EA021071B1 - Method of protection of financial transactions - Google Patents

Method of protection of financial transactions Download PDF

Info

Publication number
EA021071B1
EA021071B1 EA201101342A EA201101342A EA021071B1 EA 021071 B1 EA021071 B1 EA 021071B1 EA 201101342 A EA201101342 A EA 201101342A EA 201101342 A EA201101342 A EA 201101342A EA 021071 B1 EA021071 B1 EA 021071B1
Authority
EA
Eurasian Patent Office
Prior art keywords
client
mobile device
processing center
security
financial
Prior art date
Application number
EA201101342A
Other languages
Russian (ru)
Other versions
EA201101342A1 (en
Inventor
Андрей Юрьевич ЩЕРБАКОВ
Олег Олегович ТИХОНЕНКО
Original Assignee
Ооо "Тумбала"
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ооо "Тумбала" filed Critical Ооо "Тумбала"
Priority to EA201101342A priority Critical patent/EA021071B1/en
Publication of EA201101342A1 publication Critical patent/EA201101342A1/en
Publication of EA021071B1 publication Critical patent/EA021071B1/en

Links

Abstract

The invention relates to the field of informatics and finances, more definite, to a method of protection of financial transactions. The present invention can be used in creating and operating different-purpose financial systems, trade and payment systems, improving protection properties and convenience of using cashpoints and Internet-banking. The present technology provides to protect reliably a card owner from card loss (and even mobile device loss) and compromise of the main pin-code. Besides, the present technology protects from unfair traders and from compromise of the verification code on the reverse side of the card.

Description

The invention relates to the field of computer science and finance, and more specifically to a method for protecting financial transactions.

The present invention can find application in the creation and operation of financial systems for various purposes, trading and payment systems, improving the protective properties and ease of use of ATMs and Internet banking terminals.

Currently, a very acute problem is the security of making payments and receiving cash in self-service devices using plastic cards. As you know, a card user is authorized by entering a 4- or 5-digit pin code, which is often intercepted by skimming devices or social engineering methods. In addition, sellers of goods and services, especially in online stores, often ask along with the card number to provide a control code on its reverse side, which then allows you to withdraw money from the card, regardless of its owner.

To introduce additional security measures at ATMs or payment terminals, especially those located in different countries, is technically unrealistic.

The basis of the present invention is the creation of a method of protecting financial transactions, which would ensure the security of payments and other financial transactions even if the PIN code is lost or compromised and the plastic card or other payment instrument is lost or stolen.

This problem is solved in a method of protecting financial transactions in a payment system consisting of at least one processing center that provides servicing of a financial instrument owned by a client, which also has a mobile device or computer for communication with a processing center, which makes financial transactions using a financial instrument the fact that the processing center previously individually forms and issues to the client a security notebook that is uniquely associated with its finances With the help of a new tool, the security notepad is a table of 10x10 size of specially formed two-digit numbers, total of 100 numbers, which is used to conduct a predetermined number of transactions using the specified client financial instrument and fixes the parameters of the client’s mobile device or computer so that through this mobile device or the computer exchange information with the client, when the client requests a transaction, the processing center sends it to the client’s mobile device an extended PIN, which is a set of at least 4 digits of an even number of digits, having received an extended PIN on your mobile device, the client selects two-digit numbers of the enabling answer, each number of which is double, for each of its two digits in the security notebook (vertically and horizontally) is less than the length of the extended PIN, enters them into a mobile device or computer and sends a resolving response to the processing center, if the resolving response received by the processing center matches the reference value, calculated using the security pad, holding the transaction requested by the client is allowed, otherwise - it is prohibited.

It is technically advisable to apply the described method to the following financial instruments: debit and credit plastic cards with a magnetic strip, debit and credit plastic cards with a microchip, prepaid cards, current customer accounts, and also implement it in a payment system containing ATMs or other devices for issuing cash money, Internet banking terminals.

It is equally technically advisable to close the safety notebook with a protective coating that is erased in the right places when the client draws up an authorizing answer.

The implementation of the described method allows to ensure the security of payments and other financial transactions even if the PIN code is lost or compromised and the plastic card or other payment instrument is lost or stolen.

The present invention is disclosed in the following example with a schematic description of a cash dispensing system through an ATM with reference to a drawing schematically showing a block diagram of the system describing the inventive method.

The system includes an ATM 1, serviced at a processing center 5, which serves a client card 2. The client also has a mobile phone 3 and a security pad 4.

The system operates as follows. Pre-processing center 5 individually generates and issues to the cardholder 2 a security notebook 4 - a table of 10x10 specially formed two-digit numbers (a total of 100 numbers). When placing card 2 in ATM 1 and generating a request for cash withdrawal from the side of the self-service device (ATM) (block 1), a request is generated in the processing center 5 in a regular manner, however, processing center 5 sends the cardholder 2 to mobile device 3 to complete the requested transaction request for confirmation of the operation - an extended PIN (4 digits), which is converted by the client-holder of card 2 into a permissive answer (4 digits) as follows:

- 1 021071 having received an extended PIN on his mobile device, he selects for each two digits of the request (vertically and horizontally) two two-digit numbers of the enabling answer and sends them in the form of §ш§ back to processing center 5, if the result obtained by processing center 5 matches with a reference value, payment posting is allowed, otherwise it is prohibited. If posting is permitted, cash 6 will be issued from self-service device 1.

This technology will fully protect the card holder from losing the card (and even the loss of a mobile device) and compromising the main pin code. In addition, it protects against unscrupulous sellers and from compromising the control code on the back of the card. One security notebook provides up to 50 transactions.

Claims (2)

  1. CLAIM
    1. A method for protecting financial transactions in a payment system consisting of at least one processing center servicing a financial instrument owned by a client, which also has a mobile device for communication with a processing center that performs financial transactions using a financial instrument, which consists in the processing center previously individually forms and issues to the client a security notebook, which is uniquely associated with its financial instrument, a security notebook of data is a table of 10x10 in size of specially formed two-digit numbers, a total of 100 numbers, which is used to conduct a predetermined number of transactions using the specified financial instrument of the client and fixes the parameters of the client’s mobile device so that through this mobile device exchange information with the client, upon request to complete the transaction, the processing center sends an extended PIN to the client’s mobile device, which is a set of an even number of digits, not less 4 of them, having received an extended PIN on their mobile device, the client selects two-digit numbers of the allowing answer, the number of which is half the length of the extended PIN, for each two of its digits in the security notebook (vertically and horizontally), enters them into the mobile device and sends resolving response to the processing center, if the resolving response received by the processing center coincides with the reference value calculated using the security notepad, conducting the transaction requested by the client aetsya otherwise - is prohibited.
  2. 2. The method according to claim 1, including, but not limited to, the following financial instruments: debit and credit plastic cards with a magnetic strip, debit and credit plastic cards with a microchip, prepaid cards, current customer accounts, and also implemented in a payment system containing ATMs or other cash dispensing devices.
EA201101342A 2011-10-17 2011-10-17 Method of protection of financial transactions EA021071B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EA201101342A EA021071B1 (en) 2011-10-17 2011-10-17 Method of protection of financial transactions

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EA201101342A EA021071B1 (en) 2011-10-17 2011-10-17 Method of protection of financial transactions

Publications (2)

Publication Number Publication Date
EA201101342A1 EA201101342A1 (en) 2013-06-28
EA021071B1 true EA021071B1 (en) 2015-03-31

Family

ID=48699363

Family Applications (1)

Application Number Title Priority Date Filing Date
EA201101342A EA021071B1 (en) 2011-10-17 2011-10-17 Method of protection of financial transactions

Country Status (1)

Country Link
EA (1) EA021071B1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2301449C2 (en) * 2005-06-17 2007-06-20 Закрытое Акционерное Общество "Интервэйл" Method for realization of multi-factor strict authentication of bank card holder with usage of mobile phone in mobile communication environment during realization of inter-bank financial transactions in international payment system in accordance to 3-d secure specification protocol and the system for realization of aforementioned method
WO2007103831A2 (en) * 2006-03-02 2007-09-13 Visa International Service Association Method and system for performing two factor authentication in mail order and telephone order transactions
US20080052245A1 (en) * 2006-08-23 2008-02-28 Richard Love Advanced multi-factor authentication methods
RU2007107897A (en) * 2007-03-05 2008-09-10 Борис Иванович Алтунин (RU) Method and device for protecting electronic access to bank accounts
US20110238574A1 (en) * 1998-04-17 2011-09-29 Diebold Self-Service Systems Division Of Diebold, Incorporated Banking system controlled responsive to data bearing records and user input of a phone received security code

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110238574A1 (en) * 1998-04-17 2011-09-29 Diebold Self-Service Systems Division Of Diebold, Incorporated Banking system controlled responsive to data bearing records and user input of a phone received security code
RU2301449C2 (en) * 2005-06-17 2007-06-20 Закрытое Акционерное Общество "Интервэйл" Method for realization of multi-factor strict authentication of bank card holder with usage of mobile phone in mobile communication environment during realization of inter-bank financial transactions in international payment system in accordance to 3-d secure specification protocol and the system for realization of aforementioned method
WO2007103831A2 (en) * 2006-03-02 2007-09-13 Visa International Service Association Method and system for performing two factor authentication in mail order and telephone order transactions
US20080052245A1 (en) * 2006-08-23 2008-02-28 Richard Love Advanced multi-factor authentication methods
RU2007107897A (en) * 2007-03-05 2008-09-10 Борис Иванович Алтунин (RU) Method and device for protecting electronic access to bank accounts

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
АМАНГЕЛЬДЫЕВ А. Секрет фирмы, или технологии сокрытия ценной информации. - Журнал "Курсив", No. 5, сентябрь-октябрь, 2004, издательство "Курсив", разделы "Две крайности", "Платежные карты", [он-лайн], [найдено 13.02.2012]. Найдено из Интернет: *

Also Published As

Publication number Publication date
EA201101342A1 (en) 2013-06-28

Similar Documents

Publication Publication Date Title
US9881298B2 (en) Credit card system and method
CN101095162B (en) System and method for a secure transaction module
CA2878813C (en) System and method for verifying a financial instrument
US10037524B2 (en) Dynamic primary account number (PAN) and unique key per card
US8770470B2 (en) Device including form factor indicator
KR101502460B1 (en) Consumer Authentication System and Method
CA2604913C (en) Method and system for risk management in a transaction
US20150310429A1 (en) Systems, Methods, and Computer Program Products for Using Proxy Accounts
US20160092872A1 (en) Transaction Risk Based Token
US20060131385A1 (en) Conditional transaction notification and implied approval system
US20060131390A1 (en) Method and system for providing transaction notification and mobile reply authorization
Bhatla et al. Understanding credit card frauds
US20150199679A1 (en) Multiple token provisioning
US20050216424A1 (en) Transaction system with special handling of micropayment transaction requests
US10037516B2 (en) Secure transactions using a point of sale device
US20090094124A1 (en) Real-time point-of-sale change-of-address processing
EP1487176A1 (en) A method of paying from an account by a customer having a mobile user terminal, and a customer authenticating network
US20070198410A1 (en) Credit fraud prevention systems and methods
US9947010B2 (en) Methods and systems for payments assurance
US8191775B2 (en) Gift card account system and methods of a merchant processing a gift card
US8965811B2 (en) Methods and systems for using physical payment cards in secure E-commerce transactions
US20110302089A1 (en) Electronic credit card with fraud protection
CA2936985A1 (en) Token verification using limited use certificates
CA2777885A1 (en) Cardless payment transactions
WO2010108023A2 (en) Account activity alert

Legal Events

Date Code Title Description
MM4A Lapse of a eurasian patent due to non-payment of renewal fees within the time limit in the following designated state(s)

Designated state(s): AM AZ BY KZ KG MD TJ TM RU