en) Multi-algorithm multi-key optical authentication offline payment device
US20030070078A1 (en) Method and apparatus for adding security to online transactions using ordinary credit cards
GB2373616A (en) Remote cardholder verification process
TW369645B (en) Transaction key generation system
EP0140388B1 (en) Pocket terminal, method and system for secured banking transactions
Read EFTPOS: electronic funds transfer at point of sale
NO941774L (en) Process system for secure, decentralized smart card personalization
CA1159124A (en) Method and apparatus for securing data transmissions
AU6923098A (en) A method for certifying a running total in a reader
CZ472699A3 (en) Method of payment and apparatus for making the same
RU98117792A (en) ELECTRONIC COMMERCIAL SYSTEM
IE49937B1 (en) Security system for electronic funds transfer system

Legal Events

Date Code Title Description
FC2A Withdrawal, rejection or dismissal of laid open patent application