EP1872316A1 - A method of authenticating a user of a network terminal device and a system therefor - Google Patents

A method of authenticating a user of a network terminal device and a system therefor

Info

Publication number
EP1872316A1
EP1872316A1 EP06727419A EP06727419A EP1872316A1 EP 1872316 A1 EP1872316 A1 EP 1872316A1 EP 06727419 A EP06727419 A EP 06727419A EP 06727419 A EP06727419 A EP 06727419A EP 1872316 A1 EP1872316 A1 EP 1872316A1
Authority
EP
European Patent Office
Prior art keywords
password
network terminal
terminal device
communications device
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP06727419A
Other languages
German (de)
French (fr)
Inventor
Fayaaz Moosa Bham
Pathmanatitan Gopal Pather
Zunaid Ebrahim Vanker
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Standard Bank of South Africa Ltd
Original Assignee
Standard Bank of South Africa Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Standard Bank of South Africa Ltd filed Critical Standard Bank of South Africa Ltd
Publication of EP1872316A1 publication Critical patent/EP1872316A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/18Payment architectures involving self-service terminals [SST], vending machines, kiosks or multimedia terminals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation

Definitions

  • THIS invention relates to a method of authenticating a user of a network terminal device and to a system therefor.
  • the network terminal device is typically a self-service kiosk.
  • the network terminal device may be an automatic teller machine (ATM) which is used to conduct transactions on a user account.
  • ATM automatic teller machine
  • ATMs are well known.
  • a client of a financial institution is typically issued with a magnetic card or a smart card that they insert into an ATM to initiate transaction requests.
  • the card is linked to the client's account with the financial institution.
  • the ATM prompts the client to enter a personal identification number (PIN) and if the pin is correct the client is able to transact on their account.
  • PIN personal identification number
  • ATMs are used to withdraw money, transfer funds from one client account, to another, pay a bill, pay a beneficiary, or obtain an account balance and/or a transaction history.
  • a method of authenticating a user of a network terminal device including:
  • the password received from the network terminal device matches the password transmitted to the communications device then authenticating the user of the network terminal device.
  • the request may include an identity of a communications device and wherein the identity of the communications device included in the request is compared with the identity of the communications device linked to the client.
  • the communications device may be a mobile communications device such as a mobile telephone.
  • the network terminal device may be an automatic teller machine (ATM).
  • ATM automatic teller machine
  • the financial transaction may include at least one of withdrawing money, transferring funds from one client account to another, paying a bill, paying a beneficiary, obtaining information about the account or about previous transactions on the account.
  • the password transmitted to the mobile communications device may only be valid for a predetermined period of time.
  • the password may be unique.
  • the method may include:
  • the present invention extends to a system for authenticating a user of a network terminal device, the system including:
  • a memory for storing information relating to an identification of a communications device and information relating to a client account with a financial institution; a processor disposed in communication with the memory, the processor being adapted to:
  • the password received from the network terminal device matches the password transmitted to the communications device then authenticating the user of the network terminal device.
  • the processor may receive a request including an identity of a communications device and wherein the identity of the communications device included in the request is compared with the identity of the communications device linked to the client.
  • the communications device may be a mobile communications device such as a mobile telephone.
  • the network terminal device may be an automatic teller machine (ATM).
  • ATM automatic teller machine
  • the financial transaction may include at least one of withdrawing money, transferring funds from one client account to another, paying a bill, paying a beneficiary, obtaining information about the account or about previous transactions on the account.
  • the password transmitted to the mobile communications device may only be valid for a predetermined period of time.
  • the password may be unique.
  • the present invention further extends to a machine-readable medium comprising instructions, which when executed by a machine, cause the machine to perform the method of authenticating a user of a network terminal device as described above.
  • the present invention further extends to a network terminal device including:
  • a processor in communication with the display device and the data entry device, the processor being adapted to prompt a user via the display device to enter an identity and a password via the data entry device, to transmit this information to a server and to receive instructions from the server to authenticate the user or not.
  • Figure 1 shows a block diagram of one example of a system in which the invention may be implemented.
  • Figure 2 is a flowchart showing one example of authenticating a user of network terminal device.
  • a network terminal device in the form of an automatic teller machine (ATM) 10 allows a client of a financial institution to withdraw money, transfer funds from one client account to another, pay bills, obtain, pay beneficiaries, obtain an account balance and obtain a transaction history, for example.
  • ATM automatic teller machine
  • machines are sometimes referred to as self-service terminals and sometimes the machines also have other functionality, sometimes even being operated by an operator.
  • point of sale devices at retail stores are able to connect to a server of a financial institution to conduct transactions. These may include withdrawal of cash from the point of sale device and may also include payment for goods on credit or debit at the point of sale device.
  • the ATM 10 is connected to a server 12 by means of a network 14.
  • the server 12 may be a server operated by a financial institution or may be a server connected via another network to a second server 16 of the financial institution.
  • the server 12 and/or 16 includes a machine readable media typically in the form of a processor wherein when instructions are executed on the processor these cause the processor to implement one or more of the methodologies described below.
  • the server 12 and/or 16 will also typically include a memory for storing information thereon.
  • the memory may take the form of a database to which the server is connected and on which the information is stored.
  • the information will be information including details of client accounts with the financial institution, for example.
  • Software executing on the server 12 enables the authentication of a user of the ATM.
  • the user authentication process to allow cardless banking can either be initiated at the ATM 10 or using the client's communications device 18. Both of these scenarios will be described below.
  • an identification of a client's communications device 18 is linked to a client account with a financial institution.
  • the client's communications device 18 is typically a mobile telephone.
  • a client wishing to transact at an ATM can approach the ATM and select a cardless banking option.
  • the client will be prompted to enter an identification which in one example may be their communications device identification number. As discussed above, this could be a Mobile Subscriber ISDN Number (MSISDN) or more typically the mobile telephone number dialed locally such as 083 123 4567.
  • MSISDN Mobile Subscriber ISDN Number
  • the identification entered may be another form of identification such as an identification of the user or an identification of a financial transaction.
  • the request is transmitted to the server 12.
  • a request to authenticate a user and thereby to allow the user to conduct a financial transaction on a client account is received at server 12, the request including an identity which may be of the user's communications device 18.
  • This identity is compared at the server 12 with the identification of the client's communications device 18 which was previously linked to the client account with the financial institution.
  • a password for the financial transaction is generated by server 12 and the password is transmitted to the mobile communications device 18 identified in the request received.
  • the password will typically be transmitted using the Short Message Service (SMS) or Multimedia Message Service (MMS), but other methodologies may be used to transmit the password to the mobile communication device 18 over the network 14.
  • SMS Short Message Service
  • MMS Multimedia Message Service
  • the password transmitted to the mobile communications device 18 is only valid for a single use and for a predetermined period of time.
  • the password may be unique.
  • the client will now have received the password on their communications device 18 and the ATM will prompt the client to enter the password.
  • This password entered into the ATM 10 is transmitted to server 12 via the network 14 and the server uses the password to authenticate the user.
  • the user is authenticated and allowed to proceed with one or more financial transactions using the ATM.
  • the financial transaction may include withdrawing money, transferring funds from one user account to another, paying a bill, paying a beneficiary and obtaining information about the account or about previous transactions on the account, for example.
  • the client could initiate the process using the client communications device 18.
  • a menu of financial transactions is accessed using the mobile communications device.
  • the menu could either be stored locally on the mobile communication device with some software downloaded onto a processor of the mobile communications device.
  • the menu could be located on the server 12 and accessed via the communications network using, for example, the Wireless Application Protocol (WAP).
  • WAP Wireless Application Protocol
  • the client conducts the entire transaction on the client's communications device 18. This includes transaction specific information and the client's Personal Identification Number (PIN) associated with the client profile. For example, the client initiates a withdrawal request, enters the amount to withdraw, the account from which to withdraw and the PIN associated with their profile into the communications device 18.
  • the communication device transmits the request over the network 14 or another network (not shown), which is received by the financial institution's server 12.
  • the server 12 will process the request and transmit a random password valid for a predefined period to the communications device 18 which password can then be used at the ATM.
  • the client now approaches the ATM and selects a cardless banking option.
  • the ATM is adapted to prompt a user via the display device to enter an identity, which may be the identity of a communications device or the identity of a financial transaction and the password sent to the client's communication device. This information is received from the client and transmitted to the server 12.
  • the authenticated user will result in the ATM dispensing the required amount of cash to the client.
  • the point of transaction selection is the point of transaction selection.
  • the complete transaction is conducted on the customer's communications device and the ATM is used purely to conclude the transaction, e.g. the dispensing of cash (typically withdrawals).
  • a random password is requested in isolation without a bounded transaction request.
  • the transaction selection takes place at the network terminal device as per standard ATM processing and the client experience after authentication is exactly as per card initiated transaction processing.
  • the ATM will need to be modified for the present invention and will typically include a display device, a data entry device and a processor in communication with the display device and the data entry device.
  • the processor is adapted to prompt a user via the display device to enter an identity and a password via the data entry device, to transmit this information to a server and to receive instructions from the server to authenticate a user or not.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method of authenticating a user of a network terminal device includes linking an identification of a communications device to a client account with a financial institution. A request is then received to conduct a transaction on a client account and a password is generated. The password is transmitted to the communications device linked to the client account. The client enters this password into the network terminal device and the entered password is received from the network terminal device. If the entered password matches the password transmitted to the communications device then the user of the network terminal device is authenticated.

Description

A METHOD OF AUTHENTICATING A USER OF A NETWORK TERMINAL DEVICE AND A SYSTEM THEREFOR
BACKGROUND OF THE INVENTION
THIS invention relates to a method of authenticating a user of a network terminal device and to a system therefor.
The network terminal device is typically a self-service kiosk. In one example, the network terminal device may be an automatic teller machine (ATM) which is used to conduct transactions on a user account.
ATMs are well known. A client of a financial institution is typically issued with a magnetic card or a smart card that they insert into an ATM to initiate transaction requests. The card is linked to the client's account with the financial institution. The ATM prompts the client to enter a personal identification number (PIN) and if the pin is correct the client is able to transact on their account.
Typically, ATMs are used to withdraw money, transfer funds from one client account, to another, pay a bill, pay a beneficiary, or obtain an account balance and/or a transaction history.
The key to accessing an ATM has always been the card which is issued to the client without which they are unable to use the ATM. SUMMARY OF THE INVENTION
According to a first aspect of the invention there is provided a method of authenticating a user of a network terminal device, the method including:
linking an identification of a communications device to a client account with a financial institution;
receiving a request from a network terminal device to authenticate a user of the network terminal device and thereby to allow the user to conduct a transaction on a client account;
generating a password;
transmitting the password to the communications device linked to the client account;
receiving a password entered into the network terminal device; and
if the password received from the network terminal device matches the password transmitted to the communications device then authenticating the user of the network terminal device.
The request may include an identity of a communications device and wherein the identity of the communications device included in the request is compared with the identity of the communications device linked to the client.
The communications device may be a mobile communications device such as a mobile telephone.
The network terminal device may be an automatic teller machine (ATM). The financial transaction may include at least one of withdrawing money, transferring funds from one client account to another, paying a bill, paying a beneficiary, obtaining information about the account or about previous transactions on the account.
The password transmitted to the mobile communications device may only be valid for a predetermined period of time.
In addition, the password may be unique.
In one example embodiment, the method may include:
receiving a request to conduct a transaction on a client account;
processing the transaction;
transmitting a transaction identification together with the password to the communications device;
receiving the transaction identification together with the password which have been input into the network terminal device; and
if the received transaction identification and password match the transaction identification and password transmitted to the communications device, then authenticating the user of the network terminal device.
The present invention extends to a system for authenticating a user of a network terminal device, the system including:
a memory for storing information relating to an identification of a communications device and information relating to a client account with a financial institution; a processor disposed in communication with the memory, the processor being adapted to:
link an identification of a communications device to a client account with a financial institution;
receive a request to authenticate a user of the network terminal device and thereby to allow the user conduct a transaction on a client account;
generate a password;
transmit the password to the communications device linked to the client account;
receive a password entered into a network terminal device; and
if the password received from the network terminal device matches the password transmitted to the communications device then authenticating the user of the network terminal device.
The processor may receive a request including an identity of a communications device and wherein the identity of the communications device included in the request is compared with the identity of the communications device linked to the client.
The communications device may be a mobile communications device such as a mobile telephone.
The network terminal device may be an automatic teller machine (ATM). The financial transaction may include at least one of withdrawing money, transferring funds from one client account to another, paying a bill, paying a beneficiary, obtaining information about the account or about previous transactions on the account.
The password transmitted to the mobile communications device may only be valid for a predetermined period of time.
In addition, the password may be unique.
The present invention further extends to a machine-readable medium comprising instructions, which when executed by a machine, cause the machine to perform the method of authenticating a user of a network terminal device as described above.
The present invention further extends to a network terminal device including:
a display device;
a data entry device; and
a processor in communication with the display device and the data entry device, the processor being adapted to prompt a user via the display device to enter an identity and a password via the data entry device, to transmit this information to a server and to receive instructions from the server to authenticate the user or not. BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 shows a block diagram of one example of a system in which the invention may be implemented; and
Figure 2 is a flowchart showing one example of authenticating a user of network terminal device.
DESCRIPTION OF PREFERRED EMBODIMENTS
Referring to Figure 1 , a network terminal device in the form of an automatic teller machine (ATM) 10 allows a client of a financial institution to withdraw money, transfer funds from one client account to another, pay bills, obtain, pay beneficiaries, obtain an account balance and obtain a transaction history, for example.
These machines come in different forms depending on the financial institution they are associated with, if any, and the manufacturer of the machine.
These machines are sometimes referred to as self-service terminals and sometimes the machines also have other functionality, sometimes even being operated by an operator.
For example, certain point of sale devices at retail stores are able to connect to a server of a financial institution to conduct transactions. These may include withdrawal of cash from the point of sale device and may also include payment for goods on credit or debit at the point of sale device.
Thus, the phrase automatic teller machine is used in this specification in a very general sense.
In any event, the ATM 10 is connected to a server 12 by means of a network 14. The server 12 may be a server operated by a financial institution or may be a server connected via another network to a second server 16 of the financial institution.
The server 12 and/or 16 includes a machine readable media typically in the form of a processor wherein when instructions are executed on the processor these cause the processor to implement one or more of the methodologies described below.
The server 12 and/or 16 will also typically include a memory for storing information thereon. Alternatively, the memory may take the form of a database to which the server is connected and on which the information is stored.
The information will be information including details of client accounts with the financial institution, for example.
Software executing on the server 12 enables the authentication of a user of the ATM.
The user authentication process to allow cardless banking can either be initiated at the ATM 10 or using the client's communications device 18. Both of these scenarios will be described below.
In either case, an identification of a client's communications device 18 is linked to a client account with a financial institution. The client's communications device 18 is typically a mobile telephone.
Describing first the user authentication process which is initiated at the ATM 10, a client wishing to transact at an ATM can approach the ATM and select a cardless banking option. The client will be prompted to enter an identification which in one example may be their communications device identification number. As discussed above, this could be a Mobile Subscriber ISDN Number (MSISDN) or more typically the mobile telephone number dialed locally such as 083 123 4567.
The identification entered may be another form of identification such as an identification of the user or an identification of a financial transaction.
In any event, the request is transmitted to the server 12.
Thus, a request to authenticate a user and thereby to allow the user to conduct a financial transaction on a client account is received at server 12, the request including an identity which may be of the user's communications device 18.
This identity is compared at the server 12 with the identification of the client's communications device 18 which was previously linked to the client account with the financial institution.
A password for the financial transaction is generated by server 12 and the password is transmitted to the mobile communications device 18 identified in the request received.
The password will typically be transmitted using the Short Message Service (SMS) or Multimedia Message Service (MMS), but other methodologies may be used to transmit the password to the mobile communication device 18 over the network 14.
In one example, the password transmitted to the mobile communications device 18 is only valid for a single use and for a predetermined period of time. In addition, the password may be unique.
The client will now have received the password on their communications device 18 and the ATM will prompt the client to enter the password. This password entered into the ATM 10 is transmitted to server 12 via the network 14 and the server uses the password to authenticate the user.
If the password received from the ATM 10 matches the password transmitted to the mobile communications device then the user is authenticated and allowed to proceed with one or more financial transactions using the ATM.
As mentioned above, the financial transaction may include withdrawing money, transferring funds from one user account to another, paying a bill, paying a beneficiary and obtaining information about the account or about previous transactions on the account, for example.
In another embodiment, the client could initiate the process using the client communications device 18.
A menu of financial transactions is accessed using the mobile communications device. The menu could either be stored locally on the mobile communication device with some software downloaded onto a processor of the mobile communications device. Alternatively, the menu could be located on the server 12 and accessed via the communications network using, for example, the Wireless Application Protocol (WAP).
In this embodiment, the client conducts the entire transaction on the client's communications device 18. This includes transaction specific information and the client's Personal Identification Number (PIN) associated with the client profile. For example, the client initiates a withdrawal request, enters the amount to withdraw, the account from which to withdraw and the PIN associated with their profile into the communications device 18. The communication device transmits the request over the network 14 or another network (not shown), which is received by the financial institution's server 12. In response to receiving the request for the financial transaction, the server 12 will process the request and transmit a random password valid for a predefined period to the communications device 18 which password can then be used at the ATM.
The client now approaches the ATM and selects a cardless banking option.
The ATM is adapted to prompt a user via the display device to enter an identity, which may be the identity of a communications device or the identity of a financial transaction and the password sent to the client's communication device. This information is received from the client and transmitted to the server 12.
If the password received from the ATM 10 matches the password transmitted to the mobile communications device then the user is authenticated.
In the described example, the authenticated user will result in the ATM dispensing the required amount of cash to the client.
It will be appreciated that a difference between examples described above is the point of transaction selection. In some instances, the complete transaction is conducted on the customer's communications device and the ATM is used purely to conclude the transaction, e.g. the dispensing of cash (typically withdrawals). In other instances, a random password is requested in isolation without a bounded transaction request. The transaction selection takes place at the network terminal device as per standard ATM processing and the client experience after authentication is exactly as per card initiated transaction processing.
It will be appreciated that the ATM will need to be modified for the present invention and will typically include a display device, a data entry device and a processor in communication with the display device and the data entry device. The processor is adapted to prompt a user via the display device to enter an identity and a password via the data entry device, to transmit this information to a server and to receive instructions from the server to authenticate a user or not.

Claims

CLAlMS:
1. A method of authenticating a user of a network terminal device, the method including:
linking an identification of a communications device to a client account with a financial institution;
receiving a request from a network terminal device to authenticate a user of the network terminal device and thereby to allow the user to conduct a transaction on a client account;
generating a password;
transmitting the password to the communications device linked to the client account;
receiving a password entered into the network terminal device; and
if the password received from the network terminal device matches the password transmitted to the communications device then authenticating the user of the network terminal device.
2. A method according to claim 1 wherein the request includes an identity of a communications device and wherein the identity of the communications device included in the request is compared with the identity of the communications device linked to the client.
3. A method according to claim 1 or claim 2 wherein the communication device is a mobile communication device.
4. A method according to claim 3 wherein the mobile communications device is a mobile telephone.
5. A method according to any preceding claim wherein the network terminal device is an automatic teller machine (ATM).
6. A method according to claim 5 wherein the ATM is used without inserting a card into the ATM.
7. A method according to any preceding claim wherein the transaction includes at least one of withdrawing money, transferring funds from one client account to another, paying a bill, paying a beneficiary, obtaining information about the account or about previous transactions on the account.
8. A method according to any preceding claim wherein the password transmitted to the communications device is only valid for a predetermined period of time.
9. A method according to any preceding claim wherein the password is unique.
10. A method according to any preceding claim further including:
receiving a request to conduct a transaction on a client account;
processing the transaction;
transmitting a transaction identification together with the password to the communications device; receiving the transaction identification together with the password which have been input into the network terminal device; and
if the received transaction identification and password match the transaction identification and password transmitted to the communications device, then authenticating the user of the network terminal device.
11. A method according to claim 10 wherein the request received to conduct a transaction on a client account is received from the communications device.
12. A system for authenticating a user of a network terminal device, the system including:
a memory for storing information relating to an identification of a communications device and information relating to a client account with a financial institution;
a processor disposed in communication with the memory, the processor being adapted to:
link an identification of a communications device to a client account with a financial institution;
receive a request to authenticate a user of the network terminal device and thereby to allow the user conduct a transaction on a client account;
generate a password;
transmit the password to the communications device linked to the client account; receive a password entered into a network terminal device; and
if the password received from the network terminal device matches the password transmitted to the communications device then authenticating the user of the network terminal device.
13. A system according to claim 12 wherein the processor receives a request including an identity of a communications device and wherein the identity of the communications device included in the request is compared with the identity of the communications device linked to the client.
14. A system according to claim 12 or claim 13 wherein the communication device is a mobile communication device.
15. A system according to claim 14 wherein the mobile communications device is a mobile telephone.
16. A system according to any of claims 12-15 wherein the network terminal device is an automatic teller machine (ATM).
17. A system according to any of claims 12-16 wherein the transaction includes at least one of withdrawing money, transferring funds from one client account to another, paying a bill, paying a beneficiary, obtaining information about the account or about previous transactions on the account.
18. A system according to any of claims 12-17 wherein the password transmitted to the communications device is only valid for a predetermined period of time.
19. A system according to any of claims 12-18 wherein the password is unique.
20. A system according to any of claims 12-19 wherein the request received to conduct the financial transaction is received from the communications device or received from the network terminal device.
21. A machine-readable medium comprising instructions, which when executed by a machine, cause the machine to perform a method of authenticating a user of a network terminal device, the method including:
linking an identification of a communications device to a client account with a financial institution;
receiving a request from a network terminal device to authenticate a user of the network terminal device and thereby to allow the user to conduct a transaction on a client account;
generating a password;
transmitting the password to the communications device linked to the user account;
receiving a password entered into a network terminal device; and
if the password received from the network terminal device matches the password transmitted to the communications device then authenticating the user of the network terminal device.
22. A network terminal device including:
a display device;
a data entry device; and
a processor in communication with the display device and the data entry device, the processor being adapted to prompt a user via the display device to enter an identity and a password via the data entry device, to transmit this information to a server and to receive instructions from the server to authenticate the user or not.
23. A network terminal device according to claim 22 wherein the network terminal device is an automatic teller machine (ATM).
EP06727419A 2005-04-05 2006-04-04 A method of authenticating a user of a network terminal device and a system therefor Withdrawn EP1872316A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA200502749 2005-04-05
PCT/IB2006/000778 WO2006106405A1 (en) 2005-04-05 2006-04-04 A method of authenticating a user of a network terminal device and a system therefor

Publications (1)

Publication Number Publication Date
EP1872316A1 true EP1872316A1 (en) 2008-01-02

Family

ID=36603702

Family Applications (1)

Application Number Title Priority Date Filing Date
EP06727419A Withdrawn EP1872316A1 (en) 2005-04-05 2006-04-04 A method of authenticating a user of a network terminal device and a system therefor

Country Status (4)

Country Link
EP (1) EP1872316A1 (en)
AP (1) AP2007004205A0 (en)
WO (1) WO2006106405A1 (en)
ZA (1) ZA200708638B (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7996106B2 (en) 2007-03-13 2011-08-09 Medicasafe, Inc. Method, system and apparatus for controlling patient access to medicaments
US9235689B2 (en) 2007-03-13 2016-01-12 Medicasafe, Inc. Method, system and apparatus for controlling patient access to medicaments
DE102008011192A1 (en) * 2008-02-26 2009-08-27 Wincor Nixdorf International Gmbh Method and service calculator and system for the transaction of a sum of money
JO2532B1 (en) * 2008-03-09 2010-09-05 أنس محمود السهلي محمود Subscriber Identity Module (SIM) Chip Bank System and Method
WO2010008377A1 (en) * 2008-07-15 2010-01-21 Medicasafe, Inc. Method, system and apparatus for controlling patient access to medicaments
US20100125510A1 (en) * 2008-11-17 2010-05-20 Smith Steven M System and method of conducting transactions using a mobile wallet system
WO2010125577A1 (en) * 2009-04-27 2010-11-04 Shrivastav Shourabh Cardless financial transaction
EP2465082A4 (en) * 2009-08-14 2015-04-01 Payfone Inc System and method for paying a merchant using a cellular telephone account
WO2012041781A1 (en) * 2010-09-30 2012-04-05 Moqom Limited Fraud prevention system and method using unstructured supplementary service data (ussd)
DE102011103292A1 (en) * 2011-05-26 2012-11-29 Wincor Nixdorf International Gmbh Procedures and service calculator and cardless authentication system
KR20140059791A (en) 2011-08-03 2014-05-16 이베이 인크. Account access at point of sale
US10304042B2 (en) 2014-11-06 2019-05-28 Early Warning Services, Llc Location-based authentication of transactions conducted using mobile devices
US9619636B2 (en) * 2015-02-06 2017-04-11 Qualcomm Incorporated Apparatuses and methods for secure display on secondary display device
JP6582049B2 (en) * 2015-08-25 2019-09-25 株式会社日立製作所 Cardless transaction support system and cardless transaction support method
US11037114B2 (en) 2018-03-22 2021-06-15 Diebold Nixdorf, Incorporated System and method for financial transactions

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1065634A1 (en) * 1999-07-02 2001-01-03 Mic Systems System and method for performing secure electronic transactions over an open communication network
GB2362489A (en) * 2000-05-15 2001-11-21 Tom Com Entpr Ltd Secure communication
GB2366432A (en) * 2000-09-04 2002-03-06 Sonera Smarttrust Oy Secure electronic payment system
NO20004542L (en) * 2000-09-12 2002-03-13 Autencia As Identity verification system and method
GB0101498D0 (en) * 2001-01-20 2001-03-07 Ncr Int Inc Self service terminal
AU2002351034A1 (en) * 2001-11-29 2003-06-10 Niel Eben Viljoen Method and system for operating a banking service
WO2003065260A1 (en) * 2002-01-28 2003-08-07 Fujitsu Limited Transaction method and automatic transaction device for executing the method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2006106405A1 *

Also Published As

Publication number Publication date
WO2006106405A1 (en) 2006-10-12
AP2007004205A0 (en) 2007-10-31
ZA200708638B (en) 2009-01-28

Similar Documents

Publication Publication Date Title
WO2006106405A1 (en) A method of authenticating a user of a network terminal device and a system therefor
EP3232386B1 (en) Method of performing transactions with contactless payment devices using pre-tap and two-tap operations
EP2332092B1 (en) Apparatus and method for preventing unauthorized access to payment application installed in contactless payment device
US20090265273A1 (en) Transaction authorization
US11308481B1 (en) Cardless ATM authentication
WO2013133881A2 (en) Methods and systems for performing a financial transaction using a mobile communication device
US11948135B2 (en) Casino cash system, apparatus and method utilizing integrated circuit cards
CN108885652B (en) System and method for device processing with reduced usage time
US10902392B2 (en) Financial terminal that automatically reconfigures into different financial processing terminal types
US11961079B2 (en) Proof-of-age verification in mobile payments
CN113096327A (en) Card-free transaction method, card-free transaction device, terminal device, automatic teller machine and medium
US11393298B2 (en) Financial transaction system and method
EP1308912A2 (en) Method and apparatus for crediting debit service accounts
AU2015202512A1 (en) Apparatus and method for preventing unauthorized access to application installed in mobile device

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20071029

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

RIN1 Information on inventor provided before grant (corrected)

Inventor name: BHAM, FAYAAZ, MOOSA

Inventor name: PATHER, PATHMANATITAN, GOPAL

Inventor name: VANKER, ZUNAID, EBRAHIM

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Effective date: 20110114