CN1296840C - 利用IrFM执行EMV支付过程的方法 - Google Patents

利用IrFM执行EMV支付过程的方法 Download PDF

Info

Publication number
CN1296840C
CN1296840C CNB02803418XA CN02803418A CN1296840C CN 1296840 C CN1296840 C CN 1296840C CN B02803418X A CNB02803418X A CN B02803418XA CN 02803418 A CN02803418 A CN 02803418A CN 1296840 C CN1296840 C CN 1296840C
Authority
CN
China
Prior art keywords
card
software module
terminal
message
payment processes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB02803418XA
Other languages
English (en)
Other versions
CN1484803A (zh
Inventor
丁银洙
成宽济
朴钟成
催昌浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SK Planti Co., Ltd.
SK Telecom Co Ltd
Original Assignee
SK Communications Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SK Communications Corp filed Critical SK Communications Corp
Publication of CN1484803A publication Critical patent/CN1484803A/zh
Application granted granted Critical
Publication of CN1296840C publication Critical patent/CN1296840C/zh
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/105Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/202Interconnection or interaction of plural electronic cash registers [ECR] or to host computer, e.g. network details, transfer of information from host to ECR or from ECR to ECR
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

本发明涉及最优地利用移动终端和POS(Point Of Sale)终端之间的IrFM(Infrared Finacial Messaging)执行EMV(Europay,Master andVisa)支付过程的方法。在本发明的方法中,如果基于写在装于移动终端中的卡芯片上的信息鉴别了购买者,则发送事务批准信息给POS终端,如果POS终端响应了一个批准,则该事务的数字收据被发送到该POS终端。然后如果POS终端请求结束事务,则释放连接会话。

Description

利用IrFM执行EMV支付过程的方法
发明领域
本发明涉及执行EMV(Europay,Master and Visa)支付过程的方法,特别涉及在移动通讯终端和作为支付处理终端的POS(Point Of Sale)终端之间执行最优的事务处理的方法。
现有技术
传统地,IrFM(Infrared Financial Messaging,红外金融消息)的基本概念与一个基于近距离无线连接方法IrDA(Infrared Data Association,红外数据关联)的金融事务的简档(profile)相关。建议在各种环境中使用与IrFM相关的PTD(Personal Trusted Device,个人信任的设备)金融支付方法。
IC(Integrated Circuit,集成电路)卡模块的操作通常通过POS终端执行,而且因为IC卡模块总是处于待命状态,所以持IC卡模块的购买者要命令IC卡模块发送响应数据,使得IC卡模块能响应来自POS终端的请求。
亦即,在基于IrFM执行传统EMV支付过程时,在POS终端和IC卡模块之间通过双向通讯执行几个事务(例如至少9或10个)。
下面参照图1说明在POS终端和IC卡模块之间通过双向通讯执行事务的情况。在步骤S1中,IC卡模块插入POS终端时,响应于重置信号,POS终端初始化或重置。
如果POS终端被重置,选择该IC卡模块支持的应用程序中用于该事务的应用程序以及POS终端。然后,创建可用应用程序的列表并且在步骤S2中从该列表中选择一个应用程序。
POS终端然后向IC卡模块发出一个GET PROCESSING OPTION命令,例如一个同步命令,以通知IC卡模块,事务处理已经在步骤S3启动。此时,IC卡模块响应于所述GET PROCESSING OPTION向POS终端发出一个AFL(Application File Locator)。
然后POS终端从IC卡模块读取事务处理所需的应用程序数据。此时,在步骤S4确定数据是否必须用SDA(Static Data Authentication)或DDA(Dynamic Data Authentication)鉴别。
在步骤S5,POS终端确定是否请求了用于大笔金额在线事务的发行者鉴别,或者是否请求了用于防止通过周期性在线事务的非法使用,这在离线事务中不能检测到。
SDA是一个对与IC卡模块相关的卡数据中的不可改变的数据进行鉴别的过程。执行SDA用于确定由发行者记录的数据是否被改动过。对IC卡模块执行SDA之后,执行DDA以鉴别由IC卡模块产生的签名。
在上述过程中,如果使用离线事务数据的SDA,则在步骤S6中,POS终端根据POS终端和IC卡模块的数据检查处理条件,包括在比较POS终端和IC卡模块的应用程序版本号时的一个条件,确定国家代码和异步传输模式是否可用并检查有效期。
在步骤S7,POS终端搜索从PIN(Personal Identification Number,个人识别码)输入的口令以确定IC卡模块的用户是否被授权。
在步骤S8中,如果口令有效,则POS终端根据IC卡模块确定的事务机制向IC卡模块提供一个GENERATE AC(Application Cryptogram,应用程序密码),从而完成鉴别过程。
在上述过程中,如果使用在线事务数据的SDA,则在步骤S9中,POS终端根据一个ARQC(Authorization Request Cryptogram,授权请求密码)通过一个VAN(Value Added Network,增值网)请求一个卡公司来执行在线处理。
在步骤S10中,一个卡公司的主机通过在线请求、在线响应和发行者鉴别这三个步骤完成鉴别过程,以确定是必须允许还是要拒绝该事务。
如上所述,如果IC卡模块的支付过程基于EMV,该事务在IC卡模块与POS终端有关的状态下完成。但是,存在无线链路断开的可能性因为IC卡模块与POS终端之间事务处理的数量增加而增高的问题。类似的,如果传统的IC卡模块和POS终端之间的事务处理被应用到移动通讯终端使得鉴别过程和和事务能通过移动终端完成,则事务处理数量也会增加。因此,用户将因为用于完成移动通讯终端与POS终端之间的事务所需的时间太长而感到不方便。
发明内容
因此,本发明针对上述问题。本发明的一个目的是提供一种方法,用于利用IrFM来执行EMV支付过程,该方法能够通过在POS终端与具有嵌入式IC的移动通讯终端之间执行一个最优事务处理来迅速执行事务和鉴别过程。
根据本发明的一个方面,上述及其它目的能通过提供一种利用其中嵌有卡芯片的移动通讯终端基于IrFM执行EMV支付过程的方法来实现,其步骤包括:(a)选择一个被移动通讯终端中的卡芯片和支付处理终端支持的可用应用程序列表并启动事务处理;(b)在作为所述应用程序之一的卡外软件模块中,根据一个鉴别过程,识别嵌有卡芯片的移动通讯终端的用户口令,如果用户通过了鉴别,则响应于特定击键将移动通讯终端连接到一个无线链路,并通过该无线链路接收来自支付处理终端的信用信息请求;(c)响应于所述信用信息请求,发送一个ARQC消息和成员资格信息给支付处理终端;(d)允许卡外软件模块接收一个作为对该ARQC消息的响应的ARPC(Authorization Response Cryptogram,授权响应密码)消息,并请求卡芯片鉴别发行者,并且如果该发行者通过了鉴别,则允许卡外软件模块发送一个与事务关联的数字收据到支付处理终端;以及(e)允许卡外软件模块从支付处理终端接收事务完成消息并释放连接的会话。
通过经无线链路连接在POS终端与嵌有IC的移动通讯终端之间执行更少——例如仅两个——基于EMV的过程,具有上述特征的本发明能快速执行事务和鉴别过程,降低无线链路断开的可能性并缩短移动通讯终端与POS终端之间的事务从开始到结束所需的时间。
附图简述
图1是显示一种用于执行传统EMV支付过程的流程图;
图2是本发明利用IrFM执行EMV支付过程的系统的框图;
图3a和3b是显示本发明的用于利用IrFM执行EMV支付过程的详细流程图。
具体实施方式
下面参照附图详细说明本发明的优选实施例。
图2是本发明利用IrFM执行EMV支付过程的系统的框图。该系统包括一个移动通讯终端10和一个POS终端20。
移动通讯终端10是由普通用户使用的移动电话。移动通讯终端10中嵌有一个IC卡芯片14。移动通讯终端10还包括一个卡外软件模块12以及一个IrFM应用程序软件模块16作为软件模块。
卡外软件模块12从IC卡芯片14选择并读取用户的成员资格信息,并将所读的成员资格信息临时地存储到存储器(未图示)中。卡外软件模块12从IC卡芯片14和POS终端20所支持的应用程序中选择要用于所述事务的应用程序,创建一个可用应用程序列表,并从所述列表中选择一个应用程序。
卡外软件模块12通知IC卡芯片14事务处理已通过发送一条GETPROCESSING OPTION命令——即用于同步的命令——而启动。
卡外软件模块12确定从PIN输入的口令是否有效来得知嵌有IC卡芯片14的移动通讯终端10的用户是授权的卡用户。如果移动通讯终端10的用户是授权的,则卡外软件模块12从用户使用的PIN接收一个特定的击键以将操作模式切换到IrFM服务器模式,并执行控制操作使得通往POS终端20的无线链路被搜索然后连接到IrFM应用程序软件模块16。
如果卡外软件模块12连接到所述无线链路,则其从POS终端20接收信用信息请求。卡外软件模块12向IC卡芯片14提供第一GENERATE AC,使得能够决定在线/离线鉴别。在决定在线鉴别的情况下,储存在存储器中的ARQC消息和成员资格信息被同时发送到POS终端20。
从POS终端20接收作为对ARQC消息的响应的ARPC消息后,卡外软件模块12请求IC卡芯片14执行发行者鉴别以确定该ARPC消息是具有授权批准的响应消息。
从IC卡芯片14接收具有授权批准的响应消息之后,卡外软件模块12向IC卡芯片14提供第二GENERATE AC,这是用于终止与POS终端20的事务的事务完成消息。卡外软件模块12在事务完成的时候接收从IC卡芯片14产生的数字收据。卡外软件模块12请求IC卡芯片14检查是否存在与卡数据有关的改动数据。如果没有改动的数据,卡外软件模块12发送该数字收据用于POS终端20记帐。
IC卡芯片14从卡外软件模块12接收用于同步的GET PROCESSINGOPTION命令,并执行控制操作以启动事务处理。响应于从卡外软件模块12接收的GENERATE AC,IC卡芯片14向卡外软件模块12提供一个表示在线鉴别请求的信号。
然后,IC卡芯片14响应于从卡外软件模块12接收的发行者鉴别请求,向卡外软件模块12提供具有授权批准的响应消息。而且,IC卡芯片14响应于第二GENERATE AC向卡外软件模块12提供在事务完成时产生的数字收据。
如果IrFM应用程序软件模块16从用户使用的PIN接收特定击键以将操作模式切换到IrFM服务器模式,其搜索一个无线链路以将自身连接到POS终端20。当从POS终端20接收作为事务完成消息的IrFM截止请求消息时,IrFM应用程序软件模块16截止IrFM然后释放所有连接的会话。
POS终端20具有至少一个嵌入式IC卡插槽,并具有诸如基本EMV终端键盘的用户界面,字符LCD(Liquid Crystal Display)单元,PIN键盘和与LCD单元分开的另一显示单元。POS终端20发送一个用于无线链路连接的IrFM连接请求消息到嵌在移动通讯终端10中的卡外软件模块12。POS终端20还向卡外软件模块12发送信用信息请求。
然后,POS终端20从卡外软件模块12接收ARQC消息和成员资格信息,将所接收的成员资格信息提供给一个通讯服务提供商‘A’,同时通过一个VAN‘B’将ARQC消息提供给一个卡公司‘C’。
然后,POS终端20从卡公司‘C’接收ARPC消息并将其发送到卡外软件模块12。从卡外软件模块12接收数字收据后,POS终端20将该数字收据提供给银行服务器(未图示)并从银行服务器电子地接收预定数量的金额。最后,POS终端20将IrFM截止请求消息发送到卡外软件模块12以关闭所有会话。
下面参照图3a和3b详细说明根据本发明的利用IrFM执行EMV支付过程的方法。
首先,如果利用IrFM在移动通讯终端10和POS终端之间基于IC卡芯片14执行EMV支付过程,则通过双向通讯进行在线事务。换言之,为了利用移动通讯终端10作为支付设备来购买某产品,用户利用移动通讯终端10执行一个最优双向事务,其中移动通讯终端10嵌有卡外软件模块12和IrFM应用程序软件模块作为其软件模块。
下面详细说明最优的双向事务。移动通讯终端10的卡外软件模块12从IC卡芯片14选择并读取使用移动通讯终端10的用户的成员资格信息,然后将所读的成员资格信息临时地存储在一个存储器(未图示)中。然后,在IC卡芯片14和POS终端支持的应用程序中选择要用于事务的应用程序。然后,创建一个选择的应用程序列表并且从该列表中选择一个应用程序,此为步骤301。
选择应用程序之后,卡外软件模块12向IC卡芯片14提供一个用于同步的GET PROCESSING OPTION命令,以通知IC卡芯片14事务处理已经启动,此为步骤302。
通知之后,卡外软件模块12从IC卡模块14中读取事务处理所需的数据,此为步骤303。
在在线鉴别中,卡外软件模块12确定嵌有IC卡芯片14的移动通讯终端的用户是否得到了授权。如果从PIN输入的口令有效,则卡外软件模块12从用户所使用的PIN接收一个特定击键以将操作模式切换到IrFM服务器模式,并执行控制操作使得通往POS终端20的无线链路被搜索而IrFM应用程序软件模块16能通过所发现的无线链路连接,此为步骤304。
如果从用户使用的PIN接收到用于切换操作模式到IrFM服务器模式的特定击键,IrFM应用程序软件模块16响应于一个连续地从POS终端20发送的针对无线链路连接的IrFM连接请求消息,搜索无线链路以连接到POS终端20,此为步骤305。
无线链路连接之后,卡外软件模块12响应于从POS终端20接收到的信用信息请求,向IC卡芯片14提供一个第一GENERATE AC,以确定在线还是离线鉴别,此为步骤306。
IC卡芯片14响应于从卡外软件模块12接收到的GENERATE AC,提供在线鉴别判断结果给卡外软件模块12,步骤307。
当从IC卡芯片14接收在线鉴别判断的结果时,卡外软件模块12同时发送一个ARQC消息和存储于存储器中的成员资格信息给POS终端20,此为步骤308。
从卡外软件模块12接收ARQC消息和成员资格信息之后,POS终端20将成员资格信息提供给通讯服务提供商‘A’,此为步骤309,并通过VAN‘B’将ARQC消息提供给卡公司‘C’,此为步骤310。
然后,POS终端20从卡公司‘C’接收一个ARPC消息并将该ARPC消息发送给卡外软件模块12,此为步骤311。
从POS终端20接收作为ARQC消息的响应的ARPC消息之后,卡外软件模块12请求IC卡芯片14执行发行者鉴别以确定该ARPC消息是否为具有授权批准的响应消息,此为步骤312。
响应于从卡外软件模块12接收到的发行者鉴别请求,IC卡芯片14向卡外软件模块12提供该具有授权批准的响应消息,此为步骤313。
从IC卡芯片14接收具有授权批准的响应消息之后,卡外软件模块12向IC卡芯片14提供一个第二GENERATE AC,其为事务完成消息,用以结束当前事务,此为步骤314。
响应于从卡外软件模块12接收的第二GENERATE AC,IC卡芯片14向卡外软件模块12提供一个在事务完成时产生的数字收据,此为步骤315。
卡外软件模块12从IC卡芯片14接收所产生的数字收据然后请求IC卡芯片14确定是否有与卡数据相关的数据被改动。如果数据被改动,则卡外软件模块12编辑数字收据为数据被改动。否则,卡外软件模块12将数字收据发送到POS终端20,此为步骤316。
从卡外软件模块12接收数字收据后,POS终端20将该数字收据提供给银行服务器(未图示)以结算该事务,然后从银行服务器电子地接收结算的金额。POS终端20将一个IrFM截至请求消息发送到卡外软件模块12以释放所有连接的会话,此为步骤317。
当从POS终端20接收IrFM截至请求消息时,卡外软件模块12截至IrFM并关闭其打开的会话,此为步骤318。
利用嵌有IC卡芯片的移动通讯终端,支付过程可以在加油站、售货机、收费站以及停车处的控制设备上执行,使得利用IrFM执行EMV支付过程的移动通讯终端能应用于各种应用领域。
尽管用优选实施例对本发明进行说明,本发明一般技术人员应理解,不脱离权利要求所披露的本发明的范围和精神,也可以作出各种修改、变化和替换。

Claims (11)

1.一种利用其中嵌有卡芯片的移动通讯终端基于IrFM执行EMV支付过程的方法,包括以下步骤:
(a)选择一个被移动通讯终端中的卡芯片和支付处理终端支持的可用应用程序列表并启动事务处理;
(b)在作为所述应用程序之一的卡外软件模块中,根据一个鉴别过程,检查嵌有卡芯片的移动通讯终端的用户口令,如果用户通过了鉴别,则响应于特定击键在移动通讯终端与支付处理终端之间建立一个无线链路,并通过所建立的无线链路接收来自支付处理终端的信用信息请求;
(c)响应于所述信用信息请求,发送一个ARQC消息和成员资格信息给支付处理终端;
(d)允许卡外软件模块从所述支付处理终端接收一个作为对该ARQC消息的响应的ARPC消息,并请求卡芯片鉴别发行者,并且如果该发行者通过了鉴别,则允许所述卡外软件模块发送一个从一个事务产生的数字收据到所述支付处理终端;以及
(e)允许卡外软件模块从支付处理终端接收事务完成消息并释放该事务的连接的会话。
2.如权利要求1中所述的方法,其特征在于步骤(a)向卡芯片提供一个用于同步的GET PROCESSING OPTION命令以通知事务处理已启动。
3.如权利要求1中所述的方法,还包括的步骤是:
如果所述事务处理已经启动,允许包含在移动通讯终端中的卡外软件模块从卡芯片读取所述事务处理所需的数据并接收附加信息以鉴别用户。
4.如权利要求1中所述的方法,其特征在于,当所述特定击键产生时,步骤(b)允许包含在移动通讯终端中的应用程序软件模块响应于一个连续地从支付处理终端发送的针对无线链路连接的连接请求消息,搜索一个通往支付处理终端的无线链路并将移动通讯终端连接到该无线链路。
5.如权利要求4中所述的方法,其特征在于,提供所述特定键用以将操作模式切换到IrFM服务器模式,并且所述特定键从一个PIN提供。
6.如权利要求1中所述的方法,还包括的步骤是:
如果从支付处理终端接收到一个批准的请求,允许所述卡外软件模块向所述卡芯片提供一个第一GENERATE AC,以决定在线鉴别;以及
允许所述卡芯片响应于所述第一GENERATE AC向所述卡外软件模块提供在线鉴别判断的结果。
7.如权利要求1中所述的方法,其特征在于从所述卡芯片选择并读取所述成员资格信息然后存储在一个存储器中。
8.如权利要求1中所述的方法,还包括的步骤是:
如果所述ARQC消息和成员资格信息被发送到支付处理终端,允许支付处理终端将该成员资格信息提供给一个通讯服务提供商并将该ARQC消息提供给一个卡公司;以及
允许所述支付处理终端从所述卡公司接收ARPC消息并将该ARPC消息发送到包含于移动通讯终端中的卡外软件模块。
9.如权利要求1中所述的方法,其特征在于,发行者鉴别通过一个检查过程来进行,该检查过程检查从支付处理终端接收的ARPC消息是否为具有授权批准的响应消息。
10.如权利要求9所述的方法,还包括的步骤是:
如果所述ARPC消息是得到授权的,则向卡芯片提供一个第二GENERATE AC以终止与支付处理终端的事务;
允许所述卡芯片向所述卡外软件模块提供数字收据作为对第二GENERATE AC的响应;
允许卡外软件模块接收所述数字收据并询问所述卡芯片:与卡数据有关的数据是否被改动;以及
如果有数据被改动,则根据改动的数据编辑所述数字收据。
11.如权利要求1中所述的方法,其特征在于,如果从所述卡外软件模块接收到所述数字收据,则所述支付处理终端将该数字收据提供给一个银行服务器,从所述银行服务器电子地接收结算的金额,将事务完成消息发送到所述卡外软件模块,并释放连接的会话。
CNB02803418XA 2001-11-02 2002-10-28 利用IrFM执行EMV支付过程的方法 Expired - Fee Related CN1296840C (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2001-0068082A KR100420600B1 (ko) 2001-11-02 2001-11-02 아이알에프엠을 이용한 이엠브이 지불 처리방법
KR0068082/2001 2001-11-02

Publications (2)

Publication Number Publication Date
CN1484803A CN1484803A (zh) 2004-03-24
CN1296840C true CN1296840C (zh) 2007-01-24

Family

ID=19715633

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB02803418XA Expired - Fee Related CN1296840C (zh) 2001-11-02 2002-10-28 利用IrFM执行EMV支付过程的方法

Country Status (8)

Country Link
US (1) US7664702B2 (zh)
EP (1) EP1440403B1 (zh)
JP (1) JP2005507533A (zh)
KR (1) KR100420600B1 (zh)
CN (1) CN1296840C (zh)
BR (1) BR0206268A (zh)
CA (1) CA2433594C (zh)
WO (1) WO2003038712A1 (zh)

Families Citing this family (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7587756B2 (en) * 2002-07-09 2009-09-08 American Express Travel Related Services Company, Inc. Methods and apparatus for a secure proximity integrated circuit card transactions
DE60223420T2 (de) * 2002-11-25 2008-09-04 Nokia Corp. Verfahren und system zum session-management unter verwendung einer client-session-kennung
KR100725232B1 (ko) * 2004-09-09 2007-06-04 에스케이 텔레콤주식회사 텔레비젼-커머스를 위한 시스템 및 그 처리방법
WO2006074150A1 (en) * 2005-01-03 2006-07-13 Falkin Systems, Llc Method, system and device for identification from multiple data inputs
EP1860605A4 (en) * 2005-03-03 2009-02-18 Sharp Kk ELECTRONIC MONEY SYSTEM, INFORMATION STORAGE MEDIUM, AND MOBILE TERMINAL DEVICE
JP4663441B2 (ja) * 2005-07-26 2011-04-06 株式会社エヌ・ティ・ティ・ドコモ 移動体端末装置及び電子決済システム
EP1876549A1 (de) * 2006-07-07 2008-01-09 Swisscom Mobile AG Verfahren und System zur verschlüsselten Datenübertragung
GB2442249B (en) * 2007-02-20 2008-09-10 Cryptomathic As Authentication device and method
US20090112767A1 (en) * 2007-10-25 2009-04-30 Ayman Hammad Escrow system and method
US20090112766A1 (en) * 2007-10-25 2009-04-30 Ayman Hammad Device including multiple payment applications
US8788350B2 (en) * 2008-06-13 2014-07-22 Microsoft Corporation Handling payment receipts with a receipt store
US20090313101A1 (en) * 2008-06-13 2009-12-17 Microsoft Corporation Processing receipt received in set of communications
SK288747B6 (sk) * 2009-04-24 2020-04-02 Smk Kk Spôsob a systém bezhotovostnej platobnej transakcie, najmä s použitím bezkontaktného platobného prostriedku
CN101771754B (zh) * 2008-12-31 2014-04-23 北京联想软件有限公司 一种移动终端及其近场通信的方法
US20110047075A1 (en) * 2009-08-19 2011-02-24 Mastercard International Incorporated Location controls on payment card transactions
US10147077B2 (en) * 2010-09-21 2018-12-04 Mastercard International Incorporated Financial transaction method and system having an update mechanism
US8831981B2 (en) * 2011-01-18 2014-09-09 Proximiant, Inc. Electronic transaction record distribution system
US20120253958A1 (en) * 2011-04-01 2012-10-04 Third Solutions, Inc. System for generating digital receipts
GB201105774D0 (en) * 2011-04-05 2011-05-18 Visa Europe Ltd Payment system
GB201105765D0 (en) * 2011-04-05 2011-05-18 Visa Europe Ltd Payment system
KR101610250B1 (ko) * 2011-04-06 2016-04-07 주식회사 케이티 근거리 통신 기능이 구비된 사용자 단말의 위치 상태에 따른 정보 전달 및 금융 거래 방법, 사용자 단말 및 시스템
EP2622585B1 (en) 2012-02-07 2015-08-05 iZettle Merchant Services AB Hub and spokes pin verification
KR102052959B1 (ko) 2013-04-16 2019-12-06 삼성전자주식회사 단말장치, 보안서버 및 그 결제방법
EP2989603A4 (en) * 2013-04-25 2017-02-01 Offla Selfsafe Ltd. Self authentication
CA2931093A1 (en) 2013-12-19 2015-06-25 Visa International Service Association Cloud-based transactions methods and systems
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
CN106465112A (zh) 2014-05-21 2017-02-22 维萨国际服务协会 离线认证
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US9317845B1 (en) * 2014-12-23 2016-04-19 Mastercard International Incorporated Flexible electronic payment transaction process
US11301840B1 (en) * 2015-03-30 2022-04-12 Block, Inc. Systems and methods for provisioning point of sale terminals
US11620628B2 (en) 2015-06-30 2023-04-04 Mastercard International Incorporated Method and system for fraud control based on geolocation
US10248940B1 (en) 2015-09-24 2019-04-02 Square, Inc. Modular firmware for transaction system
US10108412B2 (en) 2016-03-30 2018-10-23 Square, Inc. Blocking and non-blocking firmware update
US9785930B1 (en) * 2016-06-29 2017-10-10 Square, Inc. Expedited processing of electronic payment transactions
US10417628B2 (en) * 2016-06-29 2019-09-17 Square, Inc. Multi-interface processing of electronic payment transactions
US11010765B2 (en) * 2016-06-29 2021-05-18 Square, Inc. Preliminary acquisition of payment information
US10817869B2 (en) 2016-06-29 2020-10-27 Square, Inc. Preliminary enablement of transaction processing circuitry
AU2017295842A1 (en) 2016-07-11 2018-11-01 Visa International Service Association Encryption key exchange process using access device
US10762196B2 (en) 2018-12-21 2020-09-01 Square, Inc. Point of sale (POS) systems and methods with dynamic kernel selection
US10990969B2 (en) 2018-12-21 2021-04-27 Square, Inc. Point of sale (POS) systems and methods for dynamically processing payment data based on payment reader capability
US11049095B2 (en) 2018-12-21 2021-06-29 Square, Inc. Point of sale (POS) systems and methods with dynamic kernel selection

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1169786A (zh) * 1995-01-27 1998-01-07 海泊柯姆股份有限公司 虚拟pos终端
KR19980054903U (ko) * 1996-12-31 1998-10-07 박병재 엔진 오일량 표시장치
KR100207596B1 (ko) * 1996-09-13 1999-07-15 윤종용 카드 가맹점용 전자식 지불 단말기
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS61109169A (ja) * 1984-10-31 1986-05-27 エヌ・シー・アール・コーポレーション Pos端末装置の顧客情報入力システム
US5557518A (en) * 1994-04-28 1996-09-17 Citibank, N.A. Trusted agents for open electronic commerce
EP0929880B1 (de) * 1996-09-13 2001-01-24 Siemens Aktiengesellschaft Bargeldlose bezahlung mit einem mobilfunkgerät
KR19980021116U (ko) * 1996-10-18 1998-07-15 김종진 아연도금조의 레벨측정장치
GB9713743D0 (en) * 1997-06-27 1997-09-03 Nat Westminster Bank Plc A cryptographic authentication process
US6305603B1 (en) * 1999-01-29 2001-10-23 International Business Machines Corporation Personal digital assistant based financial transaction method and system
WO2001048714A1 (de) * 1999-12-23 2001-07-05 Swisscom Mobile Ag Zahlungstransaktionsverfahren und zahlungstransaktionssystem
GB2357618A (en) * 1999-12-23 2001-06-27 Nokia Mobile Phones Ltd Transaction system
FR2803071B1 (fr) * 1999-12-23 2002-11-22 Sagem Terminal de paiement par carte a puce
IT1315389B1 (it) * 2000-02-07 2003-02-10 Renzo Balagion Metodo, sistema e dispositivo per transazioni commerciali a distanza.
US6587835B1 (en) * 2000-02-09 2003-07-01 G. Victor Treyz Shopping assistance with handheld computing device
AU779316B2 (en) * 2000-03-16 2005-01-13 Harex Infotech Inc. Optical payment transceiver and system using the same
JP2001291040A (ja) * 2000-04-05 2001-10-19 Nec Corp 料金代行サービス方法及びシステム
KR100639320B1 (ko) * 2000-08-21 2006-10-27 엘지전자 주식회사 이동통신 단말기의 적외선 데이터 통신기능을 이용한 요금결제장치 및 그 방법
KR20010025503A (ko) * 2000-12-30 2001-04-06 최무용 이동통신단말기를 이용한 무선결제 및 보충 시스템

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1169786A (zh) * 1995-01-27 1998-01-07 海泊柯姆股份有限公司 虚拟pos终端
KR100207596B1 (ko) * 1996-09-13 1999-07-15 윤종용 카드 가맹점용 전자식 지불 단말기
KR19980054903U (ko) * 1996-12-31 1998-10-07 박병재 엔진 오일량 표시장치
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security

Also Published As

Publication number Publication date
EP1440403A1 (en) 2004-07-28
US7664702B2 (en) 2010-02-16
EP1440403B1 (en) 2016-10-05
KR100420600B1 (ko) 2004-03-02
WO2003038712A1 (en) 2003-05-08
KR20030035676A (ko) 2003-05-09
US20040236672A1 (en) 2004-11-25
CN1484803A (zh) 2004-03-24
JP2005507533A (ja) 2005-03-17
BR0206268A (pt) 2005-01-11
CA2433594A1 (en) 2003-05-08
EP1440403A4 (en) 2009-08-19
CA2433594C (en) 2011-10-18

Similar Documents

Publication Publication Date Title
CN1296840C (zh) 利用IrFM执行EMV支付过程的方法
US8515871B2 (en) Authorizing use of a financial instrument
US9330386B2 (en) Device, system and method for reducing an interaction time for a contactless transaction
US7599888B2 (en) Electronic confirmation to debit or credit an account
US20030154139A1 (en) Secure m-commerce transactions through legacy POS systems
US20010042021A1 (en) Electronic settling system and electronic settling method
CN110235380B (zh) 一种支付处理方法及装置
JP2006073022A (ja) 私的で安全な金融取引システム及び方法
CN1399753A (zh) 用于对通过计算机网络的购买进行授权的方法和系统
CN1184546A (zh) 在计算机网络上为采购有关交易的电子支付方法
JP2004310778A (ja) 指紋情報を用いた信用取引システムおよび方法
CN1459068A (zh) 自动支付系统
CN1650533A (zh) 费用批准与支付系统
CN104933565A (zh) 一种ic卡交易方法及系统
CN113837763A (zh) 支付请求处理方法、装置、计算机设备及可读存储介质
US20090144198A1 (en) Money transfer using an automated banking machine
CN1604525A (zh) 基于存有用户数据的卡的使用批准访问系统的方法和设备
TWI662493B (zh) Debit authorization method and system
CN116228242A (zh) 一种基于网络交易数据的处理方法及系统
CN112700232A (zh) 退款方法、终端设备及可读存储介质
KR100942609B1 (ko) 사이버 통장 인자 처리 기능이 구비된 자동화기기
JP2009098852A (ja) インターネットバンキングシステム及び電子マネーチャージ方法
KR20040069920A (ko) 휴대폰의 번호선택 방식을 이용한 카드사용 추가 승인방법 및 시스템

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1064759

Country of ref document: HK

C14 Grant of patent or utility model
GR01 Patent grant
REG Reference to a national code

Ref country code: HK

Ref legal event code: WD

Ref document number: 1064759

Country of ref document: HK

ASS Succession or assignment of patent right

Owner name: SK PLNET CO., LTD.

Free format text: FORMER OWNER: SK COMMUNICATIONS CO., LTD.

Effective date: 20120515

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20120515

Address after: Seoul, Korea

Patentee after: SK Planti Co., Ltd.

Address before: Seoul, South Kerean

Patentee before: SK Communications Co., Ltd.

ASS Succession or assignment of patent right

Owner name: SK TELECOMMUNICATION CO., LTD.

Effective date: 20141209

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20141209

Address after: Seoul, South Kerean

Patentee after: SK Planti Co., Ltd.

Patentee after: SK Telecommunication Co., Ltd.

Address before: Seoul, South Kerean

Patentee before: SK Planti Co., Ltd.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20070124

Termination date: 20201028