EP2543010A1 - Système de transactions utilisant une radio mobile - Google Patents

Système de transactions utilisant une radio mobile

Info

Publication number
EP2543010A1
EP2543010A1 EP11707339A EP11707339A EP2543010A1 EP 2543010 A1 EP2543010 A1 EP 2543010A1 EP 11707339 A EP11707339 A EP 11707339A EP 11707339 A EP11707339 A EP 11707339A EP 2543010 A1 EP2543010 A1 EP 2543010A1
Authority
EP
European Patent Office
Prior art keywords
mobile
transaction
user
location
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP11707339A
Other languages
German (de)
English (en)
Inventor
Patrick Ams
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP2543010A1 publication Critical patent/EP2543010A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/388Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/065Continuous authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information

Definitions

  • the present invention has for its object to provide a highly secure, cashless payment and transaction system for one or more users available.
  • a cashless payment system in which instead of the previously used credit card, usually a credit card or a debit card made of plastic material, the mobile phone occurs.
  • NFC Near Field Communication
  • PDA Personal Digital Assistant
  • transactions can also be carried out between two users, reciprocal scanning of the mobile phones or PDAs or other communication devices being conceivable.
  • Authentication or identification via a barcode or NFC method, or via another optical / graphical or electromagnetic or sound-based identification signal in combination with a mobile Telephone or a PDA can also be used for other purposes, such as a customer card or to identify employees.
  • the transaction process proposed according to the invention starts with a bar code or another optical or graphic, electromagnetic or sound-based signal being requested by a user manually or automatically via the mobile telephone, the personal digital assistant (PDA) or another communication device .
  • PDA personal digital assistant
  • a wireless connection is established with the transaction terminal, which ensures a secure connection of the mobile phone, PDA or other communication device to the central system server.
  • This secure wireless connection established in the absence of a wireless network connection requests a barcode or other identification over that connection.
  • the barcode or other optical / graphic or electromagnetic information is generated by the central system server and sent to the requesting mobile or PDA or other requesting communication device.
  • the bar code or an alternative optical / graphic or electromagnetic signal is sent to the transaction terminal, e.g. a modified card reader, as it is widely used today, scanned or read.
  • the generated read or scanned identification is transmitted together with transaction information to the central system server.
  • the barcode can also be displayed as a number combination on the display of the mobile phone. As a result, the use of the mobile-based transaction system is also possible if the transaction terminal has no reading unit for barcodes or this is damaged.
  • this central system server which has generated the barcode or the other identification, checks the identification, the transaction information, security criteria, such as location and time, and possibly other restrictions, such as a possibly existing transaction limit, such as an account limit at a bank.
  • the central system server sends the transaction request via the radio network connection or, if it does not arrive via the protected wireless connection, via the transaction terminal to the requesting user. This confirms the transaction or rejects it. Upon confirmation, the transaction is executed and sent as executed to the transaction terminal. If rejected by the user (user), the transaction is aborted.
  • the transaction process can also be represented as follows.
  • the bar code or the other optical / graphic or electromagnetic information or identification signal is generated directly in the mobile phone or the PDA or a differently configured communication device.
  • the bar code or an alternative optical / graphic or electromagnetic signal is then scanned or read at the transaction terminal, such as a modified card reader, as it is widely used today.
  • the generated read or scanned identification is transmitted together with transaction information to the central system server.
  • this central system server which in the same way generates the barcode as the mobile phone, checks the identification transmitted by the transaction terminal, the transaction information, security criteria, e.g. Place and time, and possibly other restrictions, e.g. a possibly existing transaction limit, e.g. an account limit with a bank.
  • the central system server returns the transaction request to the transaction terminal for confirmation.
  • the user confirms the transaction or rejects it.
  • the user may e.g. enter a PIN number at the transaction terminal.
  • the entry of a PIN number at the transaction terminal may be made either directly after scanning the bar code or only after the central system server has verified the identification, transaction information and security criteria transmitted by the transaction terminal.
  • the user can also enter a PIN code on the mobile phone or PDA before the barcode is generated.
  • the transaction is executed and sent as executed to the transaction terminal. If rejected by the user (user), the transaction is aborted. This transaction process is particularly advantageous when the user resides abroad and thus incur high fees for data communication between the central system server and the mobile phone.
  • the bar code generated by the central system server or alternatively the other graphic / optical or electromagnetic signal is generated in the system server and the validity of the generated bar code or the alternative identification is limited in time.
  • the time limit may e.g. limited to 300 seconds.
  • the generation of the barcode within the mobile phone or PDA or a differently configured communication means may be used.
  • a location system such as the Global Positioning System (GPS) or another satellite-based location system
  • GPS Global Positioning System
  • a determination of the location of the user (user) via the radio network in question such as the network in which the mobile phone provides communication services. If the location of the user and the location of the identification do not match, the transaction is rejected. Furthermore, a rejection of the transaction takes place when the distance between two or more identification locations is too large to be covered in a defined period of time.
  • the location of the user can be determined either on demand, ie arbitrarily, continuously or at well-defined time intervals, which provides the plausibility of a comparison of the location, ie the location of the user with the location in which the identification is to be made, in addition plausibilized and the meaningfulness increased drastically.
  • the satellite-based location system such as e.g. the Global Positioning System (GPS), or another satellite positioning system, to determine the location of the user.
  • GPS Global Positioning System
  • the location of the user can be determined via the radio network in which the user's mobile phone or PDA is integrated via the corresponding radio network or mobile radio network. If the user is within or outside a defined geographic location, depending on the point of view, the requested transaction may be rejected.
  • the definition is the localization of the user, who must be either inside or outside a defined geographic location to perform the plausibility check of the requested transaction.
  • the theft protection primarily relates to the theft of the communication device, ie in this case the theft of the mobile phone or the PDA (Personal Digital Assistant).
  • the entry of a ⁇ is required upon confirmation of the transaction.
  • the theft protection implemented above within security level 3 it is possible to display a photo of the user on the transaction terminal. This means that the central server sends a photograph of the user deposited there to the relevant transaction terminal carrying out the identification on site.
  • the solvency can also be obtained if there is no wireless connection between the mobile phone or the PDA or another electronic communication device to a regular radio network.
  • a data radio connection e.g. Bluetooth, which establishes a connection to the point-of-sale terminal via which a direct connection to the central server, which was not accessible via the regular radio network, is established.
  • a point-of-sale terminal as a data radio connection to the server.
  • the embodiment variant described above can also be used here, in which a barcode is generated in the mobile telephone or PDA or another communication device and then scanned. In this embodiment can be completely dispensed with a direct connection between the mobile phone and server.
  • transactions can also be performed between multiple users by scanning the bar code or the other graphic or visual identification feature interchangeably. All that is required is that the mobile phone or Personal Digital Assistant has a camera.
  • the security is given again by the position, since when scanning a barcode from a device A to a device B both devices must have the same position.
  • the central server can send a barcode or another suitable optical or electromagnetic signal to a website with the involvement of the Internet.
  • the user just scans this barcode, which is displayed on the monitor of a transaction terminal, from the screen of the same.
  • the user uses his mobile phone, which sends the scanned barcode to the central server. This in turn sends the payment request to the mobile phone, where it is still to be confirmed by the user before the transaction is executed.
  • the proposed transactions according to the invention can be carried out both in single and multi-user mode.
  • a user can create a single-user open account or create a multiple user account.
  • multiple user accounts can be managed through a master account.
  • the user can use a correspondingly configured website on the Internet to manage the user account, be it a single user account or a multi-user account, and set geographical and temporal limits.
  • the user can set transaction limits for locations and times that are valid for both a single-user account and a multi-user account.
  • the bar code or an NFC signal may e.g. be exchanged as an image file between each party or in the form of data, which can then be converted by the client into a barcode.
  • Security Levels 1 through 3 described above allow two-factor authentication based on the knowledge and ownership factors. With reference to a debit card, it should be stated here that the factor “knowledge” is formed by personal identification number (PIN) and the factor “possession” by the "EC card". Only the combination of the two factors makes it possible to withdraw money from the ATM or pay at EC terminals.
  • PIN personal identification number
  • a one-time password is generated, which authorizes the user in connection with the PIN.
  • the one-time password is generated either via a handy password generator (client) or with the interposition of software.
  • client a handy password generator
  • the prerequisite for the one-time password procedure is that both parties, i. Client and server, have a common, secret password. From this shared secret password now a series of one-time passwords (One Time Passwords: OTP's) generated.
  • servers and clients always calculate new passwords at fixed time intervals.
  • the server performs the same calculation as the client, the server generally accepts and calculates multiple one-time passwords within a tolerance range. This allows for the fact that the built-in token clock may not be one hundred percent synchronous. Nevertheless, each one-time password has a precisely defined time interval for its validity, generally between 1 and a maximum of 15 minutes.
  • the server performs the same computation that has already occurred on the client side, as in the timed procedure, and again, the server computes and accepts several one-million passwords in a tolerance range, except for one-time passwords already used. This is because the owner occasionally could not use a generated password. This procedure is much gentler for the batteries of a corresponding device (tokens). It is also possible to operate the process without permanent power supply by simply saving the last value used and thus already depreciated.
  • the server issues a task, i. the request that the client needs to answer (answer).
  • the client thus contains a value of the server as input and calculates a one-time password based thereon.
  • the application sends on the mobile phone, the client representing, in addition to the user ID and a one-time password to the server. From this, the server generates a barcode, which it sends back to the client. The barcode is then scanned at the transaction terminal and sent to the server along with the transaction data. The server then sends a payment request to the client, which is confirmed by the user by entering ⁇ . To speed up the transaction, the input of the PIN can be waived up to a predetermined amount.
  • the application sends the user ID to the server on the mobile telephone which represents the client. From this, the server generates data for a barcode, which in turn is sent back to the client. The client extends this barcode data with a one-time password and generates the final barcode. This is then scanned at the transaction terminal and transmitted to the server together with the transaction data. The server compares the data of the barcode with the previously sent data and the one-time password. Thereafter, the server sends a payment request to the client, which is acknowledged by the user by entering the PIN. The PIN can be entered either at the client or at the transaction terminal. To speed up the transaction, the input of the PIN can be waived up to a predetermined amount.
  • the application generates on the mobile phone, which represents the client, a barcode from the personal user ID and a one-time password.
  • the central system server calculates the same one-time password in parallel.
  • the generated barcode is then scanned at the transaction terminal and transmitted to the server together with the transaction data.
  • the server compares the one-time password contained in the barcode data with the one-time password calculated for that user. If both one-time passwords match, and the verification of further security criteria (transaction limit, position determination) was positive, the server then sends a payment request either to the client or to the transaction terminal, which the user confirms by entering the PIN.
  • the PIN can be entered either at the client or at the transaction terminal.
  • the input of the PIN can be waived up to a predetermined amount.
  • the PIN can also be entered at the beginning in the mobile phone, for example, to start the generation of the barcode.
  • another security check can be installed within this level. Since the calculation of the one-time password occurs in parallel in the mobile phone as well as in the system server, this can also be used to check the identity of the server.
  • the server sends a one-time password to the mobile during the transaction process. Since this must match the one-time password calculated by the mobile phone at this time, the mobile phone can securely verify that it is a "real" system server.
  • a user-related security level can be called in.
  • biometric features of the user can be adjusted, e.g. Finger or hand prints, iris or face, or information from a passport.
  • a Bluetooth dongle can be used, which unlocks the application in the client or optionally an RFID card.
  • the transaction terminal provides an alternative connection in this case.
  • the client application establishes a data radio connection between the transaction terminal, such as Bluetooth, which is either a constant Connects to the authorization server, such as over the Internet, or establishes a dial-up connection for authorization.
  • the client application then communicates with the server via this data channel.
  • the determination of location is in this case provided by the transaction terminal, the remaining components of the security check run as described above.
  • the barcode can also be displayed as a number combination on the display of the mobile phone.
  • the use of the mobile-based transaction system is possible even if e.g. the transaction terminal has no reading unit for barcodes or is damaged.
  • the application with mobile telephone and barcode is understood to mean an application with the mobile telephone and with NFC (near-field communication).
  • NFC near-field communication
  • the NFC process is the contactless payment method currently favored by credit card companies.
  • NFC Near-Fild Communication
  • NFC refers to a transmission standard that is used for the contactless exchange of data over short distances.
  • NFC serves as an access key to content and services such as cash-based payments, ticket orders, online entertainment and access control.
  • the necessary security functions are generally integrated in the NFC hardware.
  • the mobile in the context of the invention, the mobile as
  • Payment device are used in which the users of the mobile phone keep this close to a payment terminal, so that just the near-field communication can take place.
  • the payment function on a mobile phone requires integration of this into existing SIM card infrastructures.
  • the NFC technology is based on the combination of smart card and contactless connection techniques.
  • the NFC operates in a frequency range of 13.56 megahertz and offers a maximum data transfer rate of 424 kBit / sec. At a range of only 10cm. This is desirable so that contact can be interpreted as consent to a transaction.
  • NFC is standardized by ISO 14443, 18092, 21481 ECMA 340, 352, 356, 362 and ETSI TS 102 and 190 respectively.
  • the communication between NFC-capable devices, ie mobile phone and payment terminal can be both active-passive and active-active (peer-to-peer) in contrast to the conventional contactless technology in this frequency range, which generally runs only active-passive .
  • the use of the NFC method thus creates a connection
  • the NFC standard is largely compatible with widely used smart card infrastructure used based, for example, on ISO / IEC 14443-A and ISO / IEC 14443-B, respectively.
  • the NFC standard can be used as a substitute for barcodes, for example when electronic ticket purchase or as proposed by the invention, for processing payment transactions, especially where where the necessary amounts of data can not be transmitted in a meaningful number of barcodes.
  • FIG. 1 shows the basic structure of the multilevel safety system proposed according to the invention
  • Figure 2 shows a first embodiment of a communication between a
  • Figure 3 shows a further embodiment of a communication scheme between
  • FIG. 4 shows an embodiment variant of a communication between a system server, a mobile telephone and a transaction terminal, wherein the transaction terminal maintains a normal connection to the system server and a different radio connection to the mobile telephone and
  • FIG. 5 shows the basic structure of the invention proposed
  • Multi-level security system with three different two-factor authentication methods.
  • FIG. 6 shows an embodiment variant when the mobile telephone calculates the one-time password and the barcode without a direct connection to the system server.
  • FIG. 7 shows a variant embodiment, which allows the mobile phone to check the authenticity of the system server and
  • FIG. 8 shows a mobile telephone which is used to transmit a barcode of an invoice to a bank.
  • FIG. 1 shows the structure of the multilevel safety system in a schematic manner.
  • NFC i. Near-field communication is synonymous and used interchangeably with the term barcode.
  • the inventive mobile radio-based transaction system for processing a cashless payment transaction secure transactions are ensured by various security mechanisms on several levels 12, 14, 20.
  • the first level 12 and the second level 14 with their processes carried out there enable the generation of highly secure transactions.
  • the two-factor authentication 18 takes place.
  • a location match 16 is made between the user's location, i. the current location of a mobile phone 36 that communicates with a mobile network 32 with the location of a transaction terminal 34 where a current transaction is currently in progress.
  • the multilevel security system 10 includes another third tier 20 besides the first tier 12 and the second tier 14. While the first two tier 12, 14 are implemented by default, security may be enhanced by the additional, user-related third tier 20.
  • biometric features of the user client
  • the biometric features may be, for example, fingerprints or handprints, the iris of the eye or the features of the face.
  • information from an official identity document can be stored in the third level.
  • a Bluetooth dongle can also be used here, which activates the application in the client or an RFID card. The client checks whether a Bluetooth dongle or the RFID card are in the immediate vicinity, such as in the user's pocket or keychain.
  • the mobile-based transaction system comprises, as shown in Figure 2, a mobile network 32 in which the user is involved by using the at least one mobile phone 36, a transaction terminal 34 at a gas station in a department store or at an airport, for example at least one system server 38.
  • the location matching 16 to be carried out in the second level 14 of the multilevel security system 10 according to FIG. 1 is such that the client, i. the user of the at least one mobile phone 36 requests a barcode from the at least one system server 38. With this request, he also sends, among other data, his current location, i. the location at which the respective user uses the respective at least one mobile phone 36 at the moment and at that moment.
  • the determination of this location can be carried out either from a first position data transmission 40, which is performed by the GPS system 30, or from a location of the at least one mobile telephone 36 and thus its user within the mobile network 32.
  • the location of the same is determined via an identification of the at least one transaction terminal 34, at which the current transaction is in progress.
  • the transaction is rejected.
  • a comparison of the location of the implementation of the respective current transaction with the location of a previously performed transaction can be compared to a certain extent as a second component. Based on the assumption that the user of the at least one mobile phone 36 can change his location only with a certain speed, transactions whose spatial distance is not plausible with the time interval are rejected.
  • the user ie the user, can zer of at least one mobile phone 36, make further location-dependent restrictions. These include, for example, geographic restrictions regarding the web interface. There is the possibility that the user logs on via his website into his webaccount. There, the user can then mark, for example, on a road map areas in which the use is to be allowed or should be prohibited. In this approach, different patterns of expression are possible, for example, postcodes, cities, states or other areas of use can be approved or not allowed by appropriate coding.
  • the location comparison 16 which takes place on the second level 14 of the multilevel security system 10 can either be carried out continuously or at predetermined times, for example every 10 minutes.
  • a location comparison 16 can also be made in the second level 14 if a corresponding request is sent to the at least one system server 38.
  • site comparisons 16 are preferable, but require relatively high energy input.
  • the user ie the client in the form of the at least one mobile telephone 36, sends a one-time password and the current location to the at least one user ID in the context of a first connection 44 System server 38.
  • the location may be determined via either the cellular network 32 or a satellite-based navigation system 30.
  • the at least one system server 38 generates a barcode, which is reported back to the user of the at least one mobile telephone 36, ie the client, within a second connection step 46.
  • the barcode is then sent within a third connection 48 to the at least one transaction terminal 34 or scanned by this and transmitted from there, compare position 34, in the context of a fourth connection step 50 to the at least one system server 38, see position 50 in Figure 2.
  • the System server 38 compares the barcode transmitted in connection 50 with the barcode transmitted in connection 46. If both barcodes are identical, the at least one system server 38 sends a payment request, compare fifth connection 52, to the client, ie the user of the at least one mobile phone 36.
  • a seventh connection step 56 proceeds, after which the confirmation of the transaction from the at least one system server 38 to the at least one transaction terminal 34 is confirmed.
  • the components 30, 32, 34, 36 and 38 are identical, as are the connection steps 44 to 56.
  • the differences between the embodiment variant shown in FIG. 2 and the embodiment variant illustrated in FIG will be briefly described below.
  • the client i. the user of the at least one mobile telephone 36 sends a user ID and location information to the at least one system server 38 as part of the first connection step 44. In the context of the second connection step 46, this generates a barcode from the data which is returned to the user of the at least one telephone 36 is returned in the context of the second connection step 46.
  • the client i. the user of the at least one mobile telephone 36 sends a user ID and location information to the at least one system server 38 as part of the first connection step 44. In the context of the second connection step 46, this generates a barcode from the data which is returned to the user of the at least one telephone 36 is returned in the context of the second connection step 46.
  • the client i.
  • the user of the at least one mobile phone 36 extends that barcode data by a one-time password and generates the final barcode received from the client, i. the user of the at least one mobile telephone 36 is transmitted to the at least one transaction terminal 34 in the context of the third connection step 48.
  • the transaction data and the final barcode are scanned at the at least one transaction terminal 34 and reported back to the at least one system server 38 in the context of the fourth connection step 50.
  • the at least one system server 38 then compares the data of the final barcode with the previously sent data and the one-time password. Thereafter, the at least one system server 38 sends a payment request to the client as part of the fifth connection step 52, i. the user of the at least one mobile phone 36.
  • This request is received from the client, i. the user of the at least one mobile phone 36, confirmed by entering a PIN, which can be done at the transaction terminal 34 or to the mobile phone 36 itself.
  • a PIN can not be entered as part of the confirmation up to a predetermined amount.
  • the confirmation of the transaction in the context of the seventh connection step 56 takes place from the at least one system server 38 directly to the at least one transaction terminal 34 at which the transaction is currently being performed.
  • FIG. 4 shows a schematic representation of a changed data flow in the event of poor radio coverage.
  • the at least one transaction terminal 34 provides an alternative connection for this case.
  • the client application ie the user of the at least one mobile telephone 36
  • establishes a data radio connection ie a separate connection 60 to the transaction terminal 34, for example via Bluetooth.
  • This transaction terminal 34 either establishes or implements a constant connection to the system server 38 via a normal connection 58 over the Internet.
  • the user of the application ie the client, ie the user of the at least one mobile telephone 36, then communicates with the at least one system server 38 via the "normal" data connection 58.
  • the client builds a protected connection, for example a so-called virtual private network (VPN), to the system server 38.
  • VPN virtual private network
  • the location is determined in this case by the at least one transaction terminal 34, the remaining components of the security check in the context of the two-factor authentication 18 as described in connection with Figures 2 and 3 already described.
  • FIG. 5 shows the multilevel security system 10 proposed according to the invention and in particular three possible variants of the two-factor authentication in the second level 14.
  • the first option is the time-controlled variant (62), in which the client and server calculate new one-time passwords at defined time intervals , In this case, the one-time password calculation can be implemented by software in the client application. The generated one-time password can then be used directly and does not have to be reentered by the user.
  • the second option (64) is event-driven two-factor authentication. In this case, the client does not calculate the one-time password at defined time intervals, but only when an event occurs, e.g. if the user requests a barcode or triggers the calculation manually. In comparison to the first-mentioned variant (62), the event-driven variant (64) is more resource-efficient.
  • the third variant (66) is the challenge response or challenge-response method.
  • the server sends a "challenge" to the client, eg a numerical value.
  • the client fulfills the task, eg it performs a calculation based on the transmitted numerical value of the server and sends the result back to the server. Since the server is doing the same computation, it knows the result and can compare it to the client's sent response. For all three options, either the authorization takes place at this level if the one-time password (variant 62, 64) or the answer (variant 66) is correct or the transaction is rejected.
  • the mobile phone 36 generates a barcode based on the user ID and a one-time password.
  • further information such as position data 32, 30, can be integrated into the barcode.
  • This barcode is then scanned 68 at the transaction terminal 34.
  • the user 76 may enter a PIN code at the transaction terminal 34.
  • the transaction information is then transmitted 72 through the transaction terminal 34 to the central system server 38.
  • the central system server 38 parallels the client 36 the individual one-time password of this client 36.
  • the central system server 38 can now check the submitted transaction information and confirm or reject the transaction.
  • the confirmation or rejection is then transmitted 74 from the central system server 38 to the transaction terminal 34.
  • Figure 7 shows the possible verification of the authenticity of the system server 38 by the mobile phone or PDA or other communication means 36.
  • the system server 38 generates a one-time password and sends it either via a data connection or short message (SMS) 78 directly to the mobile phone 36th or, in the absence of a radio connection, to the transaction terminal 34.
  • the user 76 can then compare the one-time password sent by the server 38 with the one-time password calculated by the mobile phone 80. This allows the user to check and prevent the authenticity of the system server 38. that eg Scammers creep into the system and manipulate transactions. If the one-time password is sent directly from the server 38 to the mobile phone, the check can be carried out within the mobile phone 36 without further action by the user. This authenticity check is possible with all three described one-time password variants 62, 64, 66.
  • FIG. 8 shows a mobile telephone with which a barcode can be scanned, which contains details of an invoice and which is transmitted via the server to a bank. From Figure 8 shows that in this embodiment of the mobile radio-based transaction system by means of the mobile phone 36 and the handling of this user 76, a scanning of a bar code 100 cf. Position 48 in Figure 8 is done.
  • the barcode 100 is located on an invoice 102.
  • the barcode 100 contains payment information such as the name of a company 10, the account number, bank code, Swiftcode, Iban, invoice number, invoice amount, payment destination, Sconti and the like.
  • the server 38 checks both the payment data and the user ID and the one-time password.
  • the check of the one-time password takes place in the first level 12 of the multi-level security system 10.
  • this payment data sent to a credit institution 1 12.
  • the credit institution 1 12 releases a transfer by means of a release 108, so that the invoice amount, which is located on the company invoice 102, can be transferred to the company 10 issuing the invoice 102, optionally taking into account details also stored in the barcode 100, such as Term of payment, discounts etc.
  • GNSS Location System Global Navigation Satellite System
  • first connection info one time password OTP, location
  • second connection barcode
  • third connection scanning barcode
  • One-time password for checking the authenticity of the server 38 Comparison of the one-time password sent by the server 38 with the one-time password Barcode calculated by the mobile phone 36

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un système de transactions utilisant une radio mobile, comportant au moins un téléphone mobile (36), au moins un terminal de transactions (34) et au moins un serveur système (38), pour la réalisation d'une opération de paiement sans espèces. À l'intérieur d'un système de sécurité à plusieurs niveaux (10), une comparaison est effectuée au deuxième niveau (14) entre la position d'un utilisateur ou du client (36) dans un réseau radio mobile (32) et/ou la localisation de l'abonné dans un système de localisation par satellite (30). À un premier niveau (12), une authentification bifactorielle (18, 62, 64, 66) est effectuée. À un troisième niveau, optionnel, il est possible d'ajouter un autre contrôle de sécurité, par exemple à l'aide de caractéristiques biométriques.
EP11707339A 2010-03-03 2011-02-24 Système de transactions utilisant une radio mobile Withdrawn EP2543010A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
DE102010010165 2010-03-03
DE102010047257A DE102010047257A1 (de) 2010-03-03 2010-10-01 Mobilfunkbasiertes Transaktionssystem
ARP110100366A AR080126A1 (es) 2010-03-03 2011-02-03 Sistema de transacciones en base a telefonia celular
PCT/EP2011/000910 WO2011107237A1 (fr) 2010-03-03 2011-02-24 Système de transactions utilisant une radio mobile

Publications (1)

Publication Number Publication Date
EP2543010A1 true EP2543010A1 (fr) 2013-01-09

Family

ID=44503071

Family Applications (1)

Application Number Title Priority Date Filing Date
EP11707339A Withdrawn EP2543010A1 (fr) 2010-03-03 2011-02-24 Système de transactions utilisant une radio mobile

Country Status (4)

Country Link
EP (1) EP2543010A1 (fr)
AR (1) AR080126A1 (fr)
DE (1) DE102010047257A1 (fr)
WO (1) WO2011107237A1 (fr)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102012006947A1 (de) 2012-04-10 2013-10-10 Authentidate International Ag Verfahren zur bargeldlosen Zahlung am Point of Sale
DE102013013490A1 (de) 2013-08-15 2015-02-19 Afc Rechenzentrum Gmbh Verfahren zur bargeldlosen Abwicklung von Zahlungen aus tragbaren Telekommunikatonsgeräten an Kassen mit einer Telekommunikationsverbindung
DE102014002602B4 (de) 2014-02-24 2021-10-21 Giesecke+Devrient Mobile Security Gmbh Verfahren zum Autorisieren einer Transaktion sowie Verwendung einer Uhr und eines Kassensystems in diesem Verfahren
CN103886283A (zh) * 2014-03-03 2014-06-25 天津科技大学 用于移动用户的多生物特征图像信息融合方法及其应用
DE102017211913A1 (de) 2017-07-12 2019-01-17 Robert Bosch Gmbh Verfahren zum Steuern eines elektronischen Gerätes
DE102018210427A1 (de) 2017-07-14 2019-01-17 Robert Bosch Gmbh Verfahren zur klassifikation von zeitreihen

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010051915A1 (en) * 2000-03-29 2001-12-13 International Business Machines Corporation Data transfer system using mobile terminal and two-dimensional barcode
EP1231578A2 (fr) * 2001-02-01 2002-08-14 Siemens Aktiengesellschaft Méthode et système pour la réalisation de paiement sans espèces
WO2003052707A2 (fr) * 2001-12-19 2003-06-26 Siemens Aktiengesellschaft Procede et systeme de deroulement de processus de verification de l'autorisation d'utilisation et / ou de paiement a l'aide d'un terminal de telephonie mobile, terminal de telephonie mobile associe, station d'interrogation, programme de commande pour un terminal de telephonie mobile et programme de commande pour une station

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10005487A1 (de) * 2000-02-08 2001-08-09 Siemens Ag Verfahren zur Nutzeridentitätskontrolle
DE20008345U1 (de) * 2000-05-09 2000-08-17 Mueller Angelika Kommunikationsgerät mit Fingerabdrucksensor
JP4711039B2 (ja) * 2001-04-17 2011-06-29 株式会社モビリティ 複数の機能を有する多目的携帯端末の安全性確保の方法
GB0229765D0 (en) 2002-12-20 2003-01-29 Radicall Projects Ltd Payment system
US20080126251A1 (en) * 2006-09-21 2008-05-29 Tomas Karl-Axel Wassingbo System and method for utilizing a portable network device to initiate and authorize a payment transaction
US20080133373A1 (en) * 2006-11-30 2008-06-05 Motorola, Inc. Method to select payment when using a wireless communication device
US8041338B2 (en) * 2007-09-10 2011-10-18 Microsoft Corporation Mobile wallet and digital payment
US20090112767A1 (en) * 2007-10-25 2009-04-30 Ayman Hammad Escrow system and method
US20090307141A1 (en) * 2008-06-06 2009-12-10 Telefonaktiebolaget Lm Ericsson (Publ) Secure Card Services
US8342407B2 (en) * 2008-07-21 2013-01-01 Gilbarco, Inc. System and method for pairing a bluetooth device with a point-of-sale terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010051915A1 (en) * 2000-03-29 2001-12-13 International Business Machines Corporation Data transfer system using mobile terminal and two-dimensional barcode
EP1231578A2 (fr) * 2001-02-01 2002-08-14 Siemens Aktiengesellschaft Méthode et système pour la réalisation de paiement sans espèces
WO2003052707A2 (fr) * 2001-12-19 2003-06-26 Siemens Aktiengesellschaft Procede et systeme de deroulement de processus de verification de l'autorisation d'utilisation et / ou de paiement a l'aide d'un terminal de telephonie mobile, terminal de telephonie mobile associe, station d'interrogation, programme de commande pour un terminal de telephonie mobile et programme de commande pour une station

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2011107237A1 *

Also Published As

Publication number Publication date
DE102010047257A8 (de) 2012-05-24
DE102010047257A1 (de) 2011-09-08
AR080126A1 (es) 2012-03-14
WO2011107237A1 (fr) 2011-09-09

Similar Documents

Publication Publication Date Title
EP2949094B1 (fr) Procédé d'authentification d'un usager vis-à-vis d'un distributeur automatique
EP2543010A1 (fr) Système de transactions utilisant une radio mobile
DE10224209A1 (de) Autorisierungseinrichtung-Sicherheitsmodul -Terminal-System
EP2528045A1 (fr) Procédé et ordinateur de service ainsi que système d'authentification sans carte
DE102011100144A1 (de) Sicheres drahtloses Zahlungssystem und Verfahren zu dessen Anwendung
DE102011116489A1 (de) Mobiles Endgerät, Transaktionsterminal und Verfahren zur Durchführung einer Transaktion an einem Transaktionsterminal mittels eines mobilen Endgeräts
EP3215974B1 (fr) Procédé pour fournir un code d'accès à un appareil portable, et appareil portable
EP1456822B1 (fr) Procede et systeme de deroulement de processus de verification de l'autorisation d'utilisation et / ou de paiement a l'aide d'un terminal de telephonie mobile, terminal de telephonie mobile associe, station d'interrogation, programme de commande pour un terminal de telephonie mobile et programme
EP2561484B1 (fr) Procédé de manipulation de billets électroniques
DE102013212627B4 (de) Elektronisches Transaktionsverfahren und Computersystem
EP2996299B1 (fr) Procédé et système d'autorisation d'une action sur un système auto-commandé
EP2949096A1 (fr) Production de donnés de position au moyen d'un protocole délimiteur de distance
DE102009041002A1 (de) Verfahren zur personengebundenen, ortsunabhängigen, bargeldlosen Zahlungsabwicklung und zum ortsunabhängigen Erwerb und Nachweis von personengebundenen Berechtigungen unter Verwendung von Mobilfunkgeräten
DE102007024144B3 (de) Verfahren und Anordnung zur schnellen Kurzanmeldung eines Benutzers an einem Diensleistungsportal mittels einer mobilen Kommunikationseinrichtung
DE102010036037A1 (de) Verfahren zur Durchführung bargeldioser Zahlungstransaktionen und Transaktionsystem zur Durchführung des Verfahrens
EP3561753A1 (fr) Procédé de transfert et de traitement de données et dispositif correspondant
DE102013022434B3 (de) Elektronisches Transaktionsverfahren und Computersystem
DE102013022433B3 (de) Elektronisches Transaktionsverfahren und Computersystem
DE102013022436B3 (de) Elektronisches Transaktionsverfahren und Computersystem
EP1729254B1 (fr) Procédé et système de transmission de données
DE102006007236A1 (de) Verfahren zum Identifizieren von Personen und zum Autorisieren von Vorgängen sowie Endgerät zur Durchführung des Verfahrens
DE202022100435U1 (de) Intelligentes Management-Sicherheitssystem zum Schutz vor Betrug beim Zugang zu einer mobilen Einheit mit Authentifizierungsmöglichkeiten
EP4332919A1 (fr) Composteur de billets pour un système de transport de personnes
EP3416120A1 (fr) Dispositif et procédé d'authentification d'utilisateur et d'autorisation d'accès
DE102013022435B3 (de) Elektronisches Transaktionsverfahren und Computersystem

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20121002

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20151127

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20220809