TWI521450B - A payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction - Google Patents

Description

Pay terminal using mobile communication device such as mobile phone and direct bill payment processing method

A solution refers to a paying terminal that is positioned in a mobile communication device, such as a mobile phone. To implement the payment processing program, the terminal can even communicate via its own communication component, primarily of the NPC type. The present invention also describes a method of direct bill payment using a contactless transmission link.

It is known to permanently locate a pay terminal (POS (point of sale) terminal) in a commercial building. The POS terminal operates in a manner that is secure in a protocol system by transferring money from the purchaser's account to the store operator's account. To date, payment through a POS terminal has been a feature of payment, in which a payee has a POS terminal and a paying consumer uses a corresponding card as a payment device. In the first phase, one of the operating card holders checks and verifies that the process should be highly secure and should be implemented with reasonable efforts of both parties (merchants and paying consumers). Subsequently, the running payment amount is automatically credited to one of the store's account handlers. Initially, only cards with a magnetic strip were used to run the paid terminal application. However, with regard to technical limitations, magnetic strips with loaded data present a security risk because the magnetic strips can be replicated or changed with the use of simple technical devices. Reading internal data from magnetic strips is low-tech.

Therefore, in the second half of the 1990s, the card issuer, MasterCard, and VISA made an agreement to create an EMV standard using a microchip positioned on a pay card. The EMV (Europay MasterCard Visa) standard ensures that the interoperability of global interoperability is between the payment card chip and the POS terminal. The use of microchips can protect the data located on the microchip in such a way that it is not possible to access the data from outside without a PIN. Even if there is no online connection to the processor's headquarters, cardholder verification (Cardholder Verification) can be achieved by using the wafer on the card. Although the magnetic stripe represents a passive data carrier, the wafer on the card is basically a small computer having its own computational capacity, a secure portion with memory and a data encryption unit. Regardless of the technical characteristics of the current POS terminal mentioned, it is found that in the case of fraudulent adjustment and manipulation in the inner side of the POS terminal or in the case of inserting an intermediate link into the reading device, the data from the card can be revealed And PIN code. This usually occurs when the store owner of the POS terminal is not known, under the control of the operator's lack of control or in the case of other deceptive methods.

However, until now, there has been no known technical tool capable of converting a mobile phone into a pay-type terminal of this type, which can be owned by a paying consumer and can have an entire business relationship (pay card issuer, processing headquarters, bank, The security required by individual participants of the business).

The solution according to CN101351819 indicates the possibility of using a mobile phone as a POS terminal; however, it does not deal with the specific organization of the individual basic elements of the system. Many solutions, such as the solution according to the patents CN101339685, CN101329801, US2008270246 (A1), SI22595(A), US2008059375, describe mobile phones participating in direct bill payment, although there are no separate POS terminals directly in the phone. Or, as in its US20077241180 (A1) file, there is a solution for a mobile phone to interact with a static POS terminal.

There is a requirement for this technical solution that the technology solution will have an EMV paid application even if the Internet pays or other payments made outside the general store (for example, downloading a program stored at the operator) The program is highly secure and will generate the final paid password strictly in the form of EMV standards. These types of solutions are currently not known, or may be disclosed or misused, for example, during the transmission of data from a pay-per-click consumer's payment card to the merchant's POS terminal or virtual POS terminal, or NFC or GPRS communication, these solutions have the security risks inherent in the above facts. If the initial proximity between the POS terminal and the pay card in the general store is lengthened to communicate through the Internet environment, then the security risk increases.

The disadvantages mentioned are largely eliminated by the use of a payment terminal such as a mobile communication device, such as a mobile telephone, which contains a memory, an interface and a microcontroller. The microcontroller is linked to the memory and is also linked to the circuitry of the mobile communication device via an interface. The payment terminal includes a configuration data unit having a unit of a POS payment terminal application and also including a payment terminal stored in one of the security portions of the memory. The essence of the invention lies in the fact that the payment terminal can be stored on a removable memory card together with the relevant configuration data, the removable memory card being adjusted in such a way that it can be inserted into the mobile communication device. In a slot for additional hardware, this slot is used to add functionality beyond the basic functionality of the mobile communication device.

The essence of the solution is the following configuration: the entire processing program core of the POS terminal can be positioned on one of the removable memory cards inserted in the mobile communication device, and the most likely use exists in the removable memory. The body card is inserted into the common memory slot of the mobile phone. The operation of all internal paid POS terminal applications can be implemented on the removable memory card inserted in the mobile communication device. An exception to the communication handler can be discovered by the payment processor headquarters, and the mobile communication device's own communication channel (SMS (Short Message Service), GPRS General Packet Radio Service) can be used in the payment processor headquarters. A display device for the mobile communication device can be used to display the operation of the paid application.

The processing core of the POS terminal is only transmitted to the supplementary memory card in the mobile phone, which brings unexpected technical advantages, but it also causes difficulty in loading data from the pay card because the mobile phone does not have a chip card reader. An important feature of the current solution is that even one of the user's payment cards or even a number of payment cards can be placed on the same hardware device (i.e., on the removable memory card). In this way, it is technically ensured that in addition to the security-protected portion of the memory having the data for the payment terminal, the removable memory card also contains one of the memory devices having the payment card data. Protection section.

Inserting the removable memory card into a slot for the additional hardware of the mobile communication device during operation of the payment application, the slot for adding functionality beyond the basic functions of the mobile communication device . However, it is not excluded that the slot will be primarily the most commonly used slot accessible externally from the mobile communication device, such as a mobile telephone. The slot is designed for this technical device, without the slot, the mobile communication device can fulfill its basic functions. Therefore, the slot under consideration does not directly affect the transmission of the data and/or voice practitioner's network; in fact, the slot is different from the interface for the SIM (Subscriber Identity Module) card. The memory card, which is an important component of the present invention, does not have the function of a SIM card. The removable memory card described in the solution under consideration does not depend on the SIM card of the mobile phone and can be removed or inserted into the mobile phone without interfering with any of the conventional functions of the phone. .

If the communication between the payment card and the POS terminal is narrowed to the data transmission inserted in one of the hardware devices in the mobile phone during the running of the application, it is impossible to monitor and misuse the communication by the common component. After the payment is realized, the encrypted information about the realized payment is sent from the removable memory card. This information is differentiated by sufficient security in the form of EMV standards. In a common configuration, the mobile communication device can be a mobile phone that ensures that an external function for communicating with the payment processing headquarters is used to run a paid application on the removable memory card. The mobile phone will also ensure the power of the removable memory card.

The removable memory card may even include a pay card unit having a paid application primarily of the EMV type. According to the EMV standard, this type of payment card unit will include hardware and software tools to ensure functionality similar to that of the wafer. The interface of this unit can be different because the unit is not designed to be read in a conventional type of reader, but the unit will be firmly and detachably connected to the removable memory card carrier. .

Placing POS pay terminals and payment cards in one and inseparable hardware devices until now is meaningless because the terminals are physically placed at the merchant and are typically owned by banks, payment processors, and the like. With the current solution, the user can implement a rental payment terminal, and in this case, the payment terminal and the payment card may be placed in a hardware device. From a configuration identity point of view, the terminal will remain owned by a particular bank or processing organization, as the bank or processing organization up to now typically has such terminals placed at the merchant. Because the communication between the payment card and the POS terminal will be run through the controller and microcontroller in the hardware of the removable memory card and given the micro size of the payment device, then essentially, this is illegally read from the outside. Communication will not be technically feasible.

The dedicated material of the POS paying terminal (such as the encryption key and the identification data) must be stored in the secured portion of the memory, preferably in a so-called Secure Element. The secure element is characterized by specific hardware characteristics and is subject to corresponding credentials, and thanks to this credential, the participating components are happy to believe that their proprietary material is in the memory device. The information of these POS paying terminals must be strictly separated from the access to the paid card data and vice versa. For this reason, at least two independently separated secured memory domains can be attached to the removable memory card. Such fields may be in the form of, for example, separate portions of a secure element.

From the point of view of the processor in the optimized pay-per-view application, it is advantageous (but not necessary) for the removable memory card to have two separate hardware security elements. These security elements can be in the form of two identical wafers that can be placed independently on the printed circuit of the removable memory card. The first secure element can then be used to store POS terminals or separately store data for different POS terminals. The second secure element will be intended to store information about the payment card or various payment cards. Therefore, the current solution can place a POS terminal of a certain industry and a number of payment cards of a user (ie, payment cards of various banks issued under a personal name) on a hardware device. Since these configurations and paid materials (belonging to different companies) must be located separately from an access point of view, these secure elements will be divided into separate domains and parts. If two secure elements are used, then even if the secure elements will not have multiple tasks, the secure elements can be made to communicate with one another and run two applications. The use of two or more secure elements increases the total memory capacity available, in such a way that the paid POS terminal application can be run directly on the secure elements. In a configuration with one secure element, it would be more appropriate to use another, inexpensive but unsafe memory that will be loaded into the memory and will be in the payment process The paid POS terminal application runs on the memory.

In addition to containing the common memory itself, the memory card can hold a security element in the form of a wafer with secure memory in which one of the configuration data of the terminal is stored. This unit is used to securely store the information that the terminal needs to assign its own identity. In principle, most of these decisions are made as to who owns the terminal with the relevant information.

The secure element is connected to the microcontroller. The term microcontroller may even mean a controller or some narrowed hardware in the form of a controller. The microcontroller can be located in a manner in which the functionality of the microcontroller is divided, for example, dividing the controller portion from the computing portion in another wafer. In order to be able to run the paid POS terminal application, the microcontroller can also be connected to the memory of the memory card, which stores a unit with a paid POS terminal application. This application can be in the form of an EMV application. The microcontroller reads the paid POS terminal application from the respective unit whereby it becomes a so-called universal POS terminal. It is a general-purpose POS payment terminal, although it is still indistinguishable at the moment. In order for the POS paying terminal to become associated with a particular bank or institution, the terminal configuration material must be downloaded from the selected unit in the smart card chip.

This configuration enables the configuration and adaptation of a memory card that implements one of the paid POS terminal operations to be inserted into a common mobile phone having a slot for memory expansion.

The pay card unit will be located separately from the unit having the terminal configuration data in a secured portion of the memory, preferably on a separate domain of the secure elements in a particular wafer. As for the appropriate structure of the memory card and high penetration with respect to the mobile communication device having the SD slot, the card is suitable for an SD type or miniSD or microSD card or even a M2 (Memory Stick Micro) ). The interface to the memory card of the circuit of the mobile communication device will then be an SD or M2 type interface. The microcontroller can be connected to the card interface as set forth in the regulations defined by the SD Card Association (Technical Committee SD Card Association).

In order to achieve sufficient data permeability, it may be appropriate if the payment card has at least one two-conductor data bus or a better four-conductor data bus. The card preferably has a maximum parameter of less than 24 mm and a second maximum parameter of less than 14 mm.

The microcontroller can be equipped with non-deletable internal memory, preferably of the EEPROM type. In order to achieve a sufficient level of security, the microcontroller can also include a boot loader unit for controlling unauthorized intervention of the loaded POS payment application. The boot loader can be located in the read-only portion of the microcontroller processor memory and it runs after each reset of the terminal. The boot loader function is used to control whether the operating system or application is altered by any unauthorized intervention. After each reset, the boot loader calculates a hash value (digital signature) based on the contents of the external flash memory of the program, and the external flash memory stores the operating system and the applications. The boot loader then compares the result with the value stored in the internal memory of the EEPROM. If the data is equal, then the boot loader leaves management rights to the operating system. Otherwise, the boot loader decrements the counter of the unsuccessful attempt and then stops. If the counter reaches zero, it is not possible to start the microcontroller again. In the memory, an operating system (starting and ending as one of the addressed areas) can be stored, and the hash value (digital signature) of the memory capacity is stored during the first operating system and application storage. In the microcontroller. In the future, it is impossible to change this information.

In a common version, the microcontroller can have a 32-bit microprocessor structure.

The utility of the terminal can be significantly increased by this configuration, wherein the paying terminal can have its own communication channel, ie in principle the communication channel is independent of the communication path of the mobile device. This configuration version will feature a memory card containing a contactless communication component that is coupled to the security component and/or a microcontroller. It is preferred if the antenna is directly positioned on the memory card and if the antenna is connected to a contactless communication component. In this way, the functional independence of the terminal will be achieved. The contactless communication component can be equipped with one of the surrounding electromagnetic fields. Due to the detection, the circuit of the contactless communication component will be activated only when a connection is required, which will result in a reduction in the energy requirements of the terminal. The terminal can be powered by the electromagnetic field of the mobile phone through the electromagnetic field and through the interface of the memory card. The contactless communication device can be linked to all of the units on the secure element, except for the encryption unit, which is only accessed by the microcontroller to reduce the risk of unauthorized code corruption. The communication element is preferably of the NFC type according to the ISO 14443 standard with respect to the distribution of existing communication types.

The paying terminal may have more individual units in the secure element, the individual units having configuration data from different independent terminals. These configuration data will be stored in separate domains of the secure element. This technical solution will enable the paying terminal to enter a terminal belonging to one of the different pay processors. This ability will depend on the user's choice or on other commands. In this way, a memory card can be categorized and run the sequential functions of several independent paying terminals. This configuration would be advantageous, especially when considering the described mobility of the paying terminal and its independence from a particular merchant or when there is a better likelihood of selection and the identity and owner of the paying terminal.

The paying terminal may also include a number of paying cards by having a number of separate units in the secure element, the independent units holding independent payment cards having their respective paying applications. Therefore, the paying terminal can be not only a multi-paying terminal but also a multi-card. As the number of cards owned by a user increases, this solution will create a comfortable and secure combination of such payment components to be inserted into one of the memory cards of a mobile phone.

The memory card memory (preferably in the form of a flash memory) can have at least a portion of its security space. In this case, a paid POS terminal application unit can be stored in this memory. This unit may even be located directly in the microprocessor or in such secure elements, but in some board architectures, this type of solution may not be sufficiently flexible when considering the required size of the memory area. However, it will be necessary to gradually update the paid POS terminal application, and the activities that can be performed by the downloaded management unit are stored in the memory. The memory card can be equipped with a memory controller processing unit for data flow management. If there is any need for communication between the memory card and a mobile phone through the website interface, a web server unit can be included in the memory card.

According to the current description, the utility of the terminal will be increased by expanding the functionality of its non-financial features. The existing components of the memory card, the independent secure element domain, the contactless communication component, and the encryption unit can be used to control an external device (eg, a remote control), an electronic key to a gatekeeper, and the like. In this case, one of the non-financial application units initialized by the microcontroller can be in the secure element or in the managed smart card chip.

In the configuration according to this solution, the memory card with the payment terminal function can even further fulfill the function of the extended memory of the mobile communication device. In the unprotected portion, the memory can have an area for the user to freely access data such as images, music files, and the like. This portion is directly visible when viewing the mobile communication device. In this memory, for data hidden from the user, system data can be recorded as a result of payment processing and the like.

For payment purposes in a standard store, the system may complement the pay-as-you-go POS terminal application launcher; the launcher may be in the form of a simple hardware component or it may be part of a cash register. The initiator may have a payment value generating unit. The merchant types the required payment amount through the launcher. This amount can also be generated as the final purchase amount output from the cash register. The actuator is attached to or fully equipped with a communication component that is compatible with the communication component on the removable memory card or with the short-range communication component of the mobile communication device.

In accordance with the present invention, a direct bill payment method using a mobile communication device is based on the fact that a paid POS terminal application can be inserted on a removable memory card in a slot for a mobile phone for additional hardware. Run and the pay card application can also run on the same hardware device. The operating feature of the paid POS terminal application known until now is that the payment card is temporarily connected to the POS terminal during the implementation of the payment. According to the current solution, the payment card is securely connected to the paying terminal and thus the communication between the POS terminal and the pay card can be run directly through the circuit of the pay card. Since then, the technical solution has made it possible for various new paid application programs to emerge, and in principle the result of the paid POS terminal application can be in the format used today (EMV cryptogram).

In one of the possible program versions, the paid POS terminal application can be loaded into the microcontroller in the memory card and subsequently loaded with the configuration data of the identity of the selected terminal from the corresponding secure element. An important feature is also the possibility of loading the payment card data from the secure element into the microcontroller operating as a payment terminal, so free of the same kind of hardware device used by the paying POS terminal application for its operation. Enter the information. If the secure element has sufficient computing capacity, the pay POS terminal application can run directly in the secure element. This will happen with the use of two secure elements, one for the paying terminal and the other for the pay card. Even in this configuration, the pay-as-you-go POS terminal application can be generated as one of the identities for all paying terminals, with no difference, commonality; and only after selecting the paying terminal, will be from the corresponding independent domain of the secure element The identification data is loaded into the paid POS terminal application. The version using the stand-alone POS terminal application with the configuration data already inserted has also not been deleted.

To increase the security level, it is preferred that the boot loader run the change control system in the paid POS terminal application before running the pay POS terminal application itself. The paid POS terminal application will be managed by an input device (mainly a keyboard) of the mobile communication device.

This solution is illustrated in detail in Figures 1 to 6.

Example 1

In this example, a solution using two independent security elements 31, 32 according to Fig. 3 is described. The use of separate hardware security elements 31, 32 simplifies the credential requirements that are set by individual participants (issuers, clearinghouse operators) of the payment system when storing confidential information on the secure elements 3, 31, 32. In this example, each of the secure elements 31, 32 is also divided into separate domains that can be provided to different issuers and to different owners of the configuration data of the POS terminal. The security elements 31, 32 are in the form of separate chips on a circuit board on which the security elements are coupled to a controller that performs the role of the microcontroller 12. The interfaces of the security elements 31, 32 towards the controller 12 are ISO 7816. The removable memory card 1 is in the form of a microSD card. An ASIC (Dedicated Integrated Circuit) chip is coupled to the microcontroller 12, which is configured to execute an NFC platform communication processing program and by doing so, the ASIC chip performs the functions of the communication element 13. The antenna 21 directly positioned on the body 1 of the removable memory card is designed according to a patent application of the patent owner and is connected to the ASIC chip in a manner enabling NFC communication, the NFC communication independent domain mobile phone 4 Other hardware. The removable memory card 1 also contains, for example, a common flash memory 2 having a capacity of 2 GB. The user cannot access a portion 20 of the memory 2 from the interface 4 of the mobile phone; this portion of the memory is used for archiving of the paid records. The remainder of the memory 2 is used for the common storage of music, images and the like, and thanks to the common storage, the entire memory card 1 appears to the user as a common memory medium. By placing the POS terminal and the payment card on a removable memory card 1, the initial function of the slot of the mobile phone 4 designed to expand the memory capacity does not disappear.

Payment can be run in two different categories. For example, as shown in Figure 6, the user of the mobile phone 4 determines that he wants to buy a map in electronic form in an internet store. In this case, the operator of the internet store can be the producer of the mobile phone 4. The microSD memory card 1 produced according to the described technical solution is inserted into a lateral slot accessible from the outside of the mobile phone 4. The secure element 31 stores POS terminal configuration data 6 belonging to a number of people (and even among those of the Internet shop). After selecting the purchased item, a payment request for the corresponding amount is sent from the internet store to the mobile phone 4. The user presses the phone with a pay button. In another payment example, the payment selection can be initiated by a software button displayed on the display of the mobile phone 4. The request to launch the paid POS application is sent to interface 11. The pay POS terminal application runs on the memory card 1 in the same manner as it operates in a relationship between a standard POS pay terminal and a pay card, the pay card being inserted into the reader of the POS terminal . The display of the mobile phone 4 is used to manage the operation of the payment. The user selects the payment card based on the amount he wants to pay. After launching the application in the corresponding unit 7 of the selected payment card, the payment operation can also be managed by the pre-set rules of the risk management of the issuer of the corresponding card. Depending on this, it will be necessary or unnecessary to type in the paid cartoon line password.

After ending the paid POS terminal application, the software disconnects the POS payment terminal from the payment card and transmits the generated payment password through the GPRS channel to be processed in the Internet store. After the internet store receives and decrypts the paid profile, the payment is estimated and, in the case of a positive result, the paid item (in this example, the map) is sent to the mobile phone 4.

Example 2

A pay terminal on the removable pay card 1 platform of the microSD type equivalent to a standard microSD card in shape and parameters is described in this example. As in Figure 1, the payment card 1 has a microcontroller 12 in the form of a 32-bit microprocessor operating on a multitasking operating system 8 (Linux in this example). A flash memory 2, a secure element 3 and an SD interface 11 are connected to the microcontroller 12. Microcontroller 12 includes an internal EEPROM memory 10 and a boot loader 9 that controls unauthorized intervention in the loaded pay POS terminal application.

The flash memory 2 is divided into a protected portion and an unprotected portion. In the unprotected portion there is a space 15 for free access and visible user data and a space 20 for hiding system files (especially records of payment processing processed by the paying terminal). In the security part of the memory card, there is a unit 8 holding the operating system (Linux in this example) and a paid POS terminal application (in this case, an EMV type application) The premier paid POS terminal application unit 5. In this example, in the secured portion of the memory 2, there is also a download management unit 19 for storage and software update management on the memory card 1. If it is necessary to load/upgrade the application in the smart card chip 3, then the application binary data is loaded into the unprotected portion of the flash memory 2, for example, until the storage is hidden from the user. The system data unit in the space 20 of the data. The download management unit 19 periodically checks whether there are any new files in the system data unit that should be loaded into the secure element 3. If so, then run a separate installation.

In the secure portion of the memory 2, there is also a SCWS web server unit for managing applications stored in the secure element 3 (except for the EMV paid application). In the microcontroller 12, there is stored a memory space in which the operating system (as one of the addressed regions begins and ends). The hash value (digital signature) of the memory capacity is stored in the microcontroller 12 during storage of the first operating system and application. In the future, it is impossible to change this information, which ensures protection against software changes.

A number of individual fields are created in the secure element of the smart card chip 3. In this document, the fields have three configuration data units 6 for holding three independent terminals belonging to three different payment processors. The two parts of the secure element contain two separate pay cards 7 with separate paid applications of the EMV type. The example given here thus describes a solution that enables a user to pay with two different payment cards at three terminals, each of which belongs to a different payment processor. For example, one of these payment processors can be a mobile phone network operator who connects their telecommunications services to a direct bill payment processing service. On the secure element, there is also an RSA encryption unit 14.

The memory card 1 also has its own NFC contactless communication element 13 and the antenna 21 placed in the memory card 1, respectively. This configuration enables an NFC communication connection between a common telephone that does not have an NFC chip and a related reader that satisfies the ISO 14443 standard.

Also within the secure element 3 is a non-financial application unit 16, which in this example is configured to operate as an electronic contactless key for door knocking.

The controller 17 of the flash memory 2 is in the secured portion of the memory 2 and the controller manages the transfer of data between the mobile phone and the flash memory 2 on the memory card 1. The controller of the flash memory 2 unitizes the possibility of viewing the data or writing to the protected portion of the memory 2 and also systematically viewing the unprotected portion of the memory 2, the system The data unit (allowing read and write) is located in the unprotected portion.

The pay-as-you-go terminal application runs on the removable memory card 1 inserted in the slot 4 of the mobile communication device for additional hardware. The paid POS terminal application is loaded into the microcontroller 12 in the memory card 1 and subsequently loaded with configuration information of the identity of the selected terminal from the secure element 3. The selected payment card data is loaded from the secure element 3 into the microcontroller 12 operating as a pay terminal. Which payment card information to load depends on the user's choice.

The boot loader 9 runs one of the paid POS terminal applications to change control before starting the pay POS terminal application itself. The paid POS terminal application is managed using the keyboard and display of the mobile communication device 4. The mobile phone has a graphical GUI interface (graphical user interface) that enables communication between the user, the memory card 1 and the host processor. There are also push SMS technologies in the phone. The pay-as-you-go POS terminal application enables the SD microcontroller application 12, one of online payment and offline payment, using the payment application on the microSD memory card 1. Payment is implemented when the "card exists", which increases security (with a cryptographic signature) and the ATC counter is incremented by one during each processing, which means that it is not possible to generate an infinite number of processing in order to get some keys. The client manages the paid POS terminal application through one of the GUI applications installed on its own phone. In this example, the pay POS terminal application, along with the microcontroller 12, forms a general purpose POS terminal. In a different configuration, the universal POS terminal can be formed by a paid POS terminal application connected to the same computing component directly in the wafer having the secure component. Subsequently, together with the configuration parameters, they form an embedded POS terminal (EMBEDDED POS TERMINAL): Terminal_type 1x = terminal belonging to a financial institution, 2x = one terminal belonging to a merchant, 3x = one terminal belonging to the card holder ( Card holder terminal). The configuration data unit 6 of the terminal contains the terminal ID number, PDOL data (processing option data item list), terminal risk management, offline batch file format, SMS strobe on the host, IP address on the host, and signing Chapter offline processing code. Payment can be offline or online. Communication with payment processors can be achieved via SMS messages or via GPRS.

real Example 3

In this example, a removable memory card 1 is described which contains only a minimum set necessary to effect payment. The structure of the removable memory card 1 is shown in FIG. This type of removable memory card is designed to be sold only as a prepaid card with a pre-purchased amount and is intended, for example, to be sold to a traveler from a country using a different currency. The removable memory card 1 contains an interface 11 having contacts in accordance with the microSD format. There are two security elements 31, 32 in the plastic body of the removable memory card 1. In the first secure element 31 there is configuration information of the POS terminal generated by the manufacturer of the prepaid card system. There is a one-time payment card in the second secure element 32. In conjunction with the removable memory card 1, the business kit also includes a paper carrier having a scrap field for managing access to the pay card. A corresponding PIN code. The memory card 1 performs all operations when a common POS terminal held by the merchant is connected to the paying card of the paying consumer. The facility of the mobile phone 4 is used for display and communication.

Example 4

In this example, the system supplements the paid POS terminal application launcher 22. The actuator 22 can be in the form of a single device having one of the NFC communication elements. In this example, the initiator is coupled to the output of the cash register 26, which will send information about the total required payment to the output. The launcher 22 generates an archive containing the payment value, the merchant account information, and the request command. The initiator 22 transmits this file to the mobile phone 4 applied thereto via the communication component 24. The receipt of this file on the memory card 1 causes the payment POS terminal application to be launched. This solution enables the use of the paying terminal of the mobile phone 4 of the user for direct bill payment in a general store that does not have its own POS terminal.

Commercial applicability

Commercial applicability is obvious. With the present invention, it is possible to industrially and repeatedly manufacture and use a payment terminal implemented in a memory card having one or more payment cards in one memory card.

1. . . Memory card

2. . . Memory

3. . . Safety element

4. . . Mobile communication device

5. . . Paid POS terminal application

6. . . Terminal configuration data unit

7. . . Payment card unit

8. . . Operating system unit

9. . . Boot loader unit

10. . . Internal microcontroller memory

11. . . interface

12. . . Microcontroller

13. . . Communication component

14. . . Encryption unit

15. . . Freely accessible user data space

16. . . Non-financial application unit

17. . . Flash memory controller

18. . . Website server unit

19. . . Download snap-in

20. . . Hidden data space

twenty one. . . antenna

twenty two. . . Launcher

twenty three. . . Payee computer

twenty four. . . Starter communication component

25. . . Paid processing headquarters

26. . . cashier

31. . . POS terminal security element

32. . . Secure element for payment card

1 is a block diagram of a connection between an individual component of a memory card and an individual component on a memory card being displayed, and a partitioned security component having a paid POS terminal (also from a number of payment cards) Have security information.

Figure 2 shows a solution in which there is a mobile phone with one memory card during payment in the internet store or during payment for files downloaded from the mobile network.

Figure 3 is a microSD type removable memory card with two separate security elements and a communication element (just like an antenna) positioned directly on the memory card.

Figure 4 is a prepaid removable memory card with a simplified architecture among the options with two secure elements.

Figure 5 is a continuation of the tasks within a paid application running on a removable memory card while paying for the files provided in the mobile network.

Figure 6 is a solution with a paid launcher in which the launcher practice is positioned to permanently follow the cash register in the physical store.

1. . . Memory card

2. . . Memory

3. . . Safety element

5. . . Paid POS terminal application

6. . . Terminal configuration data unit

7. . . Payment card unit

8. . . Operating system unit

9. . . Boot loader unit

10. . . Internal microcontroller memory

11. . . interface

12. . . Microcontroller

13. . . Communication component

14. . . Encryption unit

15. . . Freely accessible user data space

16. . . Non-financial application unit

17. . . Flash memory controller

18. . . Website server unit

19. . . Download snap-in

20. . . Hidden data space

Claims (23)

A payment terminal using a mobile communication device such as a mobile phone, wherein the payment terminal includes a memory, an interface (11) and a microcontroller (12), and the microcontroller (12) and the memory and the The interface (11) is connected, and the POS terminal also includes a unit (5) having a payment terminal application and even a unit having configuration data of the payment terminal in the security protection portion of the memory (3, 31, 32). (6) The pay terminal is characterized in that the corresponding configuration data of the paying terminal together with the paying terminal is located on a removable memory card (1), and the removable memory card is in this manner Adjusted so that it can be inserted into an additional hardware slot that is used to add functionality beyond the basic functions of the mobile communication device (4), the removable memory card (1) containing One of the configuration data units (6) of the POS terminal has a security memory (3, 31) and also has a security card (3, 32) having a payment card unit (7), wherein the payment card unit (7) Positioning separately from the configuration data of the POS terminal, which is safe Memory protection (3,31,32) linked to the microcontroller (12) and the microcontroller (12) linked to the interface (11) for connection to the mobile communication device (4) of the circuit. The payment terminal of claim 1, characterized in that: the configuration data unit (6) for the payment terminal is generated and the security protected memory for the payment card unit (7) is used as a security element (3) Independent domain. The payment terminal of claim 1, characterized in that the secure storage device for storing configuration data of the payment terminal is formed by the security element (3), and the security element (3) is associated with the payment Card unit (7) alone Separate hardware of the security element (32). A pay terminal according to any one of claims 1 to 3, characterized in that the memory card (1) is of the SD type or miniSD or microSD card or M2 type and the interface (11) is of the SD type or the M2 type. A pay terminal according to any one of claims 1 to 4, characterized in that the memory card (1) has at least two conductors (preferably four conductors) data bus. A pay terminal according to any one of claims 1 to 5, characterized in that the memory card (1) has a maximum size parameter of less than 24 mm and a second maximum size parameter of less than 14 mm. A payment terminal according to any one of claims 1 to 6, characterized in that the microcontroller (12) comprises a non-deletable internal memory (10) (preferably of the EEPROM type), the microcontroller (12) There is also a boot loader unit (9) for unauthorized intervention control in the loaded pay POS terminal application. A payment terminal according to any one of claims 1 to 7, characterized in that the memory card (1) is provided with a contactless communication element (13) to which the contactless communication element is connected (3, 31, 32) and / or the microcontroller (12). A pay terminal as claimed in claim 8, characterized in that the memory card (1) has an antenna (21) connected to a contactless communication element (13). A pay terminal according to any one of claims 1 to 9, characterized in that the secure element (3, 31) has at least two units (6) having configuration data from different independent terminals. The payment terminal of any one of claims 1 to 10, characterized in that the security element (3, 32) has at least two units of independent payment cards having a corresponding payment application, preferably having an EMV standard. (7). The payment terminal according to any one of claims 1 to 11, characterized in that the memory (2), which is preferably of the flash type, has at least a part of its security protection space, and in this security protection area The paid POS terminal application (5) is stored. The payment terminal of any one of claims 1 to 12, characterized in that the memory (2) has a memory control unit (17), a download management unit (19) and preferably a website server unit. (18). A pay terminal according to any one of claims 1 to 13, characterized in that the secure element (3, 31, 32) has a non-financial application unit (16). A pay terminal according to any one of claims 8 to 14, characterized in that the contactless communication element (13) is of the NFC type which satisfies the ISO 14443 standard. The payment terminal according to any one of claims 1 to 15, characterized in that the unprotected portion of the memory (2) has a space (20) hidden from the user and the user freely accesses the data. A space (15). The payment terminal of any one of claims 1 to 16, wherein the payment terminal further comprises an initiator (22) of the paid POS terminal application located in the store and having a unit for generating a payment value; The starter (22) is equipped with a communication component (24) that is compatible with the communication component (13) on the removable memory card (1) or with the mobile communication device (4) The short-range communication components are compatible. A direct bill payment processing method using a mobile communication device a mobile phone POS terminal and running an EMV type paid POS terminal application, the method is characterized in that the paid POS terminal application is inserted in a slot for the additional hardware of the mobile communication device (4) One of the removable memory cards (1) operates while communication with the payment card operates within the circuit of the removable memory card (1). The direct bill payment processing method of claim 18, characterized in that the pay POS terminal application is loaded into the microcontroller (12) located in the memory card (1), and then from the The secure element (3, 31) loads the configuration data of the identity of the selected terminal. A direct bill payment processing method according to claim 18 or 19, characterized in that data relating to the selected payment card is loaded from the secure element (3, 32) to the microcontroller operating as a pay terminal (12) )in. A direct bill payment processing method according to any one of claims 18 to 20, characterized in that the boot loader unit (9) runs a change in the paid POS terminal application during or before the activation of the POS terminal control. The direct bill payment processing method according to any one of claims 18 to 21, characterized in that the paid POS terminal application is managed by an input device (mainly a keyboard) of the mobile communication device (4). The direct bill payment processing method according to any one of claims 18 to 22, characterized in that: the information about the required payment amount is inserted into the paid POS terminal application from the separate initiator (22), the startup The device (22) transmits the information about the payment for the request through the contactless communication channel along with the start command.