DE10331733A1 - Terminal e.g. for paying system in electronic transaction, has SIM which aids operation of terminal such as mobile phone with control equipment has in and output equipment to operate terminal - Google Patents

Abstract

The terminal has a SIM which aids the operation of a terminal such as mobile phone. Control equipment has in and output equipment to operate the terminal, and a smart card reader is included for contacting the contact points on a smart card which is to be inserted into a receptacle.

Description

The The invention relates to a payment system with the generic ones Features of claim 1, a terminal for such a payment system or a method for performing an electronic payment transaction.

To the Payment of services or goods or for other transfer There are a variety of electronic payment systems. Generally A payment system with a background system is known Access to databases containing data on dealers and potential customers, Bank customers in particular are stored with bank accounts. The payment system also points a first group of terminals acting as merchant terminals available at points of sale or service centers. Furthermore, know the payment system on a second group of terminals as customer terminals, where the customer terminals are operated by users who make a payment on Trader terminal or opposite a dealer terminal want to make. It is generally known, even a simple encryption system in order not to transmit the data as unencrypted plain text. The payment system thus serves to carry out a monetary transaction a transmission of data between a particular first terminal of the first group from terminals and a particular second terminal the second Group of terminals.

Problematic However, with such payment systems, the security of the authorization is the payment by the customer, whereby against abuse not ensured can be that the one who triggers the payment, too indeed the one who is entitled to do so. Often empowered Customer only a central, money from his account to an account the dealer credited. The central office can be a bank, a credit card company etc. be. Usually enough at the place of the action or a purchase the signature of the customer on a form that the merchant uses as a credit card receipt, Debit note, etc., receives, after the customer places his card in a corresponding merchant terminal stuck. After a signature of the customer, the dealer only checks by comparing the signature on the receipt and the signature on the customer's card, whether it's the supposedly correct one Cardholder is trading. A slightly higher security offers the Entering a personal Identification number (PIN) which the customer enters into the merchant terminal enters.

In In any case, there is the problem that the customer has specific data his card and any specific personal information about his own person transfers to the dealer terminal, so that the dealer sensitive Receives data, which is abusive by the dealer can be used.

The transfer the background system data entered in the merchant terminal, can be done in different ways. Are common for transmission the data telephone connections with special protocols of data transmission, such as payment traffic terminals (ZVT). Is known also the use of mobile phones, taking advantage of that the customer is known to the mobile operator and this the As a debt collection company, has permission together with the mobile phone bill collect. Furthermore There is the advantage that the customer gets through the transfer the mobile number of its serving as a customer terminal mobile device authenticated or at best by entering another PIN or equivalent Identification for an additional Securing ensures.

Out DE 199 03 363 C2 a method for carrying out cashless financial transactions is known in which the transfer of the data between the merchant terminal and the customer terminal essentially uses an infrared interface. Such an infrared interface is standardized in conventional mobile devices, notebooks and the like. A disadvantage of such infrared interfaces, however, is a large uncertainty due to the large scattering angle, since all data can be read, copied and also generated by a separate device in the vicinity of the transmitting terminal using the simplest and inconspicuous technology. Security for money transactions is therefore not guaranteed. In addition, this process directly exchanges data between the customer and the merchant. This allows manipulations of various kinds, in particular a manipulation of credit card data with dubious traders. In addition, the anonymity of the customer is not guaranteed to the dealer. The method also includes a background system with a background check for credit check, authorization checking, etc., this procedure being essentially the standard method of conventional online payments such as using a debit card (EC: Eurocheque) in conjunction with a PIN entry.

From WO 98/47116 an electronic payment system is known, which essentially corresponds to known methods from the field of credit card inquiries and the so-called e-cash as well as the loading of electronic purses. In this process, the customer terminal, merchant terminal and a server in the background system are interconnected during the process, which is an online process. pointed is also on the possibility of using encryption methods, with a concrete description of the type of encryption is not given. However, it is disadvantageous that customer data is stored in the so-called SIM card (SIM: Subscriber Identification Module) in which the IMSI identifier uniquely assigned to the SIM card (IM-SI: International Mobile Subscriber Identity) is also stored. The SIM card is protected against misuse by a 4-digit PIN, as long as the PIN is kept secret. Particularly disadvantageous is the storage of customer data in the SIM card.

Problematic in the known methods, the transmission of sensitive data in the transmission of data or data records when cashless payment, as this is a significant security risk represents. Especially with payments via the Internet but also at the currently usual Method for paying with EC card in the offline method, i. one Electronic direct debit (ELV) are tampering, fraud and data theft a commonplace Problem. The use of mobile technology using the GSM (Global System for Mobile communications) or UMTS (UMTS: Universal Mobile Telecommunications System) Although offers a Authentication of the owner of the SIM card in the customer terminal used, prevented but a misuse of data by, for example, intercepting a record and repeated repeated transmission of the data set to damage the Customers do not.

at the known method of paying with a mobile device is no additional PIN required, indicating the theft of a switched on cell phone Abuse allows.

The The object of the invention is a payment system for electronic Carry out a monetary transaction, terminals for such a payment system and a method for performing a electronic payment process continues to develop.

These Task is by a payment system with the characteristics of the patent claim 1, terminals for Such a payment system with the features of the claims 23 and 24 or a method with the features of claim 28 solved. advantageous Embodiments are the subject of dependent claims.

Went out is provided by an electronic payment system with a background system, which allows access to databases. In the usual way data required by the dealers and customers in the databases and in particular from bank accounts of these dealers and customers deposited. External access to this data is blocked.

The Payment system points as well two groups of terminals, a first group of terminals, which serve as merchant terminals, and a second group of terminals serving as customer terminals, whereby the operator of a customer terminal makes a payment to the customer Operator of a dealer terminal is initiated. The term terminal is to be seen far and includes passive devices with an electronic chip, which when contacted by a from the outside active field is activated to carry out a data exchange. Furthermore, under a terminal, for example, mobile devices with a SIM card for their identification in a particular mobile network, mobile computers with radio network interfaces and Network terminals with network access to a remote data source to understand.

The Payment system further comprises an encryption system for encrypting the to be transferred Data or parts of the data so that they are not transmitted in plain text can be thus hampering interception and direct recycling. The payment system serves to carry out a monetary transaction through a transmission of data or data records between a first terminal of the first group of terminals and a second terminal of the second group of terminals, wherein the Data is not necessarily exchanged directly between the affected terminals have to.

to increase security becomes an encryption system to encrypt the data between the first terminal, the second terminal and / or the background system uses unique key pairs each with a public key and a private key each ready. The public key serves to data or records to be encrypted by a foreign device before the Data is transferred. On the receiver side become the encrypted data then with the private key decrypted. Thus, an encryption system is used with e.g. a so-called RSA key pair.

Next the use of an individual key or key pair for all or part of the individual compounds is also more inventive in its own right Design of possibly independent of the compound use of a special key advantageous if the data is over a Mobile radio interface to the first or second terminal transfer become. So can a system key be used when charging from the background system be performed in the terminal arranged electronic exchanges and the like should.

The Use of a key pair is particularly advantageous when transferring the data between the first terminal and the background system, between the second Terminal and the background system and / or between the second Terminal and the first terminal each with one or preferred two such key pairs is performed. With two key pairs becomes a key pair provided per connection direction, so that in an ideal embodiment each of the facilities for any special connection to any of the other facilities unique key pair has to deal with a public Key data to encrypt, which exclusively from the receiver side Device decrypted can be.

Next direct transmission of data from a facility that communicates this data with a public key encrypted has, to the receiving device or station, which the assigned private key has, is also a transfer so encrypted Data packets without an increased Security risk over third facilities and stations possible. Such a third device in particular, the other existing in the payment system facility so that, for example, from the background system after a review for the customer terminal encrypted as a second terminal Transfer data first to the first terminal or merchant terminal be, finally from the first terminal to the second terminal. In the second terminal can the data is then decrypted with the private key, while in the dealer terminal only a forwarding of the not decryptable there and not usable data is possible. Such a transfer can of course in any direction between the three institutions involved, Dealer terminal, Customer terminal and background system, with the interposition of each third of these facilities are carried out, if appropriate Number of individually and uniquely assigned key pairs provided in the appropriate facilities. This allows in particular also the transmission of Customer data through the second terminal to the merchant terminal if the second Terminal currently or in principle or no direct data connection to build the background system. The merchant terminal forwards the data from the customer terminal then over Any communication connection to the background system further. Nevertheless it is ensured that an abuse in the area the dealer terminal or the data connections are not enabled.

advantageously, can Payment data also from the second or customer terminal independent of the first or dealer terminal transferred to the background system become. This case allows e.g. Constellations involving data of the dealer's terminal or an item, which the dealer terminal is assigned, manually or over an automated interface to be transferred to the second terminal. In the second terminal, the data becomes pay data with the background system's public key encoded and transferred to this. The background system can then initiate a transaction with or without previous inquiry with the first and / or at the second terminal.

advantageously, are data transmitted from the first or second terminal should be before transferring supplemented with additional data, the previously for requested the special payment process from the background system and were received. These additional data consist in particular a transaction number uniquely assigned to the transaction, which from the background system when receiving corresponding data the fall process and the original one requesting device can be uniquely assigned. The additional data thus represent a transaction number. Data derived from the first terminal to the second terminal or vice versa can, can be provided with such a transaction number, in particular afterwards forwarded from the receiving terminal to the background system to become. In connection with the forwarding can be another complement being done to data of the receiving station, as well this supplementary Data or the overall combination of supplementary data and the encrypted original Data again encryptable are.

The Background data can especially as a key or code to encrypt more to be transferred Data to be used.

The encode advantageously takes place in each case in one of the interfaces for transmission independent and from the outside inaccessible encryption / or control device instead. Advantageously, this can be a Smartcard may be used with crypto coprocessor. For a special good protection will be the encryption device or two individual key pairs assigned, which for securing the connection to the background system for transmission of data from the background system. The keys, in particular the private key, do not get involved in one from the outside accessible and accessible only by the smart card storage area stored.

For the transmission between the first terminal and the second terminal becomes more advantageous As an interface for short distances used to avoid the disadvantages of widely scattering interfaces. In particular, this can be an interface according to ISO 14443 which can also communicate directly with the smart card if it is designed as a dual-interface smartcard with such an interface.

to Further protection, it is advantageous, the data to be transmitted before transmitting with one from the device independent personal In addition to encrypt identification number PIN of the user, where the PIN only to the operator of the first or the second terminal on the one hand and on the other hand in a secure database of the Background system is deposited.

Especially advantageous is the transmission a time information as additional data together with the data, wherein such time information data also as a key for the encryption the data or as another key to another encryption can be used. The time information is advantageously as Additional data on request from the background system or the respective Terminal process individually provided so that the background system Based on the time information received data can check if one too long Time since the beginning of the process has elapsed. This prevents, for example the malicious one Interception and repeated sending of a payment record. Also otherwise, the time information may be on the receiver side after transmitting the data, by which not only the background system is to be understood, but also the other terminal communicating with a terminal, in terms of a maximum allowable Process duration are checked. advantageously, is the time information together with the data to be transmitted with the unique key encrypted so that the one encrypted Data transferring further device is unable to attach the attached time information to decode and to manipulate before resending.

in principle With such a system is also the transmission of data as application data possible to a terminal. From the background system can Such application data to the terminal, in particular to the Be transferred to the customer terminal, so that its functionality or its field of application can be extended. Application data can be next to Data for refreshing an electronic wallet also concert tickets or public transport tickets Be means of transport. In particular, the application data the functionality directly manipulate one of the controllers of the received terminal to expand its scope or functionality. The data can be next to or instead of in the actual terminal advantageously also into an independent one and possibly exchangeable processor chipcard or smartcard invited become. Also in other storage media, e.g. a removable memory card, can the data is loaded advantageously.

advantageously, find a real cash flow only within the background system, not over the connections to the first or to the second terminal instead. There is no real cash flow between the two terminals either instead of just a transmission from encrypted Data, which then after appropriate forwarding in the background system to trigger the actual monetary financial transaction.

advantageously, indicates as the first terminal for such a transaction system provided terminal an interface to the background system and another interface, in particular output interface to the second terminal. The output interface to the second terminal can in the simplest embodiment in the form of a displayed web page with a hand-to-hand transfer Data be formed. However, interfaces, which is a direct automatic transmission, especially from encrypted Data enable. Furthermore the terminal has a controller for receiving, processing and transferring of data as well as for encryption the data with from outside inaccessible key in a secure memory.

In similar Way is a terminal as a second terminal for such Transaction system constructed, this in the simplest embodiment just an interface to either the background system or the first terminal. In a preferred embodiment However, the second terminal also has two interfaces to one the background system and on the other hand the first terminal. In principle, you can the two interfaces also on the same interface protocol so that they are structurally provided as a single interface can be. Of course this applies also for the first terminal. The second terminal has a customer terminal in particular a control device for receiving, processing and transmitting of data and a controller for encrypting the Data with a secure key a key pair on.

To increase security, the control device which coordinates the transmission via an interface and the control device which performs the encryption of the data to two different control devices, although in principle a single control device take over the entire functions can. The keys, especially the private keys but advantageously also the public keys are stored in an inaccessible from outside memory or directly at or in the responsible for the encryption or decryption control device from the outside not accessible.

Next the equipment of a for known mobile device or mobile computer with such functionality, in particular by installing a second processor as a second control device next to one for known SIM card, even simple devices are available as a second terminal. Can be used, for example, an SMS pad (SMS: Short Massage Service / short message service) which in contrast to the mobile phone no voice functionality having. The encryption device is also in such a simple device advantageously an independent chip, especially with crypto-coprocessor, which has sufficient performance for elaborate encryption provides the data. Preferably, the installation of a known per se Dual interface smart card. The independent chip is in addition to a SIM card used to enable the Communication over the mobile networks is provided. Using the short message service offers the further advantage that short messages do not have a permanently installed connection between the participating data terminals transmitted Need to become.

One such system allows in particular, the actual payment process by the transfer of data through the second or customer terminal which from the payer is operated, trigger, advantageously even a direct involvement of the dealer terminal can be left out.

According to the method advantageously the data to be transmitted between two devices with a key pair encoded or decrypted, being this key pair only known to the two institutions involved. For the transmission in return direction a corresponding additional key pair is provided. This allows even the transfer over more intermediary devices, which as such actually as untrustworthy would be classified. By the secrecy also the public key becomes the safety further increased.

The encoding conveniently takes place by means of a smart card, with a confirmation or further encryption can be used advantageously with a PIN or a SIM card number. The transfer is done using the short message service or an ISO 14443 interface particularly preferred. In principle, however, are also any connection types like end-to-end connections in a mobile system, in a wireline fixed-line or packet-switched connections over one mobile or wired parcel data network possible. According to the method, a transmission preferred in which the first or dealer terminal no or only encrypted and from the first terminal not decipherable data regarding the internal data of the second or customer terminal or its operator for transmission from or to the background system.

Especially also advantageous is the loading of data in applications of Terminals in particular in its control device, which is part of a Smart card or dual interface smart card according to a particularly preferred embodiment is.

embodiments will be explained in more detail with reference to the drawing. Show it:

1 schematically a payment system with a variety of facilities and transmission lines, which schematically outlines the process of a payment transaction via SMS in a shop;

2 such a representation for a payment transaction by SMS for an offer on the Internet; and

3 Such a payment system for a payment transaction via SMS on the Internet or television without an existing GSM connection.

Like this 1 As can be seen, an electronic payment system consists of a multiplicity of devices and components as well as transmission links. In addition to the illustrated payment system variants with additional or alternative facilities and transmission links and procedures can be implemented.

As basic system components, the illustrated payment system has a first terminal as a merchant terminal 10 , a second terminal as a customer terminal 20 and a background system 30 on that over transmission links 41 - 43 exchange data or data records with each other. Here are the terminals 10 . 20 representative of a variety of different devices and facilities that are suitable for the purposes of paying by electronic means. By way of example, the merchant terminal is a cash register 11 , which data, in particular a price, to an interface device 12 transfers. To control the operation, the dealer terminal also has a control device C. Data is stored in a memory M, which is part of a standstill storage device in the dealer terminal 10 or may be part of a processor of the controller.

The exemplified customer terminal 20 is an SMS pad 21 , which is essentially comparable to a mobile phone without voice transmission function. The customer terminal 20 in particular has an integrated first interface device 21 for establishing a transmission path 43 to the interface device 12 the dealer terminal 10 on. About this transmission line 43 For example, a price information, a transaction number TAN, a time information T, and / or merchant identification information HID are transmitted as data as data. In addition, the customer terminal points 20 a second interface device 22 on, to build one from the first terminal 10 independent transmission link 42 to the background system 30 is trained. Conveniently, the customer terminal has an input keyboard 24 for a manual input of data and commands as well as a display device 25 to view data, information, and prompts. To allow a functionality for transmitting SMS short messages, instructs the customer terminal 20 In addition, a corresponding control and identification device with the corresponding required components and data of a mobile device. In particular, this includes a SIM card SIM.

For further control functions and in particular encryption functions, the customer terminal 20 In addition, a separate control device C, which in particular as an additional chip in the customer terminal 20 is integrated. This additional chip is preferably a dual-interface smart card with a crypto-coprocessor. Preferably, the customer terminal for the construction of the transmission line to the dealer terminal 10 as the first interface device 21 a commercial facility on.

The background system 30 essentially has a central computer or host 31 on. This one is with one or more interfaces 32 for establishing a first transmission path 41 to the dealer terminal 10 or a second transmission path 42 to the customer terminal 20 fitted. For communication with the interface device 32 of the background system 30 indicates the dealer terminal 10 a correspondingly suitable interface device 13 on.

In addition to providing various interface facilities in each of the main facilities, the merchant terminal 10 , the customer terminal 20 or the host 31 to build the first, second and third transmission line 41 . 42 . 43 , in each case a single interface device with a dual function for the construction of two different transmission links can be provided. In particular, it is also possible in principle to operate all transmission links with the same transmission standard, so that each device is only provided with a single interface device with an addressing possibility for contacting the desired other device.

The host 31 of the background system 30 expediently has a central control device C for controlling its own operating sequence and for providing and processing data transmitted or to be transmitted. In addition, the background system indicates 30 a timer for outputting a time information or a time stamp T to have a current reference time at each time point. For intermediate processing, the background system 30 expediently also a memory, in particular a temporary memory M on. For storing data of merchant terminals 10 as well as the dealer data or operator of the dealer terminals 10 is a dealer database 34 provided. Accordingly, data from customer terminals 20 or by operators of customer terminals in a customer database 35 stored.

Another component is the background system 30 expediently external interfaces to a personalization device 36 and external institutions 37 For example, banks, credit card companies, and security information publishers. Also advantageous is a connection between the background system 30 and a so-called call center 38 for direct customer support to the background system 30 ,

To provide a secure payment system, the individual facilities or the dealer terminal 10 , the customer terminal 20 and the background system 30 Encryption and decryption facilities, which are formed by the controller C or a special processor. As a key is for the individual transmission links 41 - 43 each uses a first and a second key pair, each key pair consisting of a private and a public key. Data is encrypted with the public key, with decryption only possible with the private key. To provide security for the operator of the customer terminal 20 for transfers between the customer terminal 20 and the background system 30 to ensure a key pair with a private key PSK and a public key ÖSK. This key pair is used for transfers of data between exclusively the customer terminal 20 and the background system 30 used. This allows ÖSK encrypted data with this public key, which is transmitted during transmission over the second transmission link 42 be intercepted by third parties, not be decrypted by these third parties. Even with a transmission over the third transmission path 43 the dealer terminal 10 and from there via the first transmission link 41 to the background system 30 is the dealer and the dealer terminal 10 Denied access to the encrypted data. In this simple example, the public key ÖSK is in the customer terminal 20 and the private key PSK in the background system 30 deposited.

In principle, the same key pair can also be used to encrypt data from the background system 30 to be transferred to the customer terminal. In this case, both in the background system and in the client terminal 20 in each case both the private key PFK and the public key ÖFK be deposited.

However, according to the most preferred embodiment, for the individual transmission links 41 - 43 each provided two key pairs. For the encryption of data in the customer terminal 20 Thus, a first public key ÖSK stands for an encryption of the data to be transmitted to the background system and, if necessary, a second public key ÖSK for an encryption of data to the merchant terminal 10 are to be transferred. Besides, in the customer terminal 20 a private key PSK deposited, which serves to decrypt data, which in the background system 30 with the public key ÖSK for a transfer to the customer terminal 20 were encrypted. Provided a key pair for transfers between the customer terminal 20 and the dealer terminal 10 is in the customer terminal 20 In addition, a private key PHK for decrypting data deposited in the merchant terminal 10 encrypted with a public key ÖHK.

Advantageously, also for the transmission of data between the background system 30 and the dealer terminal 10 one or advantageously provided two key pairs. The background system 30 has a public key ÖSH for encrypting and a private key PHS for decrypting data to or from the merchant terminal 10 be transmitted. The dealer terminal 10 correspondingly has a first private key PSF and a first public key ÖSH for decrypting or encrypting. from data to and from the background system 30 be transmitted.

In the case of an encrypted communication between dealer terminal 10 and customer terminal 20 In addition, one or advantageously two corresponding key pairs may be provided with a private key PHK and a public key ÖKH for transmission to and from the customer terminal 20 be provided. An encryption of between dealer terminal 10 and customer terminal 20 Data to be transferred is, if used at all, in particular for merchant terminal 10 / Customer terminal 20 -Combinations appropriate in which a particular customer with his customer terminal 20 regularly with a specific dealer or his dealer terminal 10 comes into contact. This may be of interest, for example, when a customer terminal is used to pay for gas station bills when using a service vehicle that is used by different drivers, that is, there are firm business contacts with changing people.

Storing the private and public keys in the background system 30 expediently takes place in the customer database 35 or the dealer database 34 These two databases then have to be protected against unauthorized access.

following becomes an exemplary payment process between a customer and to a dealer described a point of sale.

In a first step 1 finds an action between the cash register 11 the dealer terminal 10 and its interface device 12 as a terminal instead. A quotation is provided as a record between the cash register and the interface device 12 transfer. The data transmission can take place, for example, according to the standard RS 323.

In a second step 2 finds a transmission over the first transmission link 41 from the terminal 12 the dealer terminal 10 to the interface 32 of the background system 30 instead of. The price data and additionally the merchant identification information or merchant identification number HID are optionally encrypted together and then transmitted.

To encrypt is from the merchant terminal 10 or by its control device or by a special chip C, in particular crypto-coprocessor, the public key ÖSH of the background system merchant key pair ÖSH, PSH used. The public key ÖSH is stored in the memory M or in the special chip C from the outside not readable. Conveniently, the key pair ÖSH, PSH is a key pair for a so-called RSA encryption or a similar secure encryption principle.

The transmission link 41 For example, it may be a radio connection for transmitting short messages SMS, data call or a connection-oriented line in a fixed network. In addition to such connection-oriented telecommunications networks, packet-oriented data networks can also be used for transmission.

After receiving the data, the received data will be in the background system 30 decrypted with the appropriate private key PSH, which in memory, especially in the dealer database 34 of the background system 30 secure and not accessible from the outside. It is then checked if the dealer identification number HID in the dealer database 34 is registered as the system partner allowed for the requested transaction. This can be done with data from a revocation list 39 , which may be part of another internal or external storage device, may be performed to check whether the corresponding merchant or merchant terminal 10 is not blocked for individual, special or all transactions. If the check is successful, the controller C generates the background system 30 a transaction number TAN, which is assigned to the specific transaction transaction. The received and the generated data provided for shipping are expediently stored in the temporary memory M.

According to one particularly preferred embodiment Beyond that current time data as time information T provided by the system clock and as separate data T or as an integral part of the transaction number TAN for used the current transaction process.

The provided data, in particular the price data, the transaction number TAN and possibly the time information T are then encrypted and sent to the merchant terminal 10 at the interface device 32 of the background system 30 provided. For encrypting, either the merchant background system key pair ÖSH, PSH or preferably a private background system merchant key pair ÖHS, PHS is used. In principle, depending on the configuration, only individual or all transmitted data can be encrypted. Conveniently, the encryptions for these as well as the other transmissions are made so that the receiver side of the encrypted data can recognize which of the private keys to use.

In a third step, the data encrypted in this way then becomes from the background system 30 over the first transmission path 41 to the dealer terminal 10 transfer. Again, any type of transmission link can be used for the transmission, with a short message service or fixed network connection being particularly preferred.

In the dealer terminal 10 According to one embodiment, the data thus received is decrypted with the appropriate private key PHS of the merchant terminal and for further transmission over the third transmission link 43 to the customer terminal 20 processed. The data is then transmitted over the third transmission link 43 to the customer terminal 20 transfer.

According to a further and particularly preferred embodiment, the data provided in the background system is already in the background system 30 with a public key ÖKS of a background system customer key pair ÖKS, PKS encrypted. The data encrypted in this way then becomes the customer terminal 20 transfer.

The transmission of the public key ÖKS encrypted with the background system customer key pair from, for example, the customer database 35 Optionally, directly to the customer terminal 20 over the second transmission link 42 or in accordance with a preferred embodiment over the first transmission path 41 to the dealer terminal 10 , From the dealer terminal 10 which can not decrypt these data for lack of a suitable private key, then this encrypted data over the third transmission link 43 to the customer terminal 20 forwarded. In the customer terminal 20 the received data is then decrypted and processed with the corresponding private key PKS.

Insofar as embodiments are implemented, by the dealer terminal 10 or a central computer assigned to it at the merchant, at which several merchant terminals 10 or interfaces are connected to it, so that transaction transactions with several customers can be made at the same time are to be made or if transactions are staggered, a sending of an additional identifier together with the price and dealer identification data offers the second step to the background system 30 on, with the background system 30 then make a return in the third step such that the merchant terminal 10 this additional identifier can be assigned to the appropriate customer, so that the received encrypted data to the correct customer terminal 20 be forwarded.

After from the dealer terminal 10 by forwarding the data to the customer terminal 20 The user of the customer terminal has already been granted an indirect approval for the transaction 20 now process the received data. In particular, this further processing includes a review and approval of the proposed transaction. Thereupon the received data with if necessary further data of the customer terminals, which an adequate identification of the customer terminals 20 in the background system 30 enable, encrypted. For encryption, a public key ÖSK of the background system customer key pair ÖSK, PSK is used. For encrypting, in particular, a crypto-coprocessor of the customer terminal 20 used for this purpose as a stand-alone chip in the customer terminal 20 is used. The encrypted data thus provided becomes one of the interface devices 22 for transmission to the background system 30 provided.

In principle, the data thus provided can optionally via the third transfer point 43 and the dealer terminal 10 as an intermediary and from this on the first transmission path 41 to the background system 30 be transmitted. However, preference is given in a fifth step 5 the transmission of encrypted data from the customer terminal 20 via the second interface device 22 directly to the background system 30 or its interface device 32 , For this transmission, the short message service SMS is preferably used, although other types of transmission links and transmission systems can be used in principle. For transmission using the short message service SMS instructs the customer terminal 20 the SIM card SIM, which is the transmission over the second transmission link 42 controls or provides data that are required for the transmission using the short message service SMS.

For transmission over the third transmission link 43 Preferably, transmission systems are used which prevent as much as possible a recording or intercepting of the transmitted data. Accordingly, an interface according to ISO 14443 is preferred, although other systems according to, for example, Bluetooth, infrared interface can be used as further examples of interface systems.

At the fifth step 5 In addition to the price, the transaction number TAN, the merchant identification number HID and possibly the time information T, further data are transmitted. These additional data serve to identify the customer terminal 20 opposite the background system 30 and are in particular a SIM number, a card number of the corresponding smart card, a personal identification number PIN, which is preferably assigned to the user of the customer terminal, and preferably information about the desired payment method.

If such information about the desired payment method in the fifth step 5 is transmitted to the user of the customer terminal 20 in the case that different payment methods via different payment systems or different accounts for the user are possible, preferred payment methods proposed. The user of the customer terminal 20 can then use the possible payment methods on the display device 25 read and via the input keyboard 24 select one of the desired payment methods.

While in the first four, in particular the first three steps in principle a simple encryption is sufficient, possibly even whole on an encryption can be waived, is the transmission of data from the customer terminal 20 starting encrypted. Again at the fifth step 5 individual of the data to be transmitted or preferably all of the data to be transmitted encrypted.

The background system 30 decodes in the fifth step 5 received data with the corresponding private key PSK and checks the data for an admission of the transaction. For example, this review includes a review of the customer terminal 20 and / or the user of the customer terminal 20 based on the corresponding data of the customer database 30 , the entered PIN and the blacklist 39 , Possibly. are also reviews at external institutions 37 possible. In addition, the transaction number TAN is determined by the temporary memory M of the background system 30 previously cached data checked. Ultimately, a credit check is made by the customer terminal 20 notified payment method. If these and possibly further verification steps are positive, the corresponding transaction is initiated. This can either be in the background system 30 yourself or preferably by sending appropriate data to your external institution.

Ultimately, in a sixth step 6.1 . 6.2 Confirmation messages from the background system 30 via the interface device 32 sent. A first confirmation message is sent via the second transmission link 42 in particular via short message service SMS to the customer terminal 20 sent to its display device 25 to display a confirmation of the transaction. In addition to a payment confirmation OK, in particular the price, the dealer identification number HID and the payment method are confirmed. In addition, over the first transmission path 41 a confirmation to the dealer terminal 10 sent that payment has been made. As data to the dealer terminal 10 In addition to the payment confirmation OK, the transaction number and the price are preferably transmitted. In the dealer terminal 10 can then a corresponding document for delivery to the user of the customer terminals 20 be printed out.

Preferably, the payment confirmations are also carried out in encrypted form, wherein for the transfer to the customer terminal 20 a corresponding public key ÖKS of the customer background system key pair ÖKS, PKS is used. For the transfer to the merchant terminal, a public key ÖHS of the merchant background system key pair ÖHS, PHS is used accordingly.

In embodiments which use the time information T as additional size, those in the background system become 30 incoming data before performing a transaction in terms of elapsed since the transmission of the original time information T period of time checked. In this way it can be prevented that a particular on the second transmission link 42 from the customer terminal 20 to the background system 30 intercepted record with damage intention several times to the background system 3C which could potentially cause the transaction to be executed multiple times.

Between the background system 30 and other external bodies, if such activities are not in the background system 30 run itself, a data exchange with external facilities instead. This concerns, for example, the personalization of a customer terminal and / or a merchant terminal by a personalization device 36 , In addition to the allocation of personal identification numbers PIN, smart card with corresponding unique identification information may also include the verification of each user.

Furthermore, the background system 30 a so-called call center 38 be connected, via which by phone call or possibly other communication channels such as the short message service or electronic mail from, for example, a customer contact with the background system 30 can be included. In addition to the use of a call center 38 to cause a blocking in the case of, for example, the theft of the customer terminal 20 can such a call center 38 also be used for the telephone assignment of a transaction.

In embodiments in which a selection of the payment method is possible, can already at the fourth step 4 as additional information to the customer terminal 20 be notified which modes of payment overlooking the communicating merchant terminal 10 or whose operator is permitted. On the display 25 then only the payment methods are displayed for selection, which is an intersection between the ones with a view to the merchant terminal 10 and overlooking the customer terminal 20 form possible payment methods.

With the positive confirmation of the operator of the customer terminal 20 that the payment data in the fifth step 5 to the background system 30 may be transferred, another encryption may be connected. For example, an encryption of the personal identification number PIN of the customer can take place. The encryption takes place directly in the chip card, in particular in the crypto-coprocessor C. Advantageously, the card number or internal number in the formation of the background system 30 used to transfer record. In a transmission via short message service SMS is a record with usual SMS header data, in particular the phone number of the SIM card, and subsequently sent the actual encrypted data in the usual manner. Shipping is preferably done directly from the customer terminal 20 to a short message service router and from there to the background system 30 ,

2 shows an alternative embodiment for a transaction process in connection with a payment for a service on the Internet or television using a customer terminal 20 , In this case, details and method steps are omitted in this and another embodiment, which have already been described above. In this regard, reference is made to the corresponding description above. In particular, the same reference numerals for identical or similar structural or procedural implementation are chosen.

Instead of a directly active communicating dealer terminal 10 the customer is facing an offer on the internet or television. The offer is made accordingly by a dealer terminal 10 ' given, which from a dealer center 13 ' and a display connected thereto direction 14 ' consists. The offer is displayed in the form of an article with additional indication of the price, an article number and / or transaction number TAN, which is associated with the article, as well as a dealer identification number HID. For complex systems, the transaction number TAN can be earlier from the background system 30 specifically for the selected item of this particular dealer or dealer terminals 10 ' be assigned, so that the transaction number TAN against the background system 30 and when returning to the merchant terminal 10 ' already sufficient to the appropriate dealer terminal 10 ' and to identify the specific article. However, this requires the assignment of a separate transaction number TAN for each individual item of a merchant and thus also represents a certain burden on the overall system. Further information can be obtained from the merchant terminal 10 ' on the display device 14 ' Also information about possible payment methods and / or shipping methods can be specified. This information can also optionally be provided as separate numbers, part of the article number and / or part of the transaction number TAN. For example, in the case of a download via the Internet via downloadable software as a download. Another possible shipping method is also a conventional shipping by eg courier or post. In the latter case, the dealer terminal 10 ' However, the customer address will be communicated what an otherwise theoretically possible complete anonymity of the customer or the customer terminals 20 towards the dealer or dealer terminal 10 ' excludes.

The customer transmits the on the display device 14 ' displayed data by hand via the input keyboard 24 in the customer terminal 20 , Alternatively, in the case of an offer on the Internet, a transmission via a corresponding interface device 12 '' with access to the corresponding page of the merchant terminal 10 ' and via a third transmission link 43 ' which are the transmission from the merchant terminal 10 ' to the customer terminal 20 automated. In essence, the transfer of the data again corresponds to the fourth step 4 of the first embodiment.

The customer enters the corresponding data in the customer terminal 20 and makes appropriate selections such as the desired payment method. Finally, the customer confirms his purchase request, whereupon in the customer terminal 20 a corresponding record is created and encrypted. The confirmation is made as above by entering the PIN, which is integrated into the record and encrypted.

All data is processed and encrypted by the chip card C accordingly. Subsequently, a short message text or SMS text is generated from the encrypted record and to the GSM part of the customer terminal 20 to hand over. The GSM part of the customer terminal in turn consists of the SIM card SIM or includes these as another essential part.

Subsequently, in the fifth step 5 a transmission over the second transmission path 42 as in the first embodiment of the background system 30 performed. After receipt, the background system decrypts 30 the received data and makes the appropriate verification steps regarding dealer, customer and creditworthiness.

If all the data or inputs are in order, as in the first embodiment in the sixth step 6.1 . 6.2 Payment confirmations to the customer terminal 20 or the dealer terminal 10 ' sent, with the dealer terminal 10 ' In the present case, a computer is preferred for handling purchase campaigns and for causing the delivery of requested items or for requesting services.

The confirmation to the dealer terminal 10 ' goes in the case of an Internet system as a dealer terminal 10 ' preferably via a corresponding packet-based data network according to, for example, the TCP / IP protocol. Transmission forms such as sending an electronic mail are possible, for example.

The dealer terminal 10 ' For confirmation, preferably another transaction number TAN 2 transmitted. In addition, an identification information is transmitted, which allows the transfer. In the case of a desired download, for example, a generated code can be generated, which both the dealer terminal 10 ' as well as the customer terminal 20 is transmitted. By entering the code on the part of the customer at a corresponding Internet access computer can this opposite the dealer terminal 10 ' identify it so that the download is released. In this case, the dealer or dealer terminal is required 10 ' advantageously no personal information regarding the customer or the customer terminal 20 , Alternatively, the dealer terminal 10 ' also be given a customer address if the customer is to send an article or provide the customer with a service.

Depending on the complexity, this method requires a correspondingly large storage space for the merchant database 34 and / or a link to the background system 30 with the Internet offers of the merchant terminals 10 ' ,

3 FIG. 3 illustrates a third embodiment. Again, like reference numerals or symbols designate components or method steps already described with reference to the preceding embodiments as being the same, equivalent, or similar, therefore essentially only different features will be described. As in the above embodiments, the transmission takes place in this embodiment via the first, second and / or third transmission path 41 . 42 . 43 ' preferably with the already described encryption system using key pairs with private and public keys.

Shown is a payment system in which the dealer terminal 10 ' again trained as an internet service provider or an offer via television. Of course, a merchant terminal as in the first embodiment may be provided as an alternative embodiment.

In the present embodiment, it is assumed that the customer terminal is currently no mobile network available, so that a transmission of encrypted data from the customer terminal 20 * . 20 to the background system 30 over the second transmission link 42 at the previous fifth step 5 not possible. Nevertheless, a transaction should be made possible.

As in the previous embodiments, the data of the merchant terminal 10 ' directly or as shown indirectly to the customer terminal 20 . 20 * transfer. On the display 14 ' the dealer terminal 10 ' For example, a selected product is displayed again with a corresponding price via the Internet. In addition, different payment methods and the payment by short message service SMS may be offered.

The customer can in turn opt for paying by short message service. The website or TV screen will show on the display 14 ' in turn, the data, the goods or service, download or delivery, etc. on. In addition, the price, an article number or a transaction number, which are specifically provided for goods and quantities are displayed. After transferring the relevant data to the customer terminal 20 * . 20 finds the processing through the customer terminal 20 . 20 * in substantially already described manner. The customer terminal 20 . 20 * recognizes, however, that neither GSM connection is available for sending a short message SMS nor any other suitable connection.

The customer terminal then calculates 20 . 20 * From the available data, a code, preferably safe methods such as the known per se (Data Encryption Standard), 3DES (Triple Data Encryption Standard), RSA, etc. are used. In particular, the actual code is preferably encrypted with the public key ÖSK of the background system customer key pair ÖSK, PSK for protection against abuse, as in the data for transmission in the fifth step 5 was carried out comparably in the preceding embodiments.

The code will be in a fifth step 5 * from the customer terminal 20 to the background system 30 transferred and decrypted there with the possibly corresponding private key PSK. Continue to be in the background system 30 from the data of the code, the required data for performing the transaction taken, where appropriate, from the dealer terminal 10 * in addition to the background system 30 delivered data will be additionally used.

3 provides alternative ways to transmit the code from the customer terminal 20 * . 20 to the background system 30 represents.

In the first alternative is on the display device 14 ' the dealer terminal 10 in the case of Internet access, a new mask on the display device 14 ' after appropriate selection of the customer by his inputs to an interface device 12 * displayed. On the mask, first text information is prepared in preparation, such as the dealer name and the merchant identification number HID, the article, an article number and / or transaction number, a desired number of pieces, the price and an open field for entering the code, which can be used by the customer or customer. terminal 20 * is to be transferred. The interface device can be an automatic interface 12 ' be that over the third transmission link 43 ' with the customer terminal 20 * . 20 communicates, bringing the customer inputs directly from the keyboard 24 of the customer terminal. The input device of the dealer terminal 10 ' but it can also be a keyboard 12 * or the like at the merchant terminal 10 ' which are for manually entering the code by the customer or operator of the customer terminal 20 . 20 * serves, which then the code from the display device 25 of the customer terminal 20 * reads and transmits.

From the dealer terminal 10 ' or the underlying central computer 13 ' then a corresponding transfer, for example by electronic mail program by means of an electronic mail in the fifth step 5 * to the background system 30 performed. Here are the dealer or the dealer terminal 10 ' no access for falsification or reading on the code, since this from the customer terminal 20 contains encrypted data.

According to the second alternative, the customer lacks an input option at the merchant terminal 10 ' for example, lack of a corresponding interface device 12 ' . 12 * as is the case when buying an offer shown on television. In this case, the customer or user of the customer terminal 20 * a connection to the background system 30 in a manner known per se via the call center 38 in a fifth step select 5 °.

Compared to a usual order via call center 38 the customer shares the call center 28 however, that of the customer terminal 20 * calculated code with which on the display device 25 of the customer terminal 20 * is shown. For further protection can optionally by the call center 28 additionally one in the background system 30 or at the call center 38 deposited security question, which is to be answered correctly by the customer. The call center 38 then transmits the code 5 over any link to the background system 30 , Through the encryption with the public key ÖSK of the background system customer key pair ÖSK, PSK is a misuse by the call center 38 not possible. This is especially true if in the code a time information is integrated, which from the background system 30 via the dealer terminal 10 ' each updated, original from the dealer terminal 10 ' or from the customer terminal 20 * was generated and with a time information in the background system 30 can be adjusted.

Alternatively to transmission via a call center 38 It is also possible to use other transmission paths which are known per se, such as, for example, a call to a voice computer or a computer system which enables control and data input via telephone keypad.

Even with these alternatives, the background system 30 initiate a transaction based on a secure transaction request and parallel or subsequent confirmation messages in a sixth step 6.1 . 6.2 as in the previous embodiments send. While submitting an appropriate confirmation to the merchant terminal 10 ' is directly possible, a corresponding confirmation message in the form of a short message SMS over the second transmission link 42 cached in the short message service router until the customer terminal 20 * again establishes a communication connection to the short message service router and can receive the transaction confirmation with a time delay.

Is possible also the use of such terminals, which technically no GSM / UMTS Modules included. It is possible to implement, for example, a use of such terminals as pure encryption units for a) the case shown here and b) if the encrypted data is over a Terminal of the first group will be routed to the server.

According to simple embodiments, the provision of simple merchant or customer terminals is sufficient 10 . 20 from what a low-priced implementation by providing, for example, an SMS pad as a customer terminal 20 allows. In principle, however, also complex terminals are executable, for example, a conventional mobile device with an encryption key C in addition to the SIM card, the separation of functionality on two units with on the one hand the communication information and communication functions and on the other hand the encryption data and encryption functions without access from outside the security particularly preferably increased in a preferred manner. In addition to any possible combination of the individual aspects of the described embodiments, combinations with corresponding alternatives for known devices and methods are possible, for example, combinations with various types of protocols and systems for establishing transmission links.

The particularly preferred system thus consists of three components, the background system 30 , the dealer terminal 10 and the customer terminal 20 , eg an SMS pad of the customer with integrated chip card (dual interface smart card, possibly with crypto processor).

The Background system consists of an SMS host to send and Receive SMS messages and a server, the usual clearing tasks Fulfills and customers and dealers after the known method checks. additionally has he over the respective RSA keys to encrypt and decrypt of records, which are sent via SMS and or received.

The A trader terminal is preferably a common one POS (point of sale / sales) terminal, supplemented by an interface ISO 14443, an Internet shop, or a GSM terminal supplemented by an interface according to ISO 14443.

The customer terminal or SMS pad is preferably a device for sending and receiving SMS, GPRS, and or data call connections (data calls). It is out with a standard SIM card which ensures the handling of the GSM standards and additionally with a processor chip card with integrated crypto coprocessor and dual interface, ie a contacted interface with T = 1 or comparable and an interface according to ISO 14443. This card can contain various applications, eg e-purse , E-ticket, etc., and an application for encrypting payment data and managing the data. It also safely stores the required RSA keys or keys from other key systems (3DES).

The transmission of sensitive data during transmission of records When cashless payment is always a significant security risk dar. In particular on the Internet but also in the usual today Method for paying with the EC card in the offline procedure (ELV: Electronic direct debit procedure) are manipulations, fraud and data theft at the agenda. The use of GSM technology and future UMTS Procedure for Payments transactions are therefore repeatedly insecure assessed.

The The present method is intended to close this gap. The combination of highly encrypted records in conjunction with GSM / UMTS radio as independent data transmission can be ensured. The transaction data, in particular the ones where the sensitive Data of the customer, who makes the payment, is transmitted independently of Terminal of the dealer or even an Internet connection, so on a completely separate, from dealer uncontrollable way. The data is encrypted and signed with an RSA key. In this case, a system of uniform keys as well as a customer can be more specific key be used. Encrypting The sensitive data is thereby from a microprocessor chip card possibly also implemented with crypto-coprocessor. This saves the key for sure. additionally can use a PIN to authenticate the payee additionally be secured. This PIN can be found both on the card and in the Background system or only be stored in the background system. The microprocessor chip card works in conjunction with a device to GSM and or UMTS standard for sending and receiving SMS saves, if necessary supports GPRS and DataCall. Other features are optional. The handover the required data of the dealer to the customer (price, dealer number, TAN, payment options of the dealer u.a.) can u.a. by means of an interface according to ISO 14443 if this is supported by the chip card or the device. Other Interfaces are conceivable, as these data are not sensitive. Also the way that encrypted Transfer data to the merchant terminal are uncritical, because they are then encrypted.

Farther Is it possible, that encrypted data to the device be sent and decrypted by the device using the Chipkar te. Thereby Is it possible to change the data content of chip card applications. The can e.g. via SMS or DataCall in a dialogue process during a held connection. With this procedure, tickets can in the DF ticket (DF: Data File) a cash card or similar Facility can be loaded or loaded into e-exchanges.

The Settlement in the background system differs from that known methods in particular in clearing servers by the deposit the RSA key, the decryption the records, the exam the decrypted PIN, if necessary the exam the SIM card number and vice versa in the encryption of sensitive records to the SMS capable Device, the inclusion of the GSM / UMTS time stamp in the security query and possibly a random number. When using different and cards dependent key for sending and receiving data is the "cracking" of such a system for the foreseeable Exclude future.

Instead of the RSA encryption Alternatively, almost any known symmetrical and or asymmetric key method be used. Also, the use of multiple keys and / or different methods with a map are possible.

Claims (35)

Payment system with - a background system ( 30 ) with access to databases ( 34 . 35 . 39 . 37 ), - a first group of terminals, in particular with at least one merchant terminal ( 10 ; 10 ' ), - a second group of terminals, in particular at least one customer terminal ( 20 ; 20 * ), and - an encryption system - for carrying out a monetary transaction in the area of the background system ( 30 ) by transferring data between a first terminal ( 10 ; 10 ' ) of the first group of terminals and a second terminal ( 20 . 20 * ) of the second group of terminals, characterized in that - in the encryption system for transmitting at least part of the data between the first terminal ( 10 ; 10 ' ), the second terminal ( 20 ; 20 * ) and / or the background system ( 30 ) Bowl (ÖSK, PSK, ÖKS, PKS, ÖSH, PSH, ÖHS, PHS, ÖKH, PKH, ÖHK, PHK) with an individual key (ÖSK, ÖKS, ÖHS, ÖSH, ÖKH, ÖHK, PKS, PSK, PSH, PHS, PHK, PKH) and ver be used. Payment system, in particular according to claim 1, having - a background system ( 30 ) with access to databases ( 34 . 35 . 39 . 37 ), - a first group of terminals, in particular with at least one merchant terminal ( 10 ; 10 ' ), - a second group of terminals, in particular at least one customer terminal ( 20 ; 20 * ), and - an encryption system - for carrying out a monetary transaction in the area of the background system ( 30 ) by transferring data between a first terminal ( 10 ; 10 ' ) of the first group of terminals and a second terminal ( 20 . 20 * ) of the second group of terminals, characterized in that - in the encryption system for transmitting at least part of the data between the first terminal ( 10 ; 10 ' ), the second terminal ( 20 ; 20 * ) and / or the background system ( 30 ) at least one bowl (ÖSK, PSK, ÖKS, PKS, ÖSH, PSH, ÖHS, PHS, ÖKH, PKH, ÖHK, PHK, ÖSK, ÖKS, ÖHS, ÖSH, ÖKH, ÖHK, PKS, PSK, PSH, PHS, PHK , PKH) is provided and used, the data being transmitted via a mobile radio interface to the first or second terminal. ((System key and charging of electronic exchanges and the like)) Numbering system according to Claim 1 or 2, in which for the transmission of data between the first terminal ( 10 ; 10 ' ) and the background system ( 30 ), the second terminal ( 20 . 20 * ) and the background system ( 30 ) and / or the second terminal ( 20 . 20 * ) and the first terminal ( 10 . 10 ' ) At least one, in particular two key pairs the participating encrypted or decrypting devices are each provided uniquely assigned. Payment system according to any preceding claim, wherein the data for the transfer of the data between the first terminal ( 10 . 10 ' ) and the background system ( 30 ) from the first terminal ( 10 . 10 ' ) via the second terminal ( 20 . 20 * ) and from the second terminal ( 20 . 20 * ) to the background system ( 30 ) and from the first terminal ( 10 . 10 ' ) before being transmitted with a particular public key (ÖSH) of the background system ( 30 ) or the first terminal ( 10 . 10 ' ), the encrypted data from the second terminal ( 20 . 20 * ) are not decipherable. Payment system according to claim 4, wherein the key (ÖSH) is a unique and only between the first terminal (ÖSH) 10 . 10 ' ) and the background system ( 30 ) shipped key pair (ÖSH, PSH) stems. Payment system according to any preceding claim, wherein the data for the transfer of data between the second terminal ( 20 . 20 * ) and the background system ( 30 ) from the second terminal ( 20 . 20 * ) via the first terminal ( 10 . 10 ' ) and the background system ( 30 ) and from the second terminal ( 20 . 20 * ) prior to transmission with a public key in particular (ÖSK) of the background system ( 30 ) or the second terminal ( 20 . 20 * ), whereby the encrypted data from the first terminal ( 10 . 10 ' ) is not decipherable. Payment system according to claim 6, wherein the public key (ÖSH) a unique and only between the second terminal (ÖSH) 20 . 20 * ) and the background system ( 30 ) shipped key pair (ÖSH, PSH) stems. Payment system according to any preceding claim, wherein the data is transmitted as payment data from the second terminal ( 20 . 20 * ) independent of the first terminal ( 10 . 10 ' ) to the background system ( 30 ) be transmitted. Payment system according to claim 8, in which a part of the data is previously transferred from the first terminal ( 10 . 10 ' ) to the second terminal ( 20 . 20 * ) manually or via automatic interface ( 12 ; 12 ' ) is transmitted. Payment system according to any preceding claim, in which, from the first terminal ( 10 . 10 ' ) or the second terminal ( 20 . 20 * ) transmitted data before being transferred by the background system ( 30 ) received additional data (TAN, T). Payment system according to any preceding claim, wherein between the first terminal ( 10 . 10 ' ) and the second terminal ( 20 . 20 * ) transferred data prior to transmission by previously from the background system ( 30 ) and encrypted together with the additional data (TAN, T). Payment system according to any preceding claim, wherein the encryption in each case in one of the interfaces ( 12 . 12 ' . 12 * . 32 . 22 . 23 , SIM) independent and externally inaccessible encryption and / or control device (C) is performed. Payment system according to claim 12, wherein the encryption device (C) is assigned its own individual key pair. Payment system according to any preceding claim, wherein in the second terminal ( 20 . 20 * ) a dual interface smart card is used as an encryption device and wherein private and / or public keys (PKS, ÖSK, PKH, ÖHK) are stored in memory areas (M) that are not accessible from the outside. Payment system according to any preceding claim, wherein the first terminal ( 10 . 10 ' ) and the second terminal ( 20 . 20 * ) an interface ( 12 . 22 ) for transmitting the data over only a short, tamper-proof route, in particular an interface according to ISO 14443. Payment system according to any preceding claim, wherein prior to transmission, the data is supplemented with a device-independent personal identification number (PIN) which is only available to the operator of the first terminal (PIN). 10 . 10 ' ) or the second terminal ( 20 . 20 * ) on the one hand and on the other hand the background system ( 30 . 34 ; 30 . 35 ) is known. Payment system according to any preceding claim, at the time information (T) encrypted transmitted together with the data and / or as additional key for the Data when encrypting is used. Payment system according to Claim 17, in which the time information (T) from the background system ( 30 ) is used individually as a security feature. Payment system according to claim 17 or 18, wherein the Time information (T) after transmission the data receiver side in terms of a maximum allowable Process duration is checked. Payment system according to any preceding claim, wherein as the data application data from the background system ( 30 ) encrypted to the first or second terminal ( 10 . 20 ) be transmitted. Payment system according to claim 20, wherein the application data comprises a control device of the first or second terminal ( 10 . 20 ) manipulate. Payment system according to any preceding claim, wherein, when transmitting the data, no real monetary value flow over the transmission links from and to the first terminal ( 10 . 10 ' ) and from or to the second terminal ( 20 . 20 * ) takes place. Terminal as first terminal ( 10 . 10 ' ) for a payment system according to any preceding claim with an interface ( 23 ) to the background system ( 30 ) and a further interface, in particular output interface ( 12 . 12 ' . 14 ' . 12 * ), as well as a control device (C) for receiving, processing and transmitting data and for encrypting the data and with externally inaccessible memory for keys. Terminal as second terminal ( 20 . 20 * ) for a payment system according to one of claims 1 to 22 with an interface ( 23 ; 22 ; 25 ) to the background system ( 30 ) and another interface, in particular input interface ( 22 ; 23 ; 24 ), for entering data of the first terminal ( 10 . 10 ' ) and a control device (C) for receiving, processing and transmitting the data and for encrypting the data and with an externally inaccessible memory (N) for keys. Terminal according to claim 24 with the interface device, in particular a short message transmitting and / or receiving device (SIM, 24 ), and a control and encryption device (C), wherein the interface device, in particular the short message transmitting and / or receiving device, and the encryption device are structurally separate devices. The terminal of claim 25, wherein the encryption means (C) a stand-alone chip is, in particular a dual interface smart card with crypto coprocessor and / or another suitable smart card A terminal according to any one of claims 24 to 26, wherein an input means for triggering the encryption and outputting the data after transferring data to the second terminal (16). 20 ) is designed. Method for carrying out an electronic payment transaction, in particular with a payment system according to one of Claims 1 to 21 and / or with a terminal according to one of Claims 23 to 26, in which - data from a first terminal ( 10 . 10 ' ), in particular dealer terminal, from a first group of terminals via a second terminal ( 20 . 20 * ), in particular customer terminal, from a group of second terminals to a background system ( 30 ) or from the second terminal ( 20 . 20 * ) via the first terminal ( 10 . 10 ' ) to the background system ( 30 ), the data in the background system ( 30 ) and if necessary a transaction is triggered and characterized in that - the data is encrypted in each case with an individual key for the first terminal, the second terminal and / or the background system and the respective device relevant for the transmission. Method for carrying out an electronic payment process, in particular with a payment system according to the method according to claim 28 and / or according to one of claims 1 to 21 and / or with a terminal according to one of claims 23 to 26, in which - data from a background system ( 30 ) to a terminal ( 20 ), in particular customer terminal, are transferred from a group of terminals, - the data in the background system ( 30 ) are assigned to a monetary transaction and - wherein the data is encrypted before being transmitted, characterized in that - at least a part of the data is encrypted with an individual key or a system key and transmitted via a mobile radio interface. Method according to Claim 28 or 29, in which in the second terminal ( 20 ) and / or in the first terminal ( 10 ) an intersection of both sides possible payment method determined and displayed for selection. Method according to one of Claims 28 to 30, in which the data are stored in such a way with a key, in particular a key of a private and public key pair, of the originally transmitting terminal ( 20 ; 10 ; 30 ) are encrypted so that the data is only received from the final recipient ( 10 ; 20 ; 30 ) are decipherable. A method according to any one of claims 28 to 31, wherein the encode by means of a separate processor, in particular by means of a separate chip card (C) carried out becomes. A method according to any one of claims 28 to 32, wherein data transmitted by means of short message service and / or short-distance transmission become. Method according to one of Claims 28 to 33, in which the first terminal ( 10 . 10 ' ) no or only encrypted and from the first terminal ( 10 . 10 ' ) non-decipherable data of the second terminal ( 20 . 20 * ) for transmission to the background system ( 30 ) and / or in the reverse direction of transmission. Method according to one of claims 28 to 34, in which data in applications of the control device (C), in particular in a chip card or dual interface smart card of the second terminal ( 20 ).