DE102012005693A1 - Method for performing cash transaction between point-of-sale (POS) terminal and mobile terminal, used in store, involves detecting and processing transaction code to perform transaction by POS terminal - Google Patents

Abstract

The method involves detecting transaction-dependent user input by input unit (7) of mobile terminal (5). The transaction code dependent on transaction-dependent user input including cash transaction is generated for detecting authorization of transaction of mobile terminal with POS terminal (1-3). The transaction code is made to represent the payment voucher whose value depends on the user input. The transaction code is detected and processed to perform transaction by the POS terminal. Independent claims are included for the following: (1) a mobile terminal; (2) a POS terminal; and (3) system for performing cash transaction between POS terminal and mobile terminal.

Description

The invention relates to a method for performing a cash transaction between a point-of-sale terminal and a mobile terminal. Furthermore, the invention relates to a mobile terminal, a point-of-sale terminal and a system for conducting a cash transaction between these two components.

Payment processes should in the future using mobile devices, such. As mobile phones, smart phones, etc., are performed. A proposed variant is to set to handle a transaction on a near field communication (Near Field Communication, NFC). In a near-field communication, communication between the mobile terminal and a corresponding reading device, for example a point-of-sale system of a store, can take place only over the shortest distances, which results in increased security against manipulation. Payment processes by means of NFC, however, require corresponding additional hardware on the part of the customer's terminals as well as on the part of the shopkeeper, such as NFC-capable terminals and contactless terminals.

It is an object of the invention to provide a method by which a payment process using a mobile terminal can be further simplified. Other objects of the invention are to propose a terminal, a point-of-sale terminal and a system which allow for simplified payment.

These objects are achieved by a method according to the features of claim 1, a mobile terminal according to the features of claim 13, a POS terminal according to the features of claim 14 and a system according to the features of claim 15. Advantageous embodiments will be apparent from the dependent claims ,

In the method according to the invention for carrying out a cash transaction between a point-of-sale terminal and a mobile terminal, the terminal acquires a transaction-dependent user input made via an input means of the terminal. The mobile terminal is, in particular, a mobile telephone, in particular a smartphone. The point-of-sale terminal may be part of a computer system which comprises a number of computers networked with one another for carrying out cashier operations. Transaction code dependent on the transaction-dependent user input is generated by the terminal to authorize the transaction such that the transaction code is detectable by the POS terminal, the transaction code representing a payment voucher the value of which depends on the user input. The transaction code is captured by the point-of-sale terminal and processed to finally complete the transaction.

According to the invention, therefore, a unidirectional exchange of data from the terminal to the POS terminal, whereby an anonymous, secure and compatible with existing point-of-sale payment system is feasible. The unidirectional data transmission channel provides protection against viruses or Trojans for the terminal.

Preferably, the transaction-dependent user input represents a value information of the money transaction. Since the value information of the money transaction usually varies with each transaction to be performed, the transaction-dependent user input is highly likely to be individual to the money transaction to be performed, thereby providing a high level of security in the execution of the money transaction.

Expediently, a total value information of the cash transaction is recorded as transaction-dependent user input. The total value information represents a payment amount for the money transaction to be carried out. If, for example, a user buys five articles within the framework of the financial transaction, then the respective monetary values of the five articles are summed to determine the total value information. The monetary values sum up the total value information.

In particular, the total value information corresponds exactly to the sum of value information acquired by the POS terminal of respective goods to be registered in the course of the cash transaction. The fact that exactly the sum of the value information of all goods is processed as a transaction-dependent user input in the following, results in high probability individual information to secure the money business.

In another embodiment, the total value information is greater than the sum of value information acquired by the POS terminal of respective goods to be detected in the course of the cash transaction. In particular, the total value information in this embodiment is a rounded-up amount of money. This variant makes it possible to temporally decouple the transaction-dependent user input from the detection of respective value information of the goods.

It is furthermore expedient if, during the execution of the transaction by the point-of-sale terminal (ie in the settlement of the cash transaction), independent of the total value information acquired by the terminal, an actual total value information is processed. The total value information processed in the transaction-dependent user input thus serves merely to legitimize the cash transaction. At the same time, this can be seen as a declaration of intent to carry out the money transaction.

Alternatively, it is conceivable that the total value information is greater than the displayed value of goods and that the total value information is billed so that a cash payment of the corresponding difference to the user can be made.

It is also expedient if the transaction code is generated after the acquisition of the value information of the last good or before the acquisition of the value information of at least the last good. It is understood that the acquisition of the transaction code by the point-of-sale terminal takes place in a corresponding manner after the acquisition of the value information of the last item or before the acquisition of the value information of at least the last item.

It is furthermore expedient if, as transaction code, optical information, in particular in the form of a bar code, is generated dynamically and displayed on a display of the terminal. The use of a barcode, in particular a 1D barcode, has advantages over NFC especially during the payment process:
On the one hand, the user of the terminal can judge the amount of data transmitted since he can recognize it on the display of his terminal. Such a barcode can include a number signature, as is customary on outer packaging. Together with a specification of how the 1D payment barcode is composed, it is easy for the user to understand that no further data is leaving the terminal.

Secondly, a bar code represents an inherently unidirectional data transfer going from the terminal to the point-of-sale terminal, more specifically a point-of-sale terminal scanner. The reverse direction of data transfer is impossible. Thus, there is no way to contactlessly transmit data to the terminal to attack this. In addition, regular scanners that already exist at point-of-sale terminals can be used for this process.

Overall, paying with barcodes thus offers inherent security benefits. At the same time, it is more comprehensible for a user than can be traced.

According to a further expedient embodiment, the transaction code is generated from a user-assigned identifier and a fingerprint, wherein at least the value information contained in the user input is processed for the determination of the fingerprint. For example, the identifier associated with the user may be a customer number of the user in the store in which he wishes to handle the transaction.

In particular, the fingerprint is the fingerprint of a secret generated by encrypting a serial number of the transaction, the value information contained in the user input and a random number with a secret key, the random number and the key being associated with the identifier. The random number and the secret key are not only stored in the terminal generating the transaction code, but also known to the POS terminal for checking the transaction code.

In a further refinement, the point-of-sale terminal or a payment service provider determines the serial number of the money transaction as well as the customer number which is unencrypted in the transaction code, the random number assigned to the customer number, and the secret key. From this information and the actual monetary value information a payment information is determined. The payment information is compared with the transaction code, whereby in the case of a positive result of the comparison, the cash transaction is processed by the point-of-sale terminal or the payment service provider. If the payment information and the transaction code do not match, it is possible to continue to count on the serial number and to check whether there is a match with the submitted transaction code for further values.

In a further expedient embodiment, a total value of the generated digital transaction codes is determined by the terminal, wherein the generation of a further transaction code is blocked when a predetermined limit value is reached. It is understood that a respective transaction code is assigned to a specific cash transaction. By determining the total value of the values of the digital transaction codes generated, it is to be prevented that money transactions can be handled beyond the limit value by means of the terminal in an abusive manner. The limit thus represents a security measure for the user of the terminal. Resetting the total value may be done by the customer, i. H. by the user of the terminal itself (eg, after PIN entry), or the payment service provider. A reset by the terminal itself or on this is not provided for security reasons.

The limit value or other parameters stored on the security element can in particular be changed by a TSM (Trusted Service Manager).

A mobile terminal according to the invention, in particular a mobile telephone or a smartphone, for carrying out a cash transaction between a point-of-sale terminal and the mobile terminal is set up to record a transaction-dependent user input made via an input means of the terminal. It is further configured to generate a transaction-dependent user input-dependent transaction code for authorization of the transaction such that it can be detected by the POS terminal, wherein the transaction code represents a payment voucher whose value depends on the user input.

A point-of-sale terminal according to the invention for carrying out a transaction between a point-of-sale terminal and the mobile terminal is set up to acquire a transaction code generated for authorizing the transaction by the terminal, the transaction code representing a payment voucher whose value is made by one at the terminal transaction-dependent user input. It is further adapted to process the transaction code to perform the transaction. The POS terminal. (or a second point-of-sale terminal) is arranged to record a value of the goods to be paid and display it in a form readable by the user.

A system according to the invention for carrying out a cash transaction between a point-of-sale terminal and a mobile terminal comprises a point-of-sale terminal designed according to the invention and a mobile terminal of the type described above. The point-of-sale terminal can be a vending machine or an online gateway.

Further advantages, features and embodiments of the present invention will be explained below with reference to an embodiment in the drawing. Show it:

1 a schematic representation of a system according to the invention for performing a money transaction between a point-of-sale terminal and a mobile terminal, and

2 a schematic representation of a generated by a terminal transaction code to hedge the money.

1 shows in a schematic representation that for a payment process at the POS terminal 1 required components of a business. A customer 4 owns a terminal 5 in the form of a mobile phone, such as a smartphone, the mobile phone has in a known manner a display 6 for displaying information and an input means 7 in the form of a physical keyboard or touchscreen. The mobile telephone has transceiver units for transmitting data over a cellular network and / or a wireless local area network (WLAN). The terminal could also be configured as a token with a keyboard or a display in an alternative embodiment. The mobile telephone preferably has a security element 8th (Secure element). The security element may be a Subscriber Identity Module (SIM) card, a secure micro SD card, or a secure operating system such as a security card. MobiCore.

From the customer 4 Goods to be paid (not shown) are placed for the cashier and payment process on a (also not shown) goods conveyor belt. At the end of the goods conveyor belt is located in a known manner a POS terminal 1 which has an ad 2 and a device 3 to scan barcodes. Such barcodes are typically on a respective product, but also on loyalty cards and the like. Furthermore, a payment service provider 9 shown, which via a non-illustrated wireless or wireless communication link with the POS terminal 1 can communicate. The communication does not necessarily need to be directly between the POS terminal 1 and the payment service provider 9 to be done. Rather, the POS terminal 1 also be part of a computer system of a business, which includes one or more computers for processing data and transmitting / receiving means for communicating with the payment service provider.

In 1 the steps to be carried out in the context of the invention are identified by the letters A to G. At the beginning of the procedure are those of the customers 4 selected goods using the POS terminal 1 detected. This can be done, for example, by scanning the barcode printed on the goods by means of the barcode scanner 3 the POS terminal 1 respectively.

In step A will be that of the customers 4 amount to pay in the ad 2 the POS terminal 1 so that the customer, and possibly other persons, can see the amount of money representing an actual total value information. The customer or user of the terminal 5 takes note of this amount.

In step B, the customer starts 4 a payment application on his mobile phone 5 , The Starting the payment application can already during the cashier or scanning the goods by means of the POS terminal 1 respectively. Likewise, the calling of the payment application can only be made at the end of the scanning process. In order to increase the safety of the procedure, it is expedient if the customer 4 to start the payment application an access code, such. B. a PIN or the like, must enter. After the payment application has started, the customer gives 4 in step A on the display 2 the POS terminal 1 displayed amount via the keyboard or the touch screen 7 one.

In step C, the inputted amount and the access code optionally inputted to start the payment application are sent to the security element 8th of the mobile phone 5 transfer. Has the security element 8th via a secure operating system, the entire payment application can run within this secure operating system. In this case, the payment application benefits from a "secure" display and a "secure" keyboard. The execution of the procedure is safe in this case even if a Trojaner on the mobile telephone 5 located. The security element 8th checks, if entered, by the customer 4 entered access code for accuracy. Subsequently, the security element generates a transaction code designed as a digital payment voucher 27 ,

The structure of the digital payment voucher 27 is in 2 shown in a schematic way. The digital payment voucher 27 includes a unique customer number 26 and a fingerprint 25 a secret 24 , which includes a serial number 20 and the amount to be paid 21 , which by the customer in the mobile phone 5 was entered is formed.

The unique customer number 26 arranges the digital payment voucher 27 a particular person, such as a user's bank account or credit card 4 with the in the payment voucher 27 specified value can be charged. The corresponding information is for example at the payment service provider 9 deposited. This then takes over the execution of the financial transaction, behind the issued, digital payment voucher 27 stands.

The serial number 20 serves to prevent replay attacks. The serial number 20 is incremented by a fixed value, such as 1, for each transaction, or lowered from a starting value.

The amount to be paid 21 corresponds to that of the customer in the mobile phone 5 entered total value information, which of the display 2 the POS terminal 1 equivalent.

To the digital payment voucher 27 In turn, to hedge against replay attacks, as in 2 shown, the sequential number 20 as well as the amount to be paid 21 a random number 22 (for example, a 128 or 256-bit value) added. The random number 22 is here, as well as a further used secret key 23 , specific to each customer 4 or its customer number 26 , Both the random number 22 as well as the secret key 23 were in advance on the safe way in the security element 8th of the mobile phone 5 personalized. The customer number 26 can, but does not have to be in the security element 8th be deposited. It is sufficient if this in an insecure memory of the mobile phone 5 is available without this compromising the safety of the process.

The secret 24 is thus out of the running number 20 , the amount to be paid 21 , the random number 22 and the secret key 23 generated. The security element 8th Encrypts the calculated secret 24 with the secret key 23 or, for example, performs a secure hash operation on the secret 24 using the secret key 23 out. Only the determined fingerprint 25 of the secret 24 is from the security element 8th to the mobile phone 5 returned and in the payment voucher 27 processed or displayed. The remaining information of the secret 24 are not needed and can be discarded.

The payment application of the mobile phone 5 now sets the fingerprint 25 of the secret 24 and the unique customer number 26 to a number sequence together and generates from it z. For example, a proprietary EAN-13 barcode with a 5-digit sales code and a check digit (17 digits). The result will be on the display 6 of the mobile phone 5 displayed.

The unique customer number 26 could for example consist of twelve digits. For example, the secret's fingerprint consists of four digits. For example, two digits can be provided for the serial number. For example, the amount to be paid consists of five digits, but may be larger or smaller depending on the amount of the amount.

In step D, the customer shows 4 now his mobile phone 5 , which represents the 1D barcode, at the point-of-sale terminal 1 before, so that by means of the barcode scanner 3 the POS terminal 1 this from the display 6 of the mobile phone 5 to capture can. This will be the digital payment voucher 27 in the cash terminal 1 read.

It is also conceivable that the payment system has separate point-of-sale terminals for goods registration and payment. A first point-of-sale terminal records the goods and represents the amount to be paid for the user. The payment voucher is then read in by a second point-of-sale terminal.

In step E, the POS terminal transmits 1 the read in digital payment voucher 27 to the payment service provider 9 , Optionally, before further processing by the payment service provider 9 waited a certain time and checked at the end of the period, if the same digital payment voucher is presented again from another point-of-sale terminal of the same store. If this is the case, then an attack can be concluded, whereby none of the the payment service provider 9 present, identical digital payment vouchers 27 is redeemed. Both point-of-sale terminals are informed about the termination of the transaction and in the system of the payment service provider 9 information is stored for the purpose of attack analysis. The payment process or the money transaction is thus canceled.

Was only by the mobile phone 5 of the user 4 the digital payment voucher 27 opposite the cash terminal 1 and the payment service provider 9 submitted, then checks the payment service 9 in step F, the validity of the payment voucher 27 , Because the customer number 26 within the digital payment voucher 27 is unencrypted, can the payment service 9 determine the secret data associated with this customer number. These are next to the random number 22 and the secret key 23 the current serial number 20 , The latter can be smaller than the serial number 20 in the security element 8th of the mobile phone 5 be, as far as payments have been canceled in the past.

Together with the amount to be paid 21 generated by the payment service provider 9 on the basis of the available data a separate payment voucher and compares this with that of the POS terminal 1 transferred to him digital payment voucher 27 the mobile terminal 5 , If both payment vouchers match, the presented voucher is valid and the money transaction is processed. Voices of the payment service provider determined by the payment voucher and by the mobile phone 5 generated payment voucher do not match, so there is a possibility that the payment service provider with respect to the serial number 20 on a trial basis and checks whether there is still for other values a match with the presented digital payment voucher. This procedure is expedient since the money transaction, ie the payment process by the user via his mobile phone, could have been aborted.

Was the digital paycheck 27 from the mobile phone 5 valid, the payment service provider transfers 9 in step G, information about the successful payment to the point-of-sale terminal 1 back. In the other case, a corresponding error or failure of the payment process is signaled. This completes the payment process.

In order to increase the convenience and speed of payment, in step B does not need the exact amount to create the payment voucher 27 in the mobile phone 5 be entered. Instead, it is sufficient to enter a rounded amount, say 150 instead of 147.93, into the cellular phone. As a result, the user's intention to pay is unchanged. The payment service provider 9 however, only books from the POS system 1 amount transferred to him (actual total value information).

In order to limit the possible rounded amounts, it is expedient that these by the customer of the mobile phone 5 can not be chosen freely. For example, rounding may be restricted to values divisible by "10". It is also possible that only rounded numbers predetermined from a selection list can be selected.

With this variant it is for the payment service provider 9 in step F, possibly not just the sequential number 20 but also the amount to be paid 21 to vary.

In a further modification of the method, the security element writes 8th of the mobile phone 5 the total value of the issued digital payment vouchers 27 With. When a predetermined limit is reached, the issuing of additional payment vouchers by the security element 8th blocked.

Resetting the total value of the already issued payment vouchers can be done by the customer 4 or by the payment service provider 9 , z. B. via OTA or the like. Preferably, the total value is not reset by the mobile telephone 5 itself, so that any Trojan contained on this can not make the reset itself. Alternatively, the entry of a security number, such. As a TAN, the customer is independent of the mobile phone, possible. Such a TAN can for example be provided in paper form.

An advantage of the method described according to the invention consists in the best possible utilization of existing hardware on the part of the end customer (mobile telephone) and shops (point-of-sale terminals). In particular, no investments in new POS systems are needed. Existing mobile phones of customers can continue to be used. This allows the procedure to be put into practice quickly.

From the customer's perspective, comfort is comparable to paying via NFC.

Even if customers can be recognized by their customer number during a payment process or money transaction, the individual customer remains basically anonymous to the shop owner.

Another advantage is that the process of scanning the goods may be decoupled from the process of paying. The customer uses his mobile phone to generate the barcode after he has passed through a lock with his goods. There he can, for example, the output using the barcode generated, d. H. the generated payment voucher, unlock.

Claims (15)

Method for carrying out a cash transaction between a point-of-sale terminal ( 1 . 2 . 3 ) and a mobile terminal ( 5 ), in which - by the terminal one, via an input means ( 7 ) of the terminal ( 5 ), transaction-dependent user input is detected; A transaction code dependent on the transaction-dependent user input ( 27 ) for the authorization of the transaction by the terminal ( 5 ) is generated such that this through the POS terminal ( 1 . 2 . 3 ), the transaction code ( 27 ) represents a payment voucher whose value depends on the user input; and - the transaction code ( 27 ) through the POS terminal ( 1 . 2 . 3 ) and processed to perform the transaction. A method according to claim 1, characterized in that the transaction-dependent user input represents a value information of the money transaction. A method according to claim 1 or 2, characterized in that as a transaction-dependent user input a total value information of the money transaction is detected. A method according to claim 3, characterized in that the total value information exactly the sum of the cash terminal ( 1 . 2 . 3 ) corresponds to value information of respective goods to be recorded in the context of the money transaction. A method according to claim 3, characterized in that the total value information is greater than the sum of by the POS terminal ( 1 . 2 . 3 ) recorded value information of respective goods to be recorded in the context of the money transaction. A method according to claim 3 to 5, characterized in that in the execution of the transaction by the POS terminal ( 1 . 2 . 3 ), regardless of the terminal ( 5 ) total value information, an actual total value information is processed. Method according to one of the preceding claims, characterized in that the transaction code ( 27 ) is generated after detecting the value information of the last Guts or before detecting the value information of at least the last Guts. Method according to one of the preceding claims, characterized in that as transaction code ( 27 ) generates optical information, in particular in the form of a bar code, dynamically and on a display ( 6 ) of the terminal ( 5 ) is pictured. Method according to one of the preceding claims, characterized in that the transaction code ( 27 ) from an identifier associated with the user ( 26 ) and a fingerprint ( 25 ) is generated, whereby for the determination of the fingerprint ( 25 ) at least the value information contained in the user input ( 21 ) is processed. A method according to claim 9, characterized in that the fingerprint of the fingerprint of a secret ( 24 ), which is encrypted by encrypting a serial number ( 20 ) of the cash transaction, the value information contained in the user input ( 21 ) and a random number ( 22 ) with a key ( 23 ), the random number ( 22 ) and the key ( 23 ) the identifier ( 26 ) assigned. Method according to claim 9 or 10, characterized in that the POS terminal ( 1 . 2 . 3 ) or a payment service provider, the serial number of the money transaction and on the basis of the unencrypted in the transaction code ( 27 ) customer number associated with the customer number random number ( 22 ) and the key ( 23 ) and from this information and the actual monetary value information ( 21 ) determines a payment information and this with the transaction code ( 27 ), whereby in the case of a positive result of the comparison, the cash transaction through the POS terminal ( 1 . 2 . 3 ) or the payment service provider. Method according to one of the preceding claims, characterized in that by the terminal a total value of the values of the generated digital transaction codes ( 27 ), whereby the generation of another transaction code ( 27 ) is blocked when a predetermined limit is reached. Mobile terminal ( 5 ) for carrying out a cash transaction between a point-of-sale terminal ( 1 . 2 . 3 ) and the mobile terminal ( 5 ), whereby the terminal ( 5 ) is arranged to: - one, via an input means ( 7 ) of the terminal ( 5 ) to capture transaction-dependent user input; A transaction code dependent on the transaction-dependent user input ( 27 ) to authorize the transaction to be executed by the POS terminal ( 1 . 2 . 3 ), the transaction code ( 27 ) represents a payment voucher whose value depends on the user input. POS terminal ( 1 . 2 . 3 ) for carrying out a cash transaction between the point-of-sale terminal ( 1 . 2 . 3 ) and the mobile terminal ( 5 ), whereby the POS terminal ( 1 . 2 . 3 ) is set up to: - a transaction code ( 27 ) used to authorize the transaction by the terminal ( 5 ), the transaction code ( 27 ) represents a payment voucher the value of which at the terminal ( 5 ) depends on transaction-dependent user input; and - the transaction code ( 27 ) to process the transaction. System for carrying out a cash transaction between a point-of-sale terminal ( 1 . 2 . 3 ) according to claim 14 and a mobile terminal ( 5 ) according to claim 13.

Images