BR0308965A - System and method for secure credit and / or debit card transaction - Google Patents

System and method for secure credit and / or debit card transaction

Info

Publication number
BR0308965A
BR0308965A BR0308965-7A BR0308965A BR0308965A BR 0308965 A BR0308965 A BR 0308965A BR 0308965 A BR0308965 A BR 0308965A BR 0308965 A BR0308965 A BR 0308965A
Authority
BR
Brazil
Prior art keywords
customer
security chain
merchant
mobile phone
transaction
Prior art date
Application number
BR0308965-7A
Other languages
Portuguese (pt)
Inventor
Winston Donald Keech
Original Assignee
Swivel Secure Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to GB0207705A priority Critical patent/GB2387253B/en
Priority to US10/131,489 priority patent/US20030191945A1/en
Application filed by Swivel Secure Ltd filed Critical Swivel Secure Ltd
Priority to PCT/GB2003/001075 priority patent/WO2003083793A2/en
Publication of BR0308965A publication Critical patent/BR0308965A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • G06Q20/023Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] the neutral party being a clearing house
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/388Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Abstract

"SYSTEM AND METHOD FOR SECURE TRANSACTION WITH CREDIT AND / OR DEBIT CARD". The method and system for securing secure credit / debit card transactions between merchant and customer is disclosed here. The customer is given a pseudo-random security chain by a host computer, the security chain being sent to the customer's mobile phone. A cryptographic algorithm runs on a mobile phone SIM card that mixes the security chain or disposable code extracted from the security chain, customer PIN, and transaction value, these last two items being keyed into the mobile phone. A three digit response code is generated by the algorithm and given to the merchant. The merchant then transmits the response code, transaction amount, and customer account number (card number) to the host computer where the pseudo-random security chain and PIN are obtained from memory. The host computer then applies the same algorithm to the security chain, PIN, and transaction value generating a verification code, if this verification code matches the response code transmitted by the merchant, the transaction will be authorized. Configurations of the present invention make use of existing CVV2 infrastructure, but provide a significantly higher degree of security. Configurations of the present invention may be used for telephone or face-to-face transactions as well as Internet (e_commerce) and mobile phone (m_commerce) transactions.
BR0308965-7A 2002-04-03 2003-03-14 System and method for secure credit and / or debit card transaction BR0308965A (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
GB0207705A GB2387253B (en) 2002-04-03 2002-04-03 System and method for secure credit and debit card transactions
US10/131,489 US20030191945A1 (en) 2002-04-03 2002-04-25 System and method for secure credit and debit card transactions
PCT/GB2003/001075 WO2003083793A2 (en) 2002-04-03 2003-03-14 System and method for secure credit and debit card transactions

Publications (1)

Publication Number Publication Date
BR0308965A true BR0308965A (en) 2005-02-01

Family

ID=28676501

Family Applications (1)

Application Number Title Priority Date Filing Date
BR0308965-7A BR0308965A (en) 2002-04-03 2003-03-14 System and method for secure credit and / or debit card transaction

Country Status (11)

Country Link
EP (1) EP1490846A2 (en)
JP (1) JP2005521961A (en)
CN (1) CN1672180A (en)
AU (1) AU2003219276A1 (en)
BR (1) BR0308965A (en)
CA (1) CA2505920A1 (en)
EA (1) EA006395B1 (en)
MX (1) MXPA04009725A (en)
NZ (1) NZ535428A (en)
TW (1) TWI229279B (en)
WO (1) WO2003083793A2 (en)

Families Citing this family (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040098315A1 (en) 2002-11-19 2004-05-20 Haynes Leonard Steven Apparatus and method for facilitating the selection of products by buyers and the purchase of the selected products from a supplier
GB2416892B (en) * 2004-07-30 2008-02-27 Robert Kaplan Method and apparatus to enable validating entitlement to VoIP services
WO2008037116A1 (en) * 2006-09-27 2008-04-03 Kamfu Wong Method and system for encrypting transfer that the transfer code adding the user-defined arithmetic equal to the bank password
WO2008121389A2 (en) * 2007-03-31 2008-10-09 Synccode Llc Banking transaction processing system
US7739169B2 (en) * 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
JP2009130882A (en) * 2007-11-28 2009-06-11 Oki Electric Ind Co Ltd Check value confirming method and apparatus
US8799069B2 (en) * 2007-12-21 2014-08-05 Yahoo! Inc. Mobile click fraud prevention
GB2457445A (en) * 2008-02-12 2009-08-19 Vidicom Ltd Verifying payment transactions
JP4656458B1 (en) * 2009-11-09 2011-03-23 Necインフロンティア株式会社 Handy terminal and payment method by handy terminal
CN102096968A (en) * 2009-12-09 2011-06-15 中国银联股份有限公司 Method for verifying accuracy of PIN (Personal Identification Number) in agent authorization service
US8649766B2 (en) 2009-12-30 2014-02-11 Securenvoy Plc Authentication apparatus
EP2355028B1 (en) 2009-12-30 2018-09-05 SecurEnvoy Ltd Authentication apparatus
CA2704864A1 (en) 2010-06-07 2010-08-16 S. Bhinder Mundip Method and system for controlling access to a monetary valued account
US9002322B2 (en) 2011-09-29 2015-04-07 Apple Inc. Authentication with secondary approver
US8769624B2 (en) 2011-09-29 2014-07-01 Apple Inc. Access control utilizing indirect authentication
US9898642B2 (en) 2013-09-09 2018-02-20 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
AU2013404001B2 (en) 2013-10-30 2017-11-30 Apple Inc. Displaying relevant user interface objects
TWI494880B (en) * 2013-11-14 2015-08-01 Nat Univ Tsing Hua Method for preventing misappropriation of plastic money and plastic money
US10043185B2 (en) 2014-05-29 2018-08-07 Apple Inc. User interface for payments
CN105303372A (en) * 2014-05-29 2016-02-03 苹果公司 User interface for payments
US9967401B2 (en) 2014-05-30 2018-05-08 Apple Inc. User interface for phone call routing among devices
US9336523B2 (en) 2014-07-28 2016-05-10 International Business Machines Corporation Managing a secure transaction
US10339293B2 (en) 2014-08-15 2019-07-02 Apple Inc. Authenticated device used to unlock another device
WO2016036603A1 (en) 2014-09-02 2016-03-10 Apple Inc. Reduced size configuration interface
US10066959B2 (en) 2014-09-02 2018-09-04 Apple Inc. User interactions for a mapping application
US20180047000A1 (en) * 2014-12-19 2018-02-15 Diebold Nixdorf, Incorporated Token based transactions
US20160224973A1 (en) 2015-02-01 2016-08-04 Apple Inc. User interface for payments
US9574896B2 (en) 2015-02-13 2017-02-21 Apple Inc. Navigation user interface
US10216351B2 (en) 2015-03-08 2019-02-26 Apple Inc. Device configuration user interface
US9940637B2 (en) 2015-06-05 2018-04-10 Apple Inc. User interface for loyalty accounts and private label accounts
US20160358133A1 (en) 2015-06-05 2016-12-08 Apple Inc. User interface for loyalty accounts and private label accounts for a wearable device
GB201522762D0 (en) * 2015-12-23 2016-02-03 Sdc As Data security
DK179186B1 (en) 2016-05-19 2018-01-15 Apple Inc Remote authorization to continue with an action
US10621581B2 (en) 2016-06-11 2020-04-14 Apple Inc. User interface for transactions
US9842330B1 (en) 2016-09-06 2017-12-12 Apple Inc. User interfaces for stored-value accounts
US10496808B2 (en) 2016-10-25 2019-12-03 Apple Inc. User interface for managing access to credentials for use in an operation
KR20200001601A (en) 2017-09-09 2020-01-06 애플 인크. Implementation of biometric authentication
KR20200044983A (en) 2017-09-09 2020-04-29 애플 인크. Implementation of biometric authentication

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0691526B2 (en) * 1985-03-08 1994-11-14 株式会社東芝 Communications system
WO1995019593A1 (en) * 1994-01-14 1995-07-20 Michael Jeremy Kew A computer security system
GB2328310B (en) * 1996-05-15 1999-12-08 Ho Keung Tse Electronic transaction apparatus and method therefor
SE508844C2 (en) * 1997-02-19 1998-11-09 Postgirot Bank Ab Method for authentication of SIM cards
DE19820422A1 (en) * 1998-05-07 1999-11-11 Giesecke & Devrient Gmbh Method for authenticating a chip card within a message transmission network
FI115355B (en) * 2000-06-22 2005-04-15 Icl Invia Oyj Arrangement for the authentication and authentication of a secure system user
US20030055738A1 (en) * 2001-04-04 2003-03-20 Microcell I5 Inc. Method and system for effecting an electronic transaction

Also Published As

Publication number Publication date
EA200401187A1 (en) 2005-04-28
AU2003219276A1 (en) 2003-10-13
MXPA04009725A (en) 2005-07-14
NZ535428A (en) 2006-08-31
TW200306483A (en) 2003-11-16
WO2003083793A3 (en) 2003-12-31
JP2005521961A (en) 2005-07-21
EA006395B1 (en) 2005-12-29
CN1672180A (en) 2005-09-21
TWI229279B (en) 2005-03-11
WO2003083793A2 (en) 2003-10-09
CA2505920A1 (en) 2003-10-09
EP1490846A2 (en) 2004-12-29

Similar Documents

Publication Publication Date Title
US9710804B2 (en) Virtual payment cards issued by banks for mobile and wearable devices
JP2016170801A (en) Track data encryption
US20190188695A1 (en) Multifactor authentication using a directory server
US20180204212A1 (en) Method and system for generating an advanced storage key in a mobile device without secure elements
KR101815430B1 (en) Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data
US9372971B2 (en) Integration of verification tokens with portable computing devices
US9779345B2 (en) Mobile device with scannable image including dynamic data
US9818113B2 (en) Payment method using one-time card information
JP2018522353A (en) Authentication system and method for server-based payment
US20150235211A1 (en) System and method for account identifier obfuscation
US20170228704A1 (en) Digital currency (virtual payment cards) issued by central bank for mobile and wearable devices
US20150019439A1 (en) Systems and Methods Relating to Secure Payment Transactions
US9038886B2 (en) Verification of portable consumer devices
US9911117B1 (en) Systems and methods for time variable financial authentication
US8433658B2 (en) Methods and apparatus for conducting electronic transactions
CN102696047B (en) Encryption hand-off process
CA2678101C (en) Authentication device and method
US10037524B2 (en) Dynamic primary account number (PAN) and unique key per card
US7089214B2 (en) Method for utilizing a portable electronic authorization device to approve transactions between a user and an electronic transaction system
US8511547B2 (en) Methods and systems for two-factor authentication using contactless chip cards or devices and mobile devices or dedicated personal readers
AU2001243658B2 (en) Method and system for secure payments over a computer network
US9218493B2 (en) Key camouflaging using a machine identifier
KR100953231B1 (en) Electronic transaction systems and methods therefor
US8494959B2 (en) Payment card with dynamic account number
US8151335B2 (en) Proxy authentication methods and apparatus

Legal Events

Date Code Title Description
B08F Application fees: dismissal - article 86 of industrial property law

Free format text: REFERENTE A 6A E 7A ANUIDADES

B08K Lapse as no evidence of payment of the annual fee has been furnished to inpi (acc. art. 87)

Free format text: REFERENTE AO DESPACHO 8.6 PUBLICADO NA RPI 2051 DE 27/04/2010.