CN103493034A - Automatic user authentication, online checkout and electronic payments via mobile communication device with imaging system - Google Patents

Automatic user authentication, online checkout and electronic payments via mobile communication device with imaging system Download PDF

Info

Publication number
CN103493034A
CN103493034A CN201180058297.1A CN201180058297A CN103493034A CN 103493034 A CN103493034 A CN 103493034A CN 201180058297 A CN201180058297 A CN 201180058297A CN 103493034 A CN103493034 A CN 103493034A
Authority
CN
China
Prior art keywords
user
identifier
payment
checkout
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201180058297.1A
Other languages
Chinese (zh)
Other versions
CN103493034B (en
Inventor
S·库利
C·A·佩恩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Norton identity protection
Original Assignee
Symantec Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US12/969,471 external-priority patent/US9076171B2/en
Priority claimed from US12/969,303 external-priority patent/US8856902B2/en
Priority claimed from US12/969,510 external-priority patent/US8177125B1/en
Application filed by Symantec Corp filed Critical Symantec Corp
Publication of CN103493034A publication Critical patent/CN103493034A/en
Application granted granted Critical
Publication of CN103493034B publication Critical patent/CN103493034B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • User Interface Of Digital Computer (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Collating Specific Patterns (AREA)

Abstract

A graphical authentication identifier is used to facilitate automatic authentication of a user, the checkout of a user on a webstore, or the automatic processing of an electronic payment. A graphical identifier authentication system receives a request from an authenticating entity for a onetime use graphical authentication identifier. In response to the received request, a onetime use graphical authentication identifier to be displayed by the authenticating entity is generated. A request for user authentication information by the authenticating entity is encoded in the graphical authentication identifier, which is transmitted to the authenticating entity for display (e.g., on a login screen). The onetime use graphical authentication identifier being displayed by the authenticating entity is captured by a registered user operated computing device.; In response, the requested user authentication information is transmitted to the authenticating entity, such that the user is automatically authenticated to the authenticating entity, without the user manually entering the requested user authentication information.

Description

Carry out the automatic subscriber authentication, settle accounts online and pay by mails by the mobile communications device with imaging system
Technical field
This disclosure relates generally to computer security, relates more specifically to utilize graphical identifier to carry out automatic subscriber authentication, automatic on-line checkout and autoelectrinic and pays.
background
The computer user signs in to a lot of different web sites (website of bank, shopping website, work related web site, social networking website etc.) usually, and each in these websites all needs username and password.This login based on password frequently is inconvenient for the user, and is the chance that malice clique has created the stealing password.The user can use different passwords to their each website of login, or repeats password between a plurality of websites, and the user can make a choice between the two.Use different passwords for each website and can produce the password that a lot of users need to manage.In this case, the user is easy to forget their password, therefore may find that themselves can not sign in to the website of thinking.In order to address this problem, some users write their password on addressable position, but this has produced security risk.Another part solution is the manager that accesses to your password, but this computing machine that code management device is installed is effective, or effective to the computing machine of synchronizeing with it.Do like this and make the user can not be from other computer log websites, such as those computing machines in hotel commercial center, Internet bar, library etc.
On the other hand, using identical password between a plurality of websites is not good security practices.If single password is stolen, all user accounts all can be under attack easily.Some users just repeat password (for example, a password for social networks, and different passwords for financial website) between the polytype website.Even if like that, much the user is difficult to remember their password.In addition, than for each website is used unique password, use the different passwords of limited quantity still can produce more security risk.
Malice clique can snatch password by the whole bag of tricks, and for example phishing, Key Logger, Network Traffic Monitoring, malice browser plug-in and the password of catching are replayed to other websites.Code management device prevents that password from being stolen (and alleviating to a certain extent phishing) by Key Logger, but still makes the user be easy to be subject to the attack of other types cipher stealing.
Solving these problems relevant to login based on password is Worth Expectings.
Along with passing through of the law that requires financial institution's enforcement additional security measures, two-factor authentication just becomes and becomes more and more popular.Two-factor authentication is to need the user of the user identity proof of two kinds of independent modes to authenticate.In single factor authentication, the user can utilize a single factors to examine his or her identity, the roll value that for example (the most at large) above-described password, or (alternately) physical token or bio-identification indicator (for example fingerprint or retina scanning) produce.In two-factor authentication, must provide these two kinds of factors (for example, password and roll value).Modal two-factor authentication is used the static subscriber to input password as the first factor at present, add roll value, roll value for example, for example, produces and is shown to the user by hardware keys card (RSA SecurID) or special mobile device (Verisign VIP).
It is unique up-to-date roll value to autonomous device that these hardware units continue to produce.Roll value is (for example, every 30 seconds) or for example, just reappear the dynamic value produced in response to given event (, when the user presses given input mechanism) at set intervals.Above-mentioned this class hardware unit continues to produce new roll value, usually take a period of time as interval.Typically this roll value can be used for for the user is authenticated, and can be regarded as the rolling-code be associated with concrete generating apparatus.This roll value generally includes the pseudo random number of given quantity figure place (for example, 6), and this pseudo random number is based on seed (for example, current time or a string preceding value) and produces.Authenticate device can produce the current scrolling value identical with given generating apparatus (that is, authenticate device also has seed or any key all for generation of roll value) at any given time.Therefore, authenticate device can be verified that received roll value is actually and generated by given device.
Roll value generates hardware unit and is not subject to user's welcome, because they also comprise another device that the user need to carry.In addition, the user must input current scrolling value and static password, and this is even more more loaded down with trivial details than independent input password.These devices are not subject to keeper and IT professional person's favor yet, because their frequent loss, battery life is limited, and must often change.Exist roll value to generate software (for example, Verisign VIP), but this still needs the user manually to input the current scrolling value, and also limit the length of possible roll value in reality.
Solving these problems relevant to two-factor authentication is also Worth Expecting.
America Online's retail sales reach 2,487 hundred million dollars while estimating 2014, exceed 2010 60000000000 dollars.Although online sales are all the fashion, completing an on-line purchase still needs the user to input their name, e-mail address, credit card information and transportation details.The cake that makes things worse, most of online retailer requires the user to create account on their website, and this has increased again the user needs another step to be processed and more data item.And, when the user inputs these information with the help on-line purchase, user's documentary evidence just suffers usurping of Malware, Key Logger and fishing website.
Some online retailers allow the user to utilize account to store to pay and transit information, and from the option of previous input, are selected logging in after entering on-line shop.Yet, the user still need for each independently online retailer re-enter this information, and they need to log in each concrete on-line shop when they wish to buy at every turn.Shellfish precious (Paypal) and Google (Google) have solved this problem to a certain extent, mode is to allow the user once to input their sign, payment and transit information, then selects Paypal or Google checkout (Checkout) to complete online transaction with a plurality of on-line shops.These services allow users to select to pay and transport details from menu, and provide advise for payments and user's transportation details for on-line shop.For the each purchase in each on-line shop, input aspect this category information having to individually, Paypal and Google Checkout are much progresses, but the checkout mode that they do not need them to login still can't provide the user to buy the time at every turn.For example, client can browse on-line shop, to his or her shopping cart, adds article, selects checkout, then selects Paypal or Google Checkout option.Now, the user must sign in on his or her Paypal or Google Checkout account, and therefore each user needs the manual typing of username and password while buying.
Address these problems is also Worth Expecting.
Cash, as a kind of means of payment, disappears from our daily life.Carrying enough cashes, to carry out all purchases be irksome, and make the individual bear stolen risk.Use credit card to carry out nearly all online and off-line purchase and just becoming common.The problem brought of above-mentioned cash of having utilized Credit Card Payments to solve, but also give this mode introducing series of challenges itself, for example authentication, steal credit card, steal credit number and copy credit card.Debit card has solved some in these problems that credit card brings, because the client inputs PIN to verify his or her identity.Therefore, stolen debit card is useless when there is no PIN.Yet the burglar can manufacture false ATM and device is attached to the real ATM that allows debit card to copy and obtain PIN.The various non-contact type payment systems of attempting to provide electronic payment mode have been set up, for example Visa payWave and Mastercard PayPass.These systems make that the burglar is extremely difficult to be copied card, but other the problems referred to above that credit card brings still exist.
Solving these problems relevant to Credit Card Payments is Worth Expectings.
Should be noted that a bit, the individual is usually because a variety of causes exchanges money.For example, a friend may borrow money to another friend, then gives back.A people may buy article, for example Craigslist from this after finding private session.Relatives can give the cash gift to another one.For these affairs carry and exchange money for above-mentioned former thereby the speech be in-problem.Utilize credit card to be paid to the individual very difficult, because most people do not have business account.By PayPal, to the individual, paying is a kind of good solution, create the payee and receive payment in PayPal, but not all people adopts this mode.And PayPal stops anonymous payment, because the disburser must know by payer's e-mail address.
Solving these problems relevant to person-to-person payment is also Worth Expecting.
general introduction
The automated validation that a kind of graphical identifier Verification System is used the pattern authentication identifier to help the user.This graphical identifier Verification System receives the request of a certification entity to disposable pattern authentication identifier.In certain embodiments, the concrete authentication information that this certification entity is asked is identified in the request of this certification entity.In certain embodiments, this certification entity is to need the user to login or a website of input authentication information otherwise.In response to the request received, the disposable pattern authentication identifier that generation will be shown by this certification entity.This certification entity is encoded in this pattern authentication identifier to the request of user authentication information.In certain embodiments, this further comprises being encoded by the identification content of the concrete authentication information of this certification entity request in this pattern authentication identifier.Under any circumstance, the pattern authentication identifier produced for example is sent to this certification entity, to be shown (, on login screen).
The calculation element (for example, mobile communications device) that the shown disposable use pattern authentication identifier of this certification entity is operated by a registered user obtains.As response, the user authentication information of this request is sent to this certification entity, like this, automatically the user is authenticated to this certification entity, manually inputs the user authentication information of this request without the user.More specifically, this graphical identifier Verification System receives from the calculation element of this user's operation the request of this user to the authentication of this certification entity that automatically complete, and with the calculation element in response to this user's operation, has obtained the disposable pattern authentication identifier shown by this certification entity.In certain embodiments, the request that the calculation element operated from this user receives comprises the concrete authentication information of this certification entity request.In other embodiments, which kind of authentication information this request specifies asked by this certification entity, does not comprise this authentication information itself.
The authentication information of asking in certain embodiments, comprises can be by least one second factor authentication roll value of this certification entity prediction.In these examples, produce this second factor authentication roll value (for example, by mobile communications device), obtain this shown disposable pattern authentication identifier of this certification entity with the calculation element in response to this user's operation.Then, produced roll value is sent to this certification entity.
A kind of graphical identifier checkout system is used figure checkout identifier to help the automatic checkout of user in shop.This graphical identifier checkout system receives the request of an on-line shop to disposable figure checkout identifier.In certain embodiments, the request of this on-line shop is identified the concrete checkout that this on-line shop asks and is completed information.The request received in response to this, the disposable figure checkout identifier that generation will be shown by this on-line shop.This on-line shop completes the request of information and is encoded in this figure checkout identifier to checkout.In certain embodiments, this further comprises that the identification content in this figure checkout identifier, by the concrete checkout of this on-line shop's request, completing information is encoded.Under any circumstance, the figure checkout identifier produced for example is sent to this on-line shop, to be shown (, on the checkout screen).
The calculation element (for example, mobile communications device) that the shown disposable figure checkout identifier of this on-line shop is operated by a registered user obtains.As response, the checkout of this request completes information and is sent to this on-line shop, and like this, in this on-line shop, automatically to by user checkout, the checkout that manually signs in to this on-line shop or input this request without the user completes information.More specifically, this graphical identifier checkout system is received in this on-line shop from the calculation element of this user's operation the request that automatically completes this user's checkout, with the calculation element in response to this user's operation, has obtained the disposable pattern authentication identifier shown by this on-line shop.In certain embodiments, the request that the calculation element operated from this user receives comprises that the concrete checkout of this on-line shop's request completes information.In other embodiments, which kind of checkout this request is specified complete information and is asked by this on-line shop, does not comprise that these clearing complete information itself.
A kind of graphical identifier payment system is used figure to pay the automatic processing that identifier is helped the E-Payment from a user to a take over party.This graphical identifier payment system receives a payment processes entity and disposable figure is paid to the request of identifier.In certain embodiments, the concrete payment information that this payment processes entity is asked is identified in the request of this payment processes entity.In certain embodiments, the payment processes entity is a point of sales system.In other embodiments, the payment processes entity is a credit card terminal.In response to the request received, the disposable figure that generation will be shown by this payment processes entity pays identifier.This payment processes entity is encoded in this figure pays identifier to the request of payment information.In certain embodiments, this further comprises this figure is paid in identifier by the identification content of the concrete payment information of this payment processes entity requests and encoded.Under any circumstance, the figure produced pays identifier and for example is sent to this payment processes entity, to be shown (, paying on screen).
The calculation element (for example, mobile communications device) that the shown disposable use figure payment identifier of this payment processes entity is operated by a registered user obtains.As response, the payment information of this request is sent to this payment processes entity, so automatically carries out the E-Payment from this user to this take over party, without the user, manually inputs the payment information of this request and provides the physics credit card without the user.More specifically, this graphical identifier payment system receives from the calculation element of this user's operation the request of paying by mails of automatically processing, and has obtained the disposable figure shown by this payment processes entity with the calculation element in response to this user's operation and has paid identifier.In certain embodiments, the request that the calculation element operated from this user receives comprises the concrete payment information by this payment processes entity requests.In other embodiments, which kind of payment information this request specifies asked by this payment processes entity, does not comprise this payment information itself.
In certain embodiments, figure payment identifier is for helping the payment user from operating first mobile device to receive the automatic processing of user's E-Payment to a payment of second mobile device of operation.In these embodiments, this graphical identifier payment system receives from this payment user's mobile device the request that disposable figure pays identifier.As response, the figure of being encoded to the bid that pays the payment that receives the user from this payment user is paid to identifier and be sent to this payment user's mobile device and shown by it.The mobile device that shown figure payment identifier receives the user by this payment obtains.As response, this pays the mobile device that receives the user and transmits request to start the processing of paying by mails to the graphical identifier payment system.This graphical identifier payment system transmits request automatically to process E-Payment to a payment processes entity, so automatically carry out from paying the user to paying the E-Payment that receives the user, provide the physics credit card without paying the user, and do not require to pay and receive user's payment of receiving credit card.Request to this payment processes entity can comprise with this payment user and pay the subscriber-related correct payment information of reception.This graphical identifier payment system can receive the confirmation information of having been processed from this payment processes entity, and transmits confirmation to be shown to the user to two mobile devices.
Not comprise all in the feature and advantage that this general introduction neutralization is following to be described in describing in detail, and particularly, with reference to the accompanying drawings, instructions and claim thereof, much supplementary features and advantage will become obvious to one of those of ordinary skill in the related art.And the language that it should be noted in the discussion above that choice for use in instructions is mainly for readability and instructs purpose, and can not select, for delimiting or the restriction subject matter, to depend on and determine the necessary claim of these subject matters.
brief Description Of Drawings
Fig. 1 is the block scheme according to the exemplary network architecture of some embodiment, can implement graphical identifier Verification System, graphical identifier checkout system or graphical identifier payment system in this network architecture.
Fig. 2 is the block scheme according to a kind of computer system of some embodiment, and this computer system is suitable for carrying out graphical identifier Verification System, graphical identifier checkout system or graphical identifier payment system.
Fig. 3 is the block scheme according to the operation of the graphical identifier Verification System of some embodiment.
Fig. 4 is the simulation sectional drawing according to the website of the display graphics authentication identifier of some embodiment.
Fig. 5 is the diagram of a kind of mobile communications device of the pattern authentication identifier shown according to obtaining of some embodiment.
Fig. 6 is the block scheme according to the operation of the graphical identifier checkout system of some embodiment.
Fig. 7 is the simulation sectional drawing according to the on-line shop of the display graphics checkout identifier of some embodiment.
Fig. 8 is the diagram of a kind of mobile communications device of the figure shown according to obtaining of some embodiment checkout identifier.
Fig. 9 is the diagram according to a kind of mobile communications device of the demonstration trade confirmation of some embodiment.
Figure 10 is the block scheme according to the operation of the graphical identifier payment system of some embodiment.
Figure 11 pays the diagram of the point of sales system of identifier according to the display graphics of some embodiment.
Figure 12 is the diagram that the figure shown according to obtaining of some embodiment pays a kind of mobile communications device of identifier.
Figure 13 is the diagram according to a kind of mobile communications device of the demonstration trade confirmation of some embodiment.
Figure 14 is the block scheme according to the operation of the graphical identifier payment system of other embodiment, and in this system, a kind of payment mobile communications device is paid to a kind of reception mobile communications device.
Figure 15 is the diagram according to a kind of disburser's mobile communications device of some embodiment, and this device shows the bar item screen paid to another user.
Figure 16 pays the diagram of a kind of disburser's mobile communications device of identifier according to the display graphics of some embodiment.
Figure 17 is the diagram according to a kind of payee's mobile communications device of the demonstration trade confirmation of some embodiment.
Legend just to the explanation purpose and describe different embodiment.Those of ordinary skill in the art will easily recognize from following discussion, and the structure that this paper exemplifies and the alternate embodiment of method can be implemented under the prerequisite that does not depart from principle described herein.
describe in detail
Fig. 1 is the block scheme of showing exemplary network architecture 100, in this network architecture, can implement graphical identifier Verification System 101.Graphical identifier checkout system 600 or graphical identifier payment system 1000 can also be implemented in this network architecture 100, although this does not clearly illustrate in Fig. 1.The shown network architecture 100 comprises a plurality of mobile communications device 103A, 103B and 103N, and a plurality of server 105A and 105N.In Fig. 1, graphical identifier Verification System 101 is shown and resides in server 105A above, and its device agency 102 is positioned on each mobile communications device 103.Should be understood that this is only example, and the difference in functionality of this system 101 in different embodiment (or in graphical identifier checkout system 600 or graphical identifier payment system 1000) can instantiation on mobile communications device 103, server 105, or can be distributed between required a plurality of calculation elements.
Should be understood that, mobile communications device 103 described herein comprises the portable computer system 210 (this mobile communications device 103 refers to smart phone sometimes, but even a lot of not mobile phone of appointment like this also has these functions) that can be connected to network 107 and run application.Mobile communications device 103 and server 105 can utilize computer system 210 to realize, example as shown in Figure 2 with computer system described below.Be connected to network 107, for example, by the network interface 248 of describing below in conjunction with Fig. 2 mobile communications device 103 and server 105 communicativenesses.Mobile communications device 103 for example can utilize web browser or other client software (not shown) to visit application program and/or data.
Although Fig. 1 shows 3 mobile communications devices 103 and 2 servers, in fact can dispose mobile communications device 103 and/or the server 105 of more (or still less) as an example.In one embodiment, network 107 is forms of internet.Other networks 107 or based on network environment can be used in other embodiments.
Fig. 2 is the block scheme that is suitable for implementing the computer system 210 of graphical identifier Verification System 101 (as shown in the figure) or graphical identifier checkout system 600 or graphical identifier payment system 1000 (not shown in Fig. 2).Two mobile communications devices 103 and server 105 can adopt the form of this computer system 210 to implement.As shown in the figure, computer system 210 assembly is bus 212.Bus 212 communicativeness ground connect other assemblies of computer system 210, for example at least one processor 214, system storage 217 (for example, random access storage device (RAM), ROM (read-only memory) (ROM), flash memory), I/O (I/O) controller 218, be connected to the audio output interface 222 of external audio device (for example, speaker system 220) communicativeness, be connected to the display adapter 226 of external video output unit (for example, display screen 224) communicativeness, (for example serial port 230 for one or more interfaces, USB (universal serial bus) (USB) socket 230, parallel port (not shown) etc.), be connected to the keyboard controller 233 of keyboard 232 communicativeness, be connected to the memory interface 234 of at least one hard disk 244 (or other forms of magnetic medium) communicativeness, be arranged to the floppy disk 237 that receives floppy disk 238, be arranged to host bus adaptor (HBA) the interface card 235A be connected with optical-fibre channel (FC) network 290, be configured to be connected to the HBA interface card 235B of SCSI bus 239, be arranged to the CD drive 240 that receives CD 242, be connected to the mouse 246 (or other indicating devices) of bus 212 by for example USB socket 228, be connected to the modulator-demodular unit 247 of bus 212 by for example serial port 230, and the network interface 248 that for example is connected directly to bus 212.
Other assembly (not shown) can be adopted in a like fashion and be connected (for example, file scanning device, digital camera, printer etc.).On the contrary, all component shown in Fig. 2 does not need all to exist.These assemblies can adopt and be different from the mode shown in Fig. 2 and interconnect.
Bus 212 allows to carry out data communication between processor 214 and system storage 217, as above, is carried, and system storage can comprise ROM and/or flash memory and RAM.RAM is primary memory normally, and operating system and application program are loaded in primary memory.Except other codes, ROM and/or flash memory can also comprise the Basic Input or Output System (BIOS) (BIOS) of controlling some basic hardware operation.Application program can be stored in local computer computer-readable recording medium (for example, hard disk 244, CD 242) and goes up and be loaded into system storage 217 and carried out by processor 214.Application program can also be loaded into system storage 217 from remote location (that is, being positioned at computer system 210 at a distance) by for example network interface 248 or modulator-demodular unit 247.In Fig. 2, graphical identifier Verification System 101 is shown as and resides in system storage 217.Explain in more detail the working method of graphical identifier Verification System 101 below in conjunction with Fig. 3-5.
Memory interface 234 is connected to one or more hard disks 244 (and/or other standards storage medium).This or these hard disk 244 can be the part of computer system 210, can be maybe physically separated and conducts interviews by other interface systems.
Network interface 248 and/or modulator-demodular unit 247 directly or indirectly are connected to network 107, for example internet communicativeness.This connection can be wired or wireless.
Fig. 3 shows the device agency 102 in the system storage 217 that resides in mobile communications device 103 and resides in the operation of the graphical identifier Verification System 101 in the system storage 217 of server computer 105 according to some embodiment.As described above, the function of device agency 102, graphical identifier Verification System 101, graphical identifier checkout system 600 or graphical identifier payment system 1000 can reside on mobile communications device 103, server 105, perhaps be distributed between a plurality of computer systems 210, comprise in the computing environment resided in based on cloud, the function of discussing in this environment provides on network 107 as service.Should be understood that, although device agency 102 and graphical identifier Verification System 101 in Fig. 3 (and the graphical identifier checkout system 600 in Fig. 6 and 10 and graphical identifier payment system 1000) are shown single entities, but these assemblies represent the set of a plurality of functions, they may be instantiated as single or a plurality of modules as required.The instantiation of concrete a plurality of modules of device agency 102 and graphical identifier Verification System 101 is showed in Fig. 3.The instantiation of concrete a plurality of modules of device agency 102 and graphical identifier checkout system 600 is showed in Fig. 6.The instantiation of concrete a plurality of modules of device agency 102 and graphical identifier payment system 1000 is showed in Figure 10.
Should be understood that, the module of device agency 102, graphical identifier Verification System 101, graphical identifier checkout system 600 and graphical identifier payment system 1000 can instantiation (for example, but as object identification code or carries out image) at the system storage 217 of any computer system 210 (for example, RAM, ROM, flash memory) in, when 214 pairs of modules of processor of computer system 210 are processed, computer system 210 is carried out relevant function like this.As used herein, term " computer system ", " computing machine ", " client ", " client computer ", " server ", " server computer ", " mobile communications device " and " calculation element " mean to be configured and/or one or more computing machines of for the carrying out representation function of programming.In addition, the program code of implementing the function of these assemblies can be stored on computer-readable recording medium.The tangible computer-readable recording medium of arbitrary form can be used in this environment, for example magnetic or optical storage media.As used herein, term " computer-readable recording medium " does not mean the electric signal that the physical medium with bottom is separated.
As shown in Figure 3, graphical identifier Verification System 101 is enabled a kind of authentication method, and the method is broken away from the user must remember and manually input the username and password of each website 301 that they access.On the contrary, the user is by using the special pattern authentication identifier 303 presented on the login screen 305 of targeted sites to be authenticated.As following more detailed explanation, pattern authentication identifier 303 by user's personal mobile communication device 103 (for example, smart phone, dull and stereotyped calculation element etc.) on cis 307 (for example, digital camera, digitized bar code reader etc.) obtain.Once obtain pattern authentication identifier 303, the device agency 102 who operates on mobile communications device 103 is just the request from website 301 by pattern authentication identifier 303 for user interpretation, for example, in order to certificate of certification (, username and password, roll value etc.) is provided.Then the device on mobile communications device 103 agency 102 guiding graphical identifier Verification Systems 101 utilize website 301 by backward channel automatically for the user completes authentication processing, this does more detailed description following.
In Fig. 3, graphical identifier Verification System 101 is shown as and resides on server 105, this server and user by pattern authentication identifier 303 automated validations to any website 301 be separated.In other embodiments, the computing machine 210 that some or all functions of graphical identifier Verification System 101 can authenticate website 301 by trustship directly provides.Yet, in graphical identifier Verification System 101, operating in the embodiment of the separate server 105 shown in Fig. 3, it can use in conjunction with a plurality of authentication websites 301.Graphical identifier Verification System 101 is set up the trust between mobile communications device 103 and accessed website 301, so that by website 301 completing users authentications (comprising in certain embodiments two-factor authentication).
Wish that each user of use pattern authentication function obtains running gear agency 102 mobile communications device 103.Such user is own or herself to graphical identifier Verification System 101, authenticated by him, and registers his or her mobile communications device 103.Graphical identifier Verification System 101 can be carried out with the authentication method of any conventional authenticated (username and password, identity checks, bank transfer, Card Verification etc.).Graphical identifier Verification System 101 is also identified the operated specific mobile communications device 103 of user of authentication, and method is for example from device agency 102 or the mobile communications device 103 installed, itself to read unique identifying information, for example sequence number.Association between graphical identifier Verification System 101 these users of storage and specific mobile communications device 103, graphical identifier Verification System 101 can identify the user that authorized and the mobile communications device 103 of registration subsequently like this.
The pattern authentication identifier generation module 311 of graphical identifier Verification System 101 produces disposable pattern authentication identifier 303, in order to used by authentication website 301.The pattern authentication identifier comprises from the indication of particular station 301 request authentication information.Pattern authentication identifier 303 can be used as visual image output, and this visual image can be acted on behalf of 102 mobile communications device 103 by running gear and explain.In one embodiment, pattern authentication identifier 303 comprises the played up QR code that can be embedded on webpage.Except the QR code, simple bar code, two-dimensional bar (3-DI, ArrayTag, Aztec code, Codablock, Code1, Code16K, Code49, ColorCode, CP code, DataGlyphs, data matrix, Datastrip, Dot Code A, HCCB (Microsoft's mark), hueCode, Intacta. code, MaxiCode, MiniCode, PDF417, Snowflake code, SuperCode, Ultracode) but and/or other computing machine identification data encoding mechanisms can be used in other embodiment.In pattern authentication identifier 303, the information content of coding can change between website 301 and embodiment.Pattern authentication identifier 303 can be encoded to the identification content of website 301 (the identification content is distributed to this website), and the indication of which kind of concrete authentication information that this website is being asked is encoded.In other examples, pattern authentication identifier 303 identification websites 301, but which kind of authentication information graphical identifier Verification System 101 and/or device agency 102 follow the tracks of by 301 requests of which website.Under any circumstance, the information in 312 pairs of pattern authentication identifiers 303 of pattern authentication identifier coding module is encoded, and it can be explained by device agency 102 like this, as described below.
For example, when the website 301 of supporting pattern authentication identifier 303 wishes the user is authenticated (, in the loading moment of the page that comprises login screen 305), website 301 is to graphical identifier Verification System 101 demand graph authentication identifier 303.The receiver module 307 of the graphical identifier Verification System 101 on server receives this request.In response to the request received, pattern authentication identifier generation module 311 is that website 301 produces disposable pattern authentication identifier 303.In some instances, the concrete requested authentication information of this request identification in order to encoded in pattern authentication identifier 303.In other examples, graphical identifier Verification System 101 is stored this information on each website 301, and it is coded in the pattern authentication identifier 303 of generation.In other other examples, as mentioned above, this information is not coded in pattern authentication identifier 303.Under any circumstance, the delivery module 317 of graphical identifier Verification System 101 is sent to request website 301 by the pattern authentication identifier 303 of generation.
Website 301 receives pattern authentication identifier 303, and it is processed in order to result images is presented on its login screen 305.In certain embodiments, only having the shown authentication request of website 301 is that pattern authentication identifier 303 is own.In other embodiments, except the routine prompting of at least some authentication informations, go back display graphics authentication identifier 303.For example, the option that can give the manual input message of user or utilize pattern authentication identifier 303 to login.In certain embodiments, some authentication informations are inputted (for example, the first authentication factor) by convention, and some authentication informations for example, by 303 inputs (, the second authentication factor) of pattern authentication identifier.Fig. 4 has showed the login screen 305 of the website of display graphics authentication identifier 303, and points out 401 for the tradition of user name.
When the user browses the website login screen 305 that comprises pattern authentication identifier 303, the user can utilize the mobile communications device 103 of registration automatically to login.In certain embodiments, device agency 102 prompting users identify himself, in order to prevent that unauthorized side from being used the mobile device 103 of theft.This user's identification can comprise the PIN (Personal Identification Number) (pin) of four of typings, or another kind of conventional authentication method (for example finger scan, how much identification of face or other biological identification authentication), and this depends on the function of mobile device 103.Once identify the user on mobile communications device 103, this user is being shown in the cis 307 of clicking mobile communications device 103 on the pattern authentication identifier 303 of website login screen 305, and activation cis 307 (for example, taking digital photograph or scanning patter authentication identifier 303).Cis 307 obtains pattern authentication identifier 303, and the request that is 301 pairs of authentication informations of website of the information interpretation that will encode therein of device agency's graphical identifier explanation module 313.Fig. 5 has showed the mobile communications device 103 that obtains pattern authentication identifier 303 according to some embodiment.
Graphical identifier explanation module 313 is explained the information of coding in pattern authentication identifier 303, as explained above, and this information exchange general knowledge is not invited the website 301 of asking authentication information and requested specific authentication information in some cases.In certain embodiments, graphical identifier explanation module 313 presents it to the user and has successfully explained the confirmation of figure authentication identifier 303.In any situation, device agency 102 automated validation starts module 315 and initiates the automated validation of user to website 301, and method is to communicate with graphical identifier Verification System 101, the automatically authentication of completing user of demand graph identifier Verification System 101.
Come the request of the automatic completing user authentication of self-moving device 103 to be received by the receiver module 309 of the graphical identifier Verification System 101 on server 105.For the authentication of completing user to website 301 automatically, the delivery module 317 of the graphical identifier Verification System 101 on server 105 transmits the authentication information of request, the mobile device 103 be associated with the user in response to obtaining pattern authentication identifier 303 to website 301.In some cases, device agency 102 automated validation starts module 315 provides the authentication information of request to the graphical identifier Verification System 101 on server 105.In some of these embodiment, website 301 is asking the identification content of which kind of authentication information to be coded in pattern authentication identifier 303, and as described above, this pattern authentication identifier makes an explanation on mobile device 103 grades.In other this classes embodiment, mobile device 103 is followed the tracks of which website 301 and has been asked which kind of authentication information.In other embodiments, user's authentication storage information that the graphical identifier Verification System 101 on server 105 is registration, and need to not receive from mobile device the information of request, just asked on the contrary authentication.Under any circumstance, delivery module 317 automatically completes authentication by the authentication information that transmits request to website 301.Obtained pattern authentication identifier 303 in response to mobile device 103, or, in response to the specific request own from website 301, this authentication information can be sent to website 301 on one's own initiative.Once website 301 is through receiving authentication information, website 301 is used this authentication information to be authenticated the user.Be noted that the user is input authentication information manually by using pattern authentication identifier 303.
In certain embodiments, the authentication of discussing is single factor authentication, and delivery module 317 transmits authentication information, for example username and password (or other single authentication factors) to website 301 usually in this case.In other embodiments, authentication is dual factors, and delivery module 317 can provide applicable current scrolling value to website 301 on the contrary or in addition in this case, thereby makes the user avoid manually input roll value.This also allows the roll value longer than conventional two-factor authentication, because roll value does not need input.
More specifically, in the embodiment that supports two-factor authentication, device agency 102 roll value generation module 319 has the ability that safety generates roll value, this roll value can be by 301 predictions of supported authentication website (that is to say, supported authentication website 301 has the corresponding seed that needs to produce the coupling roll value).In such an embodiment, when the current scrolling value is part or all of requested authentication information, roll value generation module 319 generates the current scrolling value, and this current roll value is sent to graphical identifier Verification System 101 to be used in the automated validation processing.
Should be understood that, process and be described as being carried out by mobile device 103 although more than will obtain pattern authentication identifier 303 and start automated validation, in certain embodiments the user can be with the authentication website 301 of computer system 210 but not mobile device 103 carry out alternately.For example, the user is view Internet on computing machine 210 (not shown) on the table, and arrives the ,Gai website, website that needs login and support the authentication based on pattern authentication identifier 303.Then the user may obtain with the mobile device 103 of registration the pattern authentication identifier 303 shown on the login screen 305 of website, and processing described above enters website by automatic recording user operation desktop computer 210.In certain embodiments, some or all that are described as the function carried out by mobile device 102 can be carried out by the non-moving computing machine 210 of registration.In certain embodiments, after authentication, the authentication website 301 of user and mobile device 103 is mutual.
Notice that the website that this paper quotes is the website that needs the user to login in certain embodiments.Yet in other embodiments, function described herein can be used for carrying out the user to any electronic entity and authenticates, this electronic entity needs user's input authentication information, and figure ground prompting user does like this.For example, for the user login screen 305 is provided and need user's the software application of authentication information or hardware unit can be on their login screen 305 display graphics authentication identifier 303, and above-mentioned functions can be used for the user is authenticated.
Between graphical identifier Verification System 101 on mobile device 103 and server 105 and the communication between the graphical identifier Verification System 101 on server 105 and various authentication website 301 usually for safety, be encrypted.In addition, because each pattern authentication identifier 303 is only disposable available, communication can not successfully be replayed.In the current example of not accessing internet of mobile device 103, the communication between the graphical identifier Verification System 101 on mobile device 103 and server 105 can be implemented by SMS or other services of delivering a letter.
As shown in Figure 6, graphical identifier checkout system 600 can carry out automatic on-line shop check-out process, this process user is broken away from their at every turn have to when on-line shop 601 carries out on-line purchase manual entry or input pays and the worry of transit information.On the contrary, the user is presented at special pattern checkout identifier 603 on the checkout screen 605 of on-line shop and completes online checkout and process by use.As following more detailed explanation, figure checkout identifier 603 by user's personal mobile communication device 103 (for example, smart phone, dull and stereotyped calculation element etc.) on cis 307 (for example, digital camera, digitized bar code reader etc.) obtain.For example, once obtain figure checkout identifier 603, operated in device agency 102 on mobile communications device 103 identifier 603 of just figure being settled accounts and be interpreted as the request that 601 pairs of checkouts of on-line shop complete information (, payment and transit information).Then the agency of the device on mobile communications device 103 102 guiding graphical identifier checkout systems 600 utilize on-line shop 601 automatically to complete the checkout processing by backward channel, as following, more describe in detail.Note, providing payment information (for example, credit number and cut-off date, Bank Account Number etc.) and the actual execution (for example,, by financial institution's allotted fund) paid to on-line shop 601 is not same thing.As used herein, term " on-line shop 601 " refers to online website, and the user can buy commodity or service from this online website.
In Fig. 6, graphical identifier checkout system 600 is shown as and resides on the server 105 be separated with any on-line shop 601, utilize the user of this on-line shop to complete transaction by the figure identifier 603 of settling accounts.In other embodiments, some or all of the function of graphical identifier checkout system 600 can directly be provided by the computing machine 210 of trustship on-line shop 601.Yet, at graphical identifier checkout system 600, operate in the embodiment on separate server 105, as shown in Figure 6, it can use in conjunction with a plurality of on-line shops 601.Graphical identifier checkout system 600 breaks the wall of mistrust between mobile communications device 103 and accessed on-line shop 601, so that the checkout of completing user in on-line shop 601.
The mobile communications device 103 that obtains per family running gear agency 102 for each of hope use figure Checkout Feature described herein.Such user utilizes graphical identifier checkout system 600 to be registered.For the user is registered, 600 couples of users of graphical identifier checkout system are authenticated and are identified user's mobile communications device 103.Graphical identifier checkout system 600 can carry out with the authentication method of any conventional authenticated (username and password, identity checks, bank transfer, Card Verification etc.).For the operated specific mobile communications device 103 of the user who identifies authentication, graphical identifier checkout system 600 can for example itself read unique identifying information from device agency 102 or the mobile communications device 103 installed, for example sequence number.The user of registration can provide the information of checkout (for example, real method of payment, as credit card information, bank account information and/or PayPal, transportation destination etc.) to graphical identifier checkout system 600.Association between information (when providing) is provided in graphical identifier checkout system 600 storage this user, specific mobile communications device 103 and users' checkout, graphical identifier checkout system 600 can be recognized registered user and mobile communications device 103 subsequently like this, and processes relevant checkout and complete information.
The figure checkout identifier generation module 311 of graphical identifier checkout system 600 produces disposable figure checkout identifier 603, in order to used by authentication on-line shop 601.Figure checkout identifier comprises from the indication of specific on-line shop 601 request checkout information.Figure checkout identifier 603 can be output as visual image, and this visual image can be acted on behalf of 102 mobile communications device 103 by running gear and explain.In one embodiment, figure checkout identifier 603 comprises the played up QR code that can be embedded on webpage.Except the QR code, simple bar code, two-dimensional bar (3-DI, ArrayTag, Aztec code, Codablock, Code1, Code16K, Code49, ColorCode, CP code, DataGlyphs, data matrix, Datastrip, Dot Code A, HCCB (Microsoft's mark), hueCode, Intacta. code, MaxiCode, MiniCode, PDF417, Snowflake code, SuperCode, Ul tracode) but and/or other computing machine identification data encoding mechanisms can be used in other embodiment.In figure checkout identifier 603, the information content of coding can change between on-line shop 601 and embodiment.Figure checkout identifier 603 can be encoded to the identifying information of on-line shop 601 (identifying information is distributed to this on-line shop), and the indication of which the concrete information of having settled accounts that on-line shop 601 is being asked is encoded.In other examples, figure checkout identifier 603 identification on-line shops 601, but which kind of authentication information graphical identifier checkout system 600 and/or device agency 102 follow the tracks of by 601 requests of which on-line shop.Under any circumstance, the information in 312 pairs of figure checkout identifiers 603 of figure checkout identifier coding module is encoded, and it can be explained by device agency 102 like this, as described below.
For example, when the on-line shop 601 of support figure checkout identifier 603 wishes the user is settled accounts (, in the loading moment of the page that comprises checkout screen 605), on-line shop 601 is to graphical identifier checkout system 600 demand graphs checkout identifiers 603.The receiver module 307 of the graphical identifier checkout system 600 on server receives this request.In response to the request received, figure checkout identifier generation module 311 is that on-line shop 601 produces disposable figure checkout identifier 603.In some instances, this request concrete requested checkout information of identification in order to encoded in figure checkout identifier 603.In other examples, graphical identifier checkout system 600 is stored this information in each on-line shop 601, and it is coded in the figure checkout identifier 603 of generation.In other other examples, as mentioned above, this information is not coded in figure checkout identifier 603.Under any circumstance, the delivery module 317 of graphical identifier checkout system 600 is sent to request on-line shop 601 by the figure of generation checkout identifier 603.In addition, in certain embodiments, the on-line shop 601 graphical identifier checkout system 600 relevant to the transaction with the user provides confirms details (for example, the kind name in instructions, user's shopping cart, their price, total price etc.).As described below, this information can the transaction with the user for confirmation.
On-line shop 601 receives figure checkout identifier 603 from graphical identifier checkout system 600, and it is processed in order to result images is presented on its checkout screen 605.In certain embodiments, only having the request completed for checkout of on-line shop 601 is that figure checkout identifier 603 is own.In other embodiments, except at least some checkouts complete the routine prompting of information, go back display graphics checkout identifier 603.For example, the option that can give the manual input message of user or utilize figure checkout identifier 603 to settle accounts.Fig. 7 has showed the checkout screen 605 of the on-line shop 601 that presents figure checkout identifier 603.
When the user browses the on-line shop's checkout screen 605 that comprises figure checkout identifier 603, the user can utilize the mobile communications device 103 of registration automatically to complete checkout.In certain embodiments, device agency 102 prompting users identify himself, in order to prevent that unauthorized side from being used the mobile device 103 of theft.This user's identification can comprise the PIN (Personal Identification Number) (PIN) of four of typings, or another kind of conventional authentication method (for example finger scan, how much identification of face or other biological identification authentication), and this depends on the function of mobile device 103.Once identify the user on mobile communications device 103, this user clicks the cis 307 of mobile communications device 103 on the figure checkout identifier 603 of the checkout screen 605 that is shown in on-line shop, and activation cis 307 (for example, taking digital photograph or scanning patter checkout identifier 603).Cis 307 obtains figure checkout identifier 603, and the information interpretation that device agency's graphical identifier explanation module 313 will be encoded therein is the request that 601 pairs of checkouts of on-line shop complete information.Fig. 8 has showed the mobile communications device 103 that obtains figure checkout identifier 603 according to some embodiment.
Graphical identifier explanation module 313 is explained the information of coding in figure checkout identifier 603, as explained above, and this information exchange general knowledge is not invited and asked the information of checkout and requested particular check-out completes information in some cases on-line shop 601.
In certain embodiments, device agency 102 trade confirmation module 607 presents trade confirmation to the user.Trade confirmation can present information (for example, the title of on-line shop 601 and total, relevant to the particular commodity name complete on-line shop's 601 issue vouchers etc. of concluding the business) more or less as required.As mentioned above, this class confirmation can offer graphical identifier checkout system 600 from on-line shop 601, then from graphical identifier checkout system 600, offers device agency 102.In certain embodiments, the option that trade confirmation module 607 is confirmed or Cancelled Transaction to the user, and/or the option (for example,, from drop-down menu) of the method for payment of which kind of storage of choice for use and/or transportation address.Fig. 9 has showed the mobile communications device 103 that presents trade confirmation according to some embodiment.
Once explain figure checkout identifier 603 (and after any optional trade confirmation activity), the user's that device agency 102 automatic checkout startup module 315 initiations are undertaken by on-line shop 601 automatic checkout, method is to communicate with graphical identifier checkout system 600, and demand graph identifier checkout system 600 is the automatically checkout of completing user in on-line shop 601.Come the request of the automatic completing user checkout of self-moving device 103 to be received by the receiver module 309 of the graphical identifier checkout system 600 on server 105.For automatically completing user checkout in on-line shop 601, the mobile device 103 that the delivery module 317 of the graphical identifier checkout system 600 on server 105 is associated in response to the user with obtaining figure checkout identifier 603, complete information by the checkout of request and be sent to on-line shop 601.In some cases, automatic checkout of the device agency 102 starts module 315 provides the checkout of request to complete information to the graphical identifier checkout system 600 on server 105.In some of these embodiment, the identifying information which kind of checkout on-line shop 601 is asking complete information is coded in figure checkout identifier 303, and as described above, this figure checkout identifier makes an explanation on mobile device 103 grades.In other this classes embodiment, mobile device 103 is followed the tracks of which on-line shop 601 has asked complete information for which kind of checkout.In other embodiments, the user that the graphical identifier checkout system 600 on server 105 is registration stores the information of checkout, and need to not receive from mobile device the information of request, has just asked on the contrary checkout.
Under any circumstance, delivery module 317 completes information by the checkout that transmits request to on-line shop 601 and automatically completes checkout.In response to the mobile device 103 that obtains figure checkout identifier 603, or, in response to the specific request own from on-line shop 601, this checkout completes information can be sent to on-line shop 601 on one's own initiative.Once on-line shop 601 has received the information of checkout, on-line shop 601 is used this checkout to complete the checkout of information completing user.Be noted that by using figure checkout identifier 603, the user need not manual entry to on-line shop 601 or input the information of having settled accounts.
Should be understood that, will obtain figure checkout identifier 603 although above and start checkout processing automatically and be described as being carried out by mobile device 103, in certain embodiments the user can be with the on-line shop 601 of computer system 210 but not mobile device 103 carry out alternately.For example, the user can utilize desktop computer 210 (not shown) to do shopping on the internet, and arrives the checkout screen 605 in the on-line shop 601 that supports figure settlement identifier 603.Then the user may obtain with the mobile device 103 of registration the figure checkout identifier 603 shown on the checkout screen 605 of on-line shop, and process described above will be processed for the user completes checkout automatically.In certain embodiments, some or all that are described as the function carried out by mobile device 102 can be carried out by the non-moving computing machine 210 of registration.In certain embodiments, after checkout, the on-line shop 601 of user and mobile device 103 is mutual.
Between graphical identifier checkout system 600 on mobile device 103 and server 105 and the graphical identifier checkout system 600 on server 105 and the communication between various on-line shop 601 usually for safety, be encrypted.In addition, because each figure checkout identifier 603 is only disposable available, communication can not successfully be replayed.In the current example of not accessing internet of mobile device 103, the communication between the graphical identifier checkout system 600 on mobile device 103 and server 105 can be implemented by SMS or other services of delivering a letter.
As shown in Figure 10, graphical identifier payment system 1000 can be carried out automatic payment process, and this process has been broken away from when they are paid at every turn the user to have to make in cash, carry or brush the worry of getting credit card or manually inputting payment information.On the contrary, the user for example, pays identifier 1003 by the special pattern that uses payment processes entity (, paying on screen 1005 or inventory) to show and completes electronic payment process.As following more detailed explanation, figure by user's personal mobile communication device 103 (for example pays identifier 1003, smart phone, dull and stereotyped calculation element etc.) on cis 307 (for example, digital camera, digitized bar code reader etc.) obtain.Pay identifier 1003 once obtain figure, the device agency 102 who operates on mobile communications device 103 just pays figure the request that identifier 1003 is interpreted as 1001 pairs of payment informations of payment processes entity.Then the agency of the device on mobile communications device 103 102 guiding graphical identifier payment systems 1000 are processed payment automatically by backward channel, as following, more describe in detail.
In Figure 10, graphical identifier payment system 1000 is shown as and resides on server 105, this server is separated with any payment processes entity 1001, pay identifier 1003 by this entity pays via figure and carry out, and this server is separated with any seller who receives this payment.In other embodiments, some or all functions of graphical identifier payment system 1000 can be directly computing machine 210 by trustship payment processes entity 1001 and/or target seller provide.Yet, in graphical identifier payment system 1000, operating in the embodiment of the separate server 105 shown in Figure 10, it can use in conjunction with a plurality of payment processes entities 1001.Graphical identifier payment system 1000 breaks the wall of mistrust between mobile communications device 103 and payment processes entity 1001, in order to process payment for the user.
Wish that each user of use figure payment function described herein obtains running gear agency 102 mobile communications device 103.Such user utilizes graphical identifier payment system 1000 to be registered.For the user is registered, 1000 couples of users of graphical identifier payment system are authenticated and are identified user's mobile communications device 103.Graphical identifier payment system 1000 can be carried out with the authentication method of any conventional authenticated (username and password, identity checks, bank transfer, Card Verification etc.).For the operated specific mobile communications device 103 of the user who identifies authentication, graphical identifier payment system 1000 can for example itself read unique identifying information from device agency 102 or the mobile communications device 103 installed, for example sequence number.The user of registration can provide payment information (for example, real method of payment, as credit card information, bank account information and/or PayPal, transportation destination etc.) to graphical identifier payment system 1000.Association between graphical identifier payment system 1000 storage this user, specific mobile communications device 103 and users' payment information (when providing), graphical identifier payment system 1000 can be recognized registered user and mobile communications device 103 subsequently like this, and processes payment with relevant payment information.
The figure of graphical identifier payment system 1000 pays identifier generation module 311 and produces disposable figure payment identifier 1003, in order to used by payment processes entity 1001.In this environment, figure payment identifier comprises from the indication of specific payment processing entities 1001 request payment informations.Figure pays identifier 1003 can be output as visual image, and this visual image can be acted on behalf of 102 mobile communications device 103 by running gear and explain.In one embodiment, figure payment identifier 1003 comprises the played up QR code that can be embedded on webpage.Except the QR code, simple bar code, two-dimensional bar (3-DI, ArrayTag, Aztec code, Codablock, Code1, Code16K, Code49, ColorCode, CP code, DataGlyphs, data matrix, Datastrip, Dot Code A, HCCB (Microsoft's mark), hueCode, Intacta. code, MaxiCode, MiniCode, PDF417, Snowflake code, SuperCode, Ultracode) but and/or other computing machine identification data encoding mechanisms can be used in other embodiment.The information content that pays coding in identifier 1003 at figure can pay between identifier 1001 and embodiment and change at figure.Figure pays identifier 1003 and can be encoded to the identifying information of payment processes entity 1001 (identifying information is distributed to this payment processes entity), and the indication of which concrete payment information that the payment processes entity is being asked is encoded.In other examples, figure pays identifier 1003 identification payment processes entities 1001, but which kind of payment information graphical identifier payment system 1000 and/or device agency 102 follow the tracks of by 1001 requests of which payment processes entity.Under any circumstance, the information that figure pays in 312 pairs of figures payment identifiers 1003 of identifier coding module is encoded, and it can be explained by device agency 102 like this, as described below.
When the payment processes entity 1001 of supporting figure to pay identifier 1003 wishes to accept user's payment (for example, in the loading that comprises the page that pays screen 1005 constantly), payment processes entity 1001 pays identifier 1003 to graphical identifier payment system 1000 demand graphs.The receiver module 307 of the graphical identifier payment system 1000 on server receives this request.In response to the request received, it is that payment processes entity 1001 produces disposable figure payment identifier 1003 that figure pays identifier generation module 311.In some instances, this request concrete requested payment information of identification is in order to pay in identifier 1003 and encoded at figure.In other examples, graphical identifier payment system 1000 is stored this information on each payment processes entity 1001, and it is coded in the figure payment identifier 1003 of generation.In other other examples, as mentioned above, this information is not coded in figure and pays in identifier 1003.Under any circumstance, the delivery module 317 of graphical identifier payment system 1000 pays identifier 1003 by the figure of generation and is sent to request payment processes entity 1001.In addition, in certain embodiments, payment processes entity 1001 provides additional explanation details (for example, instructions, kind name, their price, total price etc.) to the graphical identifier payment system 1000 relevant with current transaction.As described below, this information can the transaction with the user for confirmation.
Payment processes entity 1001 receives figure and pays identifier 1003, and it is processed in order to result images for example is presented at and pays on screen 1005.In certain embodiments, only having the shown payment request of payment processes entity 1001 is that figure payment identifier 1003 is own.In other embodiments, except the routine prompting of at least some payment informations, go back display graphics and pay identifier 1003.For example, can input payment information (for example, by brush, getting credit card) by routine to the user or utilize figure to pay the option that identifier 1003 is paid.In certain embodiments, payment processes entity 1001 shows not to be at screen but for example, figure on physical medium (, the inventory of printing) payment identifier 1003.Figure 11 has showed that according to some embodiment display graphics pays the payment screen 1005 of point of sale device 1101 of identifier 1003 and the conventional mechanism 1103 of getting credit card for brush.
When the user browses the payment screen 1005 (or other output mechanisms) of the payment processes entity that comprises figure payment identifier 1003, the user can utilize the mobile communications device 103 of registration automatically to be paid.In certain embodiments, device agency 102 prompting users identify himself, in order to prevent that unauthorized side from being used the mobile device 103 of theft.This user's identification can comprise the PIN (Personal Identification Number) (PIN) of four of typings, or another kind of conventional authentication method (for example finger scan, how much identification of face or other biological authentication), and this depends on the function of mobile device 103.Once the user is identified on mobile communications device grade 103, this user figure shown at payment processes entity 1001 pays the cis 307 of clicking mobile communications device 103 on identifier 1003, and activation cis 307 (for example, take digital photograph or scanning patter and pay identifier 1003).Cis 307 obtains figure and pays identifier 1003, and the request that is 1001 pairs of payment informations of payment processes entity of the information interpretation that will encode therein of device agency's graphical identifier explanation module 313.Figure 12 has showed and has obtained the mobile communications device 103 that figure pays identifier 1003 according to some embodiment.
Graphical identifier explanation module 313 is explained the information that pays coding in identifier 1003 at figure, as explained above, and this information exchange general knowledge is not invited the payment processes entity 1001 of asking payment information and requested specific payment information in some cases.
In certain embodiments, device agency 102 trade confirmation module 607 shows trade confirmation to the user.Trade confirmation can show information (the complete issue voucher that the seller's title for example, paid and transaction are total, relevant to the particular commodity name etc.) more or less as required.As mentioned above, this class Transaction Information can offer graphical identifier payment system 1000 from payment processes entity 1001, then from graphical identifier payment system 1000, offers device agency 102.In certain embodiments, the option that trade confirmation module 607 is confirmed or Cancelled Transaction to the user, and/or use the method for payment of which kind of storage and/or the option (for example,, from drop-down menu) of transportation address.Figure 13 has showed the mobile communications device 103 that presents trade confirmation 1301 according to some embodiment.
Once explain that figure pays identifier 1003 (and after any optional trade confirmation activity), automatic payment of the device agency 102 starts the automatic payment that module 315 starts the user, method is to communicate with graphical identifier payment system 1000, demand graph identifier payment system 1000 for example, by the automatically user's of processing target side (, seller) payment of payment processes entity 1001.
Come the automatic processing user's of self-moving device 103 the request of payment to be received by the receiver module 309 of the graphical identifier payment system 1000 on server 105.In order automatically to process and to pay, the mobile device 103 that the delivery module 317 of the graphical identifier payment system 1000 on server 105 is associated in response to the user with obtaining figure payment identifier 1003, be sent to payment processes entity 1001 by the payment information of request.In some cases, automatic payment of the device agency 102 starts module 315 provides the payment information of request to the graphical identifier payment system 1000 on server 105.In some of these embodiment, payment processes entity 1001 is asking the identifying information of which kind of payment information to be coded in figure to pay in identifier 1003, and as described above, this figure pays identifier and makes an explanation on mobile device 103 grades.In other this classes embodiment, which payment processes entity 1001 mobile device 103 is followed the tracks of and has been asked which kind of payment information.In other embodiments, the user that the graphical identifier payment system 1000 on server 105 is registration stores payment information, and need to not receive from mobile device the information of request, and contrary just request is processed and paid.Under any circumstance, delivery module 317 is located in by the payment information that transmits request to payment processes entity 1001 payment of managing the user automatically.In response to the mobile device 103 that obtains figure payment identifier 1003, or, in response to the specific request own from payment processes entity 1001, this authentication information can be sent to payment processes entity 1001 on one's own initiative.Once payment processes entity 1001 has received payment information, payment processes entity 1001 is used this payment information to carry out the payment of user to the take over party.Be noted that the user need not make in cash, carries or brush and get credit card or manually input payment information by using figure to pay identifier 1003.
Should be understood that, payment processes entity 1001 is carried out payment (for example,, by credit card, EFT (Electronic Funds Transfer), PayPal etc.) to the take over party in the mode of electronics.Payment processes entity 1001 can comprise any entity, and this entity is arranged to be processed payment from from the user to the take over party in the mode of electronics and carry out, and is arranged at screen and/or by printing inventory and shows information to the user.The example of payment processes entity 1001 is point of sales system and credit card terminal.The example that pays the take over party is seller, actual retail shop, wholesale dealer, on-line shop etc.Some payment processes entities 1001 can for example, be associated with single payment take over party (, the point of sales system in shop), and other payment processes entities for example can be processed, to the payment of a lot of different take over partys (, credit card terminal).It should be noted that, (for example carry out actual payment, allotted fund between financial institution, in fact carry out credit card trade) for example, with by for example on-line shop, receiving simply payment information (, number of credit and cut-off date, Bank Account Number etc.) in order to carry out subsequent treatment by the third party, not same thing.
Figure 14 has showed an embodiment, and a people can use graphical identifier payment system 1000 automatically to be paid by mails to another person in this embodiment, this with to the business take over party, pay contrary.In this case, disburser's mobile device 102 demonstrations can have the figure that payee's mobile device 102 obtains to pay identifier 1003.Pay identifier 1003 once obtain figure, payee's mobile communications device 102 just with server 105 on graphical identifier payment system 1000 communicate, this system merits and demerits backward channel is processed payment.Disburser and payee all operate running gear agency 102 mobile communications device 103.As mentioned above, two users utilize graphical identifier payment system 1000 to be registered.
When the user wishes to utilize figure payment identifier 1003 to be paid to another person, this user operates his mobile device 103, and mobile agent 102 these users of prompting input payment, select correct method of payment (for example,, from drop-down menu) optionally input transaction description.Figure 15 has showed disburser's mobile communications device 103 according to an embodiment, this device show bar item screen 1501 is in order to paid to another person.
Once the user has inputted this information, the device agency pays identifier 1003 to graphical identifier payment system 1000 demand graphs, as mentioned above.As response, figure pays identifier generation module 311 and generates disposable figure payment identifier 1003 as above, but figure payment identifier 1003 should be used by disburser's mobile communications device 103 in this case, and comprise the bid indication paid.In some instances, figure pays the instantiation of identifier systematic function on server 105, and as shown in the figure, but its instantiation, on disburser's mobile communications device 103, is acted on behalf of a module of 102 as device in other cases.
Figure pays identifier 1003 mobile communications device 103 outputs by the disburser as a visual image, and this visual image can be obtained and be explained by payee's mobile communications device 103.In this case, the quantity of information that figure pays coding in identifier 1003 can change, but the data that can comprise for example have the quantity, a side of the payer of registration and/or payee's identity, payment or two correct payment information and with pay relevant optional additional descriptive information.Figure 16 has showed disburser's mobile communications device 103 according to an embodiment, this device display graphics pays identifier 1003.
The payee can accept payment automatically, and method is that the figure shown at payee's mobile communications device 103 pays the cis 307 of clicking his mobile communications device 103 on identifier 1003, and activates cis 307.Cis 307 obtains figure and pays identifier 1003, and the quotation that paid of the information interpretation that will encode therein of the agency of the device on payee's mobile device 103 102 graphical identifier explanation module 313 mobile device 103 that is the disburser.Once figure pays identifier 1003 and is explained, the automatic payment of device agency 102 on disburser's mobile device 103 starts module 315 and just starts automatically and pay, method is to pay identifier payment system 1000 with figure to communicate, and demand graph pays identifier payment system 1000 and automatically processes and pay.
The request that the automatic processing of payee's mobile device 103 the pays receiver module 309 of the graphical identifier payment system 1000 on server 105 again receives.In order automatically to process and to pay, the payee's that the delivery module 317 of the graphical identifier payment system 1000 on server 105 is associated in response to the user with obtaining figure payment identifier 1003 mobile device 103, be sent to suitable payment processes entity 1001 by both sides' correct payment information.Graphical identifier payment system 1000 is carried out telecommunication with payment processes entity 1001, for example, (to carry out from disburser to payee, by their transfer fund between bank account separately, or otherwise use their correct payment information separately) payment.Every side's correct payment information can be followed the tracks of by graphical identifier payment system 1000, is provided by suitable mobile communications device 103, and/or pays in identifier 1003 and encoded at figure.
Once process payment, the receiver module 307 of graphical identifier payment system 1000 is usually from payment processes entity 1001 confirmation of receipt information, and as response, the delivery module 317 of graphical identifier payment system 1000 is sent to confirmation two mobile communications devices usually, and they can present to the user by confirmation.Figure 17 has showed payee's mobile communications device 103 according to an embodiment, this device shows trade confirmation 1501.Note, utilizing figure to pay 1003, one people of identifier can pay to another, needn't carry or mutual cash, carries or brushes and get credit card, receives credit card and pays and/or manually input payment information.
Between graphical identifier payment system 1000 on mobile device 103 and server 105 and the communication between the graphical identifier payment system 1000 on server 105 and various payment processes entity 1001 usually for safety, be encrypted.In addition, because each figure pays identifier 1003, be only disposable available, communication can not successfully be replayed.In the current example of not accessing internet of mobile device 103, the communication between the graphical identifier payment system 1000 on mobile device 103 and server 105 can be implemented by SMS or other services of delivering a letter.
As those of ordinary skills will be appreciated that, the present invention can implement with other particular forms under the prerequisite that does not depart from its spirit or essential characteristic.Equally, parts, module, agency, manager, assembly, function, process, action, aspect, feature, attribute, method, data structure and otherwise concrete name and division are not compulsory or important, and the mechanism of enforcement the present invention or its feature can have different titles, division methods and/or form.In order to make an explanation, the preorder explanation is described with reference to specific embodiment.Yet above illustrative discussion is not used in and is exhaustive or to limit the invention to disclosed precise forms.According to a lot of modification and the version of above religious doctrine, be possible.Select and described these embodiment in order to explain best correlation principle and practical application thereof, thereby make other those of ordinary skill of this area in the situation that utilize or do not utilize the various modification that may be suitable for contemplated concrete purposes, adopt better various embodiment.

Claims (20)

1. a computer-implemented method of using pattern authentication identifier automated validation user, the method comprises the following steps:
Produced the disposable pattern authentication identifier shown by a certification entity by least one computing machine;
By this at least one computing machine, by this certification entity, the request to user authentication information is coded in this disposable pattern authentication identifier; And
Calculation element in response to registered user's operation obtains this shown disposable pattern authentication identifier of this certification entity, transmit the user authentication information of this request to this certification entity by this at least one computing machine, so automatically this user is authenticated to this certification entity, manually input the user authentication information of this request without this user.
2. the method for claim 1 further comprises:
Receive the request to a pattern authentication identifier by this at least one computing machine from this certification entity; And
By this at least one computing machine, the pattern authentication identifier of this generation is sent to this certification entity.
3. the method for claim 1 wherein will be coded in to the request of this user authentication information this disposable pattern authentication identifier and further comprise:
The identification content of the concrete authentication information of this certification entity being asked by this at least one computing machine is encoded.
4. the method for claim 1 further comprises:
Receive from the calculation element of this user's operation the request of this user to the authentication of this certification entity that automatically complete by this at least one computing machine, with the calculation element in response to this user's operation, obtained this shown disposable pattern authentication identifier of this certification entity.
5. the method for claim 1, wherein:
The authentication information of this request comprises can be by least one second factor authentication roll value of this certification entity prediction, and the method further comprises:
Computer installation in response to this user's operation obtains this shown disposable pattern authentication identifier of this certification entity, and generation can be by second a factor authentication roll value of this certification entity prediction.
One kind use figure checkout identifier in on-line shop to user's computer-implemented method of checkout automatically, the method comprises the following steps:
Produced a disposable figure checkout identifier that will be shown by an on-line shop by least one computing machine;
A request that this on-line shop is completed to information to checkout by this at least one computing machine is coded in this disposable figure checkout identifier; And
Calculation element in response to registered user's operation obtains this shown disposable figure checkout identifier of this on-line shop, the checkout that transmits this request to this on-line shop by this at least one computing machine completes information, so automatically in this on-line shop to this user checkout, the checkout that manually logs on this on-line shop or input this request without this user completes information.
7. method as claimed in claim 6 further comprises:
Receive the request to a figure checkout identifier by this at least one computing machine from this on-line shop; And
By this at least one computing machine, the figure of this generation checkout identifier is sent to this on-line shop.
8. method as claimed in claim 6, the request that wherein will complete information to this checkout is coded in this disposable figure checkout identifier and further comprises:
The concrete checkout of this on-line shop being asked by this at least one computing machine completes the identification content of information and is encoded.
9. method as claimed in claim 6 further comprises:
Receive from the calculation element of this user's operation a request that automatically completes the checkout of this user on this on-line shop by this at least one computing machine, with the calculation element in response to this user's operation, obtained this shown disposable figure checkout identifier of this on-line shop.
10. the method for claim 1 further comprises:
Received the relevant confirmation information of a transaction of carrying out with this user from this on-line shop by this at least one computing machine; And
By this at least one computing machine, this relevant confirmation of the transaction of carrying out with this user received is sent to the calculation element of this user's operation.
11. one kind is used figure to pay the computer-implemented method that identifier is automatically processed the E-Payment from the user to the take over party, the method comprises the following steps:
Produce by least one computing machine the disposable figure shown by a payment processes entity and pay identifier;
By this at least one computing machine, by this payment processes entity, the request to payment information is coded in this disposable figure payment identifier; And
Calculation element in response to registered user's operation obtains this shown disposable figure payment identifier of this payment processes entity, transmit the payment information of this request by this at least one computing machine to this payment processes entity, so automatically carry out the E-Payment from this user to this take over party, without this user, manually input the payment information of this request and provide a physics credit card without the user.
12. method as claimed in claim 11 further comprises:
Received a request that a figure is paid to identifier from this payment processes entity by this at least one computing machine; And
By this at least one computing machine, the figure of this generation is paid to identifier and be sent to this payment processes entity.
13. method as claimed in claim 11 wherein will be coded in to the request of this payment information this disposable figure payment identifier and further comprise:
The identification of the concrete payment information of this payment processes entity being asked by this at least one computing machine is encoded.
14. method as claimed in claim 11 further comprises:
Receive from the calculation element of this user's operation a request automatically processing this E-Payment by this at least one computing machine, obtained this shown disposable figure of this payment processes entity with the calculation element in response to this user's operation and paid identifier.
15. method as claimed in claim 11 further comprises:
Received the information that transaction is relevant of carrying out with this user from this payment processes entity by this at least one computing machine; And
By this at least one computing machine, the relevant information of the transaction of carrying out with this user received is sent to the calculation element of this user's operation.
16. a payment user who uses figure payment identifier automatically to process from operating the first mobile device receives the computer-implemented method of user's E-Payment to the payment of operation the second mobile device, the method comprises the following steps:
Produce by least one computing machine the disposable figure shown by this first mobile device and pay identifier;
To pay the user from this by this at least one computing machine receives to this payment a bid that user paid and is coded in this disposable figure and pays identifier; And
Obtain this shown disposable figure of this first mobile device in response to this second mobile device and pay identifier, automatically a request processing this E-Payment is sent to a payment processes entity, so automatically carry out and receive user's E-Payment from this payment user to this payment, provide a physics credit card without this payment user, and do not need this reception user to accept a Credit Card Payments.
17. method as claimed in claim 16 further comprises:
Received a request that a figure is paid to identifier from this first mobile device by this at least one computing machine; And
By this at least one computing machine, the figure of this generation is paid to identifier and be sent to this first mobile device.
18. method as claimed in claim 16 further comprises:
Received a request automatically processing this E-Payment by this at least one computing machine from this second mobile device, to have obtained this shown disposable figure of this first mobile device in response to this second mobile device, pay identifier.
19. method as claimed in claim 16 wherein transmits to a payment processes entity request automatically processing this E-Payment and further comprises:
Transmit with this payment user and this payment and receive user-dependent correct payment information to this payment processes entity by this at least one computing machine.
20. method as claimed in claim 16 further comprises:
In response to by this at least one computing machine, from this payment processes entity, receiving the confirmation that this payment has been processed, to this first mobile device and this second mobile device, transmit the confirmation that this payment has been processed.
CN201180058297.1A 2010-12-15 2011-12-15 Automatic subscriber certification, online checkout are carried out by the mobile communications device with imaging system and pays by mails Active CN103493034B (en)

Applications Claiming Priority (7)

Application Number Priority Date Filing Date Title
US12/969510 2010-12-15
US12/969,471 US9076171B2 (en) 2010-12-15 2010-12-15 Automatic electronic payments via mobile communication device with imaging system
US12/969,303 US8856902B2 (en) 2010-12-15 2010-12-15 User authentication via mobile communication device with imaging system
US12/969303 2010-12-15
US12/969,510 US8177125B1 (en) 2010-12-15 2010-12-15 Automatic online checkout via mobile communication device with imaging system
US12/969471 2010-12-15
PCT/US2011/065300 WO2012083091A2 (en) 2010-12-15 2011-12-15 Automatic user authentication, online checkout and electronic payments via mobile communication device with imaging system

Publications (2)

Publication Number Publication Date
CN103493034A true CN103493034A (en) 2014-01-01
CN103493034B CN103493034B (en) 2017-03-08

Family

ID=46245377

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201180058297.1A Active CN103493034B (en) 2010-12-15 2011-12-15 Automatic subscriber certification, online checkout are carried out by the mobile communications device with imaging system and pays by mails

Country Status (5)

Country Link
EP (1) EP2652631A4 (en)
JP (1) JP5921568B2 (en)
CN (1) CN103493034B (en)
CA (1) CA2820958A1 (en)
WO (1) WO2012083091A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111651130A (en) * 2020-05-28 2020-09-11 深圳市商汤科技有限公司 File printing method, device, system, electronic equipment and storage medium
CN111651797A (en) * 2014-11-20 2020-09-11 阿里巴巴集团控股有限公司 Information display method and device

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9508069B2 (en) 2013-03-28 2016-11-29 International Business Machines Corporation Rendering payments with mobile phone assistance
FI20145247L (en) * 2014-03-17 2015-09-18 Lvi Wabek Oy Order system and method for online shopping
US10127544B2 (en) * 2014-12-16 2018-11-13 Facebook, Inc. Sending and receiving payments using a message system
JP7035434B2 (en) * 2017-10-02 2022-03-15 株式会社デンソーウェーブ Payment system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1849632A (en) * 2003-07-02 2006-10-18 莫比培国际公司 Digital mobile telephone transaction and payment system
EP1909225A1 (en) * 2005-05-31 2008-04-09 Mediastick, inc. Electronic commerce method and license registration check server used for the same
WO2008142455A2 (en) * 2007-05-24 2008-11-27 Asim Bucuk A method and system for the creation, management and authentication of links between entities
CN101842795A (en) * 2007-09-20 2010-09-22 陶多斯数据系统股份公司 System, method and device for enabling interaction with dynamic security
CN101897165A (en) * 2007-10-30 2010-11-24 意大利电信股份公司 Method of authentication of users in data processing systems

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10205721B2 (en) * 2002-12-10 2019-02-12 Ewi Holdings, Inc. System and method for distributing personal identification numbers over a computer network
JP4824986B2 (en) * 2005-10-17 2011-11-30 株式会社野村総合研究所 Authentication system, authentication method, and authentication program
JP4826251B2 (en) * 2005-12-20 2011-11-30 コニカミノルタビジネステクノロジーズ株式会社 User authentication method, computer software, and apparatus having user authentication function
JP2007193481A (en) * 2006-01-18 2007-08-02 Ntt Facilities Inc Authentication system and method
JP2008146363A (en) * 2006-12-11 2008-06-26 Nifty Corp Authentication method in computer network
EP2040228A1 (en) 2007-09-20 2009-03-25 Tds Todos Data System Ab System, method and device for enabling secure and user-friendly interaction

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1849632A (en) * 2003-07-02 2006-10-18 莫比培国际公司 Digital mobile telephone transaction and payment system
EP1909225A1 (en) * 2005-05-31 2008-04-09 Mediastick, inc. Electronic commerce method and license registration check server used for the same
WO2008142455A2 (en) * 2007-05-24 2008-11-27 Asim Bucuk A method and system for the creation, management and authentication of links between entities
CN101842795A (en) * 2007-09-20 2010-09-22 陶多斯数据系统股份公司 System, method and device for enabling interaction with dynamic security
CN101897165A (en) * 2007-10-30 2010-11-24 意大利电信股份公司 Method of authentication of users in data processing systems

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111651797A (en) * 2014-11-20 2020-09-11 阿里巴巴集团控股有限公司 Information display method and device
CN111651797B (en) * 2014-11-20 2023-05-16 创新先进技术有限公司 Information display method and device
CN111651130A (en) * 2020-05-28 2020-09-11 深圳市商汤科技有限公司 File printing method, device, system, electronic equipment and storage medium

Also Published As

Publication number Publication date
CA2820958A1 (en) 2012-06-21
EP2652631A4 (en) 2016-10-19
CN103493034B (en) 2017-03-08
WO2012083091A3 (en) 2013-06-13
EP2652631A2 (en) 2013-10-23
JP5921568B2 (en) 2016-05-24
JP2014508334A (en) 2014-04-03
WO2012083091A2 (en) 2012-06-21

Similar Documents

Publication Publication Date Title
US11868974B2 (en) Systems, methods, and computer program products providing push payments
US11127009B2 (en) Methods and systems for using a mobile device to effect a secure electronic transaction
EP3281164B1 (en) Browser integration with cryptogram
JP6238971B2 (en) Method and system for wallet membership
AU2010306566B2 (en) Anti-phishing system and method including list with user data
US20140297538A1 (en) System and Method for Data and Identity Verification and Authentication
US20140214670A1 (en) Method for verifying a consumer's identity within a consumer/merchant transaction
WO2018004820A1 (en) Digital asset account management
US20130036000A1 (en) Financial transaction system and method
US11763275B2 (en) System and method for cryptocurrency point of sale
AU2011207602B2 (en) Verification mechanism
CN103493034B (en) Automatic subscriber certification, online checkout are carried out by the mobile communications device with imaging system and pays by mails
WO2017027235A1 (en) Methods, systems, and apparatuses for payment fulfillment
JPWO2006082913A1 (en) Network payment card, network payment program, authentication server, shopping system and payment method
KR102282345B1 (en) Transaction processing for payment of simplified and driven structure
JP2008152338A (en) System and method for credit card settlement using personal digital assistance
JP2005327243A (en) Point system using information terminal
JP5202223B2 (en) Point rewriting method
TWM542815U (en) Payment system of remote one-time verification on mobile device
WO2017081620A2 (en) A transaction system and method of operating same
JP2023125217A (en) Program, information processing device, and information processing method
JP2021033801A (en) Service management system, service management device, service management method, and program
AU2014201752A1 (en) Method and system for secure electronic funds transfer

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: California, USA

Patentee after: Norton identity protection

Address before: California, USA

Patentee before: Symantec Corp.