TR199903243T2 - payment process and system - Google Patents

payment process and system

Info

Publication number
TR199903243T2
TR199903243T2 TR1999/03243T TR9903243T TR199903243T2 TR 199903243 T2 TR199903243 T2 TR 199903243T2 TR 1999/03243 T TR1999/03243 T TR 1999/03243T TR 9903243 T TR9903243 T TR 9903243T TR 199903243 T2 TR199903243 T2 TR 199903243T2
Authority
TR
Turkey
Prior art keywords
collector
terminal
password
smart card
card
Prior art date
Application number
TR1999/03243T
Other languages
Turkish (tr)
Inventor
Charles Viner John
Barrington Everett David
Original Assignee
National Westminster Bank Plc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National Westminster Bank Plc filed Critical National Westminster Bank Plc
Publication of TR199903243T2 publication Critical patent/TR199903243T2/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor

Abstract

Akilli kart (1) kullanilan bir ödeme islemi ve sistemi olup, bir kart çikaricidaki (20) uzak bir hesaba bir toplayici (18) araciligiyla erisebilmektedir. Kart, toplayiciyla çift yönlü iletisim (17) halindeki bir terminalde (6) okunmaktadir. Ödeme isleminin bir parçasi olarak, akilli kart tarafindan islem verilerinin bir sifresi olusturulmakta ve terminalde (6) toplayicida (18) iletilmek üzere kart sahibince girilen PIN'i sifrelemek üzere bir anahtar olarak kullanilmaktadir. Toplayici da terminalin (6) gönderdigi islem verilerini kullanarak bir sifre olusturmakta ve bu sifreyi (akilli kart tarafindan olusturulanla ayni olmasi gerekmektedir), sifrelenen PIN'i çözmede kullanmaktadir. Bu yolla, bir taraftan terminalde (6) müdahale dirençli, pahali bir sifreleme PIN pedi kullanimindan kaçinilmakta, diger taraftan güvenlikten ödün verilmemektedir.The smart card (1) is a payment process and system used, and it can access a remote account in a card issuer (20) via a collector (18). The card is read at a terminal (6) in the form of bidirectional communication (17) with the collector. As part of the payment transaction, a password of the transaction data is created by the smart card and used as a key to encrypt the PIN entered by the cardholder to be transmitted at the collector 18 at the terminal 6. The collector also creates a password using the transaction data sent by the terminal (6) and uses this password (it must be the same as that created by the smart card) to decrypt the encrypted PIN. In this way, the use of an expensive, resistant encryption PIN pad at the terminal (6) on the one hand is avoided, on the other hand, security is not compromised.

TR1999/03243T 1997-06-27 1998-06-26 payment process and system TR199903243T2 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GBGB9713743.4A GB9713743D0 (en) 1997-06-27 1997-06-27 A cryptographic authentication process

Publications (1)

Publication Number Publication Date
TR199903243T2 true TR199903243T2 (en) 2000-04-21

Family

ID=10815113

Family Applications (1)

Application Number Title Priority Date Filing Date
TR1999/03243T TR199903243T2 (en) 1997-06-27 1998-06-26 payment process and system

Country Status (22)

Country Link
EP (1) EP0992026A1 (en)
JP (1) JP2002507297A (en)
KR (1) KR20010014257A (en)
CN (1) CN1260894A (en)
AU (1) AU8122598A (en)
BG (1) BG104041A (en)
BR (1) BR9810486A (en)
CA (1) CA2295032A1 (en)
EA (1) EA200000073A1 (en)
EE (1) EE9900598A (en)
GB (1) GB9713743D0 (en)
HU (1) HUP0003227A2 (en)
IS (1) IS5307A (en)
MX (1) MXPA99011836A (en)
NO (1) NO996488L (en)
NZ (1) NZ501887A (en)
PL (1) PL337533A1 (en)
SK (1) SK176199A3 (en)
TR (1) TR199903243T2 (en)
TW (1) TW411427B (en)
WO (1) WO1999000775A1 (en)
ZA (1) ZA985628B (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8108307B1 (en) * 1998-03-30 2012-01-31 Citicorp Development Center, Inc. System, method and apparatus for value exchange utilizing value-storing applications
AUPQ556600A0 (en) * 2000-02-14 2000-03-02 Ong, Yong Kin (Michael) Electronic funds transfers-zipfund
US7103575B1 (en) 2000-08-31 2006-09-05 International Business Machines Corporation Enabling use of smart cards by consumer devices for internet commerce
KR100420600B1 (en) * 2001-11-02 2004-03-02 에스케이 텔레콤주식회사 METHOD FOR PROCESSING EMV PAYMENT BY USING IrFM
GB0305806D0 (en) * 2003-03-13 2003-04-16 Ecebs Ltd Smartcard based value transfer
US8407097B2 (en) 2004-04-15 2013-03-26 Hand Held Products, Inc. Proximity transaction apparatus and methods of use thereof
US8549592B2 (en) 2005-07-12 2013-10-01 International Business Machines Corporation Establishing virtual endorsement credentials for dynamically generated endorsement keys in a trusted computing platform
GB2435951A (en) 2006-02-23 2007-09-12 Barclays Bank Plc System for PIN servicing
US7873835B2 (en) * 2006-03-31 2011-01-18 Emc Corporation Accessing data storage devices
CN102024288B (en) * 2009-09-11 2014-02-26 中国银联股份有限公司 Safe payment method and system using smart card
GB2476065A (en) * 2009-12-09 2011-06-15 Pol Nisenblat A multi-currency cash deposit and exchange method and system
CN102096968A (en) * 2009-12-09 2011-06-15 中国银联股份有限公司 Method for verifying accuracy of PIN (Personal Identification Number) in agent authorization service
EP2426652A1 (en) * 2010-09-06 2012-03-07 Gemalto SA Simplified method for customising a smart card and associated device
CN102968865B (en) * 2012-11-23 2016-08-31 易联支付有限公司 The authentication method of a kind of mobile payment and system
US10147087B2 (en) * 2015-03-06 2018-12-04 Mastercard International Incorporated Primary account number (PAN) length issuer identifier in payment account number data field of a transaction authorization request message
CN106991346A (en) * 2017-04-18 2017-07-28 东信和平科技股份有限公司 The method and device of a kind of smart card issuing

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0198384A3 (en) * 1985-04-09 1988-03-23 Siemens Aktiengesellschaft Berlin Und Munchen Method and device for enciphering data
US4965568A (en) * 1989-03-01 1990-10-23 Atalla Martin M Multilevel security apparatus and method with personal key
NL1001659C2 (en) * 1995-11-15 1997-05-21 Nederland Ptt Method for writing down an electronic payment method.

Also Published As

Publication number Publication date
BR9810486A (en) 2000-09-12
NO996488L (en) 2000-02-28
EE9900598A (en) 2000-08-15
TW411427B (en) 2000-11-11
SK176199A3 (en) 2000-07-11
WO1999000775A1 (en) 1999-01-07
CA2295032A1 (en) 1999-01-07
EP0992026A1 (en) 2000-04-12
HUP0003227A2 (en) 2001-02-28
CN1260894A (en) 2000-07-19
NZ501887A (en) 2001-05-25
BG104041A (en) 2000-05-31
JP2002507297A (en) 2002-03-05
IS5307A (en) 1999-12-17
NO996488D0 (en) 1999-12-27
EA200000073A1 (en) 2000-06-26
MXPA99011836A (en) 2002-04-19
GB9713743D0 (en) 1997-09-03
ZA985628B (en) 1999-01-26
AU8122598A (en) 1999-01-19
PL337533A1 (en) 2000-08-28
KR20010014257A (en) 2001-02-26

Similar Documents

Publication Publication Date Title
TR199903243T2 (en) payment process and system
KR100768754B1 (en) Portable electronic charge and authorization devices and methods therefor
HK1014216A1 (en) Funds transaction device
IL94633A (en) System for transferring key encrypted data between computers
HK1040343A1 (en) Method for the utilisation of applications stored on a subscriber identity module (sim) and for the secure treatment of information associated with them
CN202041965U (en) Swiping card magnetic head special for peripheral component interconnect (PCI) 3.0
ATE59720T1 (en) TERMINAL FOR PROTECTED ACCESS SYSTEM.
SE9602528D0 (en) Improvements in, or relating to, Internet communication systems
JP2694168B2 (en) IC card
CA2296208A1 (en) Cryptographic token and security system
KR20010036485A (en) Apparatus and method of on-line approve by smart card
SE9702216D0 (en) security module
TW369645B (en) Transaction key generation system
JP4729187B2 (en) How to use card management system, card holder, card, card management system
CN201259686Y (en) Novel integrated circuit card
JP2001084081A (en) Multi-function keyboard
SE9500697L (en) Electronic transaction system
JPS6275769A (en) Cipher key setting system
RU98117792A (en) ELECTRONIC COMMERCIAL SYSTEM
MY121601A (en) Funds transaction device
KR20020007101A (en) The safe-card method running on Internet networks between safe-card CD program to, confirm via user's selecting for personal security data.
ES2152886A2 (en) Collection control system for recreational machines and similar elements
KR20120013499A (en) Online-Payment Method Executed by Smart Card Reader Driver
BR8203310U (en) Digital cell phone for normal mobile phone operations, full business transactions and secure electronic payment financial transactions and any nature - digital / virtual money, and others