CA2625539A1 - Transaction method and system - Google Patents
Transaction method and system Download PDFInfo
- Publication number
- CA2625539A1 CA2625539A1 CA002625539A CA2625539A CA2625539A1 CA 2625539 A1 CA2625539 A1 CA 2625539A1 CA 002625539 A CA002625539 A CA 002625539A CA 2625539 A CA2625539 A CA 2625539A CA 2625539 A1 CA2625539 A1 CA 2625539A1
- Authority
- CA
- Canada
- Prior art keywords
- transaction
- data
- list
- identification
- enabling
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
In the case of a transaction method, there are transmitted transaction-enabling identification data which are obtained, for example, by machine -reading of at least one identification information item from a transaction-enabling medium (20). There is provided a stored first list (26) which, in assignment to a multiplicity of different transaction-enabling identification data, contains respectively a transaction processing identification code which is required for processing of the transaction. The first list (26) is accessed for the purpose of ascertaining a transaction processing identification code assigned to the transmitted transaction-enabling identification data. The transaction processing identification code ascertained from the first list (26) is then used to generate a transaction processing data record, and the latter is transmitted, via a communications network (28), to an electronic transaction processing system (30).
Description
- { - ~
' .. .
Transaction method and system The invention relates to a transaction method and to a transaction system.
There are known transaction methods and systems wherein identification information that identifies a transaction account of the transaction participant is read from a transaction-enabling means of a transaction participant.
For example, the identification information may contain the account number of the transaction account, and a name for the transaction participant. The read identification information - or at least a portion thereof - is then used to generate a data record which, for the purpose of processing the transaction, is transmitted via a data communications network to an electronic transaction processing system which (indirectly or directly) accesses the transaction account of the transaction participant. In the case of such a procedure, there is the problem of data security, since unauthorized persons are able, for example, to manipulate the read means used for reading the identification information, and thus gain knowledge of the number, and possibly the holder, of the transaction account. Knowledge of this information obviously makes it easy to manipulate the transaction account.
The object of the invention is to increase the data security in electronic transactions.
To achieve this object there is proposed, according to the invention, a transaction method comprising the steps:
- transmission of transaction-enabling identification data,
' .. .
Transaction method and system The invention relates to a transaction method and to a transaction system.
There are known transaction methods and systems wherein identification information that identifies a transaction account of the transaction participant is read from a transaction-enabling means of a transaction participant.
For example, the identification information may contain the account number of the transaction account, and a name for the transaction participant. The read identification information - or at least a portion thereof - is then used to generate a data record which, for the purpose of processing the transaction, is transmitted via a data communications network to an electronic transaction processing system which (indirectly or directly) accesses the transaction account of the transaction participant. In the case of such a procedure, there is the problem of data security, since unauthorized persons are able, for example, to manipulate the read means used for reading the identification information, and thus gain knowledge of the number, and possibly the holder, of the transaction account. Knowledge of this information obviously makes it easy to manipulate the transaction account.
The object of the invention is to increase the data security in electronic transactions.
To achieve this object there is proposed, according to the invention, a transaction method comprising the steps:
- transmission of transaction-enabling identification data,
2 - provision of a stored first list which, in assignment to a multiplicity of different transaction-enabling identification data, contains respectively at least one transaction processing identification code, - accessing of the first list, for the purpose of ascertaining a transaction processing identification code assigned to the transmitted transaction-enabling identification data, - generation of a transaction processing data record, using the transaction processing identification code ascertained from the first list, and - transmission of the transaction processing data record, via a communications network, to an electronic transaction processing system.
Additionally provided, according to an apparatus aspect; is a transaction system comprising:
- a first data storage area, in which there is stored a first list which, in assignment to a multiplicity of different transaction-enabling identification data, contains respectively at least one transaction processing identification code, - list access means, which are set up to receive transmitted transaction-enabling identification data and to access the first list for the purpose of ascertaining a transaction processing identification code assigned to the transmitted transaction-enabling identification data, and - processing data-record generating means, which are set up to generate a transaction processing data record using the transaction processing identification code ascertained from the first list, and to transmit the
Additionally provided, according to an apparatus aspect; is a transaction system comprising:
- a first data storage area, in which there is stored a first list which, in assignment to a multiplicity of different transaction-enabling identification data, contains respectively at least one transaction processing identification code, - list access means, which are set up to receive transmitted transaction-enabling identification data and to access the first list for the purpose of ascertaining a transaction processing identification code assigned to the transmitted transaction-enabling identification data, and - processing data-record generating means, which are set up to generate a transaction processing data record using the transaction processing identification code ascertained from the first list, and to transmit the
3 transaction processing data record, via a communications network, to an electronic transaction processing system.
The solution according to the invention is based on the provision of a stored concordance list, from which respectively one transaction processing identification code can be taken for a multiplicity of different transaction-enabling identification data. Owing to the concordance list, an identification code required for processing of a transaction need not be provided directly. Instead, one or more other items of identification information can be transmitted, provided that a unique assignment has been defined between this item, or these items, of identification information and the identification code actually required for processing of a transaction.
Expediently, the transaction-enabling identification data do not directly indicate the identification code that is ultimately to be inserted into the transaction processing data record. The transaction-enabling identification data may comprise, for example, a number which is issued by a manufacturer or issuer of a transaction-enabling medium and which uniquely identifies the transaction-enabling medium as an item, but which need not have any significance for the subsequent processing of a transaction.
Alternatively, or in addition, it is conceivable to use a telephone number, a passport number or personal identity-card number, or another person-related identification number of a transaction participant, or/and one or more biometric features of the transaction participant, for the purpose of constituting the transaction-enabling identification data. Possible biometric features are, for example, a fingerprint and an iris image. Appropriate read
The solution according to the invention is based on the provision of a stored concordance list, from which respectively one transaction processing identification code can be taken for a multiplicity of different transaction-enabling identification data. Owing to the concordance list, an identification code required for processing of a transaction need not be provided directly. Instead, one or more other items of identification information can be transmitted, provided that a unique assignment has been defined between this item, or these items, of identification information and the identification code actually required for processing of a transaction.
Expediently, the transaction-enabling identification data do not directly indicate the identification code that is ultimately to be inserted into the transaction processing data record. The transaction-enabling identification data may comprise, for example, a number which is issued by a manufacturer or issuer of a transaction-enabling medium and which uniquely identifies the transaction-enabling medium as an item, but which need not have any significance for the subsequent processing of a transaction.
Alternatively, or in addition, it is conceivable to use a telephone number, a passport number or personal identity-card number, or another person-related identification number of a transaction participant, or/and one or more biometric features of the transaction participant, for the purpose of constituting the transaction-enabling identification data. Possible biometric features are, for example, a fingerprint and an iris image. Appropriate read
4 devices for such biometric features are commercially available; they are able to convert the read feature into appropriate data which, in the context of the invention, can constitute at least a portion of the transaction-enabling identification data.
In the case of the solution according to the invention, the transaction processing data record can be generated only with the aid of the concordance list. Without access to the concordance list, a"tapping" attack on the transaction-enabling identification data performed with fraudulent intent remains unsuccessful. The invention thus provides for increased data security. This applies particularly to architectures that provide a comparatively secure communication path for the transmission of the transaction processing data record, for example through use of a particularly secure transmission protocol, but that provide only a comparatively non-secure communication path for the transmission of the transaction-enabling identification data as far as the list access means, this communication path being comparatively easy to tap or manipulate.
If desired, the generation of the transaction-enabling identification data and the storage of the concordance list, or the conversion of the transaction-enabling identification data into the transaction processing identification code, can be effected at geographically separate locations, this substantially precluding simultaneous manipulation of, on the one hand, the means provided for generation of the transaction-enabling identification data and, on the other hand, the list access means that access the concordance list.
~-- -~
For the purpose of generating the transaction-enabling identification data, at least one identification information item can be machine-read from an identification
In the case of the solution according to the invention, the transaction processing data record can be generated only with the aid of the concordance list. Without access to the concordance list, a"tapping" attack on the transaction-enabling identification data performed with fraudulent intent remains unsuccessful. The invention thus provides for increased data security. This applies particularly to architectures that provide a comparatively secure communication path for the transmission of the transaction processing data record, for example through use of a particularly secure transmission protocol, but that provide only a comparatively non-secure communication path for the transmission of the transaction-enabling identification data as far as the list access means, this communication path being comparatively easy to tap or manipulate.
If desired, the generation of the transaction-enabling identification data and the storage of the concordance list, or the conversion of the transaction-enabling identification data into the transaction processing identification code, can be effected at geographically separate locations, this substantially precluding simultaneous manipulation of, on the one hand, the means provided for generation of the transaction-enabling identification data and, on the other hand, the list access means that access the concordance list.
~-- -~
For the purpose of generating the transaction-enabling identification data, at least one identification information item can be machine-read from an identification
5 information carrier object, and at least a portion of the transaction-enabling identification data can be constituted on the basis of the at least one read identification information item_ The identification information carrier object may be a special transaction-enabling medium such as, for example, a payment or money card, which serves solely to enable a transaction. It may also be an identity document, for instance a passport or a driving licence.
Read devices suitable for machine-reading data from an identity document or from, for example, a transaction-enabling medium in card form, are well known in the specialist domain. It is understood that the form of the transaction-enabling medium is of no consequence in the context of the invention and, consequently, transaction-enabling media in forms other than that of a card may also serve as an identification information carrier object.
If the transaction-enabling identification data are to contain items of biometric information, body parts of a person, such as, for instance, fingers or eyes, may serve as an identification information carrier object.
Alternatively, or in addition, at least one identification information item, entered by means of a user-operable input means of a data processing device, can be recorded and then used as a basis for constituting at least a portion of the transaction-enabling identification data. The input means may comprise, for example, a keyboard or/an a pointer means of a computer system.
Read devices suitable for machine-reading data from an identity document or from, for example, a transaction-enabling medium in card form, are well known in the specialist domain. It is understood that the form of the transaction-enabling medium is of no consequence in the context of the invention and, consequently, transaction-enabling media in forms other than that of a card may also serve as an identification information carrier object.
If the transaction-enabling identification data are to contain items of biometric information, body parts of a person, such as, for instance, fingers or eyes, may serve as an identification information carrier object.
Alternatively, or in addition, at least one identification information item, entered by means of a user-operable input means of a data processing device, can be recorded and then used as a basis for constituting at least a portion of the transaction-enabling identification data. The input means may comprise, for example, a keyboard or/an a pointer means of a computer system.
6 It is furthermore conceivable for at least a portion of the transaction-enabling identification data to be stored in a carrier, and be transmitted automatically by the latter in response to a certain transaction-related trigger signal.
An example of this is a mobile telephone that has been set up with transaction capability (i.e., a mobile telephone equipped with software suitable for transaction applications) which, in response to initiation of a transaction by the user, automatically transmits a participant call number assigned to said telephone, or another identification number, as an identification information item to be used for constituting the transaction-enabling identification data. A so-called RF
chip (radio frequency chip), such as may be incorporated into payment cards or, also, into other items, whether said items be provided specifically for the purpose of transaction-enabling or whether they be developed primarily for other purposes, may also serve as a carrier of at least a portion of the transaction-enabling identification data.
Such chips are provided with a function which enables them to wirelessly emit certain information stored in the chip, usually in response to an external prompt signal.
According to a preferred development, the transaction method according to the invention may comprise the steps:
- provision of a stored second list, which contains a multiplicity of different identification numbers, - comparison of at least a portion of the transmitted transaction-enabling identification data with at least a portion of the identification numbers contained in the second list, and
An example of this is a mobile telephone that has been set up with transaction capability (i.e., a mobile telephone equipped with software suitable for transaction applications) which, in response to initiation of a transaction by the user, automatically transmits a participant call number assigned to said telephone, or another identification number, as an identification information item to be used for constituting the transaction-enabling identification data. A so-called RF
chip (radio frequency chip), such as may be incorporated into payment cards or, also, into other items, whether said items be provided specifically for the purpose of transaction-enabling or whether they be developed primarily for other purposes, may also serve as a carrier of at least a portion of the transaction-enabling identification data.
Such chips are provided with a function which enables them to wirelessly emit certain information stored in the chip, usually in response to an external prompt signal.
According to a preferred development, the transaction method according to the invention may comprise the steps:
- provision of a stored second list, which contains a multiplicity of different identification numbers, - comparison of at least a portion of the transmitted transaction-enabling identification data with at least a portion of the identification numbers contained in the second list, and
7 - generation of the transaction processing data record in dependence on the result of the comparison.
Accordingly, in a preferred development, the transaction system according to the invention may comprise a second data storage area, in which there is stored a second list containing a multiplicity of different identification numbers, with first checking means, that are coupled to the processing data-record generating means, being set up for the purpose of comparing at least a portion of the transmitted transaction-enabling identification data with at least a portion of the identification numbers contained in the second list, the processing data-record generating means being set up for the purpose of generating the transaction processing data record in dependence on the result of the comparison by the first checking means.
Such a design of the transaction method and of the transaction system allows authorization checking of the transaction through comparison of the transaction-enabling identification data (or at least of a portion thereof) with the entries in the second list. For this purpose, the latter may be realized as a list of barred identification numbers or, alternatively, as a list of admissible identification numbers. It is even conceivable to store both a barred list and an admissible list, and to check the transaction-enabling identification data against both lists. In the case of this preferred embodiment, the conversion of the transaction-enabling identification data into the transaction processing identification code, through access to the concordance list, is effected only if the checking reveals that the transaction-enabling identification data do not contain a prohibited = .=-~. _ --~ -~ =~
,
Accordingly, in a preferred development, the transaction system according to the invention may comprise a second data storage area, in which there is stored a second list containing a multiplicity of different identification numbers, with first checking means, that are coupled to the processing data-record generating means, being set up for the purpose of comparing at least a portion of the transmitted transaction-enabling identification data with at least a portion of the identification numbers contained in the second list, the processing data-record generating means being set up for the purpose of generating the transaction processing data record in dependence on the result of the comparison by the first checking means.
Such a design of the transaction method and of the transaction system allows authorization checking of the transaction through comparison of the transaction-enabling identification data (or at least of a portion thereof) with the entries in the second list. For this purpose, the latter may be realized as a list of barred identification numbers or, alternatively, as a list of admissible identification numbers. It is even conceivable to store both a barred list and an admissible list, and to check the transaction-enabling identification data against both lists. In the case of this preferred embodiment, the conversion of the transaction-enabling identification data into the transaction processing identification code, through access to the concordance list, is effected only if the checking reveals that the transaction-enabling identification data do not contain a prohibited = .=-~. _ --~ -~ =~
,
8 identification number, or contains a permitted identification number. It is of course understood that a reverse procedure is not fundamentally precluded, i.e. that the conversion into the transaction processing identification code can be performed first, followed by authorization checking and list comparison.
It is conceivable for an identification information carrier object, on which one or more items of identification information to be machine-read for the constitution of the transaction-enabling identification data are stored, to already additionally contain the transaction processing identification code. Such an identification information carrier object would also be fundamentally suitable, in addition to the transaction method according to the invention, for a conventional transaction method, wherein the transaction processing identification code is read immediately, without, as it were, detour via the transaction-enabling identification data, and consequently no concordance list is required for converting the transaction-enabling identification data into the transaction processing identification code. It is furthermore conceivable for such an identification information carrier object to require a special approval for the transaction method according to the invention.
This is because, as long as the concordance between the transaction-enabling identification data and the transaction processing identification code of the respective identification information carrier object is not stored in the concordance list, the transaction method according to the invention cannot be used in the case of this identification information carrier object.
. ,=1 _ ~...~
_ - }
It is conceivable for an identification information carrier object, on which one or more items of identification information to be machine-read for the constitution of the transaction-enabling identification data are stored, to already additionally contain the transaction processing identification code. Such an identification information carrier object would also be fundamentally suitable, in addition to the transaction method according to the invention, for a conventional transaction method, wherein the transaction processing identification code is read immediately, without, as it were, detour via the transaction-enabling identification data, and consequently no concordance list is required for converting the transaction-enabling identification data into the transaction processing identification code. It is furthermore conceivable for such an identification information carrier object to require a special approval for the transaction method according to the invention.
This is because, as long as the concordance between the transaction-enabling identification data and the transaction processing identification code of the respective identification information carrier object is not stored in the concordance list, the transaction method according to the invention cannot be used in the case of this identification information carrier object.
. ,=1 _ ~...~
_ - }
9 In order to be able to identify whether the identification information carrier object is approved for the method according to the invention, a predefined information field may be stored in the identification information carrier object. The content of this information field may indicate whether a transaction is to be performed according to the method according to the invention or whether a transaction is to be performed according to the conventional procedure.
Depending on the content of the information field, the transaction processing identification code is either read directly out of the identification information carrier object and transmitted, or one or more items of identification information is/are read out and transmitted in the form of the transaction-enabling identification data.
For the aforementioned scenario in particular, the transaction method according to the invention may therefore comprise the following steps:
- reading of the content of a predefined information field stored in the identification information carrier object, and - reading of the at least one identification information item from the identification information carrier object in dependence on the information field (32) having a predefined content.
Accordingly, the transaction system according to the invention may comprise second checking means, which are set up to check the content, read by the read means, of a predefined information field stored in the identification information carrier object, and to effect the reading of the at least one identification information item from the - -=' - ~ ' identification information carrier object in dependence on whether the information field has a predefined content.
To enable the data required for the concordance list to be 5 collected, in the case of an embodiment of the invention a checking step can be implemented, in which it is checked whether the first list contains an entry for or in assignment to at least a portion of the transmitted transaction-enabling identification data. Namely, it may
Depending on the content of the information field, the transaction processing identification code is either read directly out of the identification information carrier object and transmitted, or one or more items of identification information is/are read out and transmitted in the form of the transaction-enabling identification data.
For the aforementioned scenario in particular, the transaction method according to the invention may therefore comprise the following steps:
- reading of the content of a predefined information field stored in the identification information carrier object, and - reading of the at least one identification information item from the identification information carrier object in dependence on the information field (32) having a predefined content.
Accordingly, the transaction system according to the invention may comprise second checking means, which are set up to check the content, read by the read means, of a predefined information field stored in the identification information carrier object, and to effect the reading of the at least one identification information item from the - -=' - ~ ' identification information carrier object in dependence on whether the information field has a predefined content.
To enable the data required for the concordance list to be 5 collected, in the case of an embodiment of the invention a checking step can be implemented, in which it is checked whether the first list contains an entry for or in assignment to at least a portion of the transmitted transaction-enabling identification data. Namely, it may
10 be the case that the received transaction-enabling identification data are not listed in the concordance list, or that the list has at least one entry for the transaction-enabling identification data but lacks an assigned entry for a transaction processing identification code. In neither case can a transaction processing data record be generated, because the transaction processing identification code required for this is not available. In the case of the embodiment considered, a prompt message for the transmission of a transaction processing identification code assigned to the transaction-enabling identification data is generated and sent. If, in response to this prompt, the transaction-enabling identification data are transmitted again, but this time together with the transaction processing identification code, the concordance list can thereby be updated accordingly. For all subsequent transactions of the respective transaction participant, it then suffices to transmit only the transaction-enabling identification data, since their assignment to the transaction processing identification code has now been listed in the concordance list. This embodiment thus makes it possible, in the case of identification information carrier objects which, in addition to one or more identification information items
11 that can be used for constituting the transaction-enabling identification data, also already contain the transaction processing identification code, for only the transaction-enabling identification data to be transmitted first in each case of the purpose of effecting a transaction.
Should a prompt be returned for the transmission of the transaction processing identification code in addition, because this code is not listed in the concordance list, it can be supplied subsequently, as part of a new transmission, together with the transaction-enabling identification data, to enable the concordance list to be completed.
Accordingly, in the case of the transaction system according to the invention, the list access means may be set up to check whether the first list contains an entry for or in assignment to at least a portion of the transmitted transaction-enabling identification data, said means being furthermore able to be set up to effect the generation of a prompt message for the transmission of a transaction processing identification code assigned to the transaction-enabling identification data, if the first list does not contain such an entry, and to enter the transmitted transaction processing identification code into the first list in assignment to the transaction-enabling identification data.
The transaction system according to the invention preferably comprises a terminal device arrangement designed for generating the transaction-enabling identification data, and an electronic transaction authorization unit which is coupled to the terminal device arrangement via a data communications network and comprises the processing ' "~ <='
Should a prompt be returned for the transmission of the transaction processing identification code in addition, because this code is not listed in the concordance list, it can be supplied subsequently, as part of a new transmission, together with the transaction-enabling identification data, to enable the concordance list to be completed.
Accordingly, in the case of the transaction system according to the invention, the list access means may be set up to check whether the first list contains an entry for or in assignment to at least a portion of the transmitted transaction-enabling identification data, said means being furthermore able to be set up to effect the generation of a prompt message for the transmission of a transaction processing identification code assigned to the transaction-enabling identification data, if the first list does not contain such an entry, and to enter the transmitted transaction processing identification code into the first list in assignment to the transaction-enabling identification data.
The transaction system according to the invention preferably comprises a terminal device arrangement designed for generating the transaction-enabling identification data, and an electronic transaction authorization unit which is coupled to the terminal device arrangement via a data communications network and comprises the processing ' "~ <='
12 data-record generating means. The terminal device arrangement may comprise, for example,'a card terminal which is designed for effecting transactions with payment or money cards. It may also be constituted by, for example, a home computer, from which a transaction participant might wish to start a transaction.
Alternatively, a mobile telephone or other mobile device may also serve as a terminal device arrangement. The transaction authorization unit may be implemented on, for example, a host server of a transaction network operator.
It may comprise the first data storage area and the list access means and, if appropriate, the second data storage area and the first checking means. Alternatively, the terminal device arrangement may comprise the first data storage area and the list access means.
Protection is additionally sought, within the scope of the invention, for the terminal device arrangement and for the transaction authorization unit of such a transaction system.
The invention is explained further in the following with reference to the accompanying drawing. The sole figure of this drawing, Fig. 1, shows in schematic form an exemplary embodiment of a transaction system, denoted in general by 10, which comprises a multiplicity of transaction terminals 12 which are coupled, in respect of communication, to a remotely disposed transaction authorization unit 16 via a data communications network 14. The terminals 12, which respectively constitute a terminal device arrangement within the meaning of the invention, each comprise a read device 18, by means of which they can read data from a transaction-enabling medium 20 serving as an identification ~ . ~---.
Alternatively, a mobile telephone or other mobile device may also serve as a terminal device arrangement. The transaction authorization unit may be implemented on, for example, a host server of a transaction network operator.
It may comprise the first data storage area and the list access means and, if appropriate, the second data storage area and the first checking means. Alternatively, the terminal device arrangement may comprise the first data storage area and the list access means.
Protection is additionally sought, within the scope of the invention, for the terminal device arrangement and for the transaction authorization unit of such a transaction system.
The invention is explained further in the following with reference to the accompanying drawing. The sole figure of this drawing, Fig. 1, shows in schematic form an exemplary embodiment of a transaction system, denoted in general by 10, which comprises a multiplicity of transaction terminals 12 which are coupled, in respect of communication, to a remotely disposed transaction authorization unit 16 via a data communications network 14. The terminals 12, which respectively constitute a terminal device arrangement within the meaning of the invention, each comprise a read device 18, by means of which they can read data from a transaction-enabling medium 20 serving as an identification ~ . ~---.
13 information carrier object. The read device 18 may be a contactless read device which reads the desired data from the transaction-enabling medium 20 in, for example, an optical or inductive manner. Alternatively, it may be a contacting read device which comes into contact with electric contact fields of the transaction-enabling medium 20 and electrically reads out data. Magnetic read-out of data from the transaction-enabling medium 20 is also possible.
The transaction-enabling medium 20 may be a portable item that can be taken along with one, for example in the form of a thin rectangular card. Other forms of the transaction-enabling medium 20 are likewise conceivable.
The transaction-enabling medium 20 serves to enable a holder of the same to initiate a transaction, for instance a payment transaction. For this purpose, the transaction-enabling medium 20 contains a number of data, of which the respective terminal 12 reads one or more identification information items for the purpose of effecting a transaction. These items of information are stored, for example, in an electronic chip or in a magnetic storage field or in the body of the transaction-enabling medium 20.
The read data allow a unique assignment to a transaction account identification code of the holder of the transaction-enabling medium 20, but do not allow this transaction account identification code to be identified without knowledge of this assignment. The transaction account identification code is required for processing of the transaction; it constitutes an example of a transaction processing identification code within the meaning of the invention.
... , + ,
The transaction-enabling medium 20 may be a portable item that can be taken along with one, for example in the form of a thin rectangular card. Other forms of the transaction-enabling medium 20 are likewise conceivable.
The transaction-enabling medium 20 serves to enable a holder of the same to initiate a transaction, for instance a payment transaction. For this purpose, the transaction-enabling medium 20 contains a number of data, of which the respective terminal 12 reads one or more identification information items for the purpose of effecting a transaction. These items of information are stored, for example, in an electronic chip or in a magnetic storage field or in the body of the transaction-enabling medium 20.
The read data allow a unique assignment to a transaction account identification code of the holder of the transaction-enabling medium 20, but do not allow this transaction account identification code to be identified without knowledge of this assignment. The transaction account identification code is required for processing of the transaction; it constitutes an example of a transaction processing identification code within the meaning of the invention.
... , + ,
14 The read identification item(s) may comprise, for example, a number issued by the manufacturer or issuer of the .transaction-enabling medium, thus, for example, a chip serial number in the case of the transaction-enabling medium being realized with a chip, or/and a card number in the case of a transaction-enabling medium in the form of a card. It is pointed out that the read identification information item(s) may alternatively or additionally comprise non-numerical identification data. It is furthermore understood that a plurality of identification numbers may be read from the transaction-enabling medium, thus, for example, an identification number issued by a manufacturer or issuer, or an expiry date of the transaction-enabling medium. It is of importance only that the read identification information item(s) can be put into unique assignment to the transaction account identification code of the holder of the transaction-enabling medium.
Each terminal 12 is set up, in respect of hardware and/or software, to transmit the read identification information item(s) as transaction-enabling identification data, possibly together with further transaction-relevant data such as, for example, a transaction amount and references to a transaction recipient, in an electronic message to the transaction authorization unit 16, via the data communications network 14. The data communications network 14 may comprise, for example, a local network, a public telecommunications network, a mobile telephony network, the Internet or other wireless or wired networks.
The transaction authorization unit 16 is set up, in respect of hardware and/or software, to receive the electronic message sent from the respective terminal 12, and to check said message in respect of whether the desired transaction can be authorized. For this purpose, in the case of one embodiment it can access a negative list of barred identification numbers or/and a positive list of admissible 5 identification numbers, said list(s) being stored in a first storage area of an electronic storage, denoted by 22, of the transaction authorization unit 16. The negative or/and positive list is/are denoted by 24 in the drawing, and constitute(s) an example of a second list within the 10 meaning of the invention. For the purpose of authorization checking, the transaction authorization unit 16 compares the transaction-enabling identification data (or at least a portion thereof) contained in the electronic message with the entries in the negative list or/and the positive
Each terminal 12 is set up, in respect of hardware and/or software, to transmit the read identification information item(s) as transaction-enabling identification data, possibly together with further transaction-relevant data such as, for example, a transaction amount and references to a transaction recipient, in an electronic message to the transaction authorization unit 16, via the data communications network 14. The data communications network 14 may comprise, for example, a local network, a public telecommunications network, a mobile telephony network, the Internet or other wireless or wired networks.
The transaction authorization unit 16 is set up, in respect of hardware and/or software, to receive the electronic message sent from the respective terminal 12, and to check said message in respect of whether the desired transaction can be authorized. For this purpose, in the case of one embodiment it can access a negative list of barred identification numbers or/and a positive list of admissible 5 identification numbers, said list(s) being stored in a first storage area of an electronic storage, denoted by 22, of the transaction authorization unit 16. The negative or/and positive list is/are denoted by 24 in the drawing, and constitute(s) an example of a second list within the 10 meaning of the invention. For the purpose of authorization checking, the transaction authorization unit 16 compares the transaction-enabling identification data (or at least a portion thereof) contained in the electronic message with the entries in the negative list or/and the positive
15 list 24. For example, the transaction authorization unit
16 may check whether a card number or chip serial number of the read-out transaction-enabling medium contained in the transaction-enabling identification data corresponds to one:
of the entries in the negative list or/and the positive list 24. If it ascertains that the card number or chip serial number is not barred, it accesses a concordance list 26 stored in a second storage area of the storage 22, in order to obtain therefrom the transaction account identification code of the holder of the transaction-enabling medium. The storage 22 may be organized, for example, in the form of a database.
The concordance list 26 constitutes a first list within the meaning of the invention. It contains, respectively, a transaction account identification code in assignment to a multiplicity of different transaction-enabling identification data (or of portions thereof). Said transaction account identification code may be composed of = ~~.. , , . = ~
a plurality of identification numbers, thus, for example, of a code of an entity administering the transaction account, and of the number of the transaction account at this entity.
If the transaction authorization unit 16 ascertains that the card number or chip serial number is barred, it sends a return message to this effect to the querying terminal 12, by which message it rejects the requested transaction.
It is understood that, in the case of a modified embodiment, the concordance list 26 can be used to first convert the transaction-enabling identification into the transaction account identification code, and the authorization checking performed only subsequently, through comparison with the negative or/and positive list 24.
If authorization of the transaction is successful, the transaction authorization unit 16 uses the transaction account identification code taken from the concordance list 26 and, possibly, using further data sent concomitantly from the terminal 12, to generate a transaction processing data record, which it transmits to a transaction processing system 30 via a data communications link 28. In a manner not represented further, the transaction processing system has direct or indirect access to the transaction account of the holder of the transaction-enabling medium 20, and effects, for example, respective updating of the account value. The data communications link 28 may be a portion of 30 a local network. It is equally possible, however, for the transaction authorization unit 16 and the transaction processing system 30 to be connected via a public
of the entries in the negative list or/and the positive list 24. If it ascertains that the card number or chip serial number is not barred, it accesses a concordance list 26 stored in a second storage area of the storage 22, in order to obtain therefrom the transaction account identification code of the holder of the transaction-enabling medium. The storage 22 may be organized, for example, in the form of a database.
The concordance list 26 constitutes a first list within the meaning of the invention. It contains, respectively, a transaction account identification code in assignment to a multiplicity of different transaction-enabling identification data (or of portions thereof). Said transaction account identification code may be composed of = ~~.. , , . = ~
a plurality of identification numbers, thus, for example, of a code of an entity administering the transaction account, and of the number of the transaction account at this entity.
If the transaction authorization unit 16 ascertains that the card number or chip serial number is barred, it sends a return message to this effect to the querying terminal 12, by which message it rejects the requested transaction.
It is understood that, in the case of a modified embodiment, the concordance list 26 can be used to first convert the transaction-enabling identification into the transaction account identification code, and the authorization checking performed only subsequently, through comparison with the negative or/and positive list 24.
If authorization of the transaction is successful, the transaction authorization unit 16 uses the transaction account identification code taken from the concordance list 26 and, possibly, using further data sent concomitantly from the terminal 12, to generate a transaction processing data record, which it transmits to a transaction processing system 30 via a data communications link 28. In a manner not represented further, the transaction processing system has direct or indirect access to the transaction account of the holder of the transaction-enabling medium 20, and effects, for example, respective updating of the account value. The data communications link 28 may be a portion of 30 a local network. It is equally possible, however, for the transaction authorization unit 16 and the transaction processing system 30 to be connected via a public
17 telecommunications network, the Internet or another large-area communications network.
In the case of a development, there may be provided a data field of a magnitude of, for example, only 1 bit - said data field being indicated schematically at 32 - the content of the data field being first checked by the reading terminal 12. Only if this data field 32 has a predefined content, for example if it is set to "1", does the terminal 12 read the at least one identification information item from the transaction-enabling medium 20 and generate the transaction-enabling identification data.
If, on the other hand, the data field 32 has a different .
content, for instance the value "0", the terminal 12 either initiates performance of a transaction according to a different, conventional, method (if, for example, the transaction account identification code is also already stored in the transaction-enabling medium 20), or it rejects the desired transaction.
According to a variant, the transaction-enabling identification data may comprise a short version of an identification code, concerning which the concordance list contains, as a transaction processing identification code, a long version of the identification code to be inserted into the transaction processing data record. In particular, it is conceivable, but not only in such a case, for the conversion from the short version into the long version to be effected in the terminals 12 instead of in the transaction authorization unit 16. For this purpose, each of the respective terminals 12 would have to store a copy of the concordance list 26. Alternatively, the read short version of the identification code could, of course, . ~ i f . =
\ =
In the case of a development, there may be provided a data field of a magnitude of, for example, only 1 bit - said data field being indicated schematically at 32 - the content of the data field being first checked by the reading terminal 12. Only if this data field 32 has a predefined content, for example if it is set to "1", does the terminal 12 read the at least one identification information item from the transaction-enabling medium 20 and generate the transaction-enabling identification data.
If, on the other hand, the data field 32 has a different .
content, for instance the value "0", the terminal 12 either initiates performance of a transaction according to a different, conventional, method (if, for example, the transaction account identification code is also already stored in the transaction-enabling medium 20), or it rejects the desired transaction.
According to a variant, the transaction-enabling identification data may comprise a short version of an identification code, concerning which the concordance list contains, as a transaction processing identification code, a long version of the identification code to be inserted into the transaction processing data record. In particular, it is conceivable, but not only in such a case, for the conversion from the short version into the long version to be effected in the terminals 12 instead of in the transaction authorization unit 16. For this purpose, each of the respective terminals 12 would have to store a copy of the concordance list 26. Alternatively, the read short version of the identification code could, of course, . ~ i f . =
\ =
18 first be sent from the respective terminal 12 to the transaction authorization unit 16, before being converted there, at a central location, into the long version. An example of an identification code having a short and a long version is a bank identification code.
It ensues from the above that the concordance list 26, and appropriate software and/or hardware for accessing same, may be stored or implemented in the transaction authorization unit 16 or in the terminals 12.
It is to be added that, in order to increase security against tapping, the transmission of data between the terminals 12 and the transaction authorization unit 16 may be effected with encryption, at least on a portion of the transmission link. In respect of the terminals 12, it is understood that they need not necessarily comprise the readers 18 as integral components. Instead, it is conceivable for at least some of the terminals 12 to be connected to an external reader 18. The sending of an authorization query from one of the terminals 12 to the transaction authorization unit 16 may optionally be effected in online operating mode or in offline operating mode. Online operating mode in this case is understood to be the sending of the authorization query from the terminal to the transaction authorization unit 16 immediately after the desired data have been read from the transaction-enabling means 20. In the context of offline operating mode, on the other hand, the authorization checking may be deferred, in that the terminal directs authorization queries to the transaction authorization unit 16 only at predefined times, for example at night.
It ensues from the above that the concordance list 26, and appropriate software and/or hardware for accessing same, may be stored or implemented in the transaction authorization unit 16 or in the terminals 12.
It is to be added that, in order to increase security against tapping, the transmission of data between the terminals 12 and the transaction authorization unit 16 may be effected with encryption, at least on a portion of the transmission link. In respect of the terminals 12, it is understood that they need not necessarily comprise the readers 18 as integral components. Instead, it is conceivable for at least some of the terminals 12 to be connected to an external reader 18. The sending of an authorization query from one of the terminals 12 to the transaction authorization unit 16 may optionally be effected in online operating mode or in offline operating mode. Online operating mode in this case is understood to be the sending of the authorization query from the terminal to the transaction authorization unit 16 immediately after the desired data have been read from the transaction-enabling means 20. In the context of offline operating mode, on the other hand, the authorization checking may be deferred, in that the terminal directs authorization queries to the transaction authorization unit 16 only at predefined times, for example at night.
Claims (16)
1. Transaction method, comprising the steps:
- transmission of transaction-enabling identification data, - provision of a stored first list (26) which, in assignment to a multiplicity of different transaction-enabling identification data, contains respectively at least one transaction processing identification code, - accessing of the first list (26), for the purpose of ascertaining a transaction processing identification code assigned to the transmitted transaction-enabling identification data, - generation of a transaction processing data record, using the transaction processing identification code ascertained from the first list (26), and - transmission of the transaction processing data record, via a communications network (28), to an electronic transaction processing system (30).
- transmission of transaction-enabling identification data, - provision of a stored first list (26) which, in assignment to a multiplicity of different transaction-enabling identification data, contains respectively at least one transaction processing identification code, - accessing of the first list (26), for the purpose of ascertaining a transaction processing identification code assigned to the transmitted transaction-enabling identification data, - generation of a transaction processing data record, using the transaction processing identification code ascertained from the first list (26), and - transmission of the transaction processing data record, via a communications network (28), to an electronic transaction processing system (30).
2. Transaction method according to claim 1, characterized by the steps:
- machine-reading of at least one identification information item from an identification information carrier object (20), and - constitution of at least a portion of the transaction-enabling identification data on the basis of the at least one read identification information item.
- machine-reading of at least one identification information item from an identification information carrier object (20), and - constitution of at least a portion of the transaction-enabling identification data on the basis of the at least one read identification information item.
3. Transaction method according to either of claims 1 or 2, characterized by the steps:
- recording of at least one identification information item entered by means of a user-operable input means of a data processing device, and - constitution of at least a portion of the transaction-enabling identification data on the basis of the at least one entered identification information item.
- recording of at least one identification information item entered by means of a user-operable input means of a data processing device, and - constitution of at least a portion of the transaction-enabling identification data on the basis of the at least one entered identification information item.
4. Transaction method according to any one of claims 1 to 3, characterized by the steps:
- provision of.a stored second list (24), which contains a multiplicity of different identification numbers, - comparison of at least a portion of the transmitted transaction-enabling identification data with at least a portion of the identification numbers contained in the second list (24), and - generation of the transaction processing data record in dependence on the result of the comparison.
- provision of.a stored second list (24), which contains a multiplicity of different identification numbers, - comparison of at least a portion of the transmitted transaction-enabling identification data with at least a portion of the identification numbers contained in the second list (24), and - generation of the transaction processing data record in dependence on the result of the comparison.
5. Transaction method according to any one of claims 2 to 4, characterized by the steps:
- reading of the content of a predefined information field (32) stored in the identification information carrier object (20), and - reading of the at least one identification information item from the identification information carrier object (20) in dependence on the information field (32) having a predefined content.
- reading of the content of a predefined information field (32) stored in the identification information carrier object (20), and - reading of the at least one identification information item from the identification information carrier object (20) in dependence on the information field (32) having a predefined content.
6. Transaction method according to any one of claims 1 to 5, characterized by the steps:
- checking whether the first list (26) contains an entry for or in assignment to at least a portion of the transmitted transaction-enabling identification data, - if the first list (26) does not contain such an entry, generation of a prompt message for the transmission of a transaction processing identification code assigned to the transaction-enabling identification data, - entering of the transmitted transaction processing identification code into the first list (26) in assignment to the transaction-enabling identification data.
- checking whether the first list (26) contains an entry for or in assignment to at least a portion of the transmitted transaction-enabling identification data, - if the first list (26) does not contain such an entry, generation of a prompt message for the transmission of a transaction processing identification code assigned to the transaction-enabling identification data, - entering of the transmitted transaction processing identification code into the first list (26) in assignment to the transaction-enabling identification data.
7. Transaction system, in particular for effecting the method according to any one of claims 1 to 6, comprising:
- a first data storage area (22), in which there is stored a first list (26) which, in assignment to a multiplicity of different transaction-enabling identification data, contains respectively at least one transaction processing identification code, - list access means, which are set up to receive transmitted transaction-enabling identification data and to access the first list (26) for the purpose of ascertaining a transaction processing identification code assigned to the transmitted transaction-enabling identification data, and - processing data-record generating means, which are set up to generate a transaction processing data record using the transaction processing identification code ascertained from the first list (26), and to transmit the transaction processing data record, via a communications network (28), to an electronic transaction processing system (30).
- a first data storage area (22), in which there is stored a first list (26) which, in assignment to a multiplicity of different transaction-enabling identification data, contains respectively at least one transaction processing identification code, - list access means, which are set up to receive transmitted transaction-enabling identification data and to access the first list (26) for the purpose of ascertaining a transaction processing identification code assigned to the transmitted transaction-enabling identification data, and - processing data-record generating means, which are set up to generate a transaction processing data record using the transaction processing identification code ascertained from the first list (26), and to transmit the transaction processing data record, via a communications network (28), to an electronic transaction processing system (30).
8. Transaction system according to claim 7, characterized by read means (18) which are set up to read at least one identification information item from an identification information carrier object (20) and to constitute at least a portion of the transaction-enabling identification data on the basis of the at least one read identification information item.
9. Transaction system according to either of claims 7 or 8, characterized by a second data storage area (22), in which there is stored a second list (24) containing a multiplicity of different identification numbers, with first checking means, that are coupled to the processing data-record generating means, being set up for the purpose of comparing at least a portion of the transmitted transaction-enabling identification data with at least a portion of the identification numbers contained in the second list (24), the processing data-record generating means being set up for the purpose of generating the transaction processing data record in dependence on the result of the comparison by the first checking means.
10. Transaction system according to any one of claims 7 to 9, characterized in that the list access means are set up to check whether the first list (26) contains an entry for or in assignment to at least a portion of the transmitted transaction-enabling identification data, said means being furthermore set up to effect the generation of a prompt message for the transmission of a transaction processing identification code assigned to the transaction-enabling identification data, if the first list (26) does not contain such an entry, and to enter the transmitted transaction processing identification code into the first list in assignment to the transaction-enabling identification data.
11. Transaction system according to any one of claims b to 10, characterized by second checking means, which are set up to check the content, read by the read means (18), of a predefined information field (32) stored in the identification information carrier object (20), and to effect the reading of the at least one identification information item from the identification information carrier object (20) in dependence on whether information field (32) has a predefined content.
12. Transaction system according to any one of claims 7 to 11, comprising a terminal device arrangement (12) designed for generating the transaction-enabling identification data, and an electronic transaction authorization unit (16) which is coupled to the terminal device arrangement via a data communications network (14) and comprises the processing data-record generating means.
13. Transaction system according to claim 12, characterized in that the transaction authorization unit comprises the first data storage area and the list access means and, if appropriate, the second data storage area and the first checking means.
14. Transaction system according to claim 12, characterized in that the terminal device arrangement comprises the first data storage area and the list access means.
15. Terminal device arrangement (12) of the transaction system according to any one of claims 12 to 14.
16. Transaction authorization unit (16) of the transaction system according to any one of claims 12 to 14.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP05021849A EP1783708A1 (en) | 2005-10-06 | 2005-10-06 | Transaction method and system |
| EP05021849.4 | 2005-10-06 | ||
| PCT/IB2006/004232 WO2007105033A2 (en) | 2005-10-06 | 2006-10-06 | Transaction method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2625539A1 true CA2625539A1 (en) | 2007-09-20 |
Family
ID=35207651
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002625539A Abandoned CA2625539A1 (en) | 2005-10-06 | 2006-10-06 | Transaction method and system |
Country Status (5)
| Country | Link |
|---|---|
| EP (1) | EP1783708A1 (en) |
| CN (1) | CN101506821A (en) |
| AU (1) | AU2006340286A1 (en) |
| CA (1) | CA2625539A1 (en) |
| WO (1) | WO2007105033A2 (en) |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2389284A1 (en) * | 1977-04-27 | 1978-11-24 | Cii Honeywell Bull | INFORMATION PROCESSING SYSTEM PROTECTING THE SECRET OF CONFIDENTIAL INFORMATION |
| JP3160305B2 (en) * | 1991-03-30 | 2001-04-25 | 株式会社東芝 | Road toll collection system, road toll collection method, and wireless device |
| US6999936B2 (en) * | 1997-05-06 | 2006-02-14 | Sehr Richard P | Electronic ticketing system and methods utilizing multi-service visitor cards |
| US6529880B1 (en) * | 1999-12-01 | 2003-03-04 | Intermec Ip Corp. | Automatic payment system for a plurality of remote merchants |
| US20010029485A1 (en) * | 2000-02-29 | 2001-10-11 | E-Scoring, Inc. | Systems and methods enabling anonymous credit transactions |
| CA2406375C (en) * | 2000-04-11 | 2017-05-09 | Mastercard International Incorporated | An improved method and system for conducting secure payments over a computer network |
| JP5093957B2 (en) * | 2000-06-21 | 2012-12-12 | マスターカード インターナシヨナル インコーポレーテツド | Improved method and system for making secure payments over a computer network |
| GB0228384D0 (en) * | 2002-12-04 | 2003-01-08 | Howell David W | Transaction |
-
2005
- 2005-10-06 EP EP05021849A patent/EP1783708A1/en not_active Ceased
-
2006
- 2006-10-06 CN CNA200680045365XA patent/CN101506821A/en active Pending
- 2006-10-06 WO PCT/IB2006/004232 patent/WO2007105033A2/en active Application Filing
- 2006-10-06 CA CA002625539A patent/CA2625539A1/en not_active Abandoned
- 2006-10-06 AU AU2006340286A patent/AU2006340286A1/en not_active Abandoned
Also Published As
| Publication number | Publication date |
|---|---|
| EP1783708A1 (en) | 2007-05-09 |
| WO2007105033A3 (en) | 2009-04-23 |
| CN101506821A (en) | 2009-08-12 |
| AU2006340286A1 (en) | 2007-09-20 |
| WO2007105033A2 (en) | 2007-09-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7107246B2 (en) | Methods of exchanging secure messages | |
| KR100623848B1 (en) | Electronic settling method by mobile terminal | |
| US7287165B2 (en) | IC card, portable terminal, and access control method | |
| US20030004827A1 (en) | Payment system | |
| US20070094152A1 (en) | Secure electronic transaction authentication enhanced with RFID | |
| US20130087612A1 (en) | Method and devices for the production and use of an identification document that can be displayed on a mobile device. | |
| CN107851259A (en) | The system and method being traded using biological characteristic validation | |
| GB2517775A (en) | Apparatus and methods for identity verification | |
| JPH11511882A (en) | Tokenless identification system for authorization of electronic transactions and transmissions | |
| EP1282044B1 (en) | Authenticating method | |
| WO2001086599A2 (en) | Smart communications | |
| US20010027116A1 (en) | Electronic wallet | |
| CN105556550A (en) | Method for securing a validation step of an online transaction | |
| CA2313312A1 (en) | System, method, and computer program product for smart card to smart card transactions | |
| EP1215636A2 (en) | Method of conducting transactions | |
| CN101443722A (en) | Wireless telecommunication device with output control function and transaction authentication system using the same | |
| US20180253573A1 (en) | Systems and Methods for Utilizing Magnetic Fingerprints Obtained Using Magnetic Stripe Card Readers to Derive Transaction Tokens | |
| KR100382882B1 (en) | An identifying system and method using a finger print | |
| CA2625539A1 (en) | Transaction method and system | |
| AU2004312730B2 (en) | Transaction processing system and method | |
| JP2002324219A (en) | Card authentication system | |
| JP2003317020A (en) | Individual authentication system and individual authentication program used for the same | |
| GB2139457A (en) | Interactive Audio Transaction Terminal | |
| JP2005141503A (en) | System and method for charge settlement, and recording medium | |
| KR20030074853A (en) | Method and apparatus for person confirmation of finance/identification card in commercial pay through mobile unit |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| FZDE | Discontinued | ||
| FZDE | Discontinued |
Effective date: 20110426 |