EP2316101A1 - Procédé et système pour gérer les transactions financières - Google Patents

Procédé et système pour gérer les transactions financières

Info

Publication number
EP2316101A1
EP2316101A1 EP08790038A EP08790038A EP2316101A1 EP 2316101 A1 EP2316101 A1 EP 2316101A1 EP 08790038 A EP08790038 A EP 08790038A EP 08790038 A EP08790038 A EP 08790038A EP 2316101 A1 EP2316101 A1 EP 2316101A1
Authority
EP
European Patent Office
Prior art keywords
processing equipment
electronic device
transaction
transactions according
managing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP08790038A
Other languages
German (de)
English (en)
Inventor
Massimo Riorda
Fabio Forno
Alessandro Malgaroli
Elias Sebastiano Giuseppe Carotti
Luca Tagliaferri
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ooros Srl
Original Assignee
Ooros Srl
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ooros Srl filed Critical Ooros Srl
Publication of EP2316101A1 publication Critical patent/EP2316101A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation

Definitions

  • the present invention regards a method for managing financial transactions ' which employs at least one electronic device associated with the user.
  • the present invention refers, as a non- limiting example, to a method and a system for authorising payments for the purchase of goods and/or services .
  • credit/debit cards can be used on suitable fixed terminals or POS (Point of Sale) at stores and commercial businesses, which allow banking circuit transactions with the possible insertion of a personal code, geared towards the purchase of goods and services, authenticated with a possible signature confirming the transaction.
  • POS Point of Sale
  • credit cards represent an instantaneous authorisation system of payment and clearing of the amount due. Such cards, in fact, do not allow instantaneously transferring money during the transaction, but permit informing the parties involved that a transaction has been authorised and cleared.
  • each credit/debit card has a unique 16-digit identification, an issue date, an expiry date, and a holder.
  • some of these also have a three digit security code, in addition to a copy of the holder signature - the retailer should check such signature for every purchase, but for small transaction amounts this is usually not respected.
  • the debit cards also have a security PIN identification code. It is evident that such unique identifications, the issue dates, expiry dates, names of the holders and possibly the security codes represent sensitive, confidential data of each credit/debit card holder. In fact, from such data it is possible to directly or indirectly trace back to the holder credentials, which are necessary for authorising a payment.
  • Another method provides that the paying ; user can call or send an SMS (Short Message Service) to a payment service provider, specifying the amount to be paid, the telephone number (or e-mail) and other sensitive information of the receiver. Also possibly required is the sending of the unique identification code of the transaction.
  • SMS Short Message Service
  • the data inserted on the portal or transmitted with the telephone call or SMS message are sent to a data processing system of the service provider, which is charged with concluding the transaction by notifying the completed money transfer only to the paying user or also to the receiver.
  • the object of the present invention is that of offering a method for managing financial transactions, in particular for authorising payments, alternative to the conventional methods and which preferably combines ease of use by the users with the security and/or confidentiality required in carrying out the transaction.
  • a method for managing financial transactions as defined by the enclosed claim 1.
  • Preferred embodiments of such method are described by the dependent claims 2-23.
  • a system for managing transactions as defined in claim 24.
  • Figure 1 schematically illustrates a system for managing financial transactions according to one embodiment of the invention
  • Figure 2 schematically illustrates a further embodiment of the system for managing transactions of figure 1;
  • Figure 3 illustrates, by means of a flow diagram, one example of a method foe managing financial transactions according to one embodiment of the invention.
  • FIG. 1 schematically shows a system for managing financial transactions 100 made according to a particular embodiment of the invention.
  • the system 100 comprises a first electronic device 1, a second electronic device 2, a first 3 and a second 4 data processing equipment adapted to communicate by means of a communications network NW.
  • NW is for example the Internet network (IP, internet protocol) or a dedicated network.
  • IP Internet protocol
  • each of such first 3 and second 4 processing equipment is configured to communicate with main data processing equipment 5, which is separate from both of these.
  • the first 1 and the second 2 electronic device can be any one device provided with user interfaces for the insertion and display of data
  • the first electronic device 1 is a portable radio device.
  • the system for managing transactions 100 is employable for the purchase of goods and/or services by a user in possession of such portable radio device 1. For the sake of simplicity, such user will be known as "paying user” or “payer” .
  • the portable device 1 is, for example, a mobile telephone, advantageously, of cellular type, a PDA (Personal Digital Assistant) telephone or any one portable electronic device adapted to receive and transmit messages and operating within a mobile telephone network.
  • a mobile telephone advantageously, of cellular type, a PDA (Personal Digital Assistant) telephone or any one portable electronic device adapted to receive and transmit messages and operating within a mobile telephone network.
  • PDA Personal Digital Assistant
  • the portable device 1 is a cell phone.
  • the cell phone 1 is per se conventional and thus does not require a detailed description.
  • Such phone 1 comprises a transceiver device connected with a respective antenna, a central processing unit adapted to exchange signals bearing information/data with the transceiver device, work and mass memories and a user interface including a display 10 and an alphanumeric keyboard 11.
  • the cell phone 1 is provided with a mobile communication network device (Network Device Communication Object) that is also conventional, i.e. a digital interface which permits the processing unit to suitably dialogue with the mobile telephone network.
  • the mobile telephone network is, for example, a GPRS (General Packet Radio Service) network or a UMTS (Universal Mobile Telecommunications System) network.
  • the cell phone 1 is also equipped with a communication device in wireless technology, in addition to that of the mobile telephone network.
  • the wireless technology employed is WiFi, ZigBee, NFC (Near Field Communication) or, preferably, BlueTooth.
  • a digital memory of the cell phone 1 there is suitable software for implementing financial transactions.
  • Such software can be a Java program, a program especially written for the cell phone 1 or for the operating system of the phone itself.
  • a browser present on the cell phone 1 can be used which displays wml or html pages, or of the other pre-installed software on the phone which permits managing USSD
  • the software module containing the necessary application for implementing the method for managing transactions which will be described below can be automatically installed in the cell phone 1 by means of SMS (Short Message Service) connections to hypermedia addresses which allow a download through GPRS/UMTS/WLAN networks. Such download operation can also be carried out by means of MMS (Multimedia Messaging Service) messages containing the application, limiting the installation and updating problems to a minimum.
  • the second electronic device 2 is an electronic terminal, for example a laptop computer, a desktop computer, an electronic cash register or, preferably, a POS (point of sale) associated with a retailer of goods and/or services. For the sake of simplicity, the retailer of goods and services will be called "paid user" or "paid party" below.
  • Such terminal 2 is schematically represented in figure 1 by means of a laptop computer adapted to receive and transmit messages inside a first network NWl, for example the Internet network (IP) .
  • the electronic terminal 2 comprises a central processing unit adapted to exchange signals bearing information/data with a respective transceiver device, work and mass memories and a user interface including a first display 20 at a first alphanumeric keyboard 21.
  • such electronic terminal 2 comprises a laptop computer connected to a server device of an e- commerce web site.
  • the software application which manages the financial transaction is stored in such server device .
  • the electronic terminal 2 associated with a paid goods retailer user can also be a cell phone analogous to the cell phone 1.
  • the first 3 and second 4 data processing equipment are associated with a first BanA and second BanB bank or credit institute, respectively.
  • the first bank BanA is associated with the paying user and the second bank BanB with the paid user.
  • said first 3 and second 4 processing equipment comprise a first 30 and a second 40 computer server, respectively.
  • Such first/second computer server 30/40 is inside the first/second bank BanA/BanB, i.e. inside the banking circuit, and is configured for:
  • first 30 and second 40 computer server are connected with a further first 31 and a further second 41 computer server, respectively, adapted to support the payment system in accordance with the managing method of the invention.
  • the first 30 and the second 40 computer server are respectively connected to the further first 31 and second 41 computer server by means of a local area network L (LAN) .
  • the first 3 and the second 4 processing equipment comprise software applications that are externally offered by third parties to the first BanA and second BanB .
  • such further first 31 and second 41 computer server are configured for: authenticating the users and communicating with their mobile terminals (cell phone 1) or fixed terminals (POS, laptop computer 2) by means of a plurality of communication systems (fixed Internet or GPRS, WAP or Wireless Application Protocol, SMS) ; communicating with each other and with every other further computer server of other banks making up part of the system for managing financial transactions.
  • such further first 31 and second 41 computer server are configured for communicating with the main processing equipment 5 by means of the network NW.
  • main processing equipment 5 preferably comprises a respective computer server.
  • Each computer server 30, 31, 40, 41 and 5 comprises a central processing unit (microprocessor) adapted to exchange signals bearing information/data with work and mass memories.
  • the main computer server 5 and the further first 31 and second 41 computer servers comprise communication interfaces for exchanging information and data on the network NW with each other.
  • the main computer server 5 and the further first 31 and second 41 computer server are connected to the network NW by means of VPN (Virtual Private Network) networks and by means of Firewall devices, so as to ensure the security of the communications .
  • VPN Virtual Private Network
  • the further second computer server 41 comprises further communications interfaces for transmitting/receiving information and data from the electronic terminal 2 on the first network NWl.
  • the cell phone 1 of the paying user is adapted to communicate with the further first computer server 31 of the first bank BanA through a second network NW2.
  • second network NW2 is the Internet network
  • the cell phone 1 is configured for being connected via GPRS.
  • the cell phone 1 communicates with the further first computer server 31 by means of SMS.
  • the mobile operator is a neutral connectivity provider for the management system 100, i.e. it is not an integral part of the system, but only a service provider.
  • a suitable software is advantageously installed (in a digital memory) in such further first 31 and second 41 computer server, in Java or any other language, for implementing the method for managing financial transactions.
  • such further computer servers 31 and 41 each comprise a local relational data-base for a first identification of the cellular phone 1 and of the electronic terminal 2 associated with the paying user and with the paid party, respectively, which use the service.
  • such further computer servers 31 and 41 store identifications of the paying and paid users, i.e. the username, password or an authentication token which represent the credentials of such users for the service access.
  • the main computer server 5 is configured for generating a payment code or token TO associated with the transaction.
  • token TO is adapted to enable the money transaction by associating the two ends of the transaction, i.e. the payer (cell phone 1) and the paid party (electronic terminal 2) , even if these are registered in different banks.
  • token TO is an alphanumeric code generated in a causal or sequential manner and comprise, for example, 6 digits as shown on the first display 20 of the electronic terminal 2 of figure 1.
  • the token TO has a time duration limited to the completion of the transaction to be carried out (from several dozen seconds to three minutes) and is repeatable over time, i.e.
  • the token TO generated by the main computer server 5 is adapted to be sent to the electronic terminal 2 of the paid user on the first network NWl in order to be displayed on the first display 20.
  • such token TO can be made available to the payer (as represented schematically by the dashed line of figure 1) in order to be typed on the keyboard 11 of the cell phone 1.
  • the electronic terminal 2 is a POS
  • the latter is provided with a printer for printing the token TO, making it available to the payer.
  • the token TO is adapted to be passed from the cell phone 1 to the further first computer server 31 through the second network NW2, in particular by means of an Internet connection.
  • the communication between the cell phone 1 and the further first 31 can provide for the use of specific communication channels of the mobile telephone networks, such as for example Push WAP or USSD for data transmission on the GSM channels.
  • a gateway is provided interposed between the cell phone 1 and the further first computer server 31 of the first bank BanA.
  • Such gateway is configured for translating the messages and associating identifications of the users (userID) with the respective phone numbers.
  • the first network NWl can comprise USSD and gateways for allowing the communication between the electronic terminal 2 and the further second computer server 41.
  • the system 100 of figure 2 comprises a local device 50 for wireless access to a communication network provided by the paid user and associated with the electronic terminal 2.
  • a local device 50 for wireless access to a communication network provided by the paid user and associated with the electronic terminal 2.
  • Such wireless access device 50 is adapted to operate in accordance with the NFC, Bluetooth or WiFi standards .
  • Such wireless access device 50 can advantageously be used for establishing a first communication Cl with the cell phone 1 so as to automatically transfer the token TO from the electronic terminal 2 to the cell phone
  • such wireless connection device 50 can advantageously be used as an access point for allowing the cell phone 1 to be connected by means of the Internet network NWi to the further first computer server 31 of the first bank BanA without using the second network NW2 of the mobile operator.
  • the WiFi communication standard offers direct connectivity to the Internet network, while the NFC and Bluetooth standards can do the same by providing suitable gateways towards the Internet network installed in the same wireless access device 50. Functioning method An example is now illustrated of the method for managing the financial transactions actuated by the system 100. As an example, the desire to carry out a money transfer (payment) between "payer" and "paid party" for the purchase of a good or service is considered.
  • FIG 3 an example is shown of the functioning method, in the form of a flow diagram which involves the elements of the system 100, i.e. the cell phone 1, the electronic terminal 2, the first 30 and the second 40 computer server of the banks, the further first 31 and second 41 computer server and the main computer server 5.
  • the payer and the paid party involved in the financial transaction are already authenticated with the respective further first 31 and further second 41 computer server.
  • the payer is registered at the further first computer server 31 of the system 100 and logs into the service, for example starting the application which lies in the cell phone 1 and typing his/her own username and a password.
  • the login can be completed by means of connection to a personalised link and the insertion of a numeric code
  • IP Internet connectivity
  • Analogous considerations are valid for the paid user enabled to log into the service through the electronic terminal 2. If such electronic terminal 2 is a POS connected via internet, the latter is assumed to be connected to the aforesaid further second computer server 41 by means of the first network NWl. Such connection can be of permanent type or it is established at the time of a financial transaction.
  • the transaction starts at the paid user, but the management method can also start from the paying party, thus resulting symmetrical .
  • the paid party which must receive the payment for the purchase of goods or merchandise sends, through the electronic terminal 2, a start transaction message 51 to the further second computer server 41.
  • Such message 51 comprises the amount to pay and the reason for the transaction to be communicated to the paid party.
  • the further second computer server 41 once it has received the message 51, optionally sends an activation message 52 to the second computer server 40 of the second bank BanB. With such activation message 52, one is asked to open a new transaction, indicating the amount and reason.
  • the second computer server 40 of the second bank BanB stores such data and creates the unique identification UUID associated with the transaction.
  • Such identification UUID will be used for tracing every message during the entire transaction.
  • the identification UUID is therefore sent by means of a reply message 53 to the further second computer server 41.
  • such further second computer server 41 stores the received data in a respective memory (stored for the time necessary for carrying out the transaction) and sends a first activation message 54 to the main computer server 5, requiring the latter to generate the token TO related to the transaction underway.
  • the further second computer server 41 also sends the unique identification UUID to the main server 5 along with possible other data (for example, the identification id of the bank of the recipient, i.e. of the paid party) .
  • the main computer server 5 stores such data and sends a response message 55 comprising the required token TO. It is observed that the main computer server 5 can also store a multiplicity of other optional data depending on the application.
  • the further second computer server 41 communicates the token TO on the first network NWl through a notification message 56 to the electronic terminal 2 of the paid party.
  • the electronic terminal 2 displays the token TO on the related first display 20, for example "FF02752" as shown in figure 1.
  • the same electronic terminal 2 is adapted to transmit, to the cell phone 1 of the payer, the token TO received by means of the wireless access device 50 according to the standard NFC or Bluetooth.
  • the token TO is provided to the payer (ACC step) .
  • the paying user sends, to the further first computer server 31, a third message 57 comprising the token TO displayed on the display 20.
  • the token TO is typed by the payer on the keyboard 11 of the cell phone 1 in order to be sent by means of the suitable application software stored in the phone 1.
  • the payer authorises the further first computer server 31 of the token TO received by the electronic terminal 2 in wireless mode.
  • the further first computer server 31 sends a request 58 to the main computer server 5, inquiring as to which transaction the received token TO makes reference.
  • the main computer server 5 sends a second response message 59 indicating the address of the further second computer server 41 and the unique identification UUID of the transaction.
  • the further first computer server 31 is connected by means of the network NW to the further second computer server 41, by sending a further request 60 in order to pick up the essential data of the transaction identified by the received UUID.
  • the further second computer server 41 sends a third response message 61 including all the data related to the transaction.
  • the further first computer server 31 sends a clearing request 62 to the first computer server 30 of the first bank BanA in order to learn if the operation is cleared.
  • the first computer server 30 sends a clearing message 63 and the further first computer server 31 communicates the transaction data to the cell phone 1 of the payer, requesting confirmation in order to proceed with payment.
  • an authorisation request message 64 is sent to the payer, indicating the amount to be paid, the reason and the recipient.
  • the further first computer server 31 sends a payment order message 66 to the first computer server 30 of the first bank BanA.
  • the further first computer server 31 communicates (message 67) to the further second computer server 41 that the payment has been authorised.
  • the further second computer server 41 communicates to the paid party, with a transaction execution message 68, that the transaction was concluded and also optionally communicates the payer's identification.
  • the electronic terminal 2 of the paid party sends a reception confirmation 69 of the message 68 to the further second computer server 41.
  • Such further second computer server 41 sends a communication 70 to the second computer server 40 inside the second bank BanB indicating that the payment related to the transaction has been authorised.
  • the further second computer server 41 communicates to the further first computer server 31 that the authorisation has been communicated to the paid party (message 71) .
  • the same computer server 31 communicates to the main computer server 5 that the transaction has concluded (message 73) .
  • the method for managing transactions of the invention permits associating payer and paid party through the token TO (i.e. a temporary transaction code), without these having any previous relationship and without communicating to the payer any sensitive data regarding the buyer.
  • the first BanA and second BanB bank exchange the transaction data (the money will be transferred afterward by using normal banking circuits) and send a confirmation message to both the subjects involved in the transaction. In such a manner, both the payer and paid receive confirmation of the completed payment and can securely conclude the purchase .
  • the token TO is an identification code that permits associating the paid party and the payer with a particular payment for the purchase of a good and/or service in a predetermined time interval in which such token remains valid.
  • Such token TO differs from the unique identification code UUID of the transaction.
  • the latter in fact, is a unique code, inside the payment system, comprises numerous alphanumeric digits for ensuring the traceability, it is not recyclable and is generated at the start of the payment for tracing all of the steps of the payment itself.
  • the token TO is rendered visible to the users during the execution of a transaction.
  • the method for managing financial transactions of the present invention has further important advantages with respect to conventional technologies .
  • the fact that the token TO is a simple and short alphanumeric code limits possible typing errors by the payer user and can be easily transmitted by means of a plurality of communication means, for example by means of suitable programs via Internet (both from desktop or laptop computer and from cell phone) , SMS, USSD.
  • the main computer server 5 can, during the process, carry out additional operations related to the payment, for example transaction accounting.
  • the ATM reader is the electronic terminal 2
  • a main computer server 5 is provided connected with the bank BanA for generating the token TO.
  • the withdrawal authorisation method provides that the user inserts his/her own bank card in the ATM.
  • the user is authenticated on the system and the identification of the user (read through the bank card) is sent to the bank BanA.
  • the main computer server 5 generates a token TO related to the withdrawal operation requested by the user to be sent to the bank BanA. Such token TO sent to the ATM is displayed on the screen.
  • the user types the token TO on his/her own cell phone 1 and sends it to the bank BanA, which can thus verify that the token TO displayed by the user corresponds to that generated. When this is verified, it is sufficient to demonstrate that the legitimate holder of the bank card is actually before the ATM device in which the card is inserted.
  • the user does not have to insert the secret code of the card (PIN) in the potentially not-very-secure ATM readers. In other words, the user is protected from devices which spy the PIN.
  • the token TO can be displayed on web pages in order to carry out online purchases. In such case, therefore, there is no electronic terminal 2 of the paid retailer.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention porte sur un procédé pour gérer les transactions financières pour autoriser un paiement pour l'achat de marchandises ou services. Le procédé comprend les opérations consistant à : fournir à un utilisateur un premier dispositif électronique (1) connecté à un premier équipement de traitement (30, 31) ; fournir un second dispositif électronique (2) connecté à un second équipement de traitement (40, 41) ; fournir un équipement de traitement principal (5) séparé des premier et second équipements de traitement et relié à ceux-ci ; le second dispositif électronique (2) envoyant un message de début de transaction (51) au second équipement de traitement (40, 41) ; le second équipement de traitement (40, 41) envoyant un message d'activation (54) à l'équipement de traitement principal (5) ; l'équipement de traitement principal (5) générant un code de paiement (TO) relatif à la transaction configuré pour associer la transaction aux premier et second dispositifs électroniques ; fournir le code de paiement (TO) sur le premier (1) et sur le second (2) dispositif électronique ; l'utilisateur envoyant le code de paiement (TO) au premier équipement de traitement au moyen du premier dispositif électronique (1) afin de placer le premier équipement de traitement en communication avec le second équipement de traitement impliqué dans la transaction.
EP08790038A 2008-07-04 2008-07-04 Procédé et système pour gérer les transactions financières Withdrawn EP2316101A1 (fr)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IT2008/000449 WO2010001423A1 (fr) 2008-07-04 2008-07-04 Procédé et système pour gérer les transactions financières

Publications (1)

Publication Number Publication Date
EP2316101A1 true EP2316101A1 (fr) 2011-05-04

Family

ID=40342226

Family Applications (1)

Application Number Title Priority Date Filing Date
EP08790038A Withdrawn EP2316101A1 (fr) 2008-07-04 2008-07-04 Procédé et système pour gérer les transactions financières

Country Status (2)

Country Link
EP (1) EP2316101A1 (fr)
WO (1) WO2010001423A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012041781A1 (fr) * 2010-09-30 2012-04-05 Moqom Limited Système et procédé de prévention des fraudes utilisant des données de service supplémentaires non structurées (ussd)
ITRM20110070A1 (it) * 2011-02-16 2012-08-17 Hideea S R L Metodo di autenticazione anonima per la fruizione di un servizio
EP2595104B1 (fr) * 2011-11-17 2018-07-11 Deutsche Post AG Procédé de transaction électronique
US20140258530A1 (en) * 2013-03-11 2014-09-11 Nagravision S.A. Method for acquiring access rights to a product or a service

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1065634A1 (fr) * 1999-07-02 2001-01-03 Mic Systems Système et méthode pour effectuer des transactions électroniques sécurisées à travers un réseau de communication ouvert
CA2337672A1 (fr) * 2000-04-26 2001-10-26 International Business Machines Corporation Paiement de transactions commerciales en reseau, faisant appel a un telephone mobile
SK5232001A3 (en) * 2001-04-18 2002-03-05 Blue Orange S R O Method of safety transactions by means of public networks
DE10343566A1 (de) * 2003-09-19 2005-05-04 Brunet Holding Ag Verfahren zur Abwicklung einer elektronischen Transaktion

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2010001423A1 *

Also Published As

Publication number Publication date
WO2010001423A1 (fr) 2010-01-07

Similar Documents

Publication Publication Date Title
US7014107B2 (en) Wireless payment processing system
JP4525556B2 (ja) 決済システム、取引管理サーバ及びそれらに用いる決済方法並びにそのプログラム
US7069001B2 (en) Method for supporting cashless payment
AU2004250444B2 (en) Method for authorising mandates of payment by credit cards and related apparatuses
US20030191945A1 (en) System and method for secure credit and debit card transactions
US20150046330A1 (en) Transaction processing system and method
NZ535428A (en) System and method for secure credit and debit card transactions using dynamic random CVV2 code to mobile communications device
EP1914675A1 (fr) Système de règlement électronique, méthode pour celui-ci, serveur de règlement utilisé ici, terminal de communication et programme
CN104112196A (zh) 用于提供银行服务的电子系统
CN109242468A (zh) 用于便携式通信设备中动态临时支付授权的系统和方法
JP2004509409A (ja) コンピュータネットワーク上の取引を保護するための方法
RU2263347C2 (ru) Способ совершения платежных операций пользователями мобильных устройств электронной связи и компьютерная система безналичного расчета для его осуществления
US20160125407A1 (en) Systems and Methods for Secure Remote Payments
US20140365364A1 (en) Method of payment for a product or a service on a commercial site through an internet connection and a corresponding terminal
KR20010100380A (ko) 이동통신단말기를 이용한 상거래 대금의 결제방법 및결제장치
GB2496595A (en) Smart phone payment application using two-dimensional barcodes
WO2008015637A2 (fr) Procédé et système de paiement mobile
WO2009064160A1 (fr) Système pour des transactions de commerce électronique, dispositif portatif de communications électroniques, réseau de communications, progiciel et procédé correspondants
KR100822985B1 (ko) 닉네임을 이용한 지불결제 처리 시스템
EP2316101A1 (fr) Procédé et système pour gérer les transactions financières
JP2011044151A (ja) 安全な携帯端末支払いのための方法とシステム
CA2475275C (fr) Systeme de traitement de donnees sans fil pour le paiement par carte de credit
KR20050106795A (ko) 단문 메세지 서비스를 활용한 유무선 인터넷 상의신용카드 결제 재확인 서비스
WO2005066907A1 (fr) Systeme et procede de traitement de transactions
KR100928412B1 (ko) 가상 가맹점 망을 이용한 결제처리 시스템

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20110121

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA MK RS

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20111221

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20120707