EA200401187A1 - SYSTEM AND METHOD FOR SAFE TRANSACTIONS ON CREDIT AND DEBIT CARDS - Google Patents

SYSTEM AND METHOD FOR SAFE TRANSACTIONS ON CREDIT AND DEBIT CARDS

Info

Publication number
EA200401187A1
EA200401187A1 EA200401187A EA200401187A EA200401187A1 EA 200401187 A1 EA200401187 A1 EA 200401187A1 EA 200401187 A EA200401187 A EA 200401187A EA 200401187 A EA200401187 A EA 200401187A EA 200401187 A1 EA200401187 A1 EA 200401187A1
Authority
EA
Eurasian Patent Office
Prior art keywords
buyer
seller
mobile phone
security
personal identification
Prior art date
Application number
EA200401187A
Other languages
Russian (ru)
Other versions
EA006395B1 (en
Inventor
Уинстон Дональд Кич
Original Assignee
Суивел Секьюа Лимитед
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GB0207705A external-priority patent/GB2387253B/en
Application filed by Суивел Секьюа Лимитед filed Critical Суивел Секьюа Лимитед
Publication of EA200401187A1 publication Critical patent/EA200401187A1/en
Publication of EA006395B1 publication Critical patent/EA006395B1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • G06Q20/023Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] the neutral party being a clearing house
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/388Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)

Abstract

В заявке раскрыты способ и система для осуществления безопасных сделок по кредитным и дебетовым карточкам между покупателем и продавцом. Покупателю выдается псевдослучайная строка защиты от главного компьютера, которая передается в мобильный телефон покупателя. Криптографический алгоритм, включенный в SIM-карту мобильного телефона, вводит случайные данные в строку защиты или одноразовый код, извлекаемый из строки защиты, личный идентификационный номер покупателя и сумму сделки, причем эти два последних элемента вводятся с клавиатуры мобильного телефона. С помощью криптографического алгоритма формируется ответный код из трех цифр, который передается продавцу. Затем продавец передает ответный код, сумму сделки и номер счета покупателя (номер карточки) на главный компьютер, где из памяти компьютера извлекаются псевдослучайная строка защиты и личный идентификационный номер. После этого главный компьютер применяет тот же самый алгоритм к строке защиты, личному идентификационному номеру и сумме сделки, чтобы сформировать контрольный код, и если контрольный код соответствует ответному коду, переданному продавцом, сделка разрешается. В вариантах настоящего изобретения используется известная защитная инфраструктура CVV2, но при этом обеспечивается значительно большая степень защиты. Варианты настоящего изобретения могут быть использованы при непосредственной связи продавца с покупателем через обычный или мобильный телефон, а также в процессе электронной торговли через всемирную сеть Интернет.Отчет о международнои поиске был опубликован 2003.12.31.The application discloses a method and system for conducting secure transactions on credit and debit cards between the buyer and the seller. The buyer is given a pseudo-random string of protection from the main computer, which is transmitted to the mobile phone of the buyer. The cryptographic algorithm included in the SIM card of a mobile phone enters random data into the security string or one-time code extracted from the security string, the personal identification number of the customer and the transaction amount, the last two elements being entered from the mobile phone keypad. Using a cryptographic algorithm, a response code of three digits is generated, which is transmitted to the seller. Then the seller sends the response code, the transaction amount and the buyer's account number (card number) to the host computer, where a pseudo-random security line and personal identification number are extracted from the computer’s memory. After that, the host computer applies the same algorithm to the security string, personal identification number and transaction amount to form a control code, and if the control code matches the response code transmitted by the seller, the transaction is allowed. In embodiments of the present invention, the known CVV2 security infrastructure is used, but it provides a much greater degree of protection. Variants of the present invention can be used for direct communication of the seller with the buyer through a regular or mobile phone, as well as in the process of electronic commerce through the world wide web. The international search report was published 2003.12.31.

EA200401187A 2002-04-03 2003-03-14 System and method for secure credit and debit card transactions EA006395B1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
GB0207705A GB2387253B (en) 2002-04-03 2002-04-03 System and method for secure credit and debit card transactions
US10/131,489 US20030191945A1 (en) 2002-04-03 2002-04-25 System and method for secure credit and debit card transactions
PCT/GB2003/001075 WO2003083793A2 (en) 2002-04-03 2003-03-14 System and method for secure credit and debit card transactions

Publications (2)

Publication Number Publication Date
EA200401187A1 true EA200401187A1 (en) 2005-04-28
EA006395B1 EA006395B1 (en) 2005-12-29

Family

ID=28676501

Family Applications (1)

Application Number Title Priority Date Filing Date
EA200401187A EA006395B1 (en) 2002-04-03 2003-03-14 System and method for secure credit and debit card transactions

Country Status (11)

Country Link
EP (1) EP1490846A2 (en)
JP (1) JP2005521961A (en)
CN (1) CN1672180A (en)
AU (1) AU2003219276A1 (en)
BR (1) BR0308965A (en)
CA (1) CA2505920A1 (en)
EA (1) EA006395B1 (en)
MX (1) MXPA04009725A (en)
NZ (1) NZ535428A (en)
TW (1) TWI229279B (en)
WO (1) WO2003083793A2 (en)

Families Citing this family (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040098315A1 (en) 2002-11-19 2004-05-20 Haynes Leonard Steven Apparatus and method for facilitating the selection of products by buyers and the purchase of the selected products from a supplier
GB2416892B (en) * 2004-07-30 2008-02-27 Robert Kaplan Method and apparatus to enable validating entitlement to VoIP services
WO2008037116A1 (en) * 2006-09-27 2008-04-03 Kamfu Wong Method and system for encrypting transfer that the transfer code adding the user-defined arithmetic equal to the bank password
US8205793B2 (en) * 2007-03-31 2012-06-26 Dror Oved Banking transaction processing system
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
KR101572768B1 (en) 2007-09-24 2015-11-27 애플 인크. Embedded authentication systems in an electronic device
JP2009130882A (en) * 2007-11-28 2009-06-11 Oki Electric Ind Co Ltd Check value confirming method and apparatus
US8799069B2 (en) * 2007-12-21 2014-08-05 Yahoo! Inc. Mobile click fraud prevention
US8600120B2 (en) 2008-01-03 2013-12-03 Apple Inc. Personal computing device control using face detection and recognition
GB2457445A (en) * 2008-02-12 2009-08-19 Vidicom Ltd Verifying payment transactions
JP4656458B1 (en) 2009-11-09 2011-03-23 Necインフロンティア株式会社 Handy terminal and payment method by handy terminal
CN102096968A (en) * 2009-12-09 2011-06-15 中国银联股份有限公司 Method for verifying accuracy of PIN (Personal Identification Number) in agent authorization service
US8649766B2 (en) 2009-12-30 2014-02-11 Securenvoy Plc Authentication apparatus
EP2355028B1 (en) * 2009-12-30 2018-09-05 SecurEnvoy Ltd Authentication apparatus
CA2704864A1 (en) 2010-06-07 2010-08-16 S. Bhinder Mundip Method and system for controlling access to a monetary valued account
US8769624B2 (en) 2011-09-29 2014-07-01 Apple Inc. Access control utilizing indirect authentication
US9002322B2 (en) 2011-09-29 2015-04-07 Apple Inc. Authentication with secondary approver
EP2981939B1 (en) 2013-04-05 2020-06-17 Visa International Service Association Systems, methods and devices for transacting
US9898642B2 (en) 2013-09-09 2018-02-20 Apple Inc. Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
KR102405189B1 (en) 2013-10-30 2022-06-07 애플 인크. Displaying relevant user interface objects
TWI494880B (en) * 2013-11-14 2015-08-01 Nat Univ Tsing Hua Method for preventing misappropriation of plastic money and plastic money
CN206193906U (en) * 2014-05-29 2017-05-24 苹果公司 Electronic equipment
US10482461B2 (en) 2014-05-29 2019-11-19 Apple Inc. User interface for payments
US9967401B2 (en) 2014-05-30 2018-05-08 Apple Inc. User interface for phone call routing among devices
US9336523B2 (en) 2014-07-28 2016-05-10 International Business Machines Corporation Managing a secure transaction
US10339293B2 (en) 2014-08-15 2019-07-02 Apple Inc. Authenticated device used to unlock another device
US10066959B2 (en) 2014-09-02 2018-09-04 Apple Inc. User interactions for a mapping application
US9547419B2 (en) 2014-09-02 2017-01-17 Apple Inc. Reduced size configuration interface
FR3028639B1 (en) * 2014-11-17 2016-12-23 Oberthur Technologies METHOD FOR SECURING A PAYMENT TOKEN
EP3234932A1 (en) * 2014-12-19 2017-10-25 Diebold Nixdorf, Incorporated Pre-staged atm transactions
US20160224973A1 (en) 2015-02-01 2016-08-04 Apple Inc. User interface for payments
US9574896B2 (en) 2015-02-13 2017-02-21 Apple Inc. Navigation user interface
US10254911B2 (en) 2015-03-08 2019-04-09 Apple Inc. Device configuration user interface
US9940637B2 (en) 2015-06-05 2018-04-10 Apple Inc. User interface for loyalty accounts and private label accounts
US20160358133A1 (en) 2015-06-05 2016-12-08 Apple Inc. User interface for loyalty accounts and private label accounts for a wearable device
GB201522762D0 (en) * 2015-12-23 2016-02-03 Sdc As Data security
DK179186B1 (en) 2016-05-19 2018-01-15 Apple Inc REMOTE AUTHORIZATION TO CONTINUE WITH AN ACTION
US10776780B2 (en) * 2016-05-27 2020-09-15 Visa International Service Association Automated reissuance system for prepaid devices
US10621581B2 (en) 2016-06-11 2020-04-14 Apple Inc. User interface for transactions
CN109313759B (en) 2016-06-11 2022-04-26 苹果公司 User interface for transactions
DK201670622A1 (en) 2016-06-12 2018-02-12 Apple Inc User interfaces for transactions
US20180068313A1 (en) 2016-09-06 2018-03-08 Apple Inc. User interfaces for stored-value accounts
DK179978B1 (en) 2016-09-23 2019-11-27 Apple Inc. Image data for enhanced user interactions
US10860199B2 (en) 2016-09-23 2020-12-08 Apple Inc. Dynamically adjusting touch hysteresis based on contextual data
US10496808B2 (en) 2016-10-25 2019-12-03 Apple Inc. User interface for managing access to credentials for use in an operation
EP4156129A1 (en) 2017-09-09 2023-03-29 Apple Inc. Implementation of biometric enrollment
KR102185854B1 (en) 2017-09-09 2020-12-02 애플 인크. Implementation of biometric authentication
US11170085B2 (en) 2018-06-03 2021-11-09 Apple Inc. Implementation of biometric authentication
US10860096B2 (en) 2018-09-28 2020-12-08 Apple Inc. Device control using gaze information
US11100349B2 (en) 2018-09-28 2021-08-24 Apple Inc. Audio assisted enrollment
CA3062211A1 (en) * 2018-11-26 2020-05-26 Mir Limited Dynamic verification method and system for card transactions
US11328352B2 (en) 2019-03-24 2022-05-10 Apple Inc. User interfaces for managing an account
US11481094B2 (en) 2019-06-01 2022-10-25 Apple Inc. User interfaces for location-related communications
US11477609B2 (en) 2019-06-01 2022-10-18 Apple Inc. User interfaces for location-related communications
US11169830B2 (en) 2019-09-29 2021-11-09 Apple Inc. Account management user interfaces
AU2020356269B2 (en) 2019-09-29 2023-04-06 Apple Inc. Account management user interfaces
DK202070633A1 (en) 2020-04-10 2021-11-12 Apple Inc User interfaces for enabling an activity
US11816194B2 (en) 2020-06-21 2023-11-14 Apple Inc. User interfaces for managing secure operations
JP7429819B1 (en) 2023-04-05 2024-02-08 株式会社セブン銀行 Trading systems, trading devices, trading methods, and programs
CN116092623B (en) * 2023-04-12 2023-07-28 四川执象网络有限公司 Health data management method based on basic medical quality control

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0691526B2 (en) * 1985-03-08 1994-11-14 株式会社東芝 Communications system
AU1390395A (en) * 1994-01-14 1995-08-01 Michael Jeremy Kew A computer security system
GB2328310B (en) * 1996-05-15 1999-12-08 Ho Keung Tse Electronic transaction apparatus and method therefor
SE508844C2 (en) * 1997-02-19 1998-11-09 Postgirot Bank Ab Procedure for access control with SIM card
DE19820422A1 (en) * 1998-05-07 1999-11-11 Giesecke & Devrient Gmbh Method for authenticating a chip card within a message transmission network
FI115355B (en) * 2000-06-22 2005-04-15 Icl Invia Oyj Arrangement for the authentication and authentication of a secure system user
US7392388B2 (en) * 2000-09-07 2008-06-24 Swivel Secure Limited Systems and methods for identity verification for secure transactions
US20030055738A1 (en) * 2001-04-04 2003-03-20 Microcell I5 Inc. Method and system for effecting an electronic transaction

Also Published As

Publication number Publication date
WO2003083793A3 (en) 2003-12-31
NZ535428A (en) 2006-08-31
AU2003219276A1 (en) 2003-10-13
TW200306483A (en) 2003-11-16
MXPA04009725A (en) 2005-07-14
TWI229279B (en) 2005-03-11
CA2505920A1 (en) 2003-10-09
CN1672180A (en) 2005-09-21
WO2003083793A2 (en) 2003-10-09
BR0308965A (en) 2005-02-01
EP1490846A2 (en) 2004-12-29
EA006395B1 (en) 2005-12-29
JP2005521961A (en) 2005-07-21

Similar Documents

Publication Publication Date Title
EA200401187A1 (en) SYSTEM AND METHOD FOR SAFE TRANSACTIONS ON CREDIT AND DEBIT CARDS
KR102094815B1 (en) Smart card for providing virtual card number, method and program for providing virtual card number by smart card
US7899753B1 (en) Systems and methods for time variable financial authentication
BR9611975A (en) Process for securely debiting an electronic payment method
CN100438409C (en) Intelligent card with financial-transaction message processing ability and its method
US20070170247A1 (en) Payment card authentication system and method
EA200301199A1 (en) SAFE SYSTEM ONLINE PAYMENT
CN106233315A (en) System and method for data desensitization
US9213968B2 (en) Systems and methods for conducting financial transactions using non-standard magstripe payment cards
BR9611535A (en) Processes of carrying out a transaction using an electronic payment method and a payment and debit station protected from an electronic payment method using a smart financial transaction payment station and payment station
CN105122283B (en) Mobile terminal, security server and payment method thereof
WO2002086826A8 (en) Financial information input method using symmetrical key security algorithm and commercial transaction system for mobile communications
US20160189142A1 (en) Methods and systems of secure credit-card commerce transactions
DK0780012T3 (en) Method and arrangement to provide selective access to a security system
HUP0003227A2 (en) Payment process and system
MXPA03006418A (en) Electronic cash system for an electronic wallet.
El Madhoun et al. The EMV Payment System: Is It Reliable?
CN2929835Y (en) Intelligent card with financial trade message processing property
JP5589471B2 (en) Royalty management system, royalty management method and token
Wilson Calling for a uniform approach to card fraud offline and on
CN201584000U (en) Fingerprint identification security system for financial transactions
SE9702216L (en) security module
FR2819662B1 (en) METHOD OF USING ELECTRONIC PAYMENT CARDS TO SECURE TRANSACTIONS
KR101339016B1 (en) Finance system using finance card for security code and method thereof
CN2507067Y (en) Device for personal and network identity identification by USB interface

Legal Events

Date Code Title Description
MM4A Lapse of a eurasian patent due to non-payment of renewal fees within the time limit in the following designated state(s)

Designated state(s): AM AZ BY KZ KG MD TJ TM