CN1859100A - 利用移动通讯设备保护卡支付交易安全的方法和系统 - Google Patents

利用移动通讯设备保护卡支付交易安全的方法和系统 Download PDF

Info

Publication number
CN1859100A
CN1859100A CNA2006100790922A CN200610079092A CN1859100A CN 1859100 A CN1859100 A CN 1859100A CN A2006100790922 A CNA2006100790922 A CN A2006100790922A CN 200610079092 A CN200610079092 A CN 200610079092A CN 1859100 A CN1859100 A CN 1859100A
Authority
CN
China
Prior art keywords
card
message
mobile communication
transaction
program command
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2006100790922A
Other languages
English (en)
Inventor
安托尼·R·哈加勒
瑞安·罗齐克
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CN1859100A publication Critical patent/CN1859100A/zh
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/08Insurance

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Computer Security & Cryptography (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

一种利用移动通信设备来保护卡支付交易的方法和系统,其增强诸如信用卡和借记卡交易之类的卡支付交易中的安全性。在卡发行方或其他服务提供商接收到交易后,将消息发送给已经唯一地与该卡相关联的移动通信设备。该消息可以是需要卡所有者做出响应以便授权的交互式消息,或者该消息可以传送一次性使用的个人识别号码(PIN),这种情况下必须经由销售点系统或该移动通信设备返回该PIN。在每次交易中,卡发行方或服务提供商确认该卡所有者已经收到该通信并已经授权该交易。在短时间之后可以使该PIN和/或交互式消息响应时期无效,进一步增强了交易的安全性。

Description

利用移动通讯设备保护卡支付交易安全的方法和系统
技术领域
本发明一般地涉及通过信用卡/借记卡进行支付的金融交易,并且更具体地涉及一种用于使用移动通信设备保护卡支付交易安全的方法和系统。
背景技术
随着欺诈性交易的代价的上升,信用卡和借记卡支付系统不断被深入研究。大多数的卡协议以及商业条例为卡的用户提供了保护,使他们避免受到由于他们的卡被盗用所导致的无限的经济损失。然而,金融机构的成本和给用户带来的不便以及可能出现的资金暂时不可用的情况使得必须采取措施进一步保护卡支付交易。
用于进一步保护卡支付交易安全的最新方法包括将卡与不在卡上印出的个人识别号码(PIN)相关联,以及/或者让卡本身包含附加的校验号码。这些技术可以防止从老式的复制(carbon-copy)类型的读卡单元得到的副本中盗取卡的信息,但是不能防止盗用卡本身或盗用输入到诸如自动取款机(ATM)或因特网形式页面之类的电子登录系统中的信息。
典型地由邮购/电话销售者以及在某些情况下由因特网销售者所采用的其他安全方法包括核实根本不在卡上提供的卡用户信息,诸如与该卡相关联的地址或电话号码,或关于卡所有者的历史信息。
然而,甚至连以上的技术也不能防止包括获知卡用户的个人信息的更深层次形式的身份偷窃(identity theft),并且对于因特网的情况,用于确认的信息通常还是表单录入数据的一部分,并且可以出现在因特网服务器上的数据库中,以及/或者以例如本地cookie的形式位于用户机器上。卡用户数据在现有系统中的扩散使得必须同时为卡用户和发行卡的金融机构提供进一步的保护。
已用于保护卡交易安全的另外的方法是在卡中或在卡上包含照片标识和智能芯片。尽管照片标识提供了更有力的保护形式,但是并非所有的卖方都能从视觉上辨别消费者,例如邮购和因特网售卖的情况。包含智能芯片类似于将PIN号码与卡相关联。一旦卡本身被盗用,则智能芯片也被获取。
最后,一次性使用的卡已经用于防范由于在一宗交易中使用卡而泄密卡用户信息。这种卡只能使用一次,因此其缺点是用户每次购物都必须获得一张卡。一次性使用的卡限制了拥有支付卡的灵活性,并且通常卡用户将仍需保留另一张卡应急或用于其他用途。
因此,希望提供一种方法和系统,以确保卡、PIN或卡用户信息被盗用不会危及卡支付交易的安全。还希望提供一种可以用单张可再使用的卡而运作的方法和系统。
发明内容
通过一种方法和系统可以获得保护卡支付交易的上述目的。该方法和系统使用采取诸如移动电话之类的移动通信设备形式的物理凭证,其提供了对有效交易的确认。
在卡发行方处登记通信设备的号码(或其他地址),卡发行方将该号码(或其他地址)与该卡相关联。卡发行方还被通知并同意该卡只用于“一次性授权”模式,即每次用该卡完成的交易都需要向金融机构(或信任的协作方)进行确认。
卡交易由卡用户以常规的模式发起,并且当卡发行方(或其他交易处理中心)接收到该交易时,将消息发往该移动通信设备。该消息可以是发往移动电话或其他个人通信设备的短消息服务(SMS)文本消息,其可以提供用于该销售点的PIN并且/或者需要交互式响应(该响应可以是输入PIN或简单的“是/否”确认)。如果该消息不是交互式的,则可以提供用于在该销售点输入的短期有效的一次性使用的PIN。否则,如果该消息是交互式的,则该消息可能需要“是/否”(“确认/拒绝”)响应、在移动通信设备中输入以便确认或拒绝该交易的短期有效的PIN或标准PIN。
对每次交易重复这一过程,并且响应于对该交互式消息的响应而进行授权,或者如果不需要交互式响应则在较短的预定时间段届满时终止授权。
通过以下对如附图所示的本发明的优选实施例进行的更具体的描述,本发明的前述和其他目的、特征和优点将变得明显。
附图说明
图1是根据本发明的实施例的系统的框图;
图2是根据本发明的实施例的用户界面的实物示图;
图3是说明了对在根据本发明的实施例的方法中实现的一个系统进行操作的流程图;
图4是说明了对在根据本发明的实施例的方法中实现的另一个系统进行操作的流程图。
具体实施方式
本发明通过将移动通信设备与信用卡或借记卡相关联提供了增强的卡交易安全性。该移动通信设备可以是移动电话、个人数字助理(PDA)、支持文本消息的寻呼机或者能够显示消息并可选地能够接受交互式响应的其他移动通信设备。
现在参考图1,图中示出了一个根据本发明的实施例的系统。卡用户13在电子收款机系统(POS)参与信用卡/借记卡交易。属于传统地安装于商场中的类型的POS系统12提供可由卡用户13接入以便为所购商品付费的终端18。POS系统12向卡服务电子资金交易(EFT)服务器14发送授权请求,在常规操作模式下该EFT服务器14将基于资金可用性、信用状态以及授权信息来确认或拒绝该交易。
然而,卡服务EFT服务器14包括根据本发明实施例的“一次性授权”模式。当信用卡/借记卡处于“一次性授权”模式(其可以是某些类型的卡的永久状态或者是响应于卡所有者与卡服务提供商之间的联络的可选状态)时,EFT服务器14向登记到该卡并因此与该卡相关联的移动通信设备16发送消息。卡服务EFT服务器14连接到移动电话服务提供商10,移动电话服务提供商10连接到发射塔11,发射塔11包括用于与移动通信设备16进行通信的天线。
该消息可以是提示移动通信设备16的用户进行授权输入的交互式短消息服务(SMS)文本消息,或者可以是传送诸如仅供卡用户13参与的特定交易使用的个人识别号码(PIN)之类的授权信息的文本或语音消息。通常,在卡服务EFT服务器14中响应于该授权请求设置定时器,并且如果在预定的时间段内卡服务EFT服务器14没有从POS系统12接收到授权响应,则拒绝该交易。如果该消息是交互式消息,则所需的授权响应可以是标准的永久性或半永久性PIN、简单的“是/否”响应,或者该消息可以要求再次输入在消息本身中所发送的PIN或其他信息。如果该消息不是交互式的,则该消息将包含通常采取短期有效的PIN的形式的授权信息,其可以由卡用户13输入到终端18中,或由卡用户13提供给收款人以便录入POS系统12中。
尽管上述系统在应用中通常使用卡用户13所持有的移动通信设备,但是该系统也可以用于请求来自于通常是卡的所有者但并非一定是例子中的卡用户13的移动设备用户的授权。例如,父母可能希望在给予小孩拥有信用卡/借记卡的灵活性的同时,控制对小孩的购买行为的授权,或者作为另外一个例子,残疾人可能希望临时将他们的卡借给朋友或者亲戚以让其给他们购买物品。通常,在卡用户13不是移动通信设备16的持有人的应用中,可以针对移动通信设备16的用户对消息进行交互,并且不需要卡用户13在终端18提供用于授权的信息。本发明可以用于实现借记卡类型的购买,这种购买在终端18处不需要PIN,或者如果该卡不处于需要来自移动通信设备16的响应的“一次性授权”模式,则可以选择性地提示输入PIN。
同样,尽管上述说明使用了商场内购物的例子,但是本发明同样可以应用于其他的销售点,诸如网上商城和电话销售点。当在上述替代性销售点之一进行购买时,POS系统12应当理解为售货商所使用的特定POS系统类型。在特定POS系统12与卡服务EFT服务器14进行通信的时候,上述系统的操作对于POS的类型来说应当是透明的。不过,对于非交互类型的授权消息,在电话销售的情况下要将所接收的PIN或其他授权信息提供给电话订货者,并且在网上销售系统的情况下要将所接收的PIN或其他授权信息输入到网站表单。
现在参考图2,图中示出了根据本发明的实施例的用户界面。移动通信设备20包括显示器22和输入设备24,输入设备24可以是如图所示的键盘、触摸屏、触控笔(stylus)系统或其他通常在移动通信设备上实现的适合的输入设备。可选地,用于授权的输入设备可以是目前用于某些移动电话中的语音识别系统。显示器22描述了根据本发明的实施例的授权屏幕。该屏幕可选地示出了如上所述的交易信息,因此卡所有者可以告知卡号码、费用数量和资金接受方等内容。图中示出了“是/否”的授权响应,但是如上所述,甚至在交互式信息中也可以包括PIN或其他的逻辑代币,其需要输入所显示的PIN或代币以便对该交易进行授权。作为替代,特别是对于不具备SMS文本消息能力的移动设备来说,作为对显示内容的替代,用户界面可以包括音频消息,并且可以通过号码键盘输入或语音命令给出响应。
现在参考图3,其用一幅流程图说明了根据本发明的一个实施例的方法。首先,卡用户参与一宗卡支付交易(步骤30),并且将交易信息发送到卡发行方或服务提供商的服务器(步骤31)。如果该卡属于“一次性授权”类型,或者如果该卡选择了“一次性授权”的模式(判定32),则将SMS文本消息发送到相关联的移动通信设备(步骤34),否则就将该交易作为常规的卡交易进行处理(步骤33)。如果该设备的用户对该文本消息作出了响应(步骤35),并且在预定的时间限制内对该交易进行了授权(判定36),则将该交易作为常规的卡交易进行处理(步骤33),否则就拒绝该交易(步骤37)。在这一阶段,可以提供举报“交易为欺诈”以及/或者禁止该卡继续使用的选项。
现在参考图4,其用一幅流程图说明了根据本发明的另一个实施例的方法。首先,卡用户参与一宗卡支付交易(步骤40),并且将交易信息发送到卡发行方或服务提供商的服务器(步骤41)。如果该卡属于“一次性授权”类型,或者如果该卡选择了“一次性授权”的模式(判定42),则将包含PIN的SMS文本消息发送到相关联的移动通信设备(步骤43)。如果卡用户输入了PIN(步骤44)并且如果该PIN是有效的(步骤45),则对该交易进行处理(步骤46),其中这个输入的PIN可以是接收到的用于“一次性授权”卡的PIN或用于标准卡或授权模式的标准PIN。否则,拒绝该交易(步骤47)。步骤45中判定PIN是否有效的标准可以包括如上所述的在预定的时间限制内使用该PIN。
尽管已经针对本发明的优选实施例对本发明进行了具体地说明和描述,但是本领域的普通技术人员应当理解,在不偏离本发明的原理和范围的情况下,可以对本发明进行形式和细节上的前述和其他改变。

Claims (15)

1.一种利用支付卡和移动通信设备进行交易的方法,所述方法包括:
将所述支付卡与一个标识符相关联,该标识符唯一地与一个特定的移动通信设备相关联;
接收来自销售点的通知,该通知指出一个特定的卡交易已被发起;
向所述特定的移动通信设备的用户发送与所述特定的卡交易相关联的消息;
接收所述用户经由所述特定的移动通信设备发出的关于已经接收到所述消息和关于所述用户对所述特定的卡交易进行授权的确认;以及
只有当接收到所述确认之后,才对所述特定的卡交易进行授权。
2.根据权利要求1所述的方法,还包括:
响应于所述发送而起动计时器;以及
在所述计时器到达预定的截止时间后,停止对所述特定的卡交易的授权。
3.根据权利要求1所述的方法,其中所述发送包括向所述特定的移动通信设备发送短消息服务(SMS)文本消息。
4.根据权利要求1所述的方法,其中所述发送包括向所述特定的移动通信设备发送包含一次性使用的个人识别号码(PIN)的消息。
5.根据权利要求4所述的方法,其中所述接收来自所述用户的确认通过从与所述特定的卡交易相关联的销售点接收所述一次性使用的PIN来进行,其中所述一次性使用的PIN的值证实所述消息已经被接收。
6.根据权利要求4所述的方法,其中所述接收来自所述用户的确认通过从所述特定的移动通信设备接收所述一次性使用的PIN来进行,其中所述一次性使用的PIN的值证实所述消息已经被接收。
7.根据权利要求1所述的方法,其中所述发送包括发送请求确认所述交易的交互式消息,并且其中所述接收来自所述用户的确认通过接收对所述交互式消息的响应来进行。
8.一种用于对利用支付卡发起的交易进行授权的系统,包括一个或多个用于接收电子交易信息并发起到移动通信设备的通信的服务器,所述一个或多个服务器均具有用于存储程序指令的存储器和至少一个用于执行所述程序指令的处理器,所述程序指令包括用于执行以下步骤的程序指令:
接收来自销售点的通知,该通知表明一个卡交易已被发起;
检索唯一地与在所述卡交易中使用的特定卡相关联的特定移动通信设备的标识符;
经由所述特定的移动通信设备向用户发送与所述卡交易相关联的消息;
接收所述用户经由所述特定的移动通信设备发出的关于已经接收到所述消息和关于所述用户对所述特定的卡交易进行授权的确认;以及
只有当接收到所述确认之后,才对所述特定的卡交易进行授权。
9.根据权利要求8所述的系统,其中所述程序指令还包括用于执行以下步骤的程序指令:
响应于所述发送而起动计时器;以及
在所述计时器到达预定的截止时间后,停止对所述特定的卡交易的授权。
10.根据权利要求8所述的系统,其中所述用于发送的程序指令包括用于向所述特定的移动通信设备发送短消息服务(SMS)文本消息的程序指令。
11.根据权利要求8所述的系统,其中所述用于发送的程序指令包括用于向所述特定的移动通信设备发送包含一次性使用的个人识别号码(PIN)的消息的程序指令。
12.根据权利要求11所述的系统,其中所述用于接收来自所述用户的确认的程序指令包括用于从与所述特定的卡交易相关联的销售点接收所述一次性使用的PIN的程序指令,其中所述一次性使用的PIN的值证实所述消息已经被接收。
13.根据权利要求11所述的系统,其中所述用于接收来自所述用户的确认的程序指令包括用于从所述特定的移动通信设备接收所述一次性使用的PIN的程序指令,其中所述一次性使用的PIN的值证实所述消息已经被接收。
14.根据权利要求8所述的系统,其中所述用于发送的程序指令发送请求确认所述交易的交互式消息,并且其中所述接收来自所述用户的确认通过接收对所述交互式消息的响应来进行。
15.一种包括编码有程序指令的介质的计算机程序产品,其中所述程序指令用于在一个或多个服务器上执行,以接收电子交易信息并发起到移动通信设备的通信,其中所述程序指令是用于对利用支付卡发起的交易进行授权的程序指令,所述程序指令包括用于执行权利要求1-7中的任意一项中的步骤的程序指令。
CNA2006100790922A 2005-05-03 2006-04-29 利用移动通讯设备保护卡支付交易安全的方法和系统 Pending CN1859100A (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/120,898 US7533047B2 (en) 2005-05-03 2005-05-03 Method and system for securing card payment transactions using a mobile communication device
US11/120,898 2005-05-03

Publications (1)

Publication Number Publication Date
CN1859100A true CN1859100A (zh) 2006-11-08

Family

ID=37297967

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2006100790922A Pending CN1859100A (zh) 2005-05-03 2006-04-29 利用移动通讯设备保护卡支付交易安全的方法和系统

Country Status (3)

Country Link
US (2) US7533047B2 (zh)
CN (1) CN1859100A (zh)
TW (1) TWI365419B (zh)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102831352A (zh) * 2012-09-11 2012-12-19 南京天溯自动化控制系统有限公司 设备授权使用的方法及其设备
CN103514536A (zh) * 2012-06-28 2014-01-15 马克西姆综合产品公司 通过不可信设备的安全支付
CN104408622A (zh) * 2014-12-10 2015-03-11 公安部第三研究所 基于独立密码设备实现电子交易确认的系统及方法
CN104428780B (zh) * 2012-03-21 2018-02-09 阿克特兰控股有限公司 计算机化的授权系统和方法
CN108320161A (zh) * 2018-02-02 2018-07-24 杨佩敏 基于数字网络技术的反欺诈交易方法以及装置

Families Citing this family (92)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7873572B2 (en) * 2004-02-26 2011-01-18 Reardon David C Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages
US8799164B2 (en) 2004-02-26 2014-08-05 David C Reardon Financial transaction system with integrated electronic messaging, control of marketing data, and user defined charges for receiving messages
US8346660B2 (en) * 2004-02-26 2013-01-01 David C. Reardon System and method for two-way transfer of funds and electronic content between summa account users with gathering of behavioral metrics and management of multiple currencies and escrow accounts
US20090119159A1 (en) * 2007-10-31 2009-05-07 David C. Reardon System and Method for Transferring Funds to Recipients of Electronic Messages
US7357310B2 (en) 2005-03-11 2008-04-15 Gerry Calabrese Mobile phone charge card notification and authorization method
CA2648523C (en) 2005-04-21 2018-09-04 Securedpay Solutions, Inc. Portable handheld device for wireless order entry and real time payment authorization and related methods
US8352323B2 (en) * 2007-11-30 2013-01-08 Blaze Mobile, Inc. Conducting an online payment transaction using an NFC enabled mobile communication device
US8559987B1 (en) * 2005-12-31 2013-10-15 Blaze Mobile, Inc. Wireless bidirectional communications between a mobile device and associated secure element
US20070156436A1 (en) * 2005-12-31 2007-07-05 Michelle Fisher Method And Apparatus For Completing A Transaction Using A Wireless Mobile Communication Channel And Another Communication Channel
TW200732991A (en) * 2006-02-22 2007-09-01 Benq Corp Method for electronic transactions using a mobile communication device
WO2008010661A2 (en) * 2006-07-18 2008-01-24 Ktfreetel Co., Ltd. Method for providing security services by using mobile terminal password and mobile terminal thereof
EP2095345A4 (en) * 2006-10-23 2011-04-27 Behruz Nader Daroga DIGITAL TRANSMISSION SYSTEM (DTS) FOR THE SECURITY OF BANK ATMOSPHERES (ATM)
CN101647040A (zh) * 2006-12-26 2010-02-10 维萨美国股份有限公司 使用别名的移动支付系统和方法
US9647855B2 (en) 2007-01-09 2017-05-09 Visa U.S.A. Inc. Mobile phone payment with disabling feature
US20080200144A1 (en) * 2007-02-16 2008-08-21 Ginsberg Todd D System and Method for Providing Alerts Over a Network
US8205793B2 (en) * 2007-03-31 2012-06-26 Dror Oved Banking transaction processing system
FR2914763B1 (fr) * 2007-04-06 2013-02-15 Grp Des Cartes Bancaires Cryptogramme dynamique
US8688570B2 (en) * 2007-04-27 2014-04-01 American Express Travel Related Services Company, Inc. System and method for performing person-to-person funds transfers via wireless communications
GB2450193A (en) * 2007-06-12 2008-12-17 Cvon Innovations Ltd Method and system for managing credits via a mobile device
US8233600B1 (en) 2007-07-17 2012-07-31 Juniper Networks, Inc. Automated creation of multiple provider services
US20090099947A1 (en) * 2007-10-16 2009-04-16 Wachovia Corporation System and method for electronic funds payment
US7958052B2 (en) * 2007-12-31 2011-06-07 Mastercard International Incorporated Methods and systems for cardholder initiated transactions
GB2456184A (en) * 2008-01-07 2009-07-08 Cvon Innovations Ltd System for selecting an information provider or service provider
US9542687B2 (en) 2008-06-26 2017-01-10 Visa International Service Association Systems and methods for visual representation of offers
US8478692B2 (en) 2008-06-26 2013-07-02 Visa International Service Association Systems and methods for geographic location notifications of payment transactions
BRPI0918958A2 (pt) 2008-09-25 2017-06-13 Visa Int Service Ass dispositivo móvel, e, método
US8185443B2 (en) 2008-10-27 2012-05-22 Ebay, Inc. Method and apparatus for authorizing a payment via a remote device
US9230259B1 (en) 2009-03-20 2016-01-05 Jpmorgan Chase Bank, N.A. Systems and methods for mobile ordering and payment
US8326759B2 (en) * 2009-04-28 2012-12-04 Visa International Service Association Verification of portable consumer devices
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US20100274653A1 (en) * 2009-04-28 2010-10-28 Ayman Hammad Notification social networking
US20100280914A1 (en) * 2009-05-04 2010-11-04 Mark Carlson Security system and method including alert messages
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US10846683B2 (en) 2009-05-15 2020-11-24 Visa International Service Association Integration of verification tokens with mobile communication devices
US8602293B2 (en) 2009-05-15 2013-12-10 Visa International Service Association Integration of verification tokens with portable computing devices
US7891560B2 (en) 2009-05-15 2011-02-22 Visa International Service Assocation Verification of portable consumer devices
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
WO2010140876A1 (en) * 2009-06-01 2010-12-09 Bemobile Sdn. Bhd. Method, system and secure server for multi-factor transaction authentication
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
US20110238564A1 (en) * 2010-03-26 2011-09-29 Kwang Hyun Lim System and Method for Early Detection of Fraudulent Transactions
JP5662048B2 (ja) * 2010-04-08 2015-01-28 株式会社ユニバーサルエンターテインメント 決済システム
CA2704864A1 (en) 2010-06-07 2010-08-16 S. Bhinder Mundip Method and system for controlling access to a monetary valued account
US8571939B2 (en) * 2010-07-07 2013-10-29 Toshiba Global Commerce Solutions Holdings Corporation Two phase payment link and authorization for mobile devices
US20120011007A1 (en) * 2010-07-07 2012-01-12 At&T Intellectual Property I, L.P. Mobile Payment Using DTMF Signaling
US8527417B2 (en) 2010-07-12 2013-09-03 Mastercard International Incorporated Methods and systems for authenticating an identity of a payer in a financial transaction
US9619801B2 (en) * 2010-08-02 2017-04-11 Stanton Management Group, Inc. User positive approval and authentication services (UPAAS)
US8996402B2 (en) 2010-08-02 2015-03-31 Apple Inc. Forecasting and booking of inventory atoms in content delivery systems
US8990103B2 (en) 2010-08-02 2015-03-24 Apple Inc. Booking and management of inventory atoms in content delivery systems
US20120130905A1 (en) * 2010-11-09 2012-05-24 The Regents Of The University Of California Transaction verification on rfid enabled payment and transaction instruments
CN107967602A (zh) 2011-03-04 2018-04-27 维萨国际服务协会 支付能力结合至计算机的安全元件
ITRM20110125A1 (it) * 2011-03-16 2012-09-17 Solidonet S R L Procedimento e sistema per autorizzare una transazione commerciale.
US8805326B2 (en) * 2011-05-10 2014-08-12 Ebay Inc. Payment transactions on mobile device using mobile carrier
ITPI20110071A1 (it) * 2011-06-22 2012-12-23 Michele Piccini "un sistema di autorizzazione ad una transazione"
US20120330788A1 (en) * 2011-06-27 2012-12-27 Robert Hanson Payment selection and authorization by a mobile device
DE102011051461B4 (de) * 2011-06-30 2022-05-12 Wincor Nixdorf International Gmbh Verfahren und System zur sicheren Identifizierung für das Durchführen einer Transaktion an einem Selbstbedienungs-Terminal
DE102011052751A1 (de) * 2011-08-16 2013-02-21 Wincor Nixdorf International Gmbh Autorisierung von Check-Einreichungen
WO2013039304A1 (ko) * 2011-09-14 2013-03-21 에스케이플래닛 주식회사 전자 결제를 위한 회원 등록 방법과 그를 위한 시스템, 장치 및 단말기
DE112012005778T5 (de) * 2012-01-30 2014-10-30 Ebay Inc. Systeme und Verfahren zum Bereitstellen von anmeldungsbasierten Zahlungsprozessen
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
US20130254028A1 (en) * 2012-03-22 2013-09-26 Corbuss Kurumsal Telekom Hizmetleri A.S. System and method for conducting mobile commerce
US10572876B2 (en) 2012-12-28 2020-02-25 Capital One Services, Llc Systems and methods for authenticating potentially fraudulent transactions using voice print recognition
US10311435B2 (en) 2013-03-28 2019-06-04 Morphotrust Usa Llc System and method for transaction authentication
EP3005203A4 (en) 2013-06-05 2017-04-19 Morphotrust USA, Inc. System and method for credential authentication
US20140379577A1 (en) * 2013-06-24 2014-12-25 Infosys Limited Methods, systems, and computer-readable media for providing financial transactions
KR102293822B1 (ko) 2013-12-19 2021-08-26 비자 인터네셔널 서비스 어소시에이션 클라우드-기반 트랜잭션 방법 및 시스템
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US20170039552A1 (en) * 2014-04-30 2017-02-09 Visa International Service Association Systems, methods and devices for providing a single-use payment credential
AU2015264124B2 (en) 2014-05-21 2019-05-09 Visa International Service Association Offline authentication
FR3023640B1 (fr) * 2014-07-10 2016-08-12 Roam Data Inc Procede de gestion d'une transaction, serveur, produit programme d'ordinateur et medium de stockage correspondants.
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US9202212B1 (en) * 2014-09-23 2015-12-01 Sony Corporation Using mobile device to monitor for electronic bank card communication
US9292875B1 (en) 2014-09-23 2016-03-22 Sony Corporation Using CE device record of E-card transactions to reconcile bank record
US9378502B2 (en) 2014-09-23 2016-06-28 Sony Corporation Using biometrics to recover password in customer mobile device
US10262316B2 (en) * 2014-09-23 2019-04-16 Sony Corporation Automatic notification of transaction by bank card to customer device
US9355424B2 (en) 2014-09-23 2016-05-31 Sony Corporation Analyzing hack attempts of E-cards
US9953323B2 (en) 2014-09-23 2018-04-24 Sony Corporation Limiting e-card transactions based on lack of proximity to associated CE device
US9558488B2 (en) 2014-09-23 2017-01-31 Sony Corporation Customer's CE device interrogating customer's e-card for transaction information
US9646307B2 (en) 2014-09-23 2017-05-09 Sony Corporation Receiving fingerprints through touch screen of CE device
US9317847B2 (en) 2014-09-23 2016-04-19 Sony Corporation E-card transaction authorization based on geographic location
US9367845B2 (en) * 2014-09-23 2016-06-14 Sony Corporation Messaging customer mobile device when electronic bank card used
KR101725214B1 (ko) * 2014-10-20 2017-04-11 주식회사 하렉스인포텍 결제 서비스 제공 시스템 및 방법
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US20180276669A1 (en) * 2017-03-21 2018-09-27 Bank Of America Corporation Fraud Remedy Tool
EP3404600A1 (en) 2017-05-16 2018-11-21 Financiera Espãnola de Crédito a Distancia EFC, S.A. A strong user authentication method on non-virtual payment devices
US10395230B1 (en) * 2018-07-09 2019-08-27 Capital One Services, Llc Systems and methods for the secure entry and authentication of confidential access codes for access to a user device
WO2020099690A1 (es) 2018-11-16 2020-05-22 Financiera Española de Crédito a Distancia EFC, S.A. Método y sistema para financiar compras con autenticación reforzada de cliente
US20200329072A1 (en) * 2019-04-11 2020-10-15 Level 3 Communications, Llc System and method for utilization of threat data for network security
US11068868B1 (en) 2019-12-31 2021-07-20 Toast, Inc. Apparatus and method for web-enabled transaction completion
US11568379B2 (en) * 2019-12-31 2023-01-31 Toast, Inc. Apparatus and method for improved payment experience
US11182755B2 (en) 2019-12-31 2021-11-23 Toast, Inc. Apparatus and method for transaction handoff and completion

Family Cites Families (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4998279A (en) * 1984-11-30 1991-03-05 Weiss Kenneth P Method and apparatus for personal verification utilizing nonpredictable codes and biocharacteristics
US5163097A (en) * 1991-08-07 1992-11-10 Dynamicserve, Ltd. Method and apparatus for providing secure access to a limited access system
US5326960A (en) * 1992-11-25 1994-07-05 Tannenbaum David H Currency transfer system and method
US5650604A (en) * 1995-02-22 1997-07-22 Electronic Data Systems Corporation System and method for electronic transfer of funds using an automated teller machine to dispense the transferred funds
US6863428B2 (en) * 1997-10-24 2005-03-08 3M Innovative Properties Company Light guide illumination device appearing uniform in brightness along its length
US6249868B1 (en) * 1998-03-25 2001-06-19 Softvault Systems, Inc. Method and system for embedded, automated, component-level control of computer systems and other complex systems
US6636833B1 (en) * 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
US6880750B2 (en) 1998-04-17 2005-04-19 Randolph M. Pentel Remote ordering device
US6615194B1 (en) 1998-06-05 2003-09-02 Lucent Technologies Inc. System for secure execution of credit based point of sale purchases
US6628766B1 (en) * 1999-03-29 2003-09-30 Intelepaid.Com, Inc. Apparatus for delivery of prepaid telecommunication services and method therefor
US7089208B1 (en) * 1999-04-30 2006-08-08 Paypal, Inc. System and method for electronically exchanging value among distributed users
US6227447B1 (en) 1999-05-10 2001-05-08 First Usa Bank, Na Cardless payment system
US6246769B1 (en) * 2000-02-24 2001-06-12 Michael L. Kohut Authorized user verification by sequential pattern recognition and access code acquisition
JP2001344545A (ja) * 2000-03-29 2001-12-14 Ibm Japan Ltd 処理システム、サーバ、処理端末、通信端末、処理方法、データ管理方法、処理実行方法、プログラム
US6973589B2 (en) * 2000-04-19 2005-12-06 Cooper Industries, Inc. Electronic communications in intelligent electronic devices
FI115355B (fi) * 2000-06-22 2005-04-15 Icl Invia Oyj Järjestely suojatun järjestelmän käyttäjän tunnistamiseen ja todentamiseen
US7106845B1 (en) * 2000-06-26 2006-09-12 Accessline Communications Corporation Dynamic security system and method, such as for use in a telecommunications system
TW505873B (en) 2000-09-05 2002-10-11 Shi-Peng Lu Payment method with mobile communication
US7292996B2 (en) * 2000-10-06 2007-11-06 Openwave Systems Inc. Method and apparatus for performing a credit based transaction between a user of a wireless communications device and a provider of a product or service
JP3848127B2 (ja) * 2000-11-02 2006-11-22 キヤノン株式会社 チケット管理システム、チケット入力装置、チケット入力装置の制御方法、プログラム及び記憶媒体
US20020091647A1 (en) 2001-01-10 2002-07-11 Lopez Antonio Vazquez Security system for commercial transactions via the Internet or other communications networks
US20020133462A1 (en) * 2001-03-16 2002-09-19 Koninklijke Philips Electronics N.V. Instant electronic notification of credit card use serves as deterrent
US20020143708A1 (en) 2001-03-27 2002-10-03 Harvey Hollander System and method for conducting secure on-line transactions using a credit card
US20020184143A1 (en) 2001-05-14 2002-12-05 Khater Ali Mohamed Khater plus system
US6830178B2 (en) 2001-07-19 2004-12-14 Loreto Jimenez Combination bank/phone card and method
US6641050B2 (en) * 2001-11-06 2003-11-04 International Business Machines Corporation Secure credit card
CA2479219A1 (en) * 2002-03-22 2003-10-02 British Telecommunications Public Limited Company Transaction authentication
US7784684B2 (en) * 2002-08-08 2010-08-31 Fujitsu Limited Wireless computer wallet for physical point of sale (POS) transactions
US20040133507A1 (en) * 2003-01-02 2004-07-08 Paul Barbour Method and system for conducting financial transactions using single use credit card numbers
AU2004252824B2 (en) * 2003-06-04 2011-03-17 Mastercard International Incorporated Customer authentication in e-commerce transactions
TW589585B (en) 2003-10-16 2004-06-01 Mythink Technology Co Ltd Billing system and method of transportation vehicle
US20060123465A1 (en) * 2004-10-01 2006-06-08 Robert Ziegler Method and system of authentication on an open network
US20060190277A1 (en) * 2005-02-18 2006-08-24 Netleasex Ip Holdings, Llc Online transaction system for fractional interests in real estate

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104428780B (zh) * 2012-03-21 2018-02-09 阿克特兰控股有限公司 计算机化的授权系统和方法
CN103514536A (zh) * 2012-06-28 2014-01-15 马克西姆综合产品公司 通过不可信设备的安全支付
US9858560B2 (en) 2012-06-28 2018-01-02 Maxim Integrated Products, Inc. Secure payments with untrusted devices
US11341472B2 (en) 2012-06-28 2022-05-24 Maxim Integrated Products, Inc. Secure payments with untrusted devices
CN102831352A (zh) * 2012-09-11 2012-12-19 南京天溯自动化控制系统有限公司 设备授权使用的方法及其设备
CN102831352B (zh) * 2012-09-11 2015-02-18 南京天溯自动化控制系统有限公司 设备授权使用的方法及其设备
CN104408622A (zh) * 2014-12-10 2015-03-11 公安部第三研究所 基于独立密码设备实现电子交易确认的系统及方法
CN108320161A (zh) * 2018-02-02 2018-07-24 杨佩敏 基于数字网络技术的反欺诈交易方法以及装置

Also Published As

Publication number Publication date
US7533047B2 (en) 2009-05-12
TW200709093A (en) 2007-03-01
US8234172B2 (en) 2012-07-31
US20060253389A1 (en) 2006-11-09
US20090083160A1 (en) 2009-03-26
TWI365419B (en) 2012-06-01

Similar Documents

Publication Publication Date Title
CN1859100A (zh) 利用移动通讯设备保护卡支付交易安全的方法和系统
US8851371B2 (en) In-lane money transfer systems and methods
CN105940422B (zh) 对授权进行令牌化
ES2811030T3 (es) Método de pago y facturación seguro usando cuenta o número de teléfono móvil
US8812401B2 (en) Secure payment capture processes
MX2011005324A (es) Metodo y aparato para proteccion dirigida por consumidor para transacciones con tarjeta de pago.
KR20110019887A (ko) 모바일 카드/계좌 결제 시스템 및 이를 이용한 결제 방법
US9251515B2 (en) System and method for preventing fraud in the secondary market for gift cards
WO2001055984A1 (en) Flexible electronic system for conducting commercial transactions
US20210209591A1 (en) System for notifying a merchant after completion of a previous transaction by the merchant when a payment instrument used for the previous transaction has been identified as being suspect
GB2398159A (en) Electronic payment authorisation using a mobile communications device
KR20030082090A (ko) 전자 지불 결제 방법 및 시스템
KR20000049788A (ko) 유무선통신을 이용한 개인 고유번호 자동전달 및 보안 시스템
JP2003168063A (ja) カード決済方法における決済承認方法及びシステム
US20130144756A1 (en) Transaction system
KR20090001844A (ko) 모바일뱅킹을 이용한 모바일간 결제 서비스 방법
KR20030082018A (ko) 양방향 문자메시지를 이용한 신용카드 거래승인 방법
US11468429B1 (en) Payment method and system through generation of one-time payment-only number of real card linked with application
RU2367017C2 (ru) Способ осуществления кредитной транзакции для покупки товаров или услуг
Premchaiswadi et al. A Study of an On-Line Credit Card Payment Processing and Fraud Prevention for e-Business
KR20040075206A (ko) 무선 단말기를 이용한 신용카드 결제 시스템 및 그 방법
JP2001331754A (ja) 代理受払決済システム
IES20000468A2 (en) A processing method and apparatus
KR20060058881A (ko) 휴대용 단말기에서 카드사용결과에 대한 문자메시지 선별검색 방법

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20061108