CN1922623A - Wireless wallet - Google Patents
Wireless wallet Download PDFInfo
- Publication number
- CN1922623A CN1922623A CN 200580005149 CN200580005149A CN1922623A CN 1922623 A CN1922623 A CN 1922623A CN 200580005149 CN200580005149 CN 200580005149 CN 200580005149 A CN200580005149 A CN 200580005149A CN 1922623 A CN1922623 A CN 1922623A
- Authority
- CN
- China
- Prior art keywords
- mobile phone
- user
- credible
- mobile
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
A mobile phone system and method of initializing, at a secure transaction server (STS), a mobile payment software with a software authentication parameter, as an authentic mobile payment software; providing an STS correlation between a personal identification entry (PIE) and the authentic mobile payment software; installing, in a mobile phone, the authentic mobile payment software; and inputting, by a user, the PIE to the installed authentic mobile payment software to generate according to the PIE and the software authentication parameter a transformed secure authenticable mobile phone cashless monetary transaction over the mobile phone network, as a mobile phone wireless wallet of the user of the mobile phone. The mobile phone authenticable cashless monetary transaction is performed according to an agreement view(s) protocol.
Description
The cross reference of related application
The application relates to and is the part continuation application of the part continuation application of the part continuation application of the U.S. Patent application No.10/458205 that submitted on June 11st, 2003, U.S. Patent application No.10/628584 that on July 29th, 2003 submitted to, U.S. Patent application No.10/628569 that on July 29th, 2003 submitted to and the part continuation application of the U.S. Patent application No.10/628583 that submitted on July 29th, 2003, and wherein above-mentioned U.S. Patent application No.10/458205 requires the right of priority of the U.S. Provisional Patent Application No.60/401807 that submitted on August 8th, 2002; Above-mentioned U.S. Patent application No.10/628584 requires the right of priority of the U.S. Provisional Patent Application No.60/401807 of submission on August 8th, 2002; Above-mentioned U.S. Patent application No.10/628569 requires the right of priority of the U.S. Provisional Patent Application No.60/401807 of submission on August 8th, 2002; And above-mentioned U.S. Patent application No.10/628583 requires the right of priority of the U.S. Provisional Patent Application No.60/401807 of submission on August 8th, 2002.
The application also relates to and requires the right of priority of U.S. Provisional Patent Application 60/544300 (lawyer try a case fully part catalogue listing No.1634.1002P2), this temporary patent application is Yannis Labrou, Jonathan Agre, Lusheng Ji, Jesus Molina Terriza, Wei-lun Chen submitted to United States Patent (USP) trademark office on February 17th, 2004, and its name is called
A UNIVERSAL PERVASIVE TRANSACTION FRAMEWORK APPLICATION:WIRELESS WALLET ON MOBILE PHONE(the general transaction framework is used: the wireless wallet of mobile phone), the content of this application is quoted as a reference at this.
The application also relates to and requires the right of priority of U.S. Provisional Patent Application No.60/549148 (lawyer try a case fully part catalogue listing No.1634.1002P3), this temporary patent application is Yannis Labrou, JonathanAgre, Lusheng Ji, Jesus Molina Terriza, Wei-lun Chen submitted to United States Patent (USP) trademark office on March 3rd, 2004, and its name is called WIRELESS WALLET (wireless wallet), and the content of this application is quoted as a reference at this.
The application also relates to and requires the right of priority of U.S. Provisional Patent Application No.60/575835 (lawyer try a case fully part catalogue listing No.1634.1002P4), this temporary patent application is Yannis Labrou, JonathanAgre, Lusheng Ji, Jesus Molina Terriza, Wei-lun Chen submitted to United States Patent (USP) trademark office on June 2nd, 2004, and its name is called A
WIRELESS WALLET FOR PERSON-TO- PERSON TRANSACTIONS (the wireless wallet that is used for Human To Human's transaction), the content of this application is quoted as a reference at this.
The U.S. Provisional Patent Application No.60/401807 that the application also relates on August 8th, 2002 and submits to United States Patent (USP) trademark office (lawyer try a case fully part catalogue listing No.1634.1002P), the content of this application is quoted as a reference at this.
The application relates to U.S. Patent application No.10/458205 (lawyer try a case fully part catalogue listing No.1634.1003), this patented claim is Yannis Labrou, Lusheng Ji and Jonathan Agre submitted to United States Patent (USP) trademark office on June 11st, 2003, and its name is called
SECURITY FRAMEWORK AND PROTOCOL FOR UNIVERSAL PERVASIVE TRANSACTIONS (the safe framework and the agreement that are used for general transaction), the content of this application is quoted as a reference at this.
The application relates to U.S. Patent application No.10/628584 (lawyer try a case fully part catalogue listing No.1634.1002), this patented claim is Yannis Labrou, Lusheng Ji and Jonathan Agre submitted to United States Patent (USP) trademark office on July 29th, 2003, and its name is called
METHODS FOR PURCHASING OF GOODS AND SERVICES (buying commodity and service method), the content of this application is quoted as a reference at this.
The application relates to U.S. Patent application No.10/628569 (lawyer try a case fully part catalogue listing No.1634.1004), this patented claim is Yannis Labrou, Lusheng Ji and Jonathan Agre submitted to United States Patent (USP) trademark office on July 29th, 2003, and its name is called
APPARATUSES FOR PURCHASING OF GOODS AND SERVICES (buying the equipment of commodity and service), the content of this application is quoted as a reference at this.
The application relates to U.S. Patent application No.10/628583 (lawyer try a case fully part catalogue listing No.1634.1005), this patented claim is Yannis Labrou, Lusheng Ji and Jonathan Agre submitted to United States Patent (USP) trademark office on July 29th, 2003, and its name is called
FRAMEWORK AND SYSTEM FOR PURCHASING OF GOODS AND SERVICES (buys commodity and service Framework and system), the content of this application is quoted as a reference at this.
Technical field
The present invention relates to a kind ofly can carry out credible transaction, for example wireless computing device of believable cash-free moneytary operations.The wireless wallet of for example a kind of mobile phone.
Background technology
Following ubiquitous computing environment will be made up of the mobile subscriber with information calculating device (mobile device), described information calculating device for example is cell phone or PDA(Personal Digital Assistant), and it will carry out radio communication and mutual with various services of running in any particular moment and place and device.Proposed many application that can under this environment, move from research institution and business circles, but do not had powerful market for arbitrary specific application.Obviously, to appear at the key factor in the market be to use mobile device to carry out the ability of financial transaction safely under this environment form for general computing technique.
Yet mobile device, particularly mobile phone may present some feature, such as: limited capability (computing power, communication bandwidth, battery capacity, small display, limited keyboard etc.); The technical typical user of not understanding and can not excessively undertaking the complicated applications of concluding the business with other side's execution; And be considered at the unsafe wireless transmission net of network layer.
For Mobile business (m-commerce) problem, people have advised many methods and solution.A small amount of manufacturer provides support wireless lan (wlan) mobile phone, and Motorola (MOTOROLA) and Nokia (NOKIA) have issued the bulletin that this phone was provided in 2004.
Present Mobile business practice comprises Web paving payment (Web Store-Front Payment), and wherein the consumer pays the bill to commodity or service that the retailer who exists with the internet provides.For the web page that is the special preparation of mobile device, such as the webpage of supporting WAP, people can use mobile device to buy, and carry out e-commerce transaction as the web browser on the common use personal computer.But, because payment typically needs login and keys in the user name and password, so this method is unrealistic and efficient is very low on mobile device, even this transaction is used wireless application protocol (wap) and is carried out via the secure network link of link such as HTTP or secure network communications interface layer (SSL), also is like this.In many current web browse application, the consumer can be to the one or more accounts of finance of businessman's registered in advance, so that save time and avoid repeating to import its financial information, but this method needs the consumer to register a plurality of user account information to a plurality of businessmans.In addition, under physical point of sale (pos) (POS) situation,, be too complicated so dispose according to commercial point of view because usually relate to and the binding of the integration of terminal store system and certain form between payment person and the actuals bought.
From the viewpoint of data security, existing Mobile business data security scheme depends on Public Key Infrastructure (PKI) technology.Yet the PKI scheme is subjected to the influence of the complicacy of low calculated performance under the mobile device environment and user experience.Existence can be used for PKI moving many different modes of payment.Propose a kind of scheme that is used for moving payment by MET company limited, discussed this scheme at [www.mobiletransaction.org that on January 5th, 2005 obtained] based on PKI.Under existing Mobile Commerce Security Project scheme, the user uses the certificate account of identifying user identity to sign transaction (buying order) (and do not know that each user has still a plurality of such certificates, each certificate is used for each legal account).For example, most possibly cause confusion from the processing of a plurality of safety certificates of many sellers, and if leave certificate for user, then may be dangerous.Because these certificates are stored in the mobile device, need protection and the storage of release certificate during therefore each the use.If certificate storage realizes with software, then be used for the key of release storage should long enough to protect this storage, perhaps, can use hardware instead and realize the certificate storage, under the situation of mobile phone, the phone that needs are designed for this purpose.This method need be used for the foundation structure of certificate distribution (comprise and cancelling), appropriable mobile phone and can some basic understandings be arranged to certificate and their use by the user.
Summary of the invention
The embodiments described herein relates to the wireless mobile computing device that can make the user carry out the credible transaction of electronics, for example can make the user carry out the mobile phone of credible cash-free moneytary operations.For example, the wireless wallet of user's mobile phone.
A kind of mobile telephone system and method comprise: come initialization to move payment software at secure transaction server (STS) with the software verification parameter, with as credible mobile payment software; Provide person identifier item (PIE) relevant with STS between the credible mobile payment software; Credible mobile payment software is installed in mobile phone; And PIE is input to the credible mobile payment software of being installed by the user, with described credible mobile payment software as the wireless wallet of mobile phone user's mobile phone, with according to PIE and software verification parameter, on mobile telephone network, produce the cash-free moneytary operations of secure and trusted mobile phone through conversion.Cash-free moneytary operations that mobile phone is credible is carried out according to agreement view agreement (agreement view protocol).
Above-mentioned and other scheme of the present invention and advantage part illustrate that in following instructions part can be known understanding from instructions, perhaps can know by the practice of described embodiment.
Description of drawings
Can know subsequently and understand above-mentioned and other scheme and advantage of the present invention; this can return should be in the details below with reference to the accompanying drawing, the structure of more fully describing and asking for protection and the operation that constitute a part of the present invention, and wherein identical mark is represented identical parts in institute's drawings attached.
Figure 1A is the process flow diagram according to the cash-free financial transaction ability of activation mobile phone of the embodiment of the invention;
Figure 1B is the process flow diagram that activates the cash-free financial transaction function of mobile phone in accordance with another embodiment of the present invention;
Fig. 1 C is the synoptic diagram according to the display screen of mobile telephone curtain user interface image of the cash-free financial transaction of activation mobile phone of the embodiment of the invention;
Fig. 2 is according to the functional-block diagram cash-free financial transaction of execution mobile device of the embodiment of the invention, general transaction framework security accord submission (Universal Pervasive Transaction Framework Secure AgreementSubmission) (UPTF SAS) system architecture;
Fig. 3 be according to the cash-free financial transaction of mobile phone of the execution of the embodiment of the invention and effective sale point (POS), based on the functional-block diagram of the system architecture of UPTF;
Fig. 4 is according to the synoptic diagram cash-free financial transaction of execution mobile phone of the embodiment of the invention, submit the cash-free financial transaction message of UPTF of (SAS) agreement to based on security accord;
Fig. 5 is according to the embodiment of the invention and the process flow diagram based on the cash-free financial transaction of mobile phone of UPTF businessman;
Fig. 6 is the process flow diagram based on the cash-free financial transaction of mobile phone of UPTF according to the purchase film ticket of the embodiment of the invention;
Fig. 7 A-B buys the cash-free moneytary operations of mobile phone of film ticket and the display screen of mobile telephone curtain user interface of acquisition, storage and the cash-free moneytary operations of retrieval transaction receipt according to the execution of the embodiment of the invention;
Fig. 8 is the process flow diagram of message flow that is used to carry out the cash-free payment transaction of Human To Human's mobile phone based on display screen of mobile telephone curtain user interface image and between requestor's device, secure transaction server (STS) and the person of being requested according to the embodiment of the invention.
Fig. 9 is the process flow diagram of message flow that is used to carry out the transaction of the cash-free payment request of Human To Human's mobile phone based on display screen of mobile telephone curtain user interface image and between requestor's device, secure transaction server (STS) and the person of being requested according to the embodiment of the invention.
Figure 10 is according to the whole display screen of mobile telephone curtain user interface image of the embodiment of the invention and the possible workflow that can use for the operator of the wireless wallet of carrying out the cash-free moneytary operations of Human To Human on mobile phone.
Figure 11-the 12nd, the synoptic diagram of the cash-free moneytary operations message format of mobile phone Human To Human of the cash-free moneytary operations of the various mobile phones of execution according to the present invention.
Embodiment
Describe current embodiment of the present invention, the example of described embodiment shown in the drawings below in detail.Hereinafter, these embodiment are described with reference to the accompanying drawings, to explain the present invention.
In general, following three class Mobile businesses transaction is arranged:
1. Human To Human's payment: the consumer can use their mobile device directly to make about the agreement to another consumer's payment.
2.Web paving payment: commodity or service payment that the consumer provides the retailer who exists with the internet.The user uses mobile device to browse retailer's the web page, with commodity or the service that identification will be bought, payment then.The example of this situation is to come book payment or purchase film ticket by the web service.
3. physical point of sale (pos) (POS) is bought: such as when the consumer in " entity StoreFront " shop or restaurant when paying the bill, can use mobile device to pay the bill to the retailer in checkout stations.
Border between these classification is ductile, and can use the viewpoint of swap arrangement to develop their common features.Embodiment described here is suitable for these and/or other Mobile business and concludes the business.
Among the described here embodiment, mobile device is any wireless handheld or looks like hand size, computing electronics, includes but not limited to mobile phone.The user that makes that embodiment described here relates to based on general transaction framework security accord submission (UPTF ASA) agreement carries out the wireless mobile computing device of the credible transaction of electronics, the user that makes that can maybe cannot carry out financial settlement such as (being not limited to) carries out the mobile phone of credible transaction, and/or make the user carry out the mobile phone of credible cash-free finance/moneytary operations, for example, the wireless wallet of the credible mobile phone of user.More particularly, an aspect according to embodiment described here, wireless mobile computing device is according to the time with based on the software of safety (for example encrypt), coupling (in check each other), and anonymous parties, a side or transaction view in many ways are (promptly, in an exemplary embodiments, be paired and/or plural transaction view) provide user's electronic credible transaction.
Figure 1A is the process flow diagram according to the cash-free moneytary operations function of activation mobile phone of the embodiment of the invention.Be used to make the user to carry out the credible transaction of electronics (promptly, the computer system and method for the wireless mobile computing device electronically validating of user and/or customer transaction) comprises: in operation 50 and 52, at secure transaction server (STS) 120, come initialization to move the payment software template with the software verification parameter, with as credible mobile payment software 108.In operation 54 and 56, the identifier with person identifier item (PIE) and mobile phone 106 on STS 120 is associated with credible mobile phone payment software 108.In operation 58, credible mobile payment software 108 is installed in mobile phone 106.In operation 60, on mobile phone 106, use PIE to move mounted credible mobile payment software 108, with described credible mobile payment software 108 as the wireless wallet of mobile phone 106 user's mobile phone, to carry out the credible cash-free moneytary operations of mobile phone.More particularly, in operation 60, the user is input to mounted credible mobile phone payment software with PIE, with the cash-free moneytary operations of secure and trusted mobile phone according to this PIE and the conversion of software verification parameter generating process.According to the aspect of embodiment described here, in operation 50, select one or more software verification parameters, it can be the establishment of (being not limited to) new seed (seed), such as new random seed number, and initialization time.In operation 56, STS 120 stores the unique identifier that is used for mobile phone 106 and (is referred to as device id in database 203, perhaps DID), this identifier for example can be the Mobile Directory Number of mobile phone 106, perhaps the PIE of some global unique identification that produces at random symbol (GUID), mobile phone telecommunications company (depending on the circumstances), the software verification parameter of selecting in operation 50 and generation.According to the aspect of described embodiment, Mobile Directory Number can also be as the device identification of mobile phone 106.STS 120 uses the unique identifier (device ID (DID)) of mobile phone 106 that transaction message is associated with credible mobile phone payment software 108; Be associated with DID and software verification parameter with at the PIE of STS 120 storages, thereby STS 120 can produce the key corresponding with the device 106 with DID.Mobile Directory Number (for example, notice etc.) (for example, short message service (SMS) and/or the multimedia messaging service, MMS (MMS)) that can be used for communicating by letter with mobile phone 106.According to known technology, mobile phone 106 can be a mobile phone of supporting the internet.PIE is described in further detail below.Cash-free moneytary operations that mobile phone is credible is to carry out according to the agreement view agreement that is referred to as general transaction framework (UPTF) (below be described in more detail), and submits to (SAS) (below's be described in more detail) agreement to protect (for example encrypting) according to being referred to as security accord.An aspect according to embodiment described here, transaction message (for example is bundled into user and device, mobile phone is wireless wallet 106) in unique combination, binding to the user is carried out via PIE, and the binding of equipment 106 is carried out via the software verification parameter of credible mobile payment software 108.Especially, transaction is based on the encrypting messages of SAS, and this encrypting messages can be traced back to the combination of user and device 106 by the software verification parameter of PIE and credible mobile payment software 108.
Figure 1B is the process flow diagram that activates the cash-free moneytary operations function of mobile phone according to another embodiment of the present invention.In Figure 1B, computer system and method comprises: in operation 100, provide the cash-free moneytary operations active link of mobile phone (signatory application 102) at calculation element 102 to the user; In operation 104, come the telephone number of registered user's mobile phone 106 via active link; In operation 105, make and move payment software 108 and software verification parameter correlation connection, with as credible mobile payment software 108; And, be provided at association between person identifier item (PIE) and the credible mobile payment software 108 at STS 120 in operation 110.In operation 112, use the registered telephone number of mobile phone 106, transmit moving the mobile phone download link of payment software 108 to mobile phone 106.In operation 114, move payment software 108 and be downloaded to mobile phone 108 via download link.In operation 116, the user can use optional active coding to activate the mobile payment software 108 of download.After the installation of credible mobile payment software 108, as the wireless wallet 106 of user's mobile phone of mobile phone user (promptly, purse application 108 that mobile phone is wireless), the user can use the wireless wallet 106 of user's mobile phone to carry out the credible cashless transactions of mobile phone user's electronics.
The application platform that moves payment software 108 and be according to mobile phone 106 realizes.For example, can realize moving payment software 108 according to the little versions of Java 2 platforms (J2ME).According to the aspect of embodiment described here,, use short message service (SMS) and/or multimedia messaging service, MMS (MMS) to transmit and move payment software download link to mobile phone 106 in operation 112.
In Figure 1B, after operation 116, can submit to (UPTFSAS) agreement to carry out the cash-free moneytary operations of mobile phone according to general transaction framework security accord.UPTF SAS agreement below has been discussed: the 10/458th, No. 205 patented claim that on June 11st, 2003 submitted in the Xiang Guan common transfer pending trial U.S. Patent application; The 10/628th, No. 584 patented claim that on July 29th, 2003 submitted to; The 10/628th, No. 569 patented claim that on July 29th, 2003 submitted to; With the 10/628th, No. 583 patented claim of submitting on July 29th, 2003, this patented claim is had by the application's assignee FUJISU company limited, more than all applications all be disclosed in this for reference.
In Figure 1B, in operation 105, move payment software 108 and comprise with the related of software trust parameter: the provider 122 by the cash-free moneytary operations activity of mobile phone produces UPTF random number identifier, thereby the UPTF random number can be associated with the user; And the registered telephone number that transmits UPTF random number identifier and mobile phone 106 to secure transaction server (STS) 120.For example in operation 105, be under the situation of payment business 122 of parties (user) registration financial account information in provider 122, payment business 122 can be when communicating by letter with STS 120 designated identification user's UPTF random number identifier (identifier of extraction) 123.Therefore, STS 120 can communicate by letter with provider 122 based on the 122UPTF of provider random number and under the situation of not knowing real trade side's accounts information, to carry out the transaction based on UPTF.In addition, operation 110 comprises: comprise that by STS 120 generations the mobile payment software of carrying out of initiation parameter is as credible mobile payment software; And be created among the STS PIE relevant with credible mobile payment software 108.In operation 112, the transmission of moving payment software download link comprises the download link that is transmitted mobile payment software 108 by STS 120 via short message service (SMS) to user's mobile phone 106; And provide PIE to the user by STS 120.Described embodiment is not limited to generation, activation and the installation of above-mentioned credible mobile payment software 108, and, in operation 58, can be detachable via mobile phone/(for example can install, smart card) and/or the embedded computer computer-readable recording medium come to install or provide credible mobile payment software 108 for mobile phone 106, wherein download link, e-mail attachment link or the like via e-mail are embedded in described medium in the mobile phone computation processor.
Fig. 1 C is the synoptic diagram according to the display screen of mobile telephone curtain user interface image of the cash-free moneytary operations of activation mobile phone of the embodiment of the invention.When mobile phone 106 when the STS 120 that represents provider 122 receives SMS message, at operation 112 explicit user interface screen images 150.User interface screen image 152 shows the SMS message that has received, and described SMS message is used to instruct mobile phone user's access internet address, to download credible wireless wallet software 108.When finishing when credible wireless wallet software 108 downloaded to mobile phone 106 explicit user interface screen image 154 after operation 114.When credible wireless wallet software 108 is installed, explicit user interface screen image 156.When providing the optional active coding of credible wireless wallet software 108 with when mobile phone 106 is imported, at operation 116 explicit user interface screen images 158.After via user interface screen image 158 input active codings, explicit user interface screen image 160, described image confirms to have activated credible wireless wallet software 108 to the user, and prepares to carry out the believable cash-free moneytary operations of mobile phone user's electronics.
An aspect according to embodiment described here, in operation 100, provide mobile phone cash-free moneytary operations active link to member as user's provider 122 such as the provider 122 of online payment system/business, businessman/service provider, financial institution etc.Under the situation of online payment system 122, the cash-free moneytary operations of mobile phone that described embodiment uses the wireless wallet 108 of user's mobile phone that the member-to-member is provided.
According to the aspect of embodiment described here, in operation 110, STS 120 sends PIE to provider 122, and in operation 111, provider 122 receives PIE, and shows PIE to the user at computing machine 102.In operation 111, in order to increase security, PIE can only be an image, makes provider 122 not know this PIE, thereby allows the parties anonymity.Can transmit PIE such as modes such as mail, Email, client traffic representatives according to other secured fashion.
Therefore with reference to Figure 1A and Figure 1B, in unrestricted example, wireless purse application 108 should be used for implementing as J2ME, and this application can download on the mobile phone 106 and operation thereon, and can make the user handle general transaction framework (UPTF) to buy and pay the bill.At present the many mobile phones that provided by American Telecommunications Corp are to support J2ME and support web, thereby the universal availability of the J2ME on mobile phone can be enabled the new commerce model of giving the mobile subscriber content and service delivery.Use J2ME, anyone can send at customized content or to the business of mobile phone and develop Downloadable J2ME application program.This is the situation of wireless purse application 108, and this application allows to use mobile phone 106 that the Secure Payments business is provided.
The wireless purse application of J2ME is relatively little application (according to the present invention, usually less than the 90K byte), function of its combination web browser (for example, cHTML web browser) and the function of implementing the purchase application of UPTF SAS framework and security protocol.It allow the mobile subscriber to enable and Deactivate Payment functional, and the receipt bought of storage.Any retailer or payment business can provide wireless wallet method, so that the client pays the bill with their mobile phone.This is to use mobile device to solve the pure software scheme of Secure Payments problem.If the provider of wireless wallet is web paving retailer such as film ticket provider, then wireless purse application 108 can be used for any account of this retailer of subtend registration and pay the bill.If provider is online payment business, then wireless wallet software 108 can be used for can presenting this payment service at a plurality of payment service interface or " entity StoreFront " retailer that intermediary service/system accepts to pay the bill pays the bill to other online payment business user (Human To Human) or to using.In latter instance, businessman can use businessman's version of wireless wallet client 108 to come assigned transaction information, as Payment Amount.By the client use with wireless purse application 108 that businessman retail application software is connected on the key entry receipt number (for example, the receipt of in the receipt in restaurant, printing number) and/or merchant identifier (for example for the payment of having a dinner, the telephone number of businessman comprises the POS of businessman identifier etc.) such mode can the processing and identification client will be via mobile phone 106 to the problem of what payment; Its objective is virtual shopping cart and particular consumer binding.
More detailed mobile payment software 108 is downloaded and is activated as described below:
1. after the user uses a computer the web website of device such as personal computer 102 login providers 122, present the option that uses the user's mobile phone payment, and the user is guided to the webpage of telephone number that is used for the mobile phone of the cash-free payment of mobile phone to user's query again.
2. provider 122 produces UPTF ID (random number) for the user name and password of having caught (operating 105), and sends UPTF ID and Mobile Directory Number to STS 120.Therefore, in this example, provider 122 needn't share user's real accounts information with the operator of STS 120, but provider 122 and STS 120 will conclude the business based on the random identifier that is produced by provider 122 and the user interrelates.
3.STS 120 create new wireless wallet 108 (each the UPTF demand of carrying out subsequently, have " refreshing " initiation parameter), download this link that can carry out wireless wallet, optional active coding and person identifier item (PIE), all these be correlated with and safeguard (operation 50-56 and 110) at STS 120 by STS 120.STS 120 can send PIE to provider 122.
4., then receive this PIE, and this PIE is shown to user's (operation 111) by provider 122 if STS 120 sends PIE to provider 122.Randomly, STS 120 can provide active coding to the user via SMS (for example, operation 116) or via provider 122 (for example, operation 111).As selection, can for example, PIE and active coding (depending on the circumstances) be passed to the user by the channel except provider 122 or SMS via mail, Email etc.Usually in the present invention, active coding is numeral (being convenient to user's input), and as a time password, it encrypts the initiation parameter about UPTF of downloaded software 108, if so the third party assailant tackles this software when transmission, then this assailant can not the distinctive initiation parameter of access means.
5.STS utilize download link to transmit short message service (SMS) message (operation 112) to the Mobile Directory Number of input in advance.
6. the mobile subscriber downloads wireless wallet software 108 (for example in operation 114, can be easily from the direct access link of SMS text itself), uses wireless wallet software 108 (operating 116) subsequently.Initial activation can comprise the use active coding.Otherwise in operation 116, the user can use wireless wallet software 108 to carry out the cash-free moneytary operations of mobile phone by only using PIE subsequently.
In operation 114 backs (after wireless purse application 108 is downloaded to mobile phone 106), wireless wallet 108 is prepared to use; Can use pays the bill to any account of wireless wallet provider 122 registrations buys and/or financial transaction.This scheme of distributing software guarantees the safety issue of software when request and the secure distribution of PIE.The issue model of mobile phone is wireless wallet software 108 is implemented, to download on mobile phone 106 and to install and can carry out J2ME.The operation of software 108 is very easy to, and exchange hour mainly depends on the speed of mobile phone carrier network.Based on test, the cash-free moneytary operations time of mobile phone can change between 30 and 45 seconds, and this difference is returned should be in the delay about network of mobile communication company.For each transaction, by moving the traffic (after determining what to be bought) that payment software application 108 produces less than 1K byte (transmission/reception), because the cash-free moneytary operations message of each mobile phone can be less than 256 bytes.In unrestricted example, communicating by letter or come route or be routed directly to STS 120 (to depend on the type of financial transaction between the time of payment between mobile phone 106 and STS 120 by provider 122, to describe in detail below), and propagate via the internet hypertext transfer protocol on the mobile telephone communications network network (HTTP).More particularly, because UPTF SAS safety is based on message view (as being described in more detail hereinafter) and encrypts (promptly, not based on the communication session security), such as the nothing dialogue of secure network communications interface layer (SSL), therefore fully improve the Secure Transaction treatment effeciency that is undertaken by mobile phone 106.
Fig. 2 is a block scheme of submitting (UPTF SAS) system architecture according to the general transaction framework security accord of the cash-free moneytary operations of execution mobile device of the embodiment of the invention to.In Fig. 2, color is used for highlight feature/notion described here.General transaction framework (UPTF) based on independence and anonymous deal agreement view and the security accord that is called that is used to transmit this view submit to the communication security agreement of (SAS) agreement to come the define system structure.In fact UPTF provides conduit (vessel), this conduit can use communication network that each side that the view separately of swap arrangement relates to from transaction is sent to the third party who is trusted who is used to verify, wherein said communication network can comprise the dangerous part such as WLAN or cellular link.When the financial application that is used for such as the electronic wireless wallet, parties is payment person 200 and collector 202, for example client payment person 200 and the collector of businessman 202, and the representative instance of " agreement " can be read: " A side will be a project Y payment X dollar to B side ".
UPTF SAS agreement is used symmetric key scheme encrypt/decrypt transaction message, and wherein key only can be produced by each side's device 106 and the third party's (for example being implemented as STS 120) who is trusted, and transmission security key in each side not.In other words, UPTF SAS provides implicit user rs authentication, verifies transmit leg because the message of being encrypted by 120 pairs of transmit legs of the third party who is trusted such as STS is decrypted.SAS guarantees that the authenticity of each side is verified, and during transmitting, even when each side distrusts each other and comes the message of My World to be transmitted to third-party authentication by the opposing party, also can protect the privacy (parties anonymity) of information.UPTF also provides the third party who is trusted with the consistent each other mechanism of the separate views of check agreement.
In the transaction view extraction agreement data that receive from each side and after, also need to take the behavior of actual execution agreement by the third party inspection data of being trusted.This is by realizing that with the mutual third party who is trusted of financial institution these financial institutions are associated with payment person 200 and collector 202, so that the account transfer of setting up the appointment fund between client payment person 200 and the collector of businessman 202.
Display radio wallet UPTF system architecture in Fig. 2, this structure comprises: operation UPTF device (being called UPTD) is as the payment person 200 of the mobile phone 106 that loaded the wireless wallet 108 of mobile phone; Operate the collector 202 of another UPTF device; Secure transaction server (STS) 120; A plurality of financial institutions 204; And the some communication ports among them.For example, the wireless wallet 106 of mobile phone that payment person 200 operation and collector 202 are mutual determining the details of purchase-transaction, and is carried out UPTF agreement and its corresponding safe operation SAS.The wireless communication ability that mobile phone is wireless wallet 106 can support via collector 202 service point (connecting the place that the signal of the wireless wallet 106 of mobile phone exists) discovery/connection collector 202 is required.The wireless communication ability of the wireless wallet 106 of mobile phone of communicating by letter with service point payment person 202 and/or STS 120 can be wireless lan (wlan) and/or mobile phone communications (honeycomb) network.Mobile phone is wireless, and wallet 106 can also have user interface, is used for by some general purpose application program and payment person 202 alternately, and connects STS 120 when needed.Collector 202 also can operate UPTD, and such as the merchant transaction server (MTS) 302 of implementing retail application, this server 302 is responsible for payment person 200 mutual, carries out UPTF agreement and its corresponding safe operation and mutual with STS 120.In Figure 1B, be under the situation of online payment system in provider 122, provider 122 will be corresponding to the financial institution 204 of Fig. 2, thereby allows the cash-free moneytary operations of UPTD Human To Human of carrying out any kind via passage A, B and C as logical communication channel.Certainly, STS 120 and financial institution 204 can be realized by single entity or separate entities (depending on the circumstances).
According to the aspect of embodiment described here, STS 120 is back-end authentication servers that payment person 200 and collector 202 have registered thereon, and this server is provided at the identification accounts information of safeguarding in the safe STS database 203.Be used for encrypting arrival/also be stored among this DB 203 from the secret information of each payment person 200 and collector's 202 message.STS 120 receives the independent UPTF SAS transaction view (following with more detailed description) that produces about the financial transaction of carrying out from payment person 200 and collector 202 between them.STS 120 can use from the information of the cash-free moneytary operations message of UPTF SAS and the information in STS 120 databases 203 of the being stored in two kinds of views of decoding.After successful decoding, STS120 verifies that this view message is original, real, comprises expection payment person 200 and collector 202, and the information field in the checking agreement view is consistent each other.STS 120 will keep the login of the message informing activity that is used to approve purpose.
In Fig. 2, clearly indicated the operated by rotary motion of communication port.Shown in communication port reflected anonymity (anonymous deal side communication passage) according to the communication of the parties of UPTF.Passage A (Ch A) represents the link between payment person 200 and the collector 202 in logic.This link is used for consulting the details of cash-free payment transaction.This respect is based on application program and part that do not think the UPTF framework.Ch A may exist or may not exist, if exist, then for example under the situation of the mobile phone 106 of supporting WLAN, it may be a wireless channel, and/or in selling financial transaction point under the situation of the non-WLAN mobile phone 106 of use, passage A can be the verbal message between payment person 200 and the collector 202.Channel B and C are the example logical links between payment person 200, collector 202 and the STS120.Under the situation of the wireless wallet 106 of mobile phone, channel B and C are the mobile telephone communications network networks that can carry internet communication.In most of the cases, these passages are not direct link, but comprise the communication by mobile communications network and/or internet.In general, these passages are dangerous passages.204 passage D is dissimilar passage from STS 120 to financial institution, and it is the high safety communication path by hypothesis.In addition, STS 120 is installed in the shielded facility by hypothesis itself, so its database 203 is safe physically and can not be from access to netwoks.
The operation that is included in the wireless wallet 106 of mobile phone in the example transaction is described below with reference to Fig. 2.Payment person (operator) 200 is by clear and definite action launching SAS agreement, and input is by the PIE of STS 120 in operation 110 generations.This allows payment person 200 to produce the view of transaction, and based on PIE and software verification parameter this view of encrypted private key with it, the view with encryption sends to STS 120 as message then.Similarly, collector (operator) 202 input also is self PIE that is produced in operation 110 by STS 120, and produces its transaction view, with its encrypted private key view, then this view is sent to STS 120 based on PIE and software verification parameter.STS 120 receives the view of having encrypted and passes through successful view deciphering (promptly, successful view is deciphered and is verified the user) and the successful comparison (that is, transaction is relatively verified in the success of parties view) of two or more views (depending on the circumstances) check view.STS 120 backward channel D safe in utilization subsequently is with to be used for the payment person 200 of transfer fund and collector's 202 financial institution 204 mutual.STS 120 sends back to payment person 200 and collector 202 to receipt (perhaps failure notification), to finish transaction.For each intended destination, also be to replying message encryption by STS 120.
Other example described here is the particular instance of the UPTF system architecture of Fig. 2.Particularly, the common modification of this scheme of physics POS configuration expression.For this situation, payment person 200 is customer set ups, as carries out the mobile phone 106 of wireless purse application 108; Collector 202 is devices of businessman's operation.The device of businessman operation is positioned at fixing website, and can be more powerful computing machine and the complementary network service is provided, such as Internet connection.Do not use payment person 120 to STS 120 direct channel ch B, but transmit payment person 200 the cash-free moneytary operations message of UPTF to STS 120 by businessman 202.In the case, passage A and B will be the mobile communication passages between payment person 200 and the business server 302, so that the Transaction Information of mobile phone user and businessman (such as buying available merchant product/service) is tied up, and payment person 200 UPTF transaction message is transmitted to STS 120 (referring to Fig. 3,5 and 6) by business server 302.The attribute of agreement prevents that businessman is from client's 200 collection personal information.Further describe other details below as the ciphering process of the part of SAS.
Therefore, the wireless purse application 108 of mobile phone 106 is based on the common framework that is called general transaction framework (UPTF), ordinary construction and new security protocol, and this new security protocol is used the mobile device on the wireless-transmission network to carry out safety and reached an agreement in many ways.This framework is designed to handle several critical aspects of the general environment that is exclusively used in anticipation.
Fig. 3 is the functional block diagram based on the system architecture of UPTF according to the cash-free moneytary operations of execution mobile phone of the embodiment of the invention.General transaction device (UPTD) is wireless mobile computing device, such as mobile phone 106a-n, realizes wireless wallet by corresponding credible mobile payment software 108a-n is installed based on UPTF SAS in mobile phone 106a-n.A kind of computer system and method comprises: the Transaction Information that will move payment software 108a and parties (for example online retail application 302 of businessman) bundlees; On user's mobile phone 106a, import PIE by the user; Carry out credible mobile payment software 108a and present the optional tabulation of extracting relation identifier (being other identifier of level that removes from real identifier) at mobile phone 106a by STS, these identifiers corresponding to the relevant registered financial entities of user of credible mobile payment software 108a; And use PIE and software verification parameter, according to the mobile phone cash-free moneytary operations of UPTF transaction message execution with parties 302, described UPTF transaction message comprises the identifier of mobile phone 106a, the identifier of parties 302 and the identifier of transaction, wherein based on the credible mobile payment software 108a of mobile phone 106a with STS 120 relevant combinations (described STS is relevant to be credible mobile payment software 108a and PIE, the software verification parameter, relevant with user's financial entities) with the user, the independence of the UPTF transaction message between parties and the STS, anonymous exchange provides mobile phone wireless wallet.As following will being described in more detail; credible mobile payment software 108 and STS 120 be relevant cause being used for protection (for example encrypting) message security tool (for example; encryption key) generation; and therefore, each message verifies the sender by successfully being deciphered; and under UPTF transaction message situation, verify this transaction by deciphering and the UPTF transaction view that mates one or more parties.
The wireless wallet of UPTD can be a calculation element of supporting the wallet-sized of WLAN, comprise the mobile phone of supporting WLAN, it can detect the physical point of sale (pos) (POS) of supporting UPTF, (for example use WLAN (wireless local area network)/short distance wireless technical, 802.11, bluetooth, infrared ray etc.) be wirelessly connected to POS and allow their owner to buy and/or pay the bill with the wireless wallet of UPTD.The wireless wallet of UPTD can also be the mobile phone that does not have the WLAN ability.For example by with reference to quote for reference U.S.'s unexamined patent application 10/628 at this, 583 (application attorney docket 1634.1022) can clearly be understood, the credible transaction of UPTF of use UPTD (as the mobile phone of supporting WLAN) has wherein been described, this patented claim proposed on July 29th, 2003, and was had by the assignee FUJITSU company limited of present patent application.Here in the exemplary embodiments of Tao Luning, the wireless wallet of UPTD is internet and/or the mobile phone 106 that can support web (below be called mobile phone 106 or the wireless wallet 106 of mobile phone).For example, mobile phone is wireless, and wallet 106 can be used for ordering dishes at the restaurant, payment then, mode is as follows: (1) consumer 200 activates wireless wallet software 108 functions of UPTD mobile phone by the processing according to Figure 1A, Connection Service point businessman 202 (for example on mobile telephone communications network network 317, described service point businessman 202 can be to be used for cinema's ticket, retail application server 302 on the internet 310 of refuelling station etc., point of sale 315 on the physical location of businessman 202)-retail application 302 realizes that virtual paving (is used for order item or retrieval Payment Amount, and can be via the web server access), and realize being used for starting the function of the relevant UPTF of the cash-free purchase of mobile phone; (2) the wireless wallet 106 of mobile phone shows the tabulation (via the passage A between wireless wallet 106 of the mobile phone among Fig. 2 and Fig. 3 and the retail application 302) of effective businessman 202 that service is provided; (3) consumer 200 selects service (for example order dishes or pay the bill at check-out counter) the simple keyboard input of wireless wallet 106 usefulness of mobile phone; (4) in a single day determine purchase volume, consumer 200 begins the payment stage thus and causes the 202 retrieval purchase orders (that is, reaching an agreement on) from businessman just by the appointment payment button that is pressed on the wireless wallet of mobile phone; After consumer 200 visual examination, requesting consumption person 200 input consumers' safe PIE (also at random select be used for paying the bill that financial entities account); (5) if Transaction Success, consumer 200 is confirmation of receipt and receipt (service point businessman 202 also receives the notice of Successful Transaction) on the wireless wallet 106 of mobile phone.
Importantly, clearly start the payment stage (5), the PIN key entry is served on assailant's the webpage thereby can not cheat the consumer by consumer 200.During here the typical case of described embodiment implements, push the payment button and cause the termination (for example execution thread) of the viewer applications carried out at mobile phone 106, and to the startup of the new application program (for example, another execution thread) of user items (although transparent) in the user.As long as the user does not import PIE under the situation of at first not pushing the payment button, can prevent the abduction of PIE.
Mobile phone is wireless, and wallet 106 can be issued user experience, with fast and the intuitive manner execution based on the cash-free moneytary operations of UPTF SAS.Mobile phone is wireless wallet software 108 is located by allowing in any position (position is independent) to be connected with businessman 202 to issue to imply.Interface that speed and its are simple and unified is effectively, and by some practice, conclude the business and can finish in several seconds (for example 30 seconds, perhaps under the situation of the wireless wallet 106 of WLAN mobile phone less than 12 seconds); Its time spent can give change or the typical cash or the card transaction of the paper receipt of physics less than comprising.Consumer 200 can buy the wireless wallet 106 of (perhaps being provided) mobile phone, and is for example online via signatory appliance computer 102.In other words, consumer 200 will obtain PIE and the wireless wallet software 108 of acquisition (download), be used for making the transaction of mobile phone execution based on mobile phone UPTF SAS.Businessman 202 will provide retail UPTF SAS function and buy and use 302,315.
Fig. 4 is a synoptic diagram of submitting the cash-free moneytary operations message of UPTF of (SAS) agreement according to the security accord based on the cash-free moneytary operations of execution mobile phone of the embodiment of the invention to.In Fig. 4, come highlight feature/notion described here with color.The SAS agreement is used for encrypting and submits to view based on the cash-free financial transaction of the UPTF of expectation.The message structure of SAS and encryption mechanism are designed to provide at the unsafe general communication environment that anticipation is used for radio purchasing the security attribute of many expectations, such as:
The о checking: because the integrality of agreement group, therefore agreement side and authentication are verified mutually;
The о anonymity: agreement can be keeping anonymous each other, and its other party is given in the information non-disclosure relevant with individual and/or account;
The protection of о treaty contents: keep agreement secret, it resists alters, and can not replay, and strong approval characteristic is provided.Particularly, will continuously change, time-dependent, device private key be used for encrypting view.
Basic SAS algorithm is very suitable for using the system of the low-cost user's set of limit calculation resource, the complicacy of minimum user use simultaneously.In addition, use required some information, particularly PIE of SAS, for good and all be not stored on the UPTD 106, and be not included in any data trade, so if UPTD 106 loses or be stolen, then UPTD 106 can not use.The additional detail of SAS and encryption mechanism is provided below with reference to Fig. 4.
Fig. 4 has shown the inner structure of view message 402,404 (that is the cash-free moneytary operations message of UPTF SAS) and has produced processing.View 402,404 based on UPTF SAS is realized with software and/or computing hardware as the electronic wireless wallet software application of carrying out in UPTD 106 (such as mobile phone 106) 108.Because from payment person and collector's view the 402, the 404th, symmetrical, therefore payment person 200 view 402 is only described.The symbol that uses among Fig. 4 is explained as follows:
о DIDc: device ID, the unique identifier of payment person's UPTD device 106 (consumer (c) or source parties).
о DIDm: device ID, the unique identifier of collector's device (businessman (m) or destination parties).
о RSN: sequence number at random.
о TS: the local current time stabs.
о TID: transaction id, distribute to the unique identifying number of agreement, it is safeguarded by STS 120, to identify corresponding UPTF agreement view 402,404.
о MD: eap-message digest
о PIE: the person identifier item, secret of the input that user and STS 120 safeguard is such as alphanumeric character string.In the described here exemplary embodiments, PIE is only safeguarded by user and STS 120, the opposing party and/or the financial institution 122,204 of transaction do not know and/or do not safeguard this PIE, and this PIE is called the payment person's 200 of the person's view 402 that is used for the encrypted payment the intermediate parameters of mobile phone 106 temporarily.More particularly, PIE is not included in the transaction message (for example, UPTF SAS message and/or based on the informational message of SAS), thereby wireless wallet software 108 does not transmit PIE.PIE is safe being quite short alphanumeric character string under the situation such as 4 bit digital.As long as the user attempts transaction, the user just keys in PIE.Be preferably in the user and registered after the customer equipment 106 employed application 108, PIE is issued the user.At this time, the user also can select PIE.PIE is an alphanumeric character string.In order to quicken user input, make that the user is easier to remember it, PIE can be the number such as 4 or 5 PIN.Yet, the term of execution of the UPTF agreement, never transmitting on the meaning of PIE, PIE is the information of a high safety, it only is known to user and the STS 120, so its secret will be well protected.Suppose that the user can perhaps can use the biometrics device such as fingerprint sensor to produce this PIE definitely with secured fashion input PIE on mobile phone 106.For example, the calculating that is applied to the finger print data that receives from fingerprint sensor can be used for producing the PIE that is transmitted to STS 120 at first by the user.As long as the user attempt the transaction, the user just her finger plaster on fingerprint sensor, produce PIE thus.This PIE is not kept in the permanent memory of mobile phone 106, but as the required intermediate parameters of encryption key that produces transaction, and equipment 106 should not keep it greater than the transaction execution time during.Be not easy to the form of user for the PIE of each agreement transaction input if particular implementation of the present invention uses, and device needs its user PIN of storage, then storer must safety and is resisted and alter.
As shown in Figure 4, view 402 comprises ciphertext part (or encryption section) 406 and cognizable (for example, expressly) part 408.Expressly part 408 comprise TID, produce view 402 payment person 200 DIDc and install local current time of 106 and stab (TS).Among described here other function, TS also is used for preventing transaction playback (replay).Encryption section 406 comprises the both keyword section: the DIDm that is included in agreement data in the agreement and payment person's 202 device 106.DIDm is that minimum needs reference field, so that the expectation checking attribute of UPTF agreement is provided.Therefore, the user can be according to PIE and wireless wallet software 108 certificate parameter RSN and transaction message, carry out UPTD 106 cash-free moneytary operations with a parties, described transaction message comprises the mobile phone identifier, the identifier of parties and the identifier of transaction are (for example, the data of identifier and/or relevant other transaction, as Payment Amount etc.), wherein based on the combination of the mobile payment software at UPTD related with STS (this association be PIE and software verification parameter with user's financial entities related), and the user, the exchange of the transaction message between parties and the STS 120, thus UPTD is provided wireless wallet.
At first, utilize the DIDc that obtains from the local clock of UPTD and TS (and/or as the part of agreement data provide) to produce the RSN of dependence time by the pseudo-random data generator of equipment 106.Therefore, the parameter of generator all is specific to each equipment 106.Import PIE (in Fig. 4, showing) generation encryption key K according to RSN and user subsequently, wherein produce PIE by the STS shown in Figure 1A 120 with green color.At first, use function F to make up RSN and PIE, then hash function H is applied to result's (normally character string), to produce encryption key.
K=H(F(PIE,RSN))
The eap-message digest function can be applied to reach an agreement on data, DIDm and DIDc are to produce the MD of view.MD can be by guaranteeing that its other party is altered never in any form or the content of revising view 402 tightens security.The cryptographic algorithm that will have encryption key K subsequently is applied to MD, agreement data, DIDc and DIDm, to produce the ciphertext part of view 402, shown in yellow color among Fig. 4.For further protection, the SAS agreement uses random message to fill, and attacks so that further prevent " known text ".According to the aspect of embodiment described here, this embodiment has used the Advanced Encryption Standard (AES) that is used to encrypt, key entry hash (HMAC) scheme based on message authentication that is used for the random number generation, and the SHA1 Secure Hash Algorithm that is used for hash function.
What STS 120 had in encryption the function that used by each equipment 106 and a special parameter enough has knowledge now, thereby when the plaintext with message 402,404 partly makes up, can decrypt 402,404 by putting upside down above-mentioned processing.For example, STS 120 recovers DIDc and TS according to the plaintext 408 of view 402, and described DIDc and TS are used for searching other parameter of the client's 200 that can be stored in STS database 203 PIE and RSN generator.Described these are used for calculating RSN.Use the method identical to calculate encryption key K subsequently with client UPTD 106 generation encryption keys.The ciphertext part 406 of the view message 402 of decoding then.
But after all application field of the person's of collecting payment 200 views 402, STS 120 uses DIDm in payment person's 200 views 402 that are included in early decoding and TID to locate payment person's 202 views 404 for same transaction.Through after the similar decryption processing, the decoding field of the agreement data of payment person's 202 views 404 and respective field according to payment person's 200 views 402 are compared.If all applicable respective field couplings (according to the Application Design correspondence) think that then the view 402,404 that has received is verified.Carry out then and further handle and trigger as required outside operation.
Use identical encryption method and use the parameter of target device 106,302 and the TS of original transaction, by STS 120 encrypt from STS 120 to payment person 200 or any of collector 202 reply.Have only the receipt of expection just can decipher response message, thereby guarantee privacy protection and the checking of STS.
Here describing another example encryption key that is used for UPTF SAS produces.In Fig. 4, use view 402, key K EYc is the hash of RSNc and PIEc; The key production process is as follows in detail:
(for example, when creating executable code 108 by the operation 110 of STS 120 in Figure 1A) creates the initialization data that is used for RSNc when creating new UPTD account by STS, particularly:
1. use software service function generation 128 bit seeds at random.
2. use the software service function to stab in 160 bit initialization times that new UPTD account is also created at random Time Created.Therefore in Figure 1A, in operation 110, STS 120 generation devices, 106 distinctive random number initiation parameters and initialization time stab, and in operation 114, stab both via wireless purse application 108 to UPTD device 106 (for example mobile phone 106) described initiation parameter of transmission and initialization time.
In Figure 1A, in operation 110, when when STS 120 creates New Account, create PIE by STS 120, specific as follows: as to use software service function creation 32 byte random values, be the decimal value character string with each byte conversion, and they are all connected to produce long character string.Cut apart randomly from 4 bit digital of this character string to create PIE.
Create key so that when encrypting transaction message when needs, following steps take place:
1. produce 160 bit current time stamp, specific as follows:
A. will the current time be converted to character string, for example will be converted to 16 character strings the current time, for example on January 26th, 2004 5:04pm be written as " 0000170401262004 ".
B. obtain character string and a mode function of another value of output, for example calculate, to produce the output of 160 bits by utilizing the SHA1 algorithm that the current time character string is carried out hash.
2. XOR (XOR) initial time stabs and the current time stamp, to produce the output of 160 bits.This operation is a kind of form of calculating the difference of two time values definitely (that is the definite conversion between two values) basically.
3. 128 bit seed software verification parameters are used as data, and the value of calculating through XOR of two timestamps is used as key, calculate HMAC result's (160 bit value).The result of HMAC is RSNc.The use of HMAC is provided at the aborning unpredictability of RSNc.
4. the one 128 bit of cutting apart HMAC result makes up (for example, connecting) with the 32 bit PIE that are used for 160 bit values (from 4 bit digital character string conversion).
5. calculate hash (SHA1) value of 160 bit streams in operation (4), and the one 128 bit is divided into final key.
In the encryption section of message, use the transaction hash partly of the message (having filling) of SHA1 (, can utilize CRC) to be used as selection.
In the above-described embodiments,, provide the value of some bits, and the invention is not restricted to the bit value of specific quantity as unrestricted example.Therefore, as with reference to shown in figure 1,2,3 and 4 like that, need device 106 and equipment operator based on the transaction of UPTFSAS, install 106 generator special parameters, wherein these parameters are determined the specific and time specific key of device; And equipment operator only provides and to be the fixedly PIE known to STS 120 and the operator.The two combination is for being needed by the transaction request of encrypting that STS 120 verifies.Intercept (or a plurality of) transaction message and successfully decipher it and will be not enough to infer that PIE or key generate the device special parameter that adopts in the processing.In addition, single, time-dependent key is nonreusable, because be processed into right swap arrangement notice by STS 120.
Therefore a kind of system and method comprises: produce first view of the cash-free moneytary operations of mobile phone by mobile phone, transmit first view of transaction according to SAS to STS; Independently produce second view of transaction by a side of transaction, and transmit second view of transaction according to SAS to STS; And check first and second views with checking transaction, and impel transaction to carry out based on check by STS by STS.First and second views are symmetrical, and SAS comprises: produce the cognizable part of unencrypted and encryption section as each separate views of concluding the business, described cognizable part comprises the sign and the current time stamp of first mobile phone that is used for first view, described encryption section obtains by coming the conversion of execution time and credible mobile payment software to make up based on PIE on transaction message, and described transaction message comprises the sign of transaction data, first mobile phone and the sign that is used for second mobile phone of second view.
The wireless wallet software 108 of credible mobile phone that produces UPTF SAS view comprises: initialization time wherein stabs and the software verification parameter of initialization random seed number, and wherein first and second views are symmetrical, SAS comprises: produce the cognizable part of unencrypted and encryption section as each separate views of concluding the business, described cognizable part comprises the sign and the current time stamp of first mobile phone that is used for first view, described encryption section by on transaction message based on PIE be included in and carry out conversion from the software verification parameter in the credible payment software of STS and make up and obtain, described transaction message comprise trade date, the sign of first mobile phone and the sign that is used for second mobile phone of second view.The conversion combination of encrypting comprises: the software verification parameter based on credible payment software produces the sequence number at random of concluding the business; With sequence number and PIE produce encryption key based on concluding the business at random.
The generation of encryption key also comprises: generate the current time stamp; To stab the current time and be converted to character string; Use a mode function such as hash function to be converted to current time stamp value will stab character string the current time; Determine the current time stab with the initialization time stamp between time difference; Calculate key entry hash (HMAC) result who is used for message authentication based on initialization random seed number and described time difference, with the generation sequence number at random of concluding the business; Select bit number as the sequence number at random of concluding the business from HMAC result, and the bit and the PIE of selected quantity made up; The hashed value of calculation combination; And the bit number of selecting hashed value, to produce encryption key.Bit number is about 128.
Fig. 5 carries out process flow diagram based on the cash-free moneytary operations of mobile phone of UPTF according to the embodiment of the invention with businessman.Computer system is described to comprise: online payment service (122,204), secure transaction server (STS) 120, and the wireless purse application 108 of mobile phone, it comprises the electronic financial transaction initiation parameter that mobile phone is specific, and this parameter can download to consumer's mobile phone 106, with the mobile phone cash-free moneytary operations of execution with businessman, use their mobile phone to send currency to other consumer, perhaps use their mobile phone to ask currency to other consumer.When using the mobile phone payment, the consumer can select any one account to online payment service 122,204 registrations, to utilize account payment.
Online payment service (OPS) the 122, the 204th, the web accessible services, this service can make the consumer to other consumers or businessman's payment, perhaps makes consumer or businessman to other client requests payment.In current online payment service 122,204, consumer 200 is by discerning businessman 202 or another consumer 200 by the e-mail address of OPS 122,204 checks (perhaps some other user identifier, such as user name etc.).The user 200,202 of OPS 122,204 provides their personal account (credit card, bank account etc.) information to online payment service 122,204, so when carrying out the cash-free payment of wireless device, can use any one of these accounts.Secure transaction server (STS) 120 is based on the system of general transaction framework (UPTF), and the transaction request of UPTF is checked in this system test.
With reference to as described in Figure 1B, as user during via web login OPS 122,204, the user can see the option that they can be paid the bill or request for payment from mobile phone 106 as above-mentioned.When the visit link related with this option, will be to user's query she want to be used for this transaction mobile phone 106 telephone number and for the possible mobile communication company of this telephone number.When this information of submission to, to show to the user and be used for paying the bill and from the PIE of mobile phone 106 request currency, and she also will use link to receive SMS (Short Message Service) message on the mobile phone of appointment, if wherein visit this link then can make her that the wireless wallet software 108 of mobile phone is downloaded to mobile phone 106, this software 108 can make her utilize her mobile phone 106 to pay the bill and ask currency.Unique software verification parameter and PIE that downloads executable via STS 120 maintenances that this link points in the association of user therewith of STS 120.If from mobile phone 106 visit web, then she can visit this link to the user, and software 108 is downloaded to mobile phone 106.When finishing the download of the wireless purse application 108 of mobile phone, require the user that application program is kept on the mobile phone 106.From this moment, use 108 and be ready to use.The application program of described download can be described as mobile phone electronic wireless wallet 108.Also be called OPS 122,204 users and the consumer 200 that the wireless wallet 108 of mobile phone downloads to her mobile phone will be called mobile OPS user (relative with OPS user).All move OPS user also is OPS user, so when using term OPS user, it relates to OPS user and mobile OPS user.
As above with reference to Figure 1A discussed, but mobile phone is wireless executive software that wallet software 108 is to be write with language that can installation and operation on mobile phone 106, such as the little versions of Java 2 platforms (J2ME), wireless binary running environment (BREW), can be installed in any other Languages (thereby can on mobile phone 106, move) on the mobile phone 106, perhaps its any combination with the application that this language writes.But be used to discern executive software 108 and for the relative user's data of the transaction in each future because STS 120 needs to create, store and retrieves, so but this executive software 108 fully or at least in part create by STS 120.STS 120 also creates and stores the PIE that is used for this transaction.But PIE is not stored on the executive software 108, but perhaps is not stored on the mobile phone 106 that this executive software 108 will finally download to.Only comprise software verification parameter (operation 50,52) in mobile phone the is wireless wallet software 108.
In addition, OPS user can pay the bill to mobile OPS user from the addressable OPS of web 122,204 by using mobile OPS user's Mobile Directory Number, and wherein said Mobile Directory Number is used to discern the consumer that will receive payment.Usually, the sub-addresses of items of mail of OPS user power utilization is discerned other OPS user.If OPS user knows mobile OPS user's mobile phone number, then she can discern this user by Mobile Directory Number, and to this user-pay.Similarly, if OPS user expectation is asked money to mobile OPS user, then she must discern this user by Mobile Directory Number.In latter instance, mobile OPS user can receive on her mobile phone and inform that she someone asked the SMS notice of money to her.The requested people can use her mobile phone 106 to the OPS user-pay.
In addition, mobile OPS user can use her mobile phone to other OPS user-pay.If the collector also is mobile OPS user, then payment person can discern the collector with Mobile Directory Number, although if she selects her also can identify this collector with e-mail address like this.In mobile phone, import telephone number than keying in e-mail address easily with quick.If discern the collector with telephone number, then the collector will receive the SMS notice about this payment.If successful payment, then payment person is also with reception notification SMS.Payment person can select any OPS login account of paying the bill thus.
By specifying OPS user by Email or Mobile Directory Number (if the user knows) similarly, mobile OPS user can also use her mobile phone request POS user-pay.Claimant and the requested people SMS message that they successfully ask with reception notification.Mobile OPS user can also be in their mobile phone of the mobile wireless wallet software 108 that comprises them checks transaction List Table from using 108 relevant menu.This tabulation can comprise the All Activity that relates to mobile phone 106, so that realize transaction.Particularly, this comprises the payment made from mobile phone 106 (comprise the response payment request and carry out payment) and requests for payment to other OPS user.No matter described transaction is that OPS user can check the tabulation of the All Activity that they have carried out under the situation of carrying out from the addressable OPS of web or from their mobile phone 106 in the addressable OPS of web.
(for example cause from mobile phone 106 payments of using the wireless wallet software 108 of mobile phone and payment request according to the UPTF message of UPTF encryption, 402,404), this message sends STS 120 to by the wireless wallet 108 of mobile phone 106 and/or is generated (promptly by STS 120, under the situation of Human To Human's mobile phone payment, STS can or cannot depend on system configuration and/or Application Design and/or parties with reference to second view of setting up payment transaction).For example, in Fig. 5, under member-to-member's situation, as Human To Human's example of concluding the business, the cash-free payment transaction (wherein two members have registered account) that comprises a payment service 122,204, businessman's 202 transaction systems 302 and payment service 122,204 can be the entity/systems 500 of (conceptive) in logic, be used for handling (via the passage D between OPS 122,204 and STS 120) reach/from the UPTF view of STS 120.Usually, in Human To Human's type transaction situation, each parties is created its view.Using the wireless wallet 106 of mobile phone other people to be carried out under the payment situation, because perhaps other people (collector) do not need (perhaps being required) approval to collector's payment, so perhaps the collector does not need to create the view of accepting this payment by a people.Therefore, under the situation of payment transaction, can omit collector's view, and STS 120 can only check the first payment request view 402 from payment person 200 simply, perhaps STS 120 can create second view 404 of other people (collector 202) of representing the collector.View 402,404 is used under the situation of a plurality of online payment service 122,204 in pairs, to realize that the Human To Human moves payment transaction.According to the aspect of described embodiment, system 500 can also comprise STS 120.In addition, the response to 106 the message from STS 120 to mobile phone is the UPTF SAS message of encrypting according to UPTF SAS.The safety that OPS122,204 has STS 120 connects (that is channel D).
One side according to embodiment described here, under Human To Human's payment transaction situation, from the addressable OPS 122 of web (promptly, from desk-top computer under the situation of the wireless wallet of mobile phone 106 payments) 204 payment behavior can realize by the escape way D that arrives STS 120, and do not need to encrypt according to UPTF SAS.As mentioned above, be effective immediately from the payment of the addressable OPS of web, and do not need collector's action.In addition, STS 120 comprises reception the payment behavior of transaction, decipher this payment behavior (being used for verifying the claimant who initiates the payment behavior), and will determine whether the collector is the effective mobile OPS user who still is effective in STS 120 and can notifies collector 202 the wireless wallet 106 of mobile phone according to UPTF SAS.
According to embodiment described here on the other hand, STS 120 is by receiving the request (that is, asking from desk-top computer under the situation of wireless wallet 106 payments of mobile phone) to the OPS user-pay at the escape way D between STS 120 and the OPS 122,204.When receiving this request, STS 120 will transmit the wireless wallet 106 of mobile phone to mobile OPS requested people's mobile phone 106.When mobile OPS user uses her mobile phone 106 and the wireless wallet software of mobile phone 108 checks when waiting for request, she will see this request, and can determine to pay the bill to the claimant.When receiving payment message by STS 120, STS 120 will by request once more check wait for request, will determine that the transaction of finishing is effectively according to the UPTF method, and notice request people and requested people thus.
According to embodiment described here on the other hand, handle her mobile OPS user's the payment request of mobile phone be used for this request similarly.If the requested people is identified as mobile OPS user, then the requested people is reception notification SMS, and will check this request when waiting for request with wireless wallet software 108 checks, and can determine to finish payment.STS 120 will use the UPTF standard relatively to arrive the claimant's of STS120 message, and determine the validity of the transaction finished.Finish when determining, STS 120 will notify OPS and claimant and requested people.
All above-mentioned transaction examples only need mobile OPS user to use mobile phone 106 and the wireless wallet software 108 of mobile phone, and input is used for the appointment PIE of these transaction.STS 120 and OPS 122,204 can carry out by same physical operation and/or in same computer system, and perhaps they can be operated by different entities.According to the one side of embodiment described here, the user can use short message/Multimedia Message service, Email and/or the speech message state (result, affirmation, situation, success/failure, problem/help notice etc.) in the credible cash-free moneytary operations of the wireless wallet 106 notice mobile phone UPTF of mobile phone.
Fig. 6 is the process flow diagram based on the cash-free moneytary operations of mobile phone of UPTF according to the purchase film ticket of the embodiment of the invention.Fig. 7 A-B be according to the embodiment of the invention be used to carry out the cash-free moneytary operations of mobile phone to buy the display screen of mobile telephone curtain user interface image of film ticket and acquisition, storage and retrieval transaction receipt.Below with reference to the mobile phone cash-free moneytary operations of Fig. 5, Fig. 6 and Fig. 7 A-7B explanation with the exemplary of businessman.In Fig. 5, in operation 502, mobile phone 106 users/consumer 200 uses the wireless wallet 108 of mounted (Figure 1A, 1B and 1C) mobile phone to ask purchase order from 302 collectors of businessman.In Fig. 5 and Fig. 6, operation 502 comprises consumer 200 tied up with businessman's 302 Transaction Informations, for example uses businessman's ticketing of buying film ticket via mobile phone (honeycomb) communication network to use (merchant transaction server (MTS)) 302 (Fig. 2, Fig. 3) to realize by browsing.Also can be by carry out the binding of user and businessman's virtual shopping cart at the identifier (for example POS 135 transaction paper receipt information) of the wireless wallet software of mobile phone 108 input businessmans, and/or the wireless wallet of the mobile phone merchant identifier (for example, internet resource locator (URL) address) that can prestore.In Fig. 7 A, for example in operation 502, show mobile phone user's interface screen image 702a-h, use 302 to browse businessman's ticketing, described screen picture comprises: select the wireless wallet software 108 of mobile phone on 702a; On 702b, select " shopping "; On 702c, select " cinema "; On 702d, select " next motion picture projection "; On 702e, from the film temporal information that has shown, select the film time; On 702f, from the film of demonstration of selected time, select film; And on 702g, finish and to send the purchase order form requests of businessman 302 to; With on 702h, send the purchase order request to businessman 302, this is consumer 200 and the binding of businessman's 302 Transaction Informations, why this binding will pay the bill by (electronic business transaction car) and payment information realizes by discerning.
In operation 504, mobile phone is wireless, and wallet software 108 is used 302 reception purchase orders from businessman's ticketing, for example this can cause mobile phone user's interface screen image 704, this image shows the summary of electronics shopping cart, comprise payment information, and " please push the PAY button " selected from businessman 302.According to one aspect of the invention, in operation 504, the purchase order that receives based on the collector 202 from businessman 302 can be discerned device identification (DIDm) information (Fig. 4) as businessman by the wireless wallet 108 of mobile phone.
In operation 506, be chosen in the UPTF SAS function that " payment " key of 704 begins present embodiment.Particularly, via mobile phone user's interface screen image 706a, 706b, mobile phone is wireless wallet software 108 request input PIE (for example, PIN) and produce UPTF SAS view 402 (as described in reference Fig. 4), when consumer's 200 requests transaction, send requests transaction to businessman 302.As shown in Figure 6, from the wireless wallet software 108 of mobile phone based on USTF SAS message 402, on the network of mobile communication company or directly send STS 120 to, or use 302 by businessman indirectly, shown in channel B.Transport layer between client 108 and MTS 302 and/or STS 120 adopts internet (Internet protocol) http communication.But transport layer can be any known transport layer, as communication of HTTP, web service call, communication interface Network Based etc.According to the one side of embodiment described here, realize MTS 302 with the web interface, to transmit message from mobile phone client 106 and to accept from mobile phone client 106 message; Particularly, the wireless wallet software client 108 of mobile phone of operation on mobile phone 106, send it to MTS 302 by its message is submitted to the such interface of preassigned, similar CGI, MTS 302 uses the web service calls to transmit and receive same response from this STS 120 to STS 120.In other words, UPTF message is the HTTP parameter.Because HTTP is borderless, thus MTS302 transmit and receive message during use the small database country of naming.And, because message transmits, therefore when it transmits, will be used to avoid having the problem of special-purpose ascii character with the form of the encryption of message on HTTP based on the hexadecimal code of the UPTFSAS message of encrypting on HTTP.
In operation 508, MTS302 produces MTS UPTF SAS view 404, as MTS REQ, and sends MTS REQ and client requests REQ (being view 402,404) to STS 120.According to the one side of embodiment, in operation 506, ask the unencryption of view 402 partly to obtain information from the consumer as consumer's device identification (DIDc) by MTS 302, MTS302 produces MTS REQ view 404 based on this information.
In operation 510, STS 120 obtains the account tabulation of consumer 200 extraction from payment service 122,204.Particularly, if at 706b, in the request of consumer's 200 input use accounts of finance rather than acquiescence account, consumer's view 402 comprises the request of financial account information.In operation 510, STS 120 uses client 200 account association 123, and it is to provide (being the operation 105 Figure 1A) from payment service 122,204, to confirm client requests with payment service 122,204.In operation 512, STS 120 receives account reference listing (non-real account) from payment service 122,204.In operation 514,516, STS 120 is forwarded to the client requests view 402 that comprises the account reference listing via MTS 302 with the STS response.In operation 516, mobile phone user's interface screen image 708 shows can select the user account reference listing.In operation 518,200 pairs of transaction of consumer are authorized.In operation 520, MTS 302 transmits the MTS mandate and the consumer authorizes STS 120.
In operation 522, in response to the MTS and the client authorization request of operation 520, STS 120 transmits authorized transactions to payment service 122,204, and in operation 524, receives the payment service response.In operation 526, STS 120 responds to the payment service that MTS 302 transmits authorized transactions, and in operation 528, MTS 302 will be forwarded to client 200 to the STS response of authorized transactions.Particularly, in operation 528, mobile phone user's interface screen image 710 shows the Transaction Success acknowledge message.Therefore, in operation 508 and 520, STS 120 receive and check based on the businessman of UPTF SAS and consumer's view 402,404 (as deciphering and cross reference MTS REQ and consumer REQ message and MTS AUTH and consumer AUTH message) based on UPTF SAS
An aspect according to embodiment described here, wireless purse application 108 in operation on the mobile phone 106 receives the receipt relevant information at every turn after successfully buying, shown in displaying screen images 712, according to the screen picture of an aspect of present embodiment is form with bar code image on computer display, shown in the bar code image 714 that shows on the display screen of mobile telephone 106, and (as be presented on the display screen of the wireless wallet 106 of mobile phone so that do further to quote and re-use at these receipts of storage on the mobile phone 106, with read computing machine by barcode reader 315 and show bar code image so that obtain to physical access in the payment service of actual businessman service location such as cinema's ticket counter (POS) 315).The receipts of transactions relevant information can be carried out remote storage and obtain.Therefore, wireless purse application 108 provides the receipts of transactions management, in Fig. 7 B, has shown the example of display screen of mobile telephone user interface image 716a-d, is used to obtain receipts of transactions information.According to present embodiment on the other hand, provide to use and comprise Short Message Service/Multimedia Message service, Email and/or the voice message of receipts of transactions information system and method to the credible cash-free moneytary operations state of the user notification mobile phone UPTF of mobile phone, wherein receipt can be transmitted to other people (, the bar code image film ticket receipt that passes to the wireless wallet 106 of mobile phone can be transmitted to the another person who enters theater) as buying under the situation of film ticket.Therefore, wireless wallet software 108 comprises the general receipt management mechanism based on the computer display image 714 of bar code.In Fig. 6, VPN is a Virtual Private Network.
The wireless purse application 108 of operation is used combination with browser and payment on mobile phone 106.Browser (lightweight web client) is used for buying, and the payment application component is used to carry out UPTF SAS transaction.
Fig. 8 is the process flow diagram of message flow that is used to carry out the cash-free payment transaction of Human To Human's mobile phone based on display screen of mobile telephone curtain user interface image and between requestor's device, secure transaction server (STS) and the person of being requested according to the embodiment of the invention.Fig. 9 is the process flow diagram of message flow that is used to carry out the transaction of the cash-free payment request of Human To Human's mobile phone based on display screen of mobile telephone curtain user interface image and between requestor's device, secure transaction server (STS) and the person of being requested according to the embodiment of the invention.Figure 10 is according to the whole display screen of mobile telephone curtain user interface image of the embodiment of the invention and the possible workflow that can use for the operator of the wireless wallet of carrying out the cash-free moneytary operations of Human To Human on mobile phone.Figure 11-the 12nd, the synoptic diagram of the cash-free moneytary operations message format of mobile phone Human To Human of the cash-free moneytary operations of the various mobile phones of execution according to the present invention.Example with reference to Fig. 8,9,10 and 11 explanation Human To Human payments and Human To Human's request.Fig. 8 be when mobile phone payment person 200 by payment request or by to receive the process flow diagram of the Human To Human payment of replying of payment request when paying the bill from collector 202.In Fig. 8, in operation 802, mobile OPS payment person 200 starts the wireless wallet 108 of mobile phone, and selects the option " P2P payment " (form 0) corresponding to mobile phone user's interface display screen image 1002.In operation 804, the user selects corresponding to the option of mobile phone user's interface display screen image 1004 " pay the bill " (form 1).In addition, in operation 806, the user selects the option corresponding to mobile phone user's interface display screen image 1004 (forms 1) " to wait for request ".If in operation 804, the user selects " payment ", then in operation 810, by mobile phone user's interface display screen image 1006 (form 2) prompting user, with input telephone number/e-mail address.After operation 804 and operation 806 (deciding as the case may be), import PIE by mobile phone user's interface display screen image 1010 (form 4) or 1018 (forms 7) prompting user, as PIN.In operation 812, when the user imports PIN, mobile phone is wireless, and wallet software 108 uses input PIN with the collector id request/wait list request (deciding as the case may be) according to the 402 establishment encryptions of UPTF SAS message view, and message view 402 is sent to STS 120.In operation 814, STS 120 receives message view 402 and authorized user payment person 200, and identification collector 202/ returns and waits for request list (deciding as the case may be).
In operation 814, STS 120 is according to UPTF SAS message establishing and the response request that transmits for " payment request " or " waiting for the payment request tabulation ".In operation 816, under the situation of " payment " transaction, mobile phone is wireless, and wallet software 816 receives collector id (as udid, id, full name) from STS 120, and point out the user respectively by mobile phone user's interface display screen image 1012,1014 (form 5,6), want the amount of money of paying the bill and confirm with input payment person 200.In operation 818, under the situation of " wait payment request " transaction, mobile phone is wireless, and wallet software 108 receives the tabulation of wait payment request from STS 120, point out the user respectively by mobile phone user's interface display screen image 1016,1018 (form 8,6), from collector's payment request tabulation of waiting for, to select and to confirm.In operation 814, in order to carry out payment transaction, if do not require collector's 202 acknowledge message views 404, then STS120 only licenses to payment person's 200 message view 402 and discerns collector 202.The operation 814, in response to from other people payment request and carry out payment transaction, STS 120 checks payment person 200 and collector's 202 message view 402,404 respectively according to UPTF SAS.
In operation 816 and 818, mobile phone is wireless, and wallet software 108 transmits the payment message view 402 that comprises payment person, collector and amount information, in operation 820, STS 120 receives and handles payment message view 402 (displaying screen images 1020), and returns net result to payment person 200.If the payment transaction success then also can be notified collector 202.Particularly, in operation 822, mobile phone is wireless, and wallet software 108 receives payment result message view 402, and passes through mobile phone user's interface display screen image 1022b (form 10) to user-pay person 200 advice and pay results, and whether the inquiry user wants the collector is marked bookmark.In operation 820, can transmit notice to collector 202 by SMS or Email.
Fig. 9 is the Human To Human's payment process figure when mobile phone collector 202 asks from payment person's 200 payments.In Fig. 9, in operation 902, mobile OPS collector 202 starts the wireless wallet 108 of mobile phone, and selects the option " P2P payment " corresponding to mobile phone user's interface display screen image 1002 (forms 0).In operation 904, the user selects " to request for payment " corresponding to the option of mobile phone user's interface display screen image 1004 (forms 1).In operation 906, the user is by mobile phone user's interface display screen image 1006 (form 2) prompting user, with telephone number/e-mail address of input payment person 200.In addition, in operation 908, can point out the user from the tabulation of liking, to select payment person 200 respectively by mobile phone user's interface display screen image 1006 and 1008 (forms 2 and 3).In operation 906 and operation 908 backs (deciding as the case may be), import PIE by mobile phone user's interface display screen image 1010 (form 4) prompting user, as PIN.In operation 910, when the user imported PIN, mobile phone is wireless, and wallet software 108 used input PIN, verified request to create the encryption collector according to UPTF SAS message view 402, and sent message view 402 to STS 120.In operation 912, STS 120 receives payment person and verifies request message view 402 and verify user collector 202, and identification payment person 200 also determines payment person's 200 information, and payment person's 200 information are returned to the wireless wallet software 108 of mobile phone.
In operation 912, STS120 creates and transmits response request according to UPTF SAS message view 402.Particularly, in operation 912, STS 120 creates payment person's 200 information (as udid, id, full name).In operation 914, mobile phone is wireless, and wallet software 108 receives payment person 200 information (as udid, id, full name) from STS 120, and point out the user respectively by mobile phone user's interface display screen image 1012,1014 (form 5,6), require from the amount of money of payment person's 200 payments and confirm with input user collector 202.
In operation 914, mobile phone is wireless, and wallet software 108 transmits payment request from payment person's 200 message view 402 that comprise payment person, collector and amount information, and in operation 916, STS 120 receives and handles the payment request from payment person's 200 message view 402 (displaying screen images 1020).In operation 916, STS 120 handles (promptly according to SAS deciphering and login) reception payment request from the wireless wallet software 108 of mobile phone by the process of creating new payment request item (payment person can ask these new payment request items by operation 806) for payment person 200.Particularly, in operation 916, the transaction identifiers of STS login message view 402, and with reference to Fig. 8, in operation 806, payment person 200 can select " wait payment request ", to receive the establishment payment request that comprises transaction identifiers of operation 916.In Fig. 8, by operating 812,814 and 816, payment person 200 creates the corresponding agreement view 404 of the transaction identifiers that comprises payment request, it is corresponding to operation 916 establishment payment request, and is handled by STS 120 according to UPTF SAS by deciphering and checking payment person 200 and collector's 202 view 402,404 respectively.In operation 916, if payment person 200 is wireless wallet software 108 users that are mobile phones, then SMS can be sent to payment person 200, perhaps in addition email notification is sent to payment person 200.In operation 916, STS 120 turns back to collector 202 with request results.Particularly, in operation 918, mobile phone is wireless, and wallet software 108 receives payment request results messages view 402, and pass through mobile phone user's interface display screen image 1022a (form 10) and give user collector 202 with the payment request result notification, and whether the inquiry user wants payment person is made outgoing label.
More particularly, Figure 11 is the format sheet of six cash-free moneytary operations message view 402,404 of example mobile phone Human To Human, comprises non-encrypted part 408 and encryption section 406, is used to carry out mobile phone Human To Human payment transaction.In Figure 11, one side according to embodiment described here, message A and C are the message view of information, coming down to SAS message (encrypts according to SAS, the sender of its checking message and content), wireless wallet 106 (the message B from STS 120 to mobile phone, D and G) response also be that SAS message (is encrypted according to SAS, the sender of its checking message and content) (promptly, the secret key encryption (Fig. 4) that produces corresponding to device 106 of described message), even message is transmitted by STS 120, so slave unit 106, checking sender's (this situation is STS 120) and content can successfully rebuild the key that is used at special time (timestamp) encrypting messages because only have the relevant device 106 of the credible wireless wallet software 108 of (by software discrimination parameter and STS 120) installation.The message E/F message view (transaction message comprises transaction identifiers, is used to comprise or relates to two sides or agreement in many ways) that comes down to reach an agreement on, this protocol message view meets UPTF, and to encrypt according to SAS also be safe, is UPTF SAS therefore.Therefore among the described embodiment, carry out the mobile phone transaction here according to SAS and UPTFSAS.For example, message A is the wait payment request list message view 402 in step 806 establishment that provides to STS 120 after operation 812.Message B is the wait payment request tabulation response message view of creating in operation 814 by STS 120 402.Message C is people (as the equal) the identification request message view of being created in operation 810 by the wireless wallet 108 of mobile phone 402, after operation 812 it is provided to STS 120.Message D is people (as the equal) the identification response message view of being created in step 814 by STS 120 402, sends it to mobile phone wireless wallet software 108 in step 816.Message E/F is the payment request/request message view of being created respectively by the wireless wallet software 108 of mobile phone in operation 816 and 818 402 of requesting for payment, and sends it to STS 120 and handle operating 820.Message G is the transaction results message view 402 that produced by STS 120 in operation 820, sends it to mobile phone wireless software in operation 822.
Figure 10 has illustrated and has described three kinds of possible flow processs of mobile phone user's interface display screen image.In Figure 10, flow process 1 is mobile phone user's interface display screen image 1002,1004,1006,1008,1010,1012 and 1014.In Figure 10, flow process II is mobile phone user's interface display screen image 1002,1004,1006,1010,1012 and 1014.In Figure 10, flow process III is mobile phone user's interface display screen image 1002,1004,1018,1016 and 1014.Figure 12 is used for waiting for that the payment request tabulation replys the example package chart of the cash-free moneytary operations message view 402 of mobile phone of (the message B of Figure 11).In Figure 12, message B view 402 is according to SAS.Because encrypt according to SAS, " message " part comprises the actual content of message.Figure 12 shows the example that is used to wait for the message B (Figure 11) that the payment request tabulation is replied.Message format 1202 is to be response message A " message " part by the wait payment request tabulation response message B of STS 120 transmission.Message format 1202 comprises account identification symbol that row wait for that payment request and row extract so that select for payment.Filling (padding) 1 and fill 2 can be random digit, to hide the position of " message " part.Ptr1 and Ptr2 are the pointers that expression " message " part begins.
The real anonymous credible wireless wallet 106 of mobile (service location independently) electronics is provided, wherein the user does not carry any financial account information, the not provisional and/or any actual user's financial account information of permanent storage of mobile device, this mobile device do not need to be swiped the card in the above and/or be connected with point of sale (POS) reader (be user needn't in the payee position) move credible cash-free moneytary operations to carry out, and need not brush bank card by the user at mobile device and/or via mobile device.Mobile phone comprises: the computer-readable media of payment software is moved in storage, and this software is gone up at secure transaction server (STS) and used the software verification parameter initialization, as believable mobile payment software; With the program-con-trolled computer processor, be used for carrying out credible mobile payment software by control mobile phone according to following processing, described processing comprises: the prompting user imports person identifier item (PIE), with with credible mobile payment software as the wireless wallet of mobile phone user's mobile phone, produce the cash-free moneytary operations of credible mobile phone of conversion according to PIE and software verification parameter, thereby be fit to the transaction based on UPTF SAS of mobile phone.
Although the foregoing description has instructed the credible cash-free moneytary operations of mobile phone user's electronics, these embodiment are not limited to cash-free moneytary operations, can be suitable for the credible transaction of user's electronic of any kind.User's mobile phone is wireless, and wallet 106 provides all the time works, all the time available, all the time addressable " areal coverage (footprint) " be used for using can select that account conducts interviews, issue and payment business." areal coverage " is the wireless purse application 108 of credible mobile phone according to mobile telephony application platform such as J2ME and operation on consumer's mobile phone 106.Purse application 108 that credible mobile phone is wireless can directly be distributed by " commerce " under the situation of the cooperation that does not need mobile phone communications company, participation and agreement and manage.By user security visit comprise " sensitivity " data as the service of payment by the user security accessing, described data have the identifier that simple user is safeguarded (promptly not permanent storage on mobile phone 06), as 4 PIN.In addition, can be provided for " areal coverage " of provider's control of the supplementary service on payment.
For example, buy at the film ticket that uses the wireless wallet 106 of user's mobile phone under the situation of service, main service will be in any place (mobile phone) payment and at the cinema in the returning of service point, with the acquisition access admittance.Some Additional Services examples can be to browse film timetable, preferential (discounting), the favor program with direct award of assessment film to obtain to buy in the future before the film booking, download preview, and the notice of film time can be provided based on customer data.In addition, when the wireless purse application 108 of beginning mobile phone, can transmit the notice (SMS) of addressable sales promotion/advertisement and/or use described wireless purse application 108 to return (for example, combining) with payment to the something payment and the sales promotion of using.
Other mobile phone is wireless, and purse application 108 Service Instances comprise the financial relationship trading that is used for Human To Human and the online businessman of consumer.Additional Services can be online auction related services, as are online auction service consumer's initialization information service, the auction that inspection is monitored etc., and to the successfully payment of another parties of bid.In addition, reward mechanisms such as the tinkle of bells, recreation, numeral/media content, software, advertisement, businessman's reward voucher (or the tinkle of bells, recreation, digital content/medium, software etc. buy integration) can relevantly with mobile phone be provided, move payment to use the wireless purse application 108 of mobile phone.Particularly, one side according to embodiment described here, a kind of system and method is provided, it is attached to the bonus system that is used to accept/buy the mobile phone relevant item, described project such as the tinkle of bells, recreation, numeral/media content, software etc. with wireless wallet 106 (as wireless wallet software 108 payment transaction/purchases) and transaction.According to another aspect of the present invention described here, a kind of mobile phone bonus system and method is provided, wherein bonus is for example finished wireless wallet 106 payments, is being sent to mobile phone immediately by the mobile telephone communications network network after the ring tone downloading automatically.Purse application 108 that mobile phone is wireless is more prone to the processing of obtaining and repaying the loan.The consumer can be online payment business, bank, credit card company, online businessman and/or as the physics businessman of the wireless wallet 106 of use mobile phone of point of sale (POS).
Other exemplary mobile phone is wireless, and purse application 108 business comprise payment, stock, use to have the shop VIP card of the wireless wallet 106 of mobile phone, and the Additional Services that increase special permission project, transmission and visit bonus, reward voucher etc. and return.
Other exemplary mobile phone is wireless, and purse application 108 business comprise all kinds financial transaction, as browse the stock/fund/bond of account, fund, stock, sale, purchase, transfer use fund, middle man's account, bank, credit/debit card.When reaching price limit, stock is sent to the additional notifications service of the wireless wallet 106 of mobile phone, issue and visit suggestion, report, analysis, trend, tracking and voice activation.
Above-mentioned processing of the present invention realizes in software and/or computer hardware.Embodiment described here can be regarded as the wallet of server end, can make up so that the expection security attribute to be provided by the UPTF notion and the generation of exchange hour separate keys of multilateral accord by the visit of four PIN controls to it.Assembled scheme need not stored any significant data on mobile device, it does not force the special hardware requirement also " reduction " to the safety requirements of 4 PIN, this has significantly made things convenient for the user.Mobile phone described here is wireless, and the wallet computing velocity is fast; On mobile phone, be that every message is made quick available mobile phone that 160-bit A ES encrypts and carried out key and produce and encrypt (deciphering) (that is SAS part) institute's time spent near 100ms (at a slow speed on the mobile phone near 500ms) using J2ME.Therefore, the safe correlation computations time (being used for message in time that communication links is broadcast) is not remarkable with respect to exchange hour.
In view of above preferred embodiment, be suitable for realizing that computing equipment 106 of the present invention can be any electronic computing device programmable electronics device of search and deal with data (can store), this computing electronics allows to move (wireless) with other calculation element and communicates by letter, and have the one or more of computing machine/computation processor and can the reception and registration formula connect to form, as central processing unit (CPU); Input block/device (as the microphone of voice command/control etc., keyboard/keypad, pointing device (as mouse, indicator, lettering pen), touch-screen etc.); Output unit/device (as computer display screens (comprising its user interface), loudspeaker, printer etc.) as graphic user interface; The computer network interface comprises its known communication protocol (as mobile phone (voice/data (internet)) (cellular radio, artificial satellite etc.) network, radio-frequency technique, LAN (Local Area Network) etc.); The computer readable recording medium storing program for performing of storage of electronic information, for example software of carrying out by computing machine/computation processor and/or electronic circuit (as operating system, wireless wallet software 108) and/or electronic data (any known computer readable media is as easily becoming estranged/nonvolatile memory (random access memory), hard disk, flash memory, magnetic/CD etc.).
Can know understanding numerous characteristics of the present invention and advantage from describing in detail, therefore additional claim purpose is to cover these characteristics of the present invention and the advantage that falls in the spirit and scope of the invention.In addition, owing to will revise in a large number at an easy rate and change for a person skilled in the art, so shown in the present invention does not expect to be limited to and described precision architecture and operation, so all suitable modifications and equivalent will belong to and fall within the scope of this invention.
Claims (31)
1, a kind of method comprises:
Come initialization to move payment software at secure transaction server STS with the software verification parameter, with as credible mobile payment software;
It is relevant with STS between the credible mobile payment software to be provided at person identifier item PIE;
Credible mobile payment software is installed in mobile phone; And
Described PIE is input to the credible mobile payment software of installation by the user, and with described credible mobile payment software as the wireless wallet of mobile phone user's mobile phone, on mobile telephone network, to produce the cash-free moneytary operations of secure and trusted mobile phone according to described PIE and software verification parameter through conversion.
2, method according to claim 1 also comprises, implements credible mobile payment software according to the application platform of mobile phone.
3, method according to claim 1 also comprises, implements credible mobile payment software according to little version J2ME of Java 2 platforms and/or vedio on radio binary operation environment BREW.
4, method according to claim 1 also comprises:
Provide download link to mobile phone to credible mobile payment software; And
Via described download link mobile phone is arrived in credible mobile payment software download, thereby carry out the installation of credible mobile payment software.
5, method according to claim 4 wherein uses short message service/multimedia messaging service, MMS to transmit the link of credible mobile payment software download to mobile phone.
6, method according to claim 1 wherein submits to UPTF SAS agreement to carry out the credible cash-free moneytary operations of mobile phone according to general transaction framework security accord.
7, method according to claim 1 wherein submits to UPTF SAS agreement to carry out the cash-free moneytary operations of credible mobile phone according to general transaction framework security accord,
Wherein the step of the credible mobile payment software of initialization comprises:
Provide mobile phone cash-free moneytary operations active link at calculation element to the user;
Telephone number via described active link registered user mobile phone;
Transmit the registered telephone number of mobile phone to STS;
Produce by STS and to comprise that carrying out of initiation parameter move payment software, with as credible mobile payment software; And
Be created among the STS and the relevant PIE of credible mobile payment software by STS; And
The step that credible mobile payment software download link wherein is installed comprises:
Use registered Mobile Directory Number to transmit download link to user's mobile phone by STS to credible mobile payment software via short message service/multimedia messaging service, MMS;
Via download link mobile phone is arrived in credible mobile payment software download, carry out the installation of credible mobile payment software thus; And
Provide PIE by STS to the user.
8, method according to claim 6 also comprises:
At STS, that the registered financial entities information of user's extraction is relevant with credible mobile payment software;
The Transaction Information of credible mobile payment software and parties is bundled;
At mobile phone, present the optional tabulation of the identifier of extraction by STS, described identifier is corresponding to the user's relevant with credible mobile payment software registered financial entities; And
Use PIE and software verification parameter and according to the UPTF transaction message, carry out the cash-free moneytary operations of mobile phone with parties, described UPTF transaction message comprises identifier, parties identifier and the transaction identifiers of mobile phone, wherein based on the credible mobile payment software combination relevant with STS at mobile phone, and the exchange of the UPTF transaction message between user, parties and STS provides mobile phone wireless wallet, described STS relevant for credible mobile payment software relevant with the STS of PIE, software verification parameter and user's financial entities.
9, method according to claim 6, wherein UPTE SAS comprises
Produce first view of the cash-free moneytary operations of mobile phone by mobile phone, and transmit first view of described transaction according to SAS to STS;
Independently produce second view of transaction by a side who points to transaction, and transmit second view of transaction according to SAS to STS; And
Check first and second views by STS, with the checking transaction, and
Impel transaction to carry out by STS based on described checking procedure.
10, method according to claim 9, wherein first and second views are symmetrical, SAS comprises that generation cognizable part of unencryption and encryption section are as each separate views of concluding the business, the cognizable part of described unencryption comprises the sign and the current time stamp of first mobile phone that is used for first view, described encryption section is by coming the conversion combination of execution time and credible mobile payment software to obtain the sign that described transaction message comprises the sign of transaction data, first mobile phone and is used for second device of second view based on PIE on transaction message.
11, method according to claim 9,
Wherein the software verification parameter comprises that initialization time stabs and a plurality of parameters of initialization random seed number; And
Wherein first and second views be the symmetry and SAS comprise:
Produce cognizable part of unencryption and encryption section each separate views as transaction, the cognizable part of described unencryption comprises the identifier and the current time stamp of first mobile phone that is used for first view, described encryption section by on transaction message by STS in initialization based on PIE be included in software verification parameter in the credible payment software and carry out the conversion combination and obtain the sign that described transaction message comprises the sign of transaction data, first mobile phone and is used for second device of second view.
12, method according to claim 11, the conversion combination that wherein is used to encrypt comprises:
Software verification parameter based on credible payment software produces the sequence number at random of concluding the business; And
Sequence number and PIE produce encryption key based on concluding the business at random.
13, method according to claim 12, the step that wherein produces encryption key also comprises:
Produce the current time stamp;
To stab the current time and be converted to character string;
Use a kind of mode function will stab character string the current time and be converted to current time stamp value;
Determine the current time stab with the initialization time stamp between time difference;
Calculate the key entry hash HMAC result who is used for message authentication based on initialization random seed number and described time difference, with the generation sequence number at random of concluding the business;
Select bit number as the sequence number at random of concluding the business from HMAC result, and the bit and the PIE of selected quantity made up;
The hashed value of calculation combination; And
Select the bit number of hashed value, to produce encryption key.
14, according to the method for claim 13, wherein bit number is about 128.
15, method according to claim 4, wherein online payment system provides mobile phone cash-free moneytary operations active link to the online payment system member as the user, thereby uses the wireless wallet of user's mobile phone to provide Human To Human's mobile phone credible cash-free moneytary operations.
16, method according to claim 15 also comprises:
Show the graphic user interface that presents optional menu item on user's mobile phone, wherein said optional menu item comprises that the Human To Human pays the bill, the Human To Human concludes the business, other people wait payment request, setting or its any combination;
When selecting Human To Human's payment or waiting for the payment request menu item, show the graphic user interface of accepting input, described input comprises Mobile Directory Number, e-mail address or its any combination of parties; And
When the Mobile Directory Number of importing parties and/or e-mail address and PIE, use mobile phone user's the wireless wallet execution of mobile phone and the cash-free moneytary operations of mobile phone of parties.
17, method according to claim 16 is wherein accepted the accounts of finance reference identifier that input step also comprises the previous registration of the extraction of accepting the mobile phone user, to carry out transaction.
18, method according to claim 1,
Wherein submit to UPTF SAS agreement to carry out the credible cash-free moneytary operations of mobile phone, and this method also comprises according to general transaction framework security accord:
At STS that user's the financial entities information of having extracted is relevant with credible mobile payment software; And
Use the wireless wallet of user's mobile phone that Human To Human's mobile phone UPTE is provided credible cash-free moneytary operations.
19, method according to claim 1, wherein PIE has the alphanumeric character string that is less than or equal to 5 characters.
20, method according to claim 6 also comprises communication and/or web service call according to HTML (Hypertext Markup Language) HTTP, communication interface Network Based, transmits the credible cashless transactions message of mobile phone on the mobile telephone communications network network.
21, method according to claim 8, wherein the execution in step of the cash-free moneytary operations of mobile phone also comprises:
Receive the displayable bar code image of display screen of mobile telephone curtain as the receipt of the cash-free moneytary operations of executed mobile phone and/or other transaction, the information relevant with receipt;
On the display screen of mobile phone, show bar code image; And
Read the bar code image that has shown that is used for trade management by parties at the physics service point of parties.
22, method according to claim 18, wherein the credible cash-free moneytary operations of Human To Human's mobile phone UPTF comprises: to individual Sending Payments, request for payment to other people, check is from the wait request of other people payment, the record of storage and retrieval transaction, perhaps its any combination.
23, method according to claim 1, the step that credible mobile payment software wherein is installed in mobile phone comprises: mobile phone is arrived in credible mobile payment software download, at mobile phone the described credible mobile payment software of storage on the computer-readable medium can be installed, credible mobile payment software is stored in the mobile phone embedded computer computer-readable recording medium, perhaps its any combination.
24, method according to claim 7 wherein provides the step of PIE to comprise by the PIE of third direction user transmission as image to the user.
25, method according to claim 21 also is included in memory stick font code image transactions receipt in the mobile phone.
26, method according to claim 1, also comprising with the automatic download of mobile phone contents rewards mobile phone wireless purse transaction, described mobile phone contents comprises the tinkle of bells, recreation, numeral/media content, software or its any combination, and/or is used for its any one integration.
27, method according to claim 22 also comprises use short message service/multimedia messaging service, MMS, Email and/or speech message, at the state of mobile phone to the credible cash-free moneytary operations of user notification mobile phone UPTF.
28, method according to claim 21, also comprise and use short message service/multimedia messaging service, MMS, Email and/or the speech message that comprises receipts of transactions information, at the state of mobile phone to the credible cash-free moneytary operations of user notification mobile phone UPTF.
29, method according to claim 18, wherein said PIE has the alphanumeric character string that is less than or equal to 5 characters.
30, a kind of mobile phone comprises:
Computer-readable medium, storage move payment software, and this moves payment software at secure transaction server STS software verification parameter initialization, and it is relevant with person identifier item PIE to move the software of paying the bill, with as credible mobile payment software;
The program-con-trolled computer processor is carried out credible mobile payment software by control mobile phone according to following processing, and this processing comprises:
The prompting user imports PIE; And
This is moved payment software as the wireless wallet of mobile phone user's mobile phone,, on mobile telephone network, produce the cash-free moneytary operations of secure and trusted mobile phone through conversion according to PIE and software verification parameter.
31, a kind of computer system comprises:
Computer server comprises the program-con-trolled computer of coming Control Server according to following processing, and described processing comprises:
Come initialization to move payment software with the software verification parameter, with as credible mobile payment software,
Produce the person identifier item PIE of safety;
It is relevant with safety between the credible mobile payment software to be provided at PIE; With
Online purchase interface is provided; And
Mobile phone with server communication in mobile telephone network comprises:
Computer-readable medium is stored credible mobile payment software; With
Computer processor is controlled mobile phone according to following processing and is carried out credible mobile payment software, and described processing comprises:
Connect online purchase interface, with the generation virtual shopping cart,
The prompting user imports PIE,
Based on virtual shopping cart, according to the cash-free moneytary operations of secure and trusted mobile phone of PIE and the conversion of software verification parameter generating process, and
On mobile telephone network, transmit the cash-free moneytary operations of converted secure and trusted mobile phone, to carry out transaction to computer server.
Applications Claiming Priority (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US54430004P | 2004-02-17 | 2004-02-17 | |
| US60/544,300 | 2004-02-17 | ||
| US60/549,148 | 2004-03-03 | ||
| US60/575,835 | 2004-06-02 | ||
| US11/045,484 | 2005-01-31 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1922623A true CN1922623A (en) | 2007-02-28 |
Family
ID=37779360
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200580005149 Pending CN1922623A (en) | 2004-02-17 | 2005-02-10 | Wireless wallet |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1922623A (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101990770A (en) * | 2008-04-02 | 2011-03-23 | 环球1企业公司 | Ghosting payment account data in a mobile telephone payment transaction system |
| CN102232225A (en) * | 2008-12-02 | 2011-11-02 | 电子湾有限公司 | Mobile barcode generation and payment |
| CN102460491A (en) * | 2009-06-04 | 2012-05-16 | 聚积公司 | A method for secure transactions |
| CN103443813A (en) * | 2010-12-14 | 2013-12-11 | 极限移动有限公司 | Authenticating transactions using a mobile device identifier |
| CN103548045A (en) * | 2010-12-13 | 2014-01-29 | 高通股份有限公司 | System and method for point of service payment acceptance via wireless communication |
| WO2014161458A1 (en) * | 2013-04-02 | 2014-10-09 | 中国银联股份有限公司 | Apparatus used for security information interaction and system management device loading method therefor |
| US8862513B2 (en) | 2008-12-02 | 2014-10-14 | Ebay Inc. | Mobile barcode generation and payment |
| CN104637192A (en) * | 2013-11-07 | 2015-05-20 | 华为技术有限公司 | Electronic wallet and using method thereof, mobile terminal, and electronic ticket transaction system |
| CN104636910A (en) * | 2013-11-14 | 2015-05-20 | 上海由你网络科技有限公司 | Mobile handheld terminal, payment system and payment method |
| CN104661197A (en) * | 2013-11-20 | 2015-05-27 | 上海由你网络科技有限公司 | Mobile handheld terminal for sending multimedia payment message |
| CN105393269A (en) * | 2013-06-27 | 2016-03-09 | 惠普发展公司,有限责任合伙企业 | Payment processing |
| US9596237B2 (en) | 2010-12-14 | 2017-03-14 | Salt Technology, Inc. | System and method for initiating transactions on a mobile device |
| CN106803175A (en) * | 2011-02-16 | 2017-06-06 | 维萨国际服务协会 | Snap mobile payment device, method and system |
| WO2017113404A1 (en) * | 2015-12-31 | 2017-07-06 | 华为技术有限公司 | Network node, packet transmission method and network |
| CN112133044A (en) * | 2020-10-21 | 2020-12-25 | 陕西科技大学 | Multifunctional paper money receiving and paying system based on big data |
| US10983960B2 (en) | 2012-02-02 | 2021-04-20 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia centralized personal information database platform apparatuses, methods and systems |
| US11010756B2 (en) | 2011-08-18 | 2021-05-18 | Visa International Service Association | Remote decoupled application persistent state apparatuses, methods and systems |
| US11023886B2 (en) | 2011-02-22 | 2021-06-01 | Visa International Service Association | Universal electronic payment apparatuses, methods and systems |
| US11037138B2 (en) | 2011-08-18 | 2021-06-15 | Visa International Service Association | Third-party value added wallet features and interfaces apparatuses, methods, and systems |
| US11354723B2 (en) | 2011-09-23 | 2022-06-07 | Visa International Service Association | Smart shopping cart with E-wallet store injection search |
| US11397931B2 (en) | 2011-08-18 | 2022-07-26 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
| US11900359B2 (en) | 2011-07-05 | 2024-02-13 | Visa International Service Association | Electronic wallet checkout platform apparatuses, methods and systems |
-
2005
- 2005-02-10 CN CN 200580005149 patent/CN1922623A/en active Pending
Cited By (32)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101990770A (en) * | 2008-04-02 | 2011-03-23 | 环球1企业公司 | Ghosting payment account data in a mobile telephone payment transaction system |
| US8862513B2 (en) | 2008-12-02 | 2014-10-14 | Ebay Inc. | Mobile barcode generation and payment |
| CN102232225A (en) * | 2008-12-02 | 2011-11-02 | 电子湾有限公司 | Mobile barcode generation and payment |
| CN105701660A (en) * | 2008-12-02 | 2016-06-22 | 贝宝公司 | mobile barcode generation and payment |
| US10839384B2 (en) | 2008-12-02 | 2020-11-17 | Paypal, Inc. | Mobile barcode generation and payment |
| CN102460491A (en) * | 2009-06-04 | 2012-05-16 | 聚积公司 | A method for secure transactions |
| CN103548045B (en) * | 2010-12-13 | 2017-11-17 | 高通股份有限公司 | The system and method received are paid for carrying out service point via radio communication |
| CN103548045A (en) * | 2010-12-13 | 2014-01-29 | 高通股份有限公司 | System and method for point of service payment acceptance via wireless communication |
| CN103443813A (en) * | 2010-12-14 | 2013-12-11 | 极限移动有限公司 | Authenticating transactions using a mobile device identifier |
| CN103443813B (en) * | 2010-12-14 | 2016-12-14 | 极限移动有限公司 | System and method by mobile device authenticating transactions |
| US9596237B2 (en) | 2010-12-14 | 2017-03-14 | Salt Technology, Inc. | System and method for initiating transactions on a mobile device |
| CN106803175A (en) * | 2011-02-16 | 2017-06-06 | 维萨国际服务协会 | Snap mobile payment device, method and system |
| US11288661B2 (en) | 2011-02-16 | 2022-03-29 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
| US11023886B2 (en) | 2011-02-22 | 2021-06-01 | Visa International Service Association | Universal electronic payment apparatuses, methods and systems |
| US11900359B2 (en) | 2011-07-05 | 2024-02-13 | Visa International Service Association | Electronic wallet checkout platform apparatuses, methods and systems |
| US11397931B2 (en) | 2011-08-18 | 2022-07-26 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
| US11763294B2 (en) | 2011-08-18 | 2023-09-19 | Visa International Service Association | Remote decoupled application persistent state apparatuses, methods and systems |
| US11803825B2 (en) | 2011-08-18 | 2023-10-31 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
| US11037138B2 (en) | 2011-08-18 | 2021-06-15 | Visa International Service Association | Third-party value added wallet features and interfaces apparatuses, methods, and systems |
| US11010756B2 (en) | 2011-08-18 | 2021-05-18 | Visa International Service Association | Remote decoupled application persistent state apparatuses, methods and systems |
| US11354723B2 (en) | 2011-09-23 | 2022-06-07 | Visa International Service Association | Smart shopping cart with E-wallet store injection search |
| US11036681B2 (en) | 2012-02-02 | 2021-06-15 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia analytical model sharing database platform apparatuses, methods and systems |
| US10983960B2 (en) | 2012-02-02 | 2021-04-20 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia centralized personal information database platform apparatuses, methods and systems |
| US11074218B2 (en) | 2012-02-02 | 2021-07-27 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia merchant analytics database platform apparatuses, methods and systems |
| WO2014161458A1 (en) * | 2013-04-02 | 2014-10-09 | 中国银联股份有限公司 | Apparatus used for security information interaction and system management device loading method therefor |
| CN105393269A (en) * | 2013-06-27 | 2016-03-09 | 惠普发展公司,有限责任合伙企业 | Payment processing |
| CN104637192A (en) * | 2013-11-07 | 2015-05-20 | 华为技术有限公司 | Electronic wallet and using method thereof, mobile terminal, and electronic ticket transaction system |
| CN104636910A (en) * | 2013-11-14 | 2015-05-20 | 上海由你网络科技有限公司 | Mobile handheld terminal, payment system and payment method |
| CN104661197B (en) * | 2013-11-20 | 2019-08-30 | 上海掌门科技有限公司 | A kind of mobile handheld terminal sending multimedia payment message |
| CN104661197A (en) * | 2013-11-20 | 2015-05-27 | 上海由你网络科技有限公司 | Mobile handheld terminal for sending multimedia payment message |
| WO2017113404A1 (en) * | 2015-12-31 | 2017-07-06 | 华为技术有限公司 | Network node, packet transmission method and network |
| CN112133044A (en) * | 2020-10-21 | 2020-12-25 | 陕西科技大学 | Multifunctional paper money receiving and paying system based on big data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1922623A (en) | Wireless wallet | |
| US20220180370A1 (en) | System and method for facilitating secure self payment transactions of retail goods | |
| KR100860628B1 (en) | A mobile phone for wireless computing device authenticable transactions, a computer system and a method thereof | |
| US10796292B2 (en) | Method and apparatus for fulfilling purchases | |
| US20200104837A9 (en) | Wireless beacon comunications through magnetic card readers | |
| US8002178B2 (en) | Virtual membership card system and providing method, and virtual membership card reading method | |
| US7379920B2 (en) | System and method for facilitating electronic financial transactions using a mobile telecommunication device | |
| US8332323B2 (en) | Server device for controlling a transaction, first entity and second entity | |
| US7757945B2 (en) | Method for electronic payment | |
| US20140058951A1 (en) | Mobile electronic device and use thereof for electronic transactions | |
| CN108369700A (en) | Mobile-payment system | |
| CN1908981A (en) | Wireless computer wallet for physical point of sale (pos) transactions | |
| KR20150026233A (en) | Payment system and method t based on digital card | |
| JP2007042103A (en) | Method and device for physical pos transaction | |
| CN1897027A (en) | Authentication services using mobile device | |
| CN1726519A (en) | Providing convenience and authentication for trade | |
| US20140149291A1 (en) | System and method for electronic commerce | |
| US11823140B2 (en) | Server and method for sending a transaction receipt via a push notification | |
| KR102087977B1 (en) | Method and device for integrated coupon management | |
| JP2023006478A (en) | Information processing device, user terminal, user medium, authentication method, authenticated method, and computer program | |
| KR20130082665A (en) | Server and method for performing payment process for device, and the device | |
| AU2002349173B2 (en) | System and method for facilitating electronic financial transactions using a mobile telecommunication device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20070228 |