AU2014100003A4 - Secure Payment System with biometric authorisation and dual path authentication - Google Patents
Secure Payment System with biometric authorisation and dual path authenticationInfo
- Publication number
- AU2014100003A4 AU2014100003A4 AU2014100003A AU2014100003A AU2014100003A4 AU 2014100003 A4 AU2014100003 A4 AU 2014100003A4 AU 2014100003 A AU2014100003 A AU 2014100003A AU 2014100003 A AU2014100003 A AU 2014100003A AU 2014100003 A4 AU2014100003 A4 AU 2014100003A4
- Authority
- AU
- Australia
- Prior art keywords
- customer
- message
- vendor
- agent
- vaa
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Abstract
Abstract A system that contains the following major components: a Customer Agent (CA) that resides in a mobile handheld device attributed to the authorised customer of the method; a Vendor Agent (VA) that resides in a Point of Sales (POS) solution that is attributed to a vendor of the method and; a Verification and Authorisation Agent (VAA) that resided in the Certification Agency domain.
Description
Title Secure Payment System with biometric authorisation and dual path authentication Introduction This application is for a secure payment business method (the method) that features biometric authorisation to activate a transaction and multi-path communication channels to authentication the payment. The functionally for the method is distributed across the three participants (a customer, a vendor, and a certification and verification agencies) in the process that contains the following major components: " the Customer Agent (CA) that resides in a mobile handheld device attributed to the authorised customer of the method, " the Vendor Agent (VA) that resides in a Point of Sales (POS) solution that is attributed to a vendor of the method and " the Verification and Authorisation Agent (VAA) that resided in the Certification Agency domain. The Business Method To successfully complete a payment between a customer and a vendor all three agents must participant in the transaction as described below. The process is started when the customer informs the vendor's POS system that they would like to use the (secure payment) method. To initiate a payment using this method an authorised customer (who has previously set-up an account and has a valid CA on their mobile handheld device) would activate the customer agent on their mobile device and use the finger print scanner to authenticate the customer' from their finger print image that has previously be recorded and stored securely. While the customer finger is touching the scanner on the mobile device the Customer Agent (CA) generates a customer message (to the vendor agent) that contains at a minimum (depending on the capability of the coding system used): e a transaction ID (must be clear text) 1 * the Digital Signature (Digital Certificate) of the customer Additional information that could also be appended to the customer message to the vendor agent are: " geographic location information " Time to Live (TTL) The CA then generates a computer readable code that contains the customer message and displayed it on the screen of the customer's mobile device. The customer then shows this code to the vendor's POS system so that the VA can 2 read the computer readable code. The VA would provide feedback to the customer when the message has been received. 1 Other forms of biometric information that could be used are voice recognition or retina scans althoughh both of these would mean that the customer's message would to be displayed on the customer's mobile device wh le the customer is potential not holding the device) Page 1 1 The communications channel between the CA and VA can be either via: " a camera or " alaserscanner Alternatively, a Near Field Communications (NFC) interface could be utilities to transfer the customer message. This type of communications channel does not require the computer readable image to be generated, but would operate is a similar manner. When the customer removes their finger from the scanner the computer readable code is removed from the display. If the customer's message has not been received by the VA then the process will be terminated by this action. At the same time that the customer message (to the vendor) is generated and displayed a customer message to the VAA is also generated. This message contains the transaction id and other additional information. This message is encrypted using the customer's public key and sent to the VAA with a time to live (TTL) tag using a secure link. The Vendor Agent (VA) after successfully scanning the computer readable image will generate a message (to the VAA) with the payment details and attached the customer's 4 message to their message to the VAA. The vendor message is then er crypts using the vendor's public key and sends the message to the VAA using a secure link. When the VAA receives the vendor message it decodes it using the vendor's private key and verifies the vendor's credentials. The VAA looks at the transaction id and tries to find the matching customer message with the same transaction id. If it finds the transaction id then it can find the customer's private key and decode the digital 5 signature to authenticate the transaction and authorise the payment. If the customer's message has not been received that is will store the vendor's message until the customer's message arrives. When the VAA receives a customer's message it will check for the corresponding vendor message and if not found will store the customer's message. If the vendor 6 message is found it will check the customer digital signature on the vendor's message to authenticate the transaction and authorise the payment. When a payment has been authorised the VAA will then generate a response to the vendor message that indicates that the customer digital signature is valid and that the transaction was successful. 7 The VAA can also send a message to the CA to inform the customer that the transaction was successful The VAA can also complete the EFT between the customer's bank del it or credit 8 account to the vendors bank account. Page | 2
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2014100003A AU2014100003A4 (en) | 2014-01-03 | 2014-01-03 | Secure Payment System with biometric authorisation and dual path authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2014100003A AU2014100003A4 (en) | 2014-01-03 | 2014-01-03 | Secure Payment System with biometric authorisation and dual path authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
AU2014100003A4 true AU2014100003A4 (en) | 2014-02-13 |
Family
ID=50070134
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
AU2014100003A Ceased AU2014100003A4 (en) | 2014-01-03 | 2014-01-03 | Secure Payment System with biometric authorisation and dual path authentication |
Country Status (1)
Country | Link |
---|---|
AU (1) | AU2014100003A4 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10891622B2 (en) * | 2014-11-13 | 2021-01-12 | Mastercard International Incorporated | Providing online cardholder authentication services on-behalf-of issuers |
-
2014
- 2014-01-03 AU AU2014100003A patent/AU2014100003A4/en not_active Ceased
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10891622B2 (en) * | 2014-11-13 | 2021-01-12 | Mastercard International Incorporated | Providing online cardholder authentication services on-behalf-of issuers |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210065173A1 (en) | Secure Payments Using A Mobile Wallet Application | |
US9836741B2 (en) | Authenticating users to ATMs and other secure machines for cardless transactions | |
US10146983B2 (en) | Fingerprint decryption method and device | |
WO2016206385A1 (en) | Payment method, device and system, and computer storage medium | |
US10050958B2 (en) | Validating biometrics without special purpose readers | |
CN103297231A (en) | Identity authentication method and system | |
PH12018501541A1 (en) | Credit payment method and apparatus based on mobile terminal ese | |
JP2015201844A5 (en) | ||
WO2018040651A1 (en) | Payment method and payment system based on security authentication mechanism | |
US20210258324A1 (en) | System and method for message recipient verification | |
AU2014265313A1 (en) | Real time EFT network-based person-to-person transactions | |
US10050790B2 (en) | Method for authorizing a transaction | |
CN103778537A (en) | Mobile terminal payment system having iris identification mechanism and application method thereof | |
KR101792220B1 (en) | Method, mobile terminal, device and program for providing user authentication service of combining biometric authentication | |
US20150350170A1 (en) | Secure authentication of mobile users with no connectivity between authentication service and requesting entity | |
AU2014100003A4 (en) | Secure Payment System with biometric authorisation and dual path authentication | |
KR101739119B1 (en) | A Credit/Debit Card Registration Method for Privacy Protection in RFID Systems for Mobile Payment Environments, Enhancing Security and User Convenience | |
KR20130095363A (en) | A cash remittance method based on digital codes using hash function and electronic signature | |
CN103997730A (en) | Method for decrypting, copying and pasting encrypted data | |
TWI638326B (en) | Method of prelogin preview for online bank and system thereof | |
EP3320664B1 (en) | Method of authenticating communication of an authentication device and at least one authentication server using local factor | |
KR101302947B1 (en) | Finance system and financial transaction data transmission method and data decryption system and method for securely delivering of financial transaction information | |
KR20130056726A (en) | System and method of authentication for electronic signature on internet | |
CN103150520A (en) | Security encryption method and electronic device | |
JP7050466B2 (en) | Authentication system and authentication method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FGI | Letters patent sealed or granted (innovation patent) | ||
MK22 | Patent ceased section 143a(d), or expired - non payment of renewal fee or expiry |