WO2022253424A1 - Système de transaction pour des actifs financiers cryptographiques stockés de manière décentralisée dans un réseau informatique - Google Patents

Système de transaction pour des actifs financiers cryptographiques stockés de manière décentralisée dans un réseau informatique Download PDF

Info

Publication number
WO2022253424A1
WO2022253424A1 PCT/EP2021/064798 EP2021064798W WO2022253424A1 WO 2022253424 A1 WO2022253424 A1 WO 2022253424A1 EP 2021064798 W EP2021064798 W EP 2021064798W WO 2022253424 A1 WO2022253424 A1 WO 2022253424A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
private key
card
transaction system
user
Prior art date
Application number
PCT/EP2021/064798
Other languages
German (de)
English (en)
Inventor
Senay ÖNDER
Original Assignee
FATIH, Selahattin
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by FATIH, Selahattin filed Critical FATIH, Selahattin
Priority to PCT/EP2021/064798 priority Critical patent/WO2022253424A1/fr
Publication of WO2022253424A1 publication Critical patent/WO2022253424A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/206Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Definitions

  • the present invention relates to a transaction system for cryptographic assets stored decentrally in a computer network, according to the preamble of claim 1, and a corresponding method for carrying out payment transactions.
  • Cryptographic assets of the type presented here are, for example, a cryptocurrency, i.e. a digital means of payment based on blockchain or blockchain technology.
  • the units of the cryptocurrency are represented by such a blockchain, which is stored decentrally in a computer network such as the Internet.
  • the blockchain represents a joint accounting system in which the transactions of the cryptocurrency are mapped.
  • the best-known example of a cryptocurrency is Bitcoin, but there are many other types of cryptocurrency to which the present invention can be applied in equal measure.
  • Ownership of a credit balance of the decentrally stored cryptocurrency is represented by a private key.
  • a transaction such as a transfer of units of cryptocurrency
  • a user In order to make a transaction, such as a transfer of units of cryptocurrency, a user must apply the private key and use it to sign the transaction.
  • Various types of crypto purses or “wallets” exist for storing the private key.
  • wallets which are electronic devices with input and output devices. The user can make transactions in the computer network via such a wallet.
  • the object of the present invention is therefore to create a transaction system for cryptographic assets, such as in particular a cryptocurrency, using a crypto wallet, which is easy and user-friendly to handle and causes comparatively low acquisition costs.
  • Another task of the The invention consists in improving the previously known transaction systems in order to promote the spread, popularization and acceptance of cryptographic assets and cryptocurrencies.
  • a further object consists in creating a corresponding method for carrying out payment transactions from units of a cryptocurrency, which is simple and inexpensive to carry out.
  • the transaction system comprises at least one crypto-purse comprising a hardware memory for storing a private key for signing payment transactions of units of the cryptographic assets, the crypto-purse comprising a portable card comprising a storage medium for storage of the private key in encrypted form.
  • the crypto wallet is thus reduced to a card which, apart from the hardware memory for storing the private key, in principle no other hardware components such as a central processor, active interfaces to create a connection to the computer network, input and output units such as a display, a keyboard or the like is required.
  • the memory can be designed in a very simple way, such as a magnetic stripe, an RFID chip or the like, i.e. in particular as a storage medium that does not require an active energy supply itself, but can be read out via an interface of a reading device, which has other components has to carry out the transaction process, so in particular has input and output interfaces for the user to carry out the transaction and to contact the computer network.
  • the private key itself is in encrypted form on the storage medium of the portable card. It cannot simply be read out and used by an unauthorized person, but must first be decrypted before it can be used.
  • the information required for decryption is not stored on the card, but can be used, for example, by the card user while the transaction is being carried out, for example in a terminal entered, which also reads the card. If the card is lost, there is no risk of the private key circulating and being used fraudulently.
  • the portable card thus offers an easy way to carry out transactions anywhere, since the card itself is easy to carry. On the other hand, the risk of abuse remains low.
  • the private key is encrypted using a second key comprising biometric data, a personal code, a password and/or a personal identification number (PIN).
  • biometric data of any form can be used as a second key, such as a fingerprint or also data from an iris scan, face recognition or the like, in combination or independently of one another.
  • a further possibility is a personal code which, for example, has to be entered by a user and has a simple mnemonic structure so that it is easy to remember and does not have to be written down by the user.
  • Another option is to use a password, which has a similar function. The same applies to the use of a personal identification number (PIN) as a second key, with which the portable card according to the invention can be used as a crypto wallet in the same way as a check card or a credit card, for example.
  • PIN personal identification number
  • the transaction system comprises at least a first terminal, comprising an interface for data exchange with the storage medium of the card, via which the private key can be read.
  • the first terminal includes an interface for data exchange with the computer network for transmission of the private key to the computer network.
  • the private key is thus transmitted via the first terminal and used as part of a payment transaction in the computer network.
  • the first terminal thus establishes the connection between the hardware memory of the crypto wallet and the computer network.
  • the first terminal comprises input devices for the input of data by a user and/or for reading in user-related data.
  • These input or Einlesee wornen can thus used to enter data representing the second key, for example biometric data, a personal code entered for example via a keyboard or the like, a password and/or a personal identification number (PIN).
  • the input devices can include, for example, a camera, a touch screen, the keyboard already mentioned, a numeric keypad or other input or reading devices.
  • the input devices are provided for entering and/or reading in biometric data, a code to be entered by the user, a password and/or a personal identification number (PIN).
  • biometric data e.g., a code to be entered by the user
  • password e.g., a password
  • PIN personal identification number
  • the first terminal and/or at least one second terminal includes means for generating a private key and writing it to the storage medium of the card.
  • a user is thus given the opportunity to generate a private key himself and to obtain a card on which this private key is stored.
  • a card serving as a crypto purse according to the present invention can thus be created as desired.
  • the first terminal and/or the second terminal includes devices for generating and issuing a supplementary card on which the private key is printed.
  • This supplementary card can contain the private key printed in non-encrypted form, so that the loss of the supplementary card entails the risk of the private key being misused. The user must therefore keep the supplementary card out of the reach of unauthorized persons. However, it serves to ensure that the private key is not irretrievably lost at the same time if the portable card according to the invention, which represents the crypto wallet, is lost. Rather, with the help of the supplementary card, the authorized user can use the first or second terminal to generate a new portable card as a crypto purse, as described above.
  • the first terminal and/or the second terminal comprises sealing means for sealing the surface area of the supplementary card printed with private keys with a removable rubber coating and/or a sticker.
  • the seal serves as a privacy screen for unauthorized persons. If the seal is intact, this indicates that the private key has not been read by unauthorized persons. In the event of damage to the seal, a signal is given that an unauthorized person son attempted to obtain the private key. The authorized user can thus take measures to deactivate or block the private key that has become known and to replace it with a new private key.
  • the first terminal and/or the second terminal comprises means for accepting cash or a debit card.
  • the terminal can accept payments of a cash-based currency system or collect funds from a debit card that is based on a different currency system than the present cryptocurrency.
  • the first terminal and/or the second terminal can be represented by a mobile end device such as a mobile phone or a tablet computer. If necessary, this mobile terminal is to be equipped with additional functionalities via its interfaces.
  • the functionalities of the respective terminal regarding a (possibly wireless) data exchange between the portable card, which represents the crypto wallet, the input of data by the user, in particular for the input of such data that represent the second key, and the production of a Data connection to the computer network can be provided by the standard functions of a conventional mobile phone or tablet computer.
  • the first terminal and/or the second terminal includes a software application that can be executed on a mobile terminal device.
  • the portable card according to the invention has a credit card format according to ISO-IEC 7810.
  • the card has a format according to the ID-1 standard.
  • the present invention also relates to a method for carrying out payment transactions from units of a cryptocurrency stored decentrally in a computer network, comprising the following steps:
  • a private key intended for conducting and/or releasing payment transactions of units of cryptocurrency; Reading out the private key through a first terminal and decrypting the private key using a second key which is entered into the first terminal by a user or read in by the user through the first terminal; - Carrying out and/or releasing a payment transaction using the decrypted private key by transmitting it to the computer network.
  • the provision of the portable card with the storage medium and the storage of the private key on the storage medium of the card can be carried out once, while any number of transactions can then be carried out using this card, including the reading of the private key by a terminal, the decryption of the private key, for example through data that the user enters into the terminal during or before carrying out the payment transaction or through personal data that the terminal reads or reads out from the user, and finally the execution and/or release of the payment transaction.
  • the renewed storage of a private key ie also the changing of the same, can be repeated if necessary, in particular if there is a suspicion that the original private key has been misused.
  • the portable card thus serves as a crypto purse that contains the private key, but in encrypted form, as already explained above.
  • the private key is decrypted by an action by an authorized user when required, ie at the moment of the payment transaction. Without this interaction, ie entering the second key, the private key in the form in which it is stored on the card's storage medium cannot be used, even if the card interacts with the terminal.
  • the private key is generated and encrypted by the first terminal or a second terminal and stored on the storage medium of the card.
  • the generation and encrypted storage of the private key can thus be carried out by the same terminal be carried out, which also carries out the transaction in the manner described above, or by another terminal.
  • the second key comprises biometric data of the user, a personal code and/or a personal identification number.
  • biometric data can be used individually or in combination with each other.
  • the second key can comprise only biometric data, only a personal code, only a password or only a personal identification number, or a combination of the above types of data is used to increase the security of the second key, for example a combination of biometric data with a personal code, a password and/or a personal identification number.
  • the first terminal and/or the second terminal also generates and issues a supplementary card on which the generated private key is printed. This serves to be able to continue using the private key as a crypto wallet if the portable card is lost, since this is optically readable on the supplementary card. In this way, the user is enabled to re-record the portable card with the private key or to generate a different key.
  • the first terminal and/or the second terminal preferably seals the surface area of the supplementary card printed with the private key with a removable rubber coating and/or a sticker. This ensures that the private key on the supplement card can only be read if the seal is broken. As a result, damage to the seal indicates that an unauthorized person may be in possession of the private key. This creates an additional security feature.
  • the first terminal and/or the second terminal receives cash or a debit card via receiving means designed for this purpose. This allows the terminal in question to accept payments in a currency other than the current cryptocurrency.
  • the first terminal and/or the second terminal is/are represented by a mobile end device such as a mobile phone or a tablet computer.
  • one or more of the following functions Storage of the private key in encrypted form on the storage medium of the card;
  • the present invention also includes a computer program which is set up to carry out the method of the type according to the invention described above.
  • the invention also relates to a machine-readable medium on which such a computer program is stored.
  • FIG. 1 is a schematic representation of a first embodiment of the transaction system according to the invention.
  • FIG. 2 is a flowchart showing a first embodiment of the method according to the invention, which can be carried out using the transaction system according to the invention from FIG. 1;
  • FIG. 3 is a schematic representation of a second embodiment of the transaction system according to the invention.
  • FIG. 4 is a flowchart showing a second embodiment of the method according to the invention, which can be carried out using the transaction system according to the invention from FIG. 3 .
  • FIG. 1 shows a transaction system 100 for the transfer of units of cryptographic assets, which are stored in a decentralized manner in a computer network 110 .
  • these cryptographic assets can be a cryptocurrency that is stored in the computer network 110 on the basis of blockchain or blockchain technology.
  • at the computer network 110 is the Internet. Ownership of a credit to
  • Units of these cryptographic assets are represented by the possession of a cryptological key which is personalized and is to be referred to below as the private key.
  • a transfer of units of the cryptological assets, ie in particular transactions of units of a cryptocurrency, can only be carried out or released with the help of the private key.
  • a crypto purse which according to the invention is a portable card 112 in a check card format, for example according to ISO/IEC 7810, for example in the ID-1 format, is used to store the private key.
  • the card 112 includes a storage medium 114, such as an RFID chip, on which the private key is stored in encrypted form.
  • a second key In order to carry out transactions, therefore, it is not sufficient to be in possession of the card 112 with the private key stored on it, but a second key must also be used in order to decrypt the private key.
  • the private key In encrypted form, the private key cannot be used to perform and/or authorize transactions.
  • the second key is data that is to be entered by a user or read in by the user and is not stored on the card 112 .
  • the second key can for example comprise biometric data, according to a further embodiment also a personal code such as an alphanumeric code, according to a further embodiment a password and according to a further embodiment a personal identification number (PIN).
  • PIN personal identification number
  • a terminal 116 which includes an interface for exchanging data with the storage medium of the card 112 .
  • this interface is an NFC (Near Field Communication) module 118 that can communicate wirelessly with the RFID chip 114 and the card 112 .
  • NFC Near Field Communication
  • the invention is not limited to this embodiment; so come other re types of interfaces under consideration.
  • the terminal 116 can interface with a magnetic stripe reader that can read a magnetic stripe provided on the card 112 that forms the hardware memory for storing the private key.
  • the card 112 is thus inserted into the magnetic stripe reader of the terminal 116, while wireless communication is possible in the embodiment of the terminal 116 illustrated in FIG.
  • the terminal 116 also includes a central processor (CPU) 120, which can assume central control functions of the terminal 116 during the transaction process. Outside of the transaction process, the central processor 120 can be used to generate additional units of cryptocurrency. The computing capacity of the central processor 120 can thus be fully utilized.
  • CPU central processor
  • Terminal 116 also includes a display 122 that can be read by a user, a keyboard 124, which represents an input device for the user to enter data, a camera 126 for reading in user-related data, in particular optical biometric data, and a fingerprint scanner 128.
  • the camera 126 and the fingerprint scanner 128 can thus be used to capture and/or read in biometric data of the user, which is part of the second key, such as data representing the fingerprint of the user, an iris scan or data for identifying the face of the user.
  • the keyboard 124 may serve as an input device for the user to enter data, which may include, for example, a personal code, password, and/or personal identification number (PIN), independently or in combination.
  • PIN personal identification number
  • a combination of biometric data that is read in and/or recorded by the camera 126 and/or the fingerprint sensor 128 with additional data that is entered by the user via the keyboard 124 to form the second key is also conceivable. It can be provided that this second key is generated exclusively in the process of the transaction and is applied to the encrypted private key received from the card 112 via the NFC module 118 and after the transaction has been completed both the private key and the second key completely and without a trace from Terminal 116.
  • the terminal 116 also includes a QR code scanner 130 which is intended to scan a QR code printed on the card 112 .
  • This QR code represents a wallet address unique to Card 112.
  • This wallet address can are related to the private key, for example, the wallet address can be generated from the private key, but this process is irreversible, ie the wallet address can never be used to infer the private key, so that the specification of the Wallet address in a clearly legible form does not represent a security deficit.
  • the terminal 116 also includes at least one interface for data exchange with the computer network 110 in which the cryptographic assets are stored in a decentralized manner.
  • the terminal 116 includes a module 132 for setting up a LAN or WLAN connection to the Internet via VPN (Virtual Private Network) or TOR as an alternative network for anonymizing connection data.
  • the terminal 116 includes a mobile radio module with a slot for a SIM card, also for creating an Internet connection via VPN or TOR.
  • a method for performing cryptographic asset unit transactions using the transaction system 100 of FIG. 1 is illustrated in the flowchart of FIG.
  • a wireless connection is established between the terminal 116 and the card 112 via NFC between the NFC module 118 and the RFID chip 114 and the private key is read from the RFID chip in encrypted form and sent to the NFC - Transmit module 118 (step S100).
  • the user uses appropriate input devices to enter data that represents a second key for decrypting the private key or is at least part of this second key, which is biometric data, a personal code, a password and/or a personal identification number (PIN ) can act, either alternatively or in combination with each other.
  • PIN personal identification number
  • user-related data are recorded and read in by the latter.
  • the user enters a personal code, password, and/or personal identification number (PIN) via the keyboard 124 and/or the fingerprint sensor 128 captures a fingerprint of the user and/or the camera 126 captures an iris scan of the user performs or collects facial recognition data from the user.
  • PIN personal identification number
  • This step of inputting and/or reading in data by or from a user is denoted by S102 in FIG.
  • the data entered by the user in step S102 or read in by the user serve as a second key or are used to generate such a second key, with the help of which the private key can be decrypted in step S104. This is done in the central processor 120.
  • a transaction can then be performed by units of cryptographic assets, such as currency units of a cryptocurrency, being transferred to a recipient.
  • units of cryptographic assets such as currency units of a cryptocurrency
  • the amount and scope of this transaction and other data required for this, such as identification data of the transaction recipient, can be entered by the user either before step S106 or afterwards, for example via the keyboard 124.
  • both the private key and the second key are deleted from the terminal 116 without a trace.
  • a connection to the computer network 110 is established by the WLAN module 132 and the mobile communication module 134 .
  • this data connection to the computer network 110 is set up by the terminal 116 exclusively during transaction S106 and is then immediately broken off again, so that the terminal 116 is not constantly connected to the computer network 110 .
  • All components of the terminal 116 shown in FIG. 1 can be represented by standard components of a mobile terminal such as a mobile phone or a tablet computer. This means that such a mobile terminal device can be used as a terminal 116, which communicates with the card 112 and is used to carry out the transaction, including all the method steps in FIG. These procedural steps can be carried out by a software application that is carried out by such a mobile terminal device and is stored on it.
  • FIG. 3 shows an alternative embodiment of a transaction system 200 according to the invention with a terminal 216, which has all the components of the terminal 116 from FIG. To distinguish it from the first terminal 116 described in connection with FIG. 1, this terminal from FIG. 3 should be referred to as the second terminal 216.
  • the central processor 220, the display 222, the keyboard 224, the camera 226, the fingerprint scanner 228, the QR code reader 230, the WLAN module 232 and the mobile radio module 234 correspond to the correspondingly named components with the reference numbers 120, 122 , 124, 126, 128, 130, 132 and 134 in Fig. 1 and will therefore not be described in detail here.
  • the additional print module 236 is designed to print the card 112 on its surface in a readable manner, for example with a wallet address in the form of a QR code or other useful information for the user.
  • the latter can enter the card 112 into the printing module 236, which outputs the card 112 again in printed form. It is also contemplated that the printing module 236, in response to a corresponding user request, which is entered via an interface of the second terminal 216, such as the keyboard 224, will print and issue a new card 112 on which a newly generated private key on the Hardware memory 114 of card 112 is written.
  • the second terminal 216 is thus able, in addition to carrying out a transaction, to also generate a new card with a new private key and issue it to the user.
  • the second terminal 216 is intended to carry out a number of process steps which are illustrated in the flow chart in FIG. These include the provision of a card 112 in a first step S200, which is triggered by a corresponding request from the user via an interface of the second terminal 216, whereby this provision does not necessarily involve the physical generation, but usually the removal of a blank card from a second Terminal 216 provided card stock and possibly includes the preparation of the card.
  • user data is read or entered, e.g. biometric data of the user, which are recorded or read via the fingerprint sensor 228 or the camera 226 and/or data such as a personal code, a password and/or a personal identification number (PIN), which can be freely selected by the user and entered via the keyboard 224. They are used to generate a second key, which is used to encrypt the private key generated in a subsequent step.
  • the generation of the second key is represented in FIG. 3 by a step S205.
  • the central processor 220 of the second terminal 216 generates a private key (step S204), which is encrypted in a step S206 using the second key generated in step S205. In this way, the private key personalized and linked to personal data of the user.
  • the encrypted private key is then stored in the hardware memory 114 of the card 112 (step S208) and deleted from the terminal 216 completely and without a trace.
  • the card 112 can then be issued to the user and optionally the user can then carry out a payment transaction as already fully illustrated in FIG. 2, including reading the encrypted private key from the card 112 (step S210), entering the second key by the user according to a user selected personal code, password and/or personal identification number (PIN) and/or biometric data obtained from the user, decrypting the private key (step S214) and performing and /or release a transaction (step S216). Additional data may be required to carry out the transaction, such as the amount of the transaction and the recipient of the transaction. This data can be entered via an interface of the second terminal 216 and is not shown in detail in FIG.
  • the printing module 236 of the second terminal 216 can have an additional functionality, if required, namely the generation of a supplementary card, in addition to the portable card 112, which functions as a crypto wallet.
  • the private key is printed on this supplementary card in an optically legible manner, but is sealed with a removable rubber coating and/or a sticker. If the gum or the seal is intact, this indicates that the private key has not been read from the supplementary card by an unauthorized person. However, if the rubber coating is damaged or the sticker has been detached, this indicates to the owner of the supplementary card (which is identical to the owner of the portable card 112) that the private key has become readable for third parties and there is a high risk of misuse.
  • the owner of the portable card 112 can take measures against misuse and, for example, have the private key blocked or changed. In this case he can put the card 112 in connection with the second terminal 216 (for example via the NFC module 218) and have a new private key generated. This process then corresponds to steps S202, S204, S205, S206 and S208 in Fig. 4.
  • the supplementary card can be generated in parallel with the generation and storage of the encrypted private key on the card 112, and both cards, ie the card 112 and the supplementary card, are issued to the user at the same time or in immediate succession.
  • the supplement The supplementary card must be kept in a safe place by the user, since access to the cryptographic assets is possible due to the private key, which is available in plain text on the supplementary card. As already explained, this is not the case with the aid of the card 112, so that the latter can be carried by the user. However, should the private key be lost, the owner of the card 112 can retrieve his supplement card, unseal it, and create a new card 112.
  • the printing module 236 comprises a printer for printing a card, for example in the format of a standard business card, and sealing means for sealing the surface area of the supplementary card printed with the private key with a removable gum and/or a sticker.
  • the second terminal 216 may (according to an alternative embodiment) include a money acceptance module 238 which is intended to accept cash or accept and read a debit card such as a credit card or bank check card.
  • the currency acceptance module 238 may include a coin slot, a bill feeder, and/or a debit card reader.
  • a sum in a currency other than a cryptocurrency can thus be accepted from the terminal 216 via the money acceptance module 238 or, for example, debited from a user's debit card, for example in order to settle the effort involved in creating a portable card 112 .
  • the money acceptance module 238 can in principle also be part of the first terminal 116 which does not include the printing module 236 .
  • the transaction system according to the invention can include a plurality of identical terminals that have the identical range of functions of the second terminal 216 and are therefore able not only to carry out transactions and to release them using the private key on the card 112, but also the private one as required Change keys on the card 112 and/or generate a new card 112 as a new crypto wallet on which a new private key is stored.
  • a transaction system according to the invention can also comprise different types of terminals, namely, on the one hand, a number of first terminals 116, the range of functions of which is limited to the elements and functions for carrying out a transaction shown in Fig.
  • All modules of a transaction system can be networked with one another via the computing network 110 and, when not in use by a user, can make the computing capacities of their central processors 120, 220 available for generating further cryptographic assets, such as for mining further units of a cryptocurrency.

Abstract

L'invention concerne un système de transaction (100, 200) pour des actifs financiers cryptographiques stockés de manière décentralisée dans un réseau informatique (110), le système comprenant au moins un crypto-portefeuille comprenant une mémoire matérielle pour stocker une clé privée pour effectuer et/ou autoriser des transactions de paiement d'unités des actifs financiers cryptographiques. Selon l'invention, le crypto-portefeuille comprend une carte portable (112) qui comprend un support de stockage (114) pour stocker la clé privée sous forme chiffrée.
PCT/EP2021/064798 2021-06-02 2021-06-02 Système de transaction pour des actifs financiers cryptographiques stockés de manière décentralisée dans un réseau informatique WO2022253424A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2021/064798 WO2022253424A1 (fr) 2021-06-02 2021-06-02 Système de transaction pour des actifs financiers cryptographiques stockés de manière décentralisée dans un réseau informatique

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2021/064798 WO2022253424A1 (fr) 2021-06-02 2021-06-02 Système de transaction pour des actifs financiers cryptographiques stockés de manière décentralisée dans un réseau informatique

Publications (1)

Publication Number Publication Date
WO2022253424A1 true WO2022253424A1 (fr) 2022-12-08

Family

ID=76325534

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2021/064798 WO2022253424A1 (fr) 2021-06-02 2021-06-02 Système de transaction pour des actifs financiers cryptographiques stockés de manière décentralisée dans un réseau informatique

Country Status (1)

Country Link
WO (1) WO2022253424A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180240086A1 (en) * 2015-08-20 2018-08-23 Petr SOBOTKA The transfer of digital currency encryption keys through the process of issuance, validation and devaluation of physical medium with multi-factor authorization, and the physical medium of encryption keys for digital currency to conduct this transfer technology
WO2019020824A1 (fr) * 2017-07-27 2019-01-31 Sofitto Nv Procédé d'authentification d'une transaction financière dans une cryptomonnaie basée sur une chaîne de blocs, carte à puce intelligente, et infrastructure d'authentification de chaîne de blocs
US20200118095A1 (en) * 2018-10-12 2020-04-16 Cybavo Pte. Ltd. Cryptocurrency securing method and device thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180240086A1 (en) * 2015-08-20 2018-08-23 Petr SOBOTKA The transfer of digital currency encryption keys through the process of issuance, validation and devaluation of physical medium with multi-factor authorization, and the physical medium of encryption keys for digital currency to conduct this transfer technology
WO2019020824A1 (fr) * 2017-07-27 2019-01-31 Sofitto Nv Procédé d'authentification d'une transaction financière dans une cryptomonnaie basée sur une chaîne de blocs, carte à puce intelligente, et infrastructure d'authentification de chaîne de blocs
US20200118095A1 (en) * 2018-10-12 2020-04-16 Cybavo Pte. Ltd. Cryptocurrency securing method and device thereof

Similar Documents

Publication Publication Date Title
DE69814406T2 (de) Tragbare elektronische vorrichtung für systeme zur gesicherten kommunikation und verfahren zur initialisierung der parameter
DE69824437T2 (de) Personalisieren von chipkarten
DE69720201T2 (de) System und vorrichtung zum personalisieren von chipkarten
DE60119400T2 (de) Datenverarbeitungssystem, tragbare elektronische Vorrichtung, Zugangsvorrichtung zur tragbaren elektronischen Vorrichtung, und Verfahren zum Gebrauch von Speicherraum
DE2901521A1 (de) Persoenliches identifizierungssystem
DE10297521T5 (de) Verbraucher-zentrisches kontext-bewußtes Vermittlungsmodell
DE10296888T5 (de) System und Verfahren zur sicheren Eingabe und Authentifikation von verbraucherzentrierter Information
DE10224209A1 (de) Autorisierungseinrichtung-Sicherheitsmodul -Terminal-System
DE3319919A1 (de) Schutzsystem fuer intelligenz-karten
DE10296919T5 (de) System und Verfahren zur sicheren Rückzahlung
WO2020212331A1 (fr) Dispositif pour le transfert direct d'ensembles de données de pièces de monnaie électroniques vers un autre dispositif et système de paiement
WO2001059725A1 (fr) Procede de controle de l'identite d'un utilisateur
DE102011116489A1 (de) Mobiles Endgerät, Transaktionsterminal und Verfahren zur Durchführung einer Transaktion an einem Transaktionsterminal mittels eines mobilen Endgeräts
EP2052370B1 (fr) Lecteur pour un document, procédé de lecture d'un objet de données et produit de programme informatique
DE19718115A1 (de) Chipkarte und Verfahren zur Verwendung der Chipkarte
DE10353853A1 (de) Autorisierung einer Transaktion
DE19718547C2 (de) System zum gesicherten Lesen und Ändern von Daten auf intelligenten Datenträgern
EP1971108B1 (fr) Identification d'un utilisateur d'un terminal mobile et génération d'une autorisation d'action
EP1222563A2 (fr) Systeme pour effectuer une transaction
EP3319003A1 (fr) Procédé et système d'authentification d'un appareil de télécommunication mobile sur un système informatique de service et appareil de télécommunication mobile
WO2022253424A1 (fr) Système de transaction pour des actifs financiers cryptographiques stockés de manière décentralisée dans un réseau informatique
DE19541081C2 (de) Vorrichtung zur geschützten Datenübermittlung
WO1998028718A2 (fr) Carte a puce et son procede d'utilisation
DE19705620C2 (de) Anordnung und Verfahren zur dezentralen Chipkartenidentifikation
EP1047028A1 (fr) Système et méthode de communication pour traiter efficacement des transactions électroniques dans des réseaux de communication mobile

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21730875

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE