AU2011207108B2 - Method, device and system for securing payment data for transmission over open communication networks - Google Patents

Method, device and system for securing payment data for transmission over open communication networks Download PDF

Info

Publication number
AU2011207108B2
AU2011207108B2 AU2011207108A AU2011207108A AU2011207108B2 AU 2011207108 B2 AU2011207108 B2 AU 2011207108B2 AU 2011207108 A AU2011207108 A AU 2011207108A AU 2011207108 A AU2011207108 A AU 2011207108A AU 2011207108 B2 AU2011207108 B2 AU 2011207108B2
Authority
AU
Australia
Prior art keywords
merchant
data
unique
customer
transaction request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
AU2011207108A
Other languages
English (en)
Other versions
AU2011207108A1 (en
Inventor
Craig Glendenning
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bluechain Pty Ltd
Original Assignee
Bluechain Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2010900195A external-priority patent/AU2010900195A0/en
Application filed by Bluechain Pty Ltd filed Critical Bluechain Pty Ltd
Priority to AU2011207108A priority Critical patent/AU2011207108B2/en
Publication of AU2011207108A1 publication Critical patent/AU2011207108A1/en
Application granted granted Critical
Publication of AU2011207108B2 publication Critical patent/AU2011207108B2/en
Assigned to BLUECHAIN PTY LTD reassignment BLUECHAIN PTY LTD Request to Amend Deed and Register Assignors: GLENCURR PTY LTD
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/388Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
AU2011207108A 2010-01-19 2011-01-19 Method, device and system for securing payment data for transmission over open communication networks Active AU2011207108B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2011207108A AU2011207108B2 (en) 2010-01-19 2011-01-19 Method, device and system for securing payment data for transmission over open communication networks

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
AU2010900195A AU2010900195A0 (en) 2010-01-19 Method device and system for securing payment data for transmission over open communication networks
AU2010900195 2010-01-19
AU2011207108A AU2011207108B2 (en) 2010-01-19 2011-01-19 Method, device and system for securing payment data for transmission over open communication networks
PCT/AU2011/000055 WO2011088508A1 (en) 2010-01-19 2011-01-19 Method, device and system for securing payment data for transmission over open communication networks

Publications (2)

Publication Number Publication Date
AU2011207108A1 AU2011207108A1 (en) 2012-09-06
AU2011207108B2 true AU2011207108B2 (en) 2014-06-26

Family

ID=44306300

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2011207108A Active AU2011207108B2 (en) 2010-01-19 2011-01-19 Method, device and system for securing payment data for transmission over open communication networks

Country Status (12)

Country Link
US (2) US11263625B2 (enExample)
EP (1) EP2526514B1 (enExample)
AU (1) AU2011207108B2 (enExample)
DK (1) DK2526514T3 (enExample)
ES (1) ES2672920T3 (enExample)
HR (1) HRP20180862T1 (enExample)
HU (1) HUE037980T2 (enExample)
NO (1) NO2526514T3 (enExample)
PL (1) PL2526514T3 (enExample)
PT (1) PT2526514T (enExample)
TR (1) TR201808160T4 (enExample)
WO (1) WO2011088508A1 (enExample)

Families Citing this family (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9619801B2 (en) * 2010-08-02 2017-04-11 Stanton Management Group, Inc. User positive approval and authentication services (UPAAS)
CN103858141B (zh) * 2011-08-08 2018-03-30 维萨国际服务协会 带有集成芯片的支付设备
FI20115945A0 (fi) 2011-09-28 2011-09-28 Onsun Oy Maksujärjestelmä
CN103164635A (zh) * 2011-12-15 2013-06-19 中国银联股份有限公司 基于扩展参数集的安全性信息交互系统、装置及方法
AP2014007920A0 (en) 2012-02-22 2014-09-30 Visa Int Service Ass Data security system using mobile communications device
EP2820602B1 (en) * 2012-03-01 2020-10-28 Mastercard International, Inc. Systems and methods for mapping a mobile cloud account to a payment account
US10535064B2 (en) * 2012-03-19 2020-01-14 Paynet Payments Network, Llc Systems and methods for real-time account access
HK1206466A1 (en) 2012-03-19 2016-01-08 派奈特支付网络有限责任公司 Systems and methods for real-time account access
EP2654275A1 (en) * 2012-04-21 2013-10-23 BlackBerry Limited System and method for transmitting application data between two communication devices
US20140164243A1 (en) * 2012-12-07 2014-06-12 Christian Aabye Dynamic Account Identifier With Return Real Account Identifier
KR102255458B1 (ko) 2013-07-15 2021-05-25 비자 인터네셔널 서비스 어소시에이션 보안 원격 지불 거래 처리
WO2015023999A1 (en) 2013-08-15 2015-02-19 Visa International Service Association Secure remote payment transaction processing using a secure element
US10817875B2 (en) 2013-09-20 2020-10-27 Visa International Service Association Secure remote payment transaction processing including consumer authentication
US11004069B2 (en) * 2013-10-03 2021-05-11 Nxp B.V. Article and method for transaction irregularity detection
AU2014256396B2 (en) * 2013-11-15 2020-08-20 Fidelity Information Services, Llc Systems and methods for real-time account access
US10395246B2 (en) * 2013-12-30 2019-08-27 Tencent Technology (Shenzhen) Company Limited System and method for verifying identity information using a social networking application
US20150294362A1 (en) * 2014-04-15 2015-10-15 First Data Corporation Systems and Methods for Managing Account Information
US10546293B2 (en) * 2014-05-29 2020-01-28 Apple Inc. Apparatuses and methods for using a random authorization number to provide enhanced security for a secure element
US10089607B2 (en) * 2014-09-02 2018-10-02 Apple Inc. Mobile merchant proximity solution for financial transactions
US11068895B2 (en) * 2015-02-17 2021-07-20 Visa International Service Association Token and cryptogram using transaction specific information
US10579983B2 (en) * 2015-03-11 2020-03-03 Paypal, Inc. NFC rendezvous protocol for enhanced mobile transactions and payments
US20200143370A1 (en) * 2015-09-30 2020-05-07 Bluechain Pty Ltd Method for authenticating and authorising a transaction using a portable device
US10861019B2 (en) 2016-03-18 2020-12-08 Visa International Service Association Location verification during dynamic data transactions
FR3053548B1 (fr) * 2016-06-30 2019-07-19 Ingenico Group Procede d'authentification de donnees de paiement, dispositifs et programmes correspondants.
CN114885335B (zh) * 2016-07-29 2026-03-24 维萨国际服务协会 利用密码技术的多装置认证方法和系统
WO2018068088A1 (en) * 2016-10-11 2018-04-19 Bluechain Pty Ltd Effecting initiation and authorization of transactions between mobile devices
RU2641219C1 (ru) * 2016-12-09 2018-01-16 Общество с ограниченной ответственностью "Технологии" Способ обработки данных для безналичной оплаты
GB2599057B (en) * 2017-02-03 2022-09-21 Worldpay Ltd Terminal for conducting electronic transactions
US11301847B1 (en) * 2018-02-15 2022-04-12 Wells Fargo Bank, N.A. Systems and methods for an authorized identification system
US11687929B2 (en) * 2018-03-23 2023-06-27 American Express Travel Related Services Co., Inc. Authenticated secure online and offline transactions
US11756029B2 (en) * 2018-08-27 2023-09-12 Mastercard International Incorporated Secured end-to-end communication for remote payment verification
CN114424202B (zh) * 2019-09-19 2026-03-27 维萨国际服务协会 用于使用动态标签内容的系统和方法
US11157928B2 (en) 2019-10-22 2021-10-26 Capital One Services, Llc Systems and methods for using a predictive engine to predict failures in machine-learning trained systems
US10657754B1 (en) 2019-12-23 2020-05-19 Capital One Services, Llc Contactless card and personal identification system
US10885519B1 (en) * 2020-02-17 2021-01-05 Mautinoa Technologies, LLC Mobile transaction platform
US12165149B2 (en) 2020-08-12 2024-12-10 Capital One Services, Llc Systems and methods for user verification via short-range transceiver
US11704649B2 (en) * 2020-09-03 2023-07-18 Mastercard International Incorporated Contactless payment relay attack protection
CN117255995A (zh) 2021-08-31 2023-12-19 维萨国际服务协会 使用机密进行高效交互处理
US12225111B2 (en) * 2022-03-08 2025-02-11 SanDisk Technologies, Inc. Authorization requests from a data storage device to multiple manager devices
WO2024026135A1 (en) * 2022-07-29 2024-02-01 Visa International Service Association Method, system, and computer program product for cryptogram-based transactions
WO2024196410A1 (en) * 2023-03-17 2024-09-26 Visa International Service Association Secure personal identification number entry for transactions using a portable electronic device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004049273A1 (en) * 2002-11-27 2004-06-10 Institute For Infocomm Research Peer to peer electronic-payment system
US7024395B1 (en) * 2000-06-16 2006-04-04 Storage Technology Corporation Method and system for secure credit card transactions
US20080208759A1 (en) * 2007-02-22 2008-08-28 First Data Corporation Processing of financial transactions using debit networks

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5949044A (en) * 1997-06-13 1999-09-07 Walker Asset Management Limited Partnership Method and apparatus for funds and credit line transfers
FR2765706B1 (fr) * 1997-07-04 1999-10-01 Sgs Thomson Microelectronics Lecteur de cartes a puces a protocole de transmission rapide
EP1467300A1 (en) * 1997-08-13 2004-10-13 Matsushita Electric Industrial Co., Ltd Mobile electronic commerce system
US6327578B1 (en) * 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
US7249097B2 (en) * 1999-06-18 2007-07-24 Echarge Corporation Method for ordering goods, services, and content over an internetwork using a virtual payment account
KR101015341B1 (ko) 2000-04-24 2011-02-16 비자 인터내셔날 써비스 어쏘시에이션 온라인 지불인 인증 서비스
US6938019B1 (en) * 2000-08-29 2005-08-30 Uzo Chijioke Chukwuemeka Method and apparatus for making secure electronic payments
US7103575B1 (en) * 2000-08-31 2006-09-05 International Business Machines Corporation Enabling use of smart cards by consumer devices for internet commerce
US7111789B2 (en) * 2001-08-31 2006-09-26 Arcot Systems, Inc. Enhancements to multi-party authentication and other protocols
GB0204620D0 (en) * 2002-02-28 2002-04-10 Europay Internat N V Chip authentication programme
US20100145818A1 (en) * 2002-09-30 2010-06-10 Ifedayo Udiani Electronic Credit/Debit Cardless Payment Processing System and Method PSM
CN1635525A (zh) * 2003-12-31 2005-07-06 中国银联股份有限公司 一种安全的网上支付系统及安全的网上支付认证方法
US20080195498A1 (en) * 2004-09-28 2008-08-14 First Data Corporation Wireless network systems having accessibility based on usage of an account
US8190087B2 (en) * 2005-12-31 2012-05-29 Blaze Mobile, Inc. Scheduling and paying for a banking transaction using an NFC enabled mobile communication device
US20070255662A1 (en) * 2006-03-30 2007-11-01 Obopay Inc. Authenticating Wireless Person-to-Person Money Transfers
US20070244811A1 (en) * 2006-03-30 2007-10-18 Obopay Inc. Mobile Client Application for Mobile Payments
US20080059370A1 (en) * 2006-08-30 2008-03-06 Cardit, Llc System and Method for Third Party Payment Processing of Credit Cards
CN101681484B (zh) * 2007-05-18 2013-10-16 速函移动公司 用于通过小数据速率通信系统的增强型通信的系统和方法
US8249935B1 (en) * 2007-09-27 2012-08-21 Sprint Communications Company L.P. Method and system for blocking confidential information at a point-of-sale reader from eavesdropping
US8214298B2 (en) 2008-02-26 2012-07-03 Rfinity Corporation Systems and methods for performing wireless financial transactions
US20100250704A1 (en) * 2009-03-26 2010-09-30 Verizon Patent And Licensing Inc. Peer-to-peer content distribution with digital rights management
US20110066550A1 (en) * 2009-09-16 2011-03-17 Shank Clinton L System and method for a secure funds transfer
US8508367B2 (en) * 2009-09-21 2013-08-13 Checkpoint Systems, Inc. Configurable monitoring device
US8661258B2 (en) * 2009-10-23 2014-02-25 Vasco Data Security, Inc. Compact security device with transaction risk level approval capability
US8907768B2 (en) * 2009-11-25 2014-12-09 Visa International Service Association Access using a mobile device with an accelerometer
WO2012142045A2 (en) * 2011-04-11 2012-10-18 Visa International Service Association Multiple tokenization for authentication

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7024395B1 (en) * 2000-06-16 2006-04-04 Storage Technology Corporation Method and system for secure credit card transactions
WO2004049273A1 (en) * 2002-11-27 2004-06-10 Institute For Infocomm Research Peer to peer electronic-payment system
US20080208759A1 (en) * 2007-02-22 2008-08-28 First Data Corporation Processing of financial transactions using debit networks

Also Published As

Publication number Publication date
NO2526514T3 (enExample) 2018-08-11
HUE037980T2 (hu) 2018-09-28
AU2011207108A1 (en) 2012-09-06
HRP20180862T1 (hr) 2018-08-24
EP2526514A4 (en) 2014-03-19
DK2526514T3 (en) 2018-06-18
EP2526514B1 (en) 2018-03-14
US20200286088A1 (en) 2020-09-10
EP2526514A1 (en) 2012-11-28
WO2011088508A1 (en) 2011-07-28
ES2672920T3 (es) 2018-06-18
TR201808160T4 (tr) 2018-07-23
US20130191290A1 (en) 2013-07-25
PT2526514T (pt) 2018-06-19
US11263625B2 (en) 2022-03-01
PL2526514T3 (pl) 2018-10-31

Similar Documents

Publication Publication Date Title
AU2011207108B2 (en) Method, device and system for securing payment data for transmission over open communication networks
JP7483688B2 (ja) 非接触カードの暗号化認証のためのシステムおよび方法
US9846866B2 (en) Processing of financial transactions using debit networks
US20150142666A1 (en) Authentication service
US20130226812A1 (en) Cloud proxy secured mobile payments
US10535065B2 (en) Secure payment transactions based on the public bankcard ledger
US20160117673A1 (en) System and method for secured transactions using mobile devices
RU2651245C2 (ru) Защищенный электронный блок для санкционирования транзакции
US11936684B2 (en) Systems and methods for protecting against relay attacks
CN109716373A (zh) 密码认证和令牌化的交易
US20110103586A1 (en) System, Method and Device To Authenticate Relationships By Electronic Means
US20150142669A1 (en) Virtual payment chipcard service
US20150142667A1 (en) Payment authorization system
CA2584769A1 (en) Methods and systems for performing transactions with a wireless device
WO2007087273A2 (en) Contactless-chip-initiated transaction system
CN104933565A (zh) 一种ic卡交易方法及系统
El Madhoun et al. An overview of the EMV protocol and its security vulnerabilities
Me et al. Mobile local macropayments: Security and prototyping
HK1179393A (en) Method, device and system for securing payment data for transmission over open communication networks
HK1179393B (en) Method, device and system for securing payment data for transmission over open communication networks
EP4715711A1 (en) Computing devices for improved cash withdrawal
CN101021925A (zh) 信用卡交易的方法

Legal Events

Date Code Title Description
FGA Letters patent sealed or granted (standard patent)
MK25 Application lapsed reg. 22.2i(2) - failure to pay acceptance fee
NB Applications allowed - extensions of time section 223(2)

Free format text: THE TIME IN WHICH TO PAY THE ACCEPTANCE FEE HAS BEEN EXTENDED TO 26 OCT 2014 .