EP2577629A1 - Verfahren und system für sichere teleübertragung - Google Patents

Verfahren und system für sichere teleübertragung

Info

Publication number
EP2577629A1
EP2577629A1 EP11727258.3A EP11727258A EP2577629A1 EP 2577629 A1 EP2577629 A1 EP 2577629A1 EP 11727258 A EP11727258 A EP 11727258A EP 2577629 A1 EP2577629 A1 EP 2577629A1
Authority
EP
European Patent Office
Prior art keywords
code
person
receiving
terminal
personal equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP11727258.3A
Other languages
English (en)
French (fr)
Inventor
Christian Soulez
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
KCS MONETIC
Original Assignee
KCS MONETIC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by KCS MONETIC filed Critical KCS MONETIC
Publication of EP2577629A1 publication Critical patent/EP2577629A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/203Dispensing operations within ATMs

Definitions

  • the present invention relates to a method and a secure teletransmission system.
  • the known means of communication and information processing provide flexibility and speed to implement local or remote transmissions that facilitate exchanges between people.
  • the facilities offered by the means of communication and information processing must not be a source of vulnerability when the transmitted material is sensitive and / or of value because it is appropriate that the transmission succeed without being corrupted, to the person to whom it is actually intended. This is particularly the case when the transmission involves a transfer of money.
  • patent EP1168762B1 discloses an information provider system in which a terminal device transmits financial information of users to an information management device arranged to perform payment processing.
  • the method disclosed in this second patent cited above has the disadvantage of not allowing to concretely deliver an object, including a sum of money to a money transfer recipient.
  • the known security techniques are essentially using electronic means that control each other relatively opaque to the user. These techniques are not entirely satisfactory in terms of certainty for the user as to the correct receipt of the correct sum by the correct recipient.
  • the non-repudiation of the transmission by the user crucial in money transfer, is difficult to guarantee when the user faced with the opacity of purely electronic controls, could be tempted to refute the integrity electronic control means.
  • the patent grant publication EP0960499B1 on November 2, 2005 discloses a system adapted to provide funds requested to a recipient by verifying that a first security code included in transfer data, is equal to a second security code. security included in recipient data, the transfer data being entered by a sender and recipient data being entered by the recipient.
  • the implemented method is not entirely satisfactory in terms of security, for example in case of interception of the security code in the transfer data or in the recipient data.
  • a secure remote transmission method ordered by a transmitting person to a receiving person comprises:
  • a first main step and a second main step activated when a secure server receives from a first electronic device a first request containing a designation code of an object to which the remote transmission relates and a receiver personal equipment address attributable to the receiving person;
  • a third main step activated when the secure server receives from a second electronic device a second request containing the withdrawal code and all or part of the data comprising at least the designation code of the object;
  • the secure teletransmission method comprises:
  • a first peripheral step activated when the transmitting person initiates a call from a sending personal equipment to the receiving personal equipment;
  • the first electronic device is a first terminal
  • the second electronic device is a second terminal and the method comprises:
  • a request step in which the first terminal transmits to the secure server a request comprising the token and the designation code to request the secure server to provide the withdrawal code;
  • a distribution step in which the second terminal terminates the transmission by delivering the object after receiving the withdrawal code and the designation code entered by the receiving person and after receiving an authorization issued by the secure server to confirm a correlation of the withdrawal code entered with the verification token.
  • the first terminal asks the issuer to indicate at least one unambiguous nominative code of the recipient and / or the person sending; and - In the request step the first terminal places the (s) said unique name (s) code (s) in the request sent to the secure server.
  • the second terminal delivers the object after additional reception of at least one unambiguous nominative code entered by the receiving person.
  • the unambiguous nominative code is a telephone number.
  • the unambiguous nominative code is a telephone number of the receiving person and the receiving person receives by telephone the designation code on a first communication channel linked to the secure server and the withdrawal code on a second communication channel linked to the person sending.
  • the first electronic device is the sending personal equipment for accessing an account controlled by the secure server and the second electronic device is a terminal.
  • the method then includes a sub-account creation step accessible from the receiving personal equipment when the secure server receives an add request from the personal equipment, and the data provided in the second main step includes subaccount access information.
  • the secure remote transmission method preferably comprises:
  • the object is a sum of money and the designation code is an amount of the sum of money.
  • the object is a sub-account
  • the designation code is a user alias name of the sub-account
  • the second electronic device is the receiving personal equipment.
  • the secure server creates a virtual card number in the third main step.
  • the invention also relates to a secure teletransmission system for a receiving person ordered by a transmitting person, which comprises:
  • a secure server comprising a program for providing a withdrawal code to the first electronic device and for supplying a designation code of an object to which the remote transmission to the personal equipment relates;
  • a second electronic device comprising an interface for enabling the recipient to enter at least the withdrawal code, means of connection to the secure server for issuing the withdrawal code and the designation code and for receiving an authorization from the secure server which confirms a correlation of the withdrawal code entered with the designation code, and means for automatically issuing the object after receipt of the authorization.
  • the system includes personal transmitting equipment enabling the person sending the call to retrieve the personal equipment for ensure that the receiving personal equipment is actually allocated to the receiving person.
  • the first electronic device is a first terminal comprising an interface arranged to request the issuing person to indicate at least one unambiguous nominative code of the receiving person and / or the person transmitting so as to place the unambiguous nominative code (s) in a request sent to the secure server.
  • the second electronic device is a second terminal arranged to deliver the object after additional reception of at least one of the unique nominative code (s) entered by the receiving person.
  • the unambiguous name code is a telephone number, more particularly is a telephone number of the receiving person and the receiving person receives by telephone the designation code on a first communication channel linked to the secure server and the withdrawal code. on a second communication channel linked to the person sending.
  • the first electronic device is the transmitting personal equipment then containing a program for accessing an account controlled by the secure server and the second electronic device is personal receiving equipment.
  • the secure server is then arranged to receive an add request from the personal equipment, to create a subaccount accessible from the receiving personal equipment and to transmit data containing information to the receiving personal equipment. access to the sub-account.
  • the secure server is advantageously arranged to limit temporally and / or spatially a validity associated with the withdrawal code.
  • the object is a sum of money and the designation code is an amount of the sum of money.
  • the object is a sub-account
  • the designation code is a user alias name of the sub-account
  • the second electronic device is the receiving personal equipment.
  • FIG. 1 is a schematic view of an implementation system of the invention
  • FIG. 2 shows process steps according to the invention for enabling an issuer to transfer a sum of money
  • FIG. 3 shows process steps according to the invention for enabling a receiving person to collect the sum of money
  • FIGS. 4 and 5 show process steps according to the invention for enabling the person sending the data to create a sub-account for the benefit of the receiving person
  • FIG. 6 shows process steps according to the invention applicable to embodiments other than those presented.
  • the system shown in FIG. 1 comprises a bank computer 2 which houses a bank account which a person 11 has to issue an order to withdraw a sum of money from said bank account.
  • the system further comprises a first terminal 1 which allows strong authentication of the person 11 as the one who has said bank account.
  • the terminal 1 is for example a bank machine of the Automatic Cash Dispenser (ATM) type by means of which the person 11 can give evidence to authenticate that it has the account using a bank card associated with a secret code that only the person knows.
  • ATM Automatic Cash Dispenser
  • the terminal 1 is for example also a peripheral of the bank computer, accessible only by an employee of the bank who occupies in an agency, a meeting point equipped with the device and who can physically authenticate the person 11 by his documents. identity or by the personal knowledge that the employee has of the person 11.
  • the terminal 11 is for example still a programmed mobile phone or whose SIM card is programmed in a known manner to offer the functions of a bank card.
  • the possible means of authentication are not limited to a secret code.
  • the means of authentication may be based on the biometric characteristics of the person 11.
  • the type of the terminal 11 is not limited to those just stated but extends to any type of electronic equipment that offers digital services. strong authentication comparable as it is for example the case of a personal computer set to do banking on the bank account through a secure dialogue with a website of the bank.
  • the system also includes a second terminal 5 whose essential function is to be able to distribute banknotes. Due to its nature, a bank machine is well suited to carry the terminal 5.
  • the terminal 5 allows a person 22 to be able to collect a sum of money without having to justify having a bank account, in other words without having necessarily a bank account to carry out banking operations.
  • the terminal 5 is connected to a second bank computer 6 which manages any remittance of money on the terminal 5, in particular by issuing banknotes.
  • the bank computer 6 is connectable to the bank computer 2 by means of a specialized interbank network or secure links on the Internet network 8.
  • the computer 6 can also, in some cases of use, be confused with the computer 2, in particular but not necessarily when the terminal 5 is identical with the terminal 1. The particular cases depend essentially on the respective geographical positions of the persons 11 and 22.
  • the system comprises a secure transfer server 3 (SSTF) connectable to the computers 2 and 6 by means of connection comparable to those used by the computers 2 and 6 to communicate with each other, so as to set up a money transfer service that can be operated within the same bank or by a third-party operator acting on behalf of several banks.
  • SSLTF secure transfer server 3
  • the money transfer service offered by the server 3 differs from the money withdrawal services known in that the person 22 to whom is physically delivered a sum of money, notably in the form of banknotes, is not not necessarily the person who authenticates to debit the amount of money from the account at his disposal.
  • the server 3 is arranged to deliver a single-use ALEA withdrawal code to the person 11 authenticated on the terminal 1 by the system to access the account.
  • Person 11 communicates, out of the system, the code to the person by means that enables him to ascertain humanly, in other words to recognize that the person is really the person to whom the person intends to silver.
  • the person 22 then uses the code to withdraw the amount of money on the terminal 5.
  • the person 22 is a person located at a distance from the person 11, in the same country or in a distant country.
  • the person 11 uses his telephone 7 to call the person 22 on his telephone 4. Recognizing the person 22 with the tone of his voice and possibly the personalized dialogue that is established, the person 11 vocally communicates the withdrawal code to the person 22.
  • the person 22 is close to the person 11. This is for example the case of two people from the same family residing close to each other.
  • the person 11 visually recognizes the person 22 and communicates the withdrawal code orally or written on a sheet of paper.
  • the person 22 holds the account on which the sum of money is debited but does not have electronic credit card type authentication means or the like.
  • the person 11 is then an employee in an agency of the bank that manages the account.
  • the employee uses his personal device of the bank computer on which he is authenticated to obtain the withdrawal code in the form of a paper receipt that he gives to the person 22.
  • the bank computer can also directly send the withdrawal code by SMS to the mobile phone 4.
  • the person 22 then uses the paper receipt or the SMS to make the withdrawal requested on the agency of the machine.
  • the person 22 and the person 11 are one and the same person who wishes to withdraw a sum of money without having to wear his authentication device, for illustrative purposes his credit card at the time of withdrawal, for example in returning from a workout or beach. It suffices for the person 11 to obtain beforehand the withdrawal code and to memorize it by heart or to note it in the palm of the hand if it is less trusting to the person 22 that she will have become on returning from her sport.
  • the terminal 1 can be used to deposit a sum of money if it is provided for this purpose. It is then the deposited amount that is transferred.
  • a terminal of a first system A (hereinafter terminal A) initially in a waiting step 100 executes steps of the method that allow a transmitting person (E) to issue an order to deliver to a remote receiving person (R) a directly usable amount of money debited to an account managed by a bank computer of System A (hereinafter bank A).
  • the terminal A and the bank computer A are respectively hosted by the terminal 1 and the computer 2 of FIG. 1.
  • the person E is then the transmitting person 11 and the person R is then the receiving person 22 of the figure 1.
  • a signaling transition 101 is validated when the person E arrives at the terminal A, which is for example a bank machine (ATM for ATM in French or ATM for Automated Teller Machine in English) of his bank or a bank in agreement with his bank.
  • the terminal is for example still an electronic payment terminal (TPE), or even a secure telecommunications equipment such as a mobile phone including a cryptographic module.
  • TPE electronic payment terminal
  • Different modes of presentation to the terminal A can be implemented, for example those of introducing a medium of personal information into a terminal A reader provided for this purpose.
  • the personal information stored on the medium is correlated with a PIN (Personal Identification Number) secretly held by the person E or any other type of identifier including biometric data such as a fingerprint, veins of the hand, a fundus of the eye or an iris that unequivocally distinguish the person E within the human race.
  • PIN Personal Identification Number
  • a validation of the transition 101 activates an interrogation step 102 in which the terminal A asks the person E to communicate his identifier by typing his confidential code on a keyboard of the terminal or by submitting a part of his appropriate body to a sensor of the terminal. terminal dedicated to the biometric data correlated to the personal information stored on the medium.
  • An identification transition 103 is validated when the person E has communicated his identifier to the terminal A.
  • a validation of the transition 103 activates a step
  • the terminal A transmits the identifier to the bank computer A, preferably in encrypted form by the terminal A.
  • the bank computer A initially in a waiting step 200 executes steps of the method that make it possible to link the account of the person E to authorize an execution of the order sent by the person E on the terminal A.
  • An account access transition 201 is validated when the bank computer A receives the identifier of the person E, preferably encrypted as indicated by the star by exponent in FIG.
  • a validation of the transition 201 activates a verification step 202 in which the bank computer A checks the correlation of the identifier with the personal data of the person E and generates a token linked to the person E (token E) if the Correlation is verified positively.
  • the token is for example an EMV cryptographic element.
  • the bank computer A uses, for example, a known ATM manager (GDG) for this purpose. The bank computer A then sends the token E to the terminal A.
  • GDG known ATM manager
  • An authentication acknowledgment transition 105 is validated when the terminal A receives the token E.
  • a validation of the transition 105 activates a selection step 106 in which the terminal A asks the person E to select a function from a menu among several proposed monetary functions such as the withdrawal of bank notes, the consultation of the account and more particularly in the context of the invention, the transfer consisting in handing over a sum of money in person to a person R.
  • steps 102 and 104 may for example be grouped in a single step in the case where a biometric data detected by a sensor of the terminal A is sufficient for the identification and identification of the person E.
  • the token E is the element that makes it possible to start and validate the secure transmission phase explained below.
  • the token usually loses validity when secure transmission is complete.
  • a control transition 107 is validated when the person E selects a transmission function secure according to the invention, including the function "money transfer" in the menu.
  • a validation of the transition 107 activates a formulation step 108 in which the terminal A asks the person E to indicate a designation code of an object to which the secure transmission relates.
  • the designation code is the amount of money to be transferred.
  • the terminal also requests the person E a unique nominative code which facilitates, as we shall see in the following description, the processing of secure transmission.
  • the nominative code is unambiguous in that it is attached specifically to the person E or the person R.
  • the nominative code is for example an address which allows the person to contact the person R to inform him of the elements necessary for a withdrawal of the person.
  • Said address is for example an Internet e-mail address.
  • said address is a telephone number to which it is possible to call the person R.
  • said address is a mobile phone number which makes it easier to reach the person R and to send him written information.
  • SMS short message service
  • MMS multimedia message service in English.
  • the telephone number does not only have the advantage of making it possible to reach the person R, it also has the advantage of being generally memorized both by the person R and by the person E mentally or in an electronic directory and therefore easily found both by the person E and by the person R.
  • the telephone number may also be the telephone number of the person E who personally identifies the person E, in other words, which designates the person E unambiguously.
  • the persons E and R being people who know each other, it is sufficient if the person E communicates his telephone number to the person R by some way so that the person R retains him.
  • a transition 109 of information is validated when the person E indicates the designation code of the object, including the amount of the sum of money to be transferred and preferably also the univocal nominative code, including the mobile phone number that allows reach the person R who will receive the money.
  • the person E enters the amount to be transferred in the currency of the country where the person resides. In other words, the amount is usually expressed in the currency of the country where the person resides, essentially if the person R resides in the same country.
  • a validation of the transition 109 activates a request step 110 in which the terminal A requests the secure transfer server SSTF, typically the server 3 of Figure 1, to provide a first ALEA withdrawal code. To do this, the terminal A sends to the server SSTF a request that includes the token issued in step 202 by the bank computer A, the amount and the address entered by the person E on the terminal A.
  • the secure SSTF server initially in a waiting step 300, executes steps of the secure transmission method that make it possible to transmit the object, more specifically the sum of money to the person R.
  • a boot transition 301 is validated when the SSTF server receives the request including the token that binds the account to be debited and the amount of the sum of money to be transferred.
  • the request also includes the address, including the telephone number allowing to inform of the transfer, the person to whom the sum of money must be handed over.
  • a validation of the transition 301 activates in the server SSTF a step 302 of response to the request sent by the terminal A and a step 304 of generating an electronic ticket for withdrawing the sum of money.
  • the server SSTF creates a data structure dedicated to the secure transmission, in particular dedicated to the money transfer transaction, for example a line indexed by an identifier ID in an associative table.
  • a data structure dedicated to the secure transmission for example a line indexed by an identifier ID in an associative table.
  • the amount of the sum of money also refers, more generally, to the designation code of any object that is not necessarily a sum of money. money.
  • the identifier ID can also be a pointer to another type of data structure.
  • the server SSTF stores in the data structure, the parameter values communicated in the request and including the token, the amount of the sum of money to be transferred with the address, in particular the telephone number making it possible to inform the transfer, the person to whom the sum of money must be handed over, optionally a telephone number of the person E and / or a bank card number of the person E.
  • the credit card number is for example obtained from the computer of bank A from the token, regardless of whether or not the terminal A.
  • the SSTF server then pulls a number, or more generally a string of random characters that is the first ALEA withdrawal code whose nature is random or pseudo random.
  • the server SSTF stores the ALEA code in a box of the data structure reserved for this word and sends the ALEA code in a response message to the terminal A, possibly via the GDG when the terminal A is a bank payment machine.
  • the ALEA code can also be generated as a temporary PIN code which is usable once by the beneficiary. In this case a hash code is preferable, especially for two people 11 and 22 different.
  • the SSTF server assigns the future cash withdrawal transaction a PTV validity time range that it stores in the data structure.
  • the validity time range provides additional security for the transmission, which can not be executed outside the validity time range. Other additional security can be considered as for example the neighborhood of a place of validity.
  • the SSTF server applies a hash function to all or part of the content of the data structure which gives a second Hash Data removal code whose nature is deterministic.
  • the SSTF server stores or does not store the Hash Data code in a box of the data structure, groups the second Hash Data withdrawal code with the PTV validity time slot and / or a location criterion of the withdrawal, so as to generate the electronic ticket then sends the electronic ticket in a notification message to the address of the personal equipment of the person R which is stored in the data structure.
  • the notification message is advantageously sent in the form of an SMS when the address is a mobile phone number.
  • an address of the person R may be available from a database subject to prior registration.
  • step 304 may very well not be executed.
  • An acknowledgment transition 111 is validated when the terminal A receives the first withdrawal code.
  • a validation of the transition 111 activates a step
  • the terminal A communicates the first ALEA withdrawal code to the person E.
  • Various embodiments can be envisaged to communicate the first ALEA withdrawal code to the person E, for example visually by displaying the code on a local screen, vocally by means of a loudspeaker located on the terminal A or a wireless link to the 802.11 protocol or a proximity field communication (NFC for near field technology in English) or another to a communicating object held by the person E such as for example the mobile telephone 7 equipped with a radio receiver at short distance.
  • the terminal A prints the amount of the sum to be transferred, the address of the personal equipment of the person R and the first withdrawal code ALEA on a receipt that is issued to the person E.
  • a transition 401 alert is validated when the personal equipment of the person R, typically the phone 4, receives the electronic ticket.
  • a validation of the transition 401 activates an alarm step 402 in which the personal equipment of the person R informs the person R so as to enable him to read the contents of the electronic ticket to acquaint with the second withdrawal code and the time range in which the withdrawal of the sum of money is allowed.
  • Steps 304 and 402 may be part of an option in which the method proposes to the person E, the "payer” to notify the person R, the "paid” of the upcoming transfer by SMS or by call combined with a voice synthesis device, if the "Paid" has a mobile phone.
  • the address given in the request of step 110 in the form of a telephone number allows the person E to easily indicate the person R and the person R to easily be recognized by association of the person R with the phone number which it is easy to remember so much for the person E than for the person R.
  • the telephone number is in a way a unique naming code of the person R as we will see now in the following description.
  • Step 304 serves in particular to transmit the virtual card number that is generated on the basis of the Hash code and according to the method described below.
  • the SSTF builds a special card number including a fixed fixed part, a specific Bank Identification Number (BIN) which identifies the bank to which the issuer of the transfer belongs.
  • BIN Bank Identification Number
  • the BIN is followed by a number correlated with the ALEA code, for example the ALEA code in clear or the encrypted ALEA code.
  • the correlated number can also be the hashdata, especially if the ALEA code is comparable to a temporary PIN.
  • the virtual card number or virtual PAN is an alias of the card number of the bearer whose part BIN makes it possible to go up towards the transmitter and to find the server SSTF of the bank of the issuer, and whose variable part corresponds to the hashcode which retrieves the ticket in the SSTF server of the bank of the issuer.
  • a first advantage is to associate a T-PIN code with the virtual card number which does not modify the transfer of data between the withdrawal machine 5 and the computer 2 of Bank A.
  • a second advantage is to use two different channels of transmissions of these two information that enhances security.
  • the step 112 completes a first phase of the method which provides the person E with an intangible control key on the transfer of the sum of money that it orders.
  • This light control key consists of the first ALEA removal code.
  • the "Payer” that is to say the person E personally communicates the withdrawal code ALEA to the "Paid”, that is to say to the person R in a humanly controllable way for example vocally directly or by telephone, by hand delivery or other equivalent conventional means to ensure that the person receiving the withdrawal code is the R person to whom the money transfer is intended .
  • the meeting or the dialogue during which the person E hands the code ALEA to the person R allows the person E to recognize the tone of the voice, the facial features of the person R and / or information shared for example on family.
  • the mobile phones 7 and 4 are particularly well suited means for establishing a voice communication channel or television between people E and R.
  • the telephone communication allows the person E to ensure that the information of the ALEA code is transmitted to the right person.
  • Electronic messaging devices (MEL) on the Internet or short message services (SMS) are a priori rejected of the process because they are sources of error except to use pre-registrations of "Paid" (potentially R persons) with their numbers or MEL addresses with prior control of these data before any transaction.
  • the person R in other words the "Paid", having received by the voice channel the ALEA code and optionally having been warned not SMS in the case of an implementation of step 402 on his personal equipment. communication, activates the second phase of the process by going to an ATM of a bank in agreement with the bank of the person E, in other words the "Payer” or on a PLC of a bank having subscribed the service " Transfer of money "from the same operator as the bank of the person E to implement the method of the invention.
  • the terminal of a second system B (hereinafter terminal B) initially in a waiting step 500, performs process steps that allow the person R to withdraw the amount of money transmitted. by the remote person E, the amount of which is debited by compensation from a bank computer system B (hereinafter bank B).
  • the terminal B typically displays a menu of several possible functions or services, including purely illustrative and non-limiting, withdrawal of bank note, bank account consultation and more particularly in the context of the invention, the transfer of money and the collection of money transferred.
  • a selection transition 501 is validated in the terminal B when a person, in particular the person R, selects the function "Money collection".
  • a validation of the transition 501 activates a step 502 in which the terminal B displays an electronic form which invites the person R to enter successively or randomly, a set of data comprising:
  • the unambiguous nominative code for example the phone number of the person R, and / or all or part of the content of the electronic ticket, for example the second Hash Data withdrawal code.
  • a hashcode transaction identifier and / or telephone number is particularly useful if the ALEA code is comparable to a temporary PIN, generally short to facilitate the search for the transaction in the SSTF database.
  • a data reception transition 503 is validated in the terminal B when the set of required data is received.
  • a validation of the transition 503 activates a request step 504 in which the terminal B requests the secure fund transfer server SSTF to provide a withdrawal authorization.
  • the authorization request includes the data requested in step 502 by the terminal B, in particular the amount and the ALEA code entered by the person R on the terminal B and optionally the second removal code corresponding to the hashcode received during the optional steps. 304 and 402 especially if the ALEA code is comparable to a temporary PIN code.
  • the terminal B when materialized by a bank machine, initially transmits the authorization request to the GDG management service of the bank computer B.
  • the amount and the currency are normally transmitted according to the rules.
  • the protocol used by the PLC to communicate with the bank computer B HOST-GDG.
  • the bank computer B then identifying in the authorization request a specific request for the transfer of funds using the BIN, routes the data of the request to the SSTF.
  • the server SSTF initially secured in the waiting step 300 performs the following steps of the method that transfer the money from the person E to the person R.
  • a transition 305 for receiving data is validated when the server SSTF receives the data of the request comprising in particular the amount and the ALEA code.
  • a validation of the transition 305 activates a search step 306 in which the SSTF (or the SSTF network) checks the validity of the ALEA code and checks the amount with its currency.
  • the secure SSTF server After having performed positive checks and verifications, the secure SSTF server returns to bank computer B (HOST-GDG) an authorization with the amount and the Personal Authentication Number (PAN) of the bank.
  • PAN Personal Authentication Number
  • Payment that is to say the person E.
  • the transaction to which the validation of the transition 305 is related can be retrieved by indexing the ALEA code if it is pseudo-random so as to be unambiguous, by indexing the amount on a first level then the ALEA code on a second level.
  • the transaction is found by indexing the unique nominative code specially transmitted for this purpose by the person R on the terminal B.
  • An approval transition 601 is validated when the bank computer B receives the amount approved by the secure SSTF server.
  • a validation of the transition 601 activates a step 602 in which the bank computer B sends to the terminal B a response to the authorization request.
  • the answer can be developed in different ways, for example by direct broadcast of the amount approved terminal B.
  • the B bank computer starts with re ⁇ route the request of authorization in modified form with the credit card number of the "Payor” to its authorization server (HOST-SA) standard so as to go up to the bank computer A "Payer” according to the standard schemas of authorization.
  • HOST-SA authorization server
  • An authorization transition 505 is validated when the terminal B receives a positive response to the authorization request it had issued in step 504.
  • a 505 transition validation activates a step
  • the terminal B performs a final check and proceeds to the issuance of the sum of money, for example by distributing bank notes in an amount corresponding to the amount of the sum transferred.
  • the terminal B conventionally checks the authorization received from the bank computer B (HOST-GDG) to perform the last check.
  • a withdrawal transition 507 is validated when the person R withdraws the notes.
  • a validation of the transition 507 activates a step 508 in which the terminal B generates a report of transaction it transmits to the bank computer B and optionally the secure SSTF server.
  • a confirmation transition 603 is validated when the bank computer B receives the report.
  • a transition validation 603 activates a step
  • a confirmation transition 307 is validated when the secure SSTF server receives the report.
  • a validation of the transition 307 activates an optional step 308 in which the secure SSTF server notifies a withdrawal notice made to the person E. If the phone number 7 of the person 11 is stored in the secure SSTF server 3, the SSTF server Secure can notify the notice of withdrawal made directly on the phone 7, for example by sending an SMS.
  • a code obtained by a hash function for sealing a set of elements of the transaction is conveyed by a second channel, in this case an SMS, different from a first channel for routing the secret code shared by the persons E and R on the basis of mutual recognition.
  • This hash code which signs the transaction and serves as identification of the "paid" transaction, can only be generated and verified by the SSTF server.
  • This hashed code which constitutes the second withdrawal code, can only be rebuilt if it has the keys of the SSTF server used to generate it and the data sent back by the voice channel (notably the secret, etc.). either by the SMS channel (OTP, Amount, mobile number of the paid, ).
  • the SMS is an effective means of transmitting the data to the "paid", that is to say the person R who will be able to reproduce them during the withdrawal. But they remain unusable without the secret, namely the first withdrawal code that passes through the voice channel.
  • the invention proposes additional security measures explained below.
  • the method of the invention falsifies any misunderstanding on the authentication of the person R following an error on the telephone number of the person R, by requiring the person E to dial the number twice.
  • "Paid” namely once on the first terminal, including the bank machine for which the person E can not use his phone book, thus avoiding the selection errors in a directory, and once on his mobile phone for the voice call or sending by SMS if the person E decides to use this channel in the absence of means to prevent it.
  • the SMS of transmission of the ticket from the server SSTF can reach an unwanted recipient but the SMS will be unusable without the secret constituted by the first ALEA withdrawal code.
  • the person E If the person E makes a selection error when transmitting the secret via the voice channel, the person E will recognize his error immediately for example by detecting an unknown voice. If the person E makes a good entry of the number of the person R on the controller and then decides to transmit the secret, namely the first ALEA withdrawal code by SMS. A possible error on the number of the person R committed by the person E from his mobile phone 7, is of no detrimental consequence because the wrong recipient will receive a secret which he will know what to do without having the SMS transmitted from the server SSTF .
  • the person E makes a bad entry on the automaton then decides to transmit the secret by SMS by selecting the correct number of the person R, the receiver of the first SMS will not be able to use it without the secret.
  • E uses twice the same wrong number both on the controller to create the transaction than on his mobile phone to transmit the secret to the person R, the wrong recipient then having all the information needed to make the withdrawal.
  • the process can be improved by countering this risk by the following means.
  • the method may provide for a pre-registration, on the ATM manager side of the bank of the person E, of the mobile numbers of persons R potentially authorized to receive money transfers.
  • This option may have an advantage in the framework of legislation on currency transfer and money laundering.
  • an emitting personal equipment assigned to the transmitting person (hereinafter personal equipment E) initially in a waiting step 700 executes process steps, referred to as enlistment steps, which allow the transmitting person ( E) issuing an order to provide a remote receiver (R) with means to access an account subaccount associated with the personal equipment E under the control of the secure server SSTF.
  • the personal equipment E is the mobile phone 7 of Figure 1 which hosts a secure access program to the account controlled by the secure server 3.
  • the secure access program includes instructions executable by a microprocessor of the equipment personal script form or preferably in the form of an applet to implement the method of the invention.
  • the compiled nature applet has the advantage of a greater speed and a better user-friendliness of execution.
  • the applet is previously loaded by a download process known in the technical field.
  • the person E is typically the transmitting person 11 and the person R is then the receiving person 22 of FIG.
  • a signaling transition 725 is validated when the person E activates the applet on his personal equipment.
  • the applet installed on the personal equipment includes for example the instructions and the data, preferably in encrypted form, which make it possible to emulate, in conjunction with the data of the account of the person E opened in the database of the secure server.
  • SSTF an EMV compliant card or other standard that provides for international interoperability of monetary transactions.
  • Personal information stored on the media is correlated to a code confidential (E-PIN for Electronic Personal
  • Identification Number secretly held by the person E or any other type of identifier including biometric data such as a fingerprint, veins of the hand, a fundus of the eye or an iris which unequivocally distinguish the person E within the human race.
  • a validation of the transition 725 activates an interrogation step 726 in which the applet activated on the personal equipment displays a menu of various available teletransmission functions, among which may be mentioned, non-exhaustively, those which relate to an object. which is a sum of money or an object which is a sub-account of the main account accessible by the PIN code E-PIN.
  • a transition 727 is validated when the issuing person selects from the menu a function for adding an account beneficiary.
  • a validation of the transition 727 activates a step 728 which retransmits the request to add to the secure server SSTF, typically to the server 3 of FIG.
  • a transition 319 is validated when the SSTF server receives the add request.
  • a validation of the transition 319 activates a step 320 in which the secure server sends an E-PIN code request to the personal equipment.
  • a transition 729 is validated when the personal equipment receives the request for E-PIN code from the secure server SSTF.
  • a transition validation 729 activates a step
  • An identification transition 733 is validated when the person E has communicated his identifier to his personal equipment.
  • a validation of the transition 733 activates an authentication step 734 in which the personal equipment transmits the identifier E-PIN to the server SSTF, preferably in encrypted form by a cryptographic module of the personal equipment.
  • Step 734 consists in asking the secure server for a random or pseudo random temporary withdrawal code called ALEA for the circumstance.
  • the temporary withdrawal code will allow the receiving person 22 to remove subaccount access parameters or limited access to the main account.
  • the transmission of the identifier E-PIN to the SSTF server is accompanied by the International Mobile Equipment Identity (IMEI) mobile equipment identity number of the transmitting personal equipment.
  • IMEI International Mobile Equipment Identity
  • a transition 321 is validated when the secure server receives the code E-PIN and the number IMEI.
  • a validation of the transition 321 activates a step 322 in which the secure server looks for the user account associated with the IMEI number and verifies that the E-PIN code makes it possible to access the retrieved user account. If the check is positive, the secure server generates the ALEA code and stores the ALEA code or seed of that code in memory.
  • This ALEA code is different and completely independent of other ALEA codes generated at other times in step 322 for other users or generated for other uses in other steps, for example in step 302.
  • the ALEA code is not necessarily generated in step 322 but can also be generated at a later step 332 explained later in the description. Indeed, at the end of step 322, the secure server sends the personal equipment, preferably simply a correct code acknowledgment E-PIN, for example in the form of a token E according to the EMV standard.
  • a transition 735 is validated when the personal equipment E receives the token E.
  • a validation of the transition 735 activates a step 738 in which the personal equipment E which continues the execution of the activated applet, asks the issuing person to specify the beneficiary to add as a secondary user R.
  • a transition 739 is validated when the transmitting person practices on the personal equipment E, a personal equipment address input (R), for example in the form of a mobile telephone number when the personal equipment R is the mobile phone 4.
  • R personal equipment address input
  • the issuing person also enters an authorized account alias name of the account, preferably under the control of the issuing person who is the primary account holder.
  • a validation of the 739 transition activates a step
  • a transition 331 is validated when the secure server receives the data transmitted in step 740.
  • a validation of the transition 331 activates one or more steps 332, 333, 334.
  • Step 333 is to create a data structure containing a transaction identifier, the destination address which preferably is a secondary user mobile phone number, the primary user IMEI number in other words Personal sending equipment, ALEA withdrawal code, enrollment time range, and hash data.
  • Step 332 is to send the ALEA code to the sending personal equipment preferably using MS-ISDN (Mobile Station Integrated Services Digital Network) authentication.
  • MS-ISDN Mobile Station Integrated Services Digital Network
  • the ALEA code is sent in an SMS.
  • Step 334 is to send SMS short message to personal equipment R attributable to the person receiver, a ticket including at least the time slot and the hash data.
  • a transition 741 is validated when the personal equipment E receives the ALEA withdrawal code.
  • a transition validation 741 activates a step
  • a transition 411 is validated when the personal equipment R receives the message associated with the ticket.
  • a transition 411 validation activates a step
  • a transition 411 is validated when the receiving person opens the message received in step 412.
  • a transition validation 411 activates a step 412 which displays the SMS message on a screen of the personal equipment R.
  • the text of the message contains a request to enter the ALEA withdrawal code.
  • the sending person calls the receiving person on his / her personal equipment R.
  • the transmitting person recognizes the tone of his voice or his face when videoconferencing is possible.
  • the sending person can thus ensure that the receiving personal equipment is allocated to the right receiver.
  • the transmitting person gives him the ALEA withdrawal code so that the receiving person can then enter the ALEA code into the body of the message opened in step 412.
  • a transition 413 is validated when a response message containing the data and the ALEA code is put in the sending box of the transmitting personal equipment.
  • the received message already containing the data, it is sufficient for the recipient to complete it with the ALEA code to return it as a response message.
  • a validation of the transition 413 activates a step 414 which consists in sending a tenure request to the secure server SSTF in the form of the response message containing the data and the ALEA code.
  • a transition 335 is validated when the secure server receives the data and the ALEA code from the personal equipment R.
  • a validation of the transition 335 activates a step 336 in which the secure server SSTF checks the time slot and verifies that the ALEA code is correlated with the hash data. Manual control can be considered with the operator to identify the secondary user with his actual identity.
  • the secure server SSTF creates a virtual card number associated with the account of the person sending and paired with the personal equipment R of the receiver then listed with the name allias previously communicated.
  • the virtual card can be multi-use or single-use with a PAN (Personal Authentication Number) number generated immediately or later depending on the type of use.
  • the secure server then sends an account creation confirmation by SMS to the personal equipment of the transmitting person who is the main user and to the personal equipment of the receiving person who is the secondary user.
  • the receipt of a first confirmation SMS by the personal equipment of the transmitting person validates a transition 747 which activates a step 748 of tenure notification carried out.
  • the receipt of a second confirmation SMS by the personal equipment of the receiving person validates a transition 417 which activates a step 418 of tenure notification carried out including a storage or display of the virtual card number contained in the second text message. confirmation.
  • a withdrawal of money on a banking terminal with the personal equipment R can be done using a known method of withdrawal based on a mobile phone that emulates a virtual credit card or using a method based on that previously explained with reference to FIG.
  • the secure server can generate a temporary personal identification number T-PIN for each withdrawal on the model of the ALEA code which is communicated each time orally by the primary user to the secondary user.
  • FIG. 6 shows the essential steps of the method according to the invention which applies as well to the first embodiment presented with reference to FIGS. 2 and 3, to the second embodiment presented with reference to FIGS. 4 and 5 or to any other Another embodiment that requires to ensure that receiving personal equipment participating in a teletransmission is actually allocated to the receiver that a person transmitting wishes to benefit from the object of the teletransmission.
  • the secure teletransmission method ordered by the transmitting person 11 to the receiver 22 includes preparation steps that are performed by means of a first electronic device available to the transmitting person to order the remote transmission.
  • a transition 809 is validated when the transmitting party indicates the object to which the teletransmission relates and the address, the telephone number or any other suitable type of contact information of the receiving personal equipment.
  • the first electronic device is typically the first bank terminal 1. In the embodiment of Figures 4 and 5, the first electronic device is typically the mobile phone 7.
  • a first main step 802 and a second main step 804 are activated by a transition 801 which is validated when the secure server 3 receives from the first electronic device, the first request containing the designation code of the object and the address of the receiving personal equipment attributable to the receiving person.
  • Receiving personal equipment is typically the mobile phone 4.
  • the first main step 802 which corresponds to step 302 of FIG. 2 or step 332 of FIG. 4 essentially consists of supplying the first electronic device with an ALEA removal code.
  • the second main step 804 which corresponds to step 304 of FIG. 2 or step 334 of FIG. 4, essentially consists in providing the receiving personal equipment with a ticket containing data which comprise at least the code of designation of the object to which the teletransmission in clear or encrypted relates.
  • the receipt of the ALEA code in the first electronic device validates a transition 811 which activates a step 812 consisting essentially of displaying the code ALEA so as to bring it to the attention of the issuing person.
  • the reception of all or part of the ticket in the personal equipment receiver validates a transition 461 which activates a step 462 essentially consisting of storing in the receiving personal equipment, see to display the data of the ticket which are useful to the execution of teletransmission from receiving personal equipment.
  • the personal equipment E is then used to execute a first peripheral step 762 activated by a transition 761 which is validated when the transmitting person 11 makes a call to the personal equipment receiver R, typically the mobile phone. 4.
  • the personal equipment R is then used to perform a second peripheral step 464 activated by a transition 463 which is validated when the receiving person 22 takes the call launched from the personal equipment transmitter E.
  • the peripheral steps 762 and 464 essentially consist in allowing the transmitting person 11 to recognize the receiving person 22 so as to ensure that the receiving personal equipment R is actually allocated to the receiving person 22 so as to communicate to him the code of reception. ALEA withdrawal vocally or televisually for a hearing impaired person.
  • a second electronic device initially in a standby step 900 typically the bank terminal 5 for the embodiment of FIGS. 2 and 3 or the mobile telephone 4 for the embodiment of FIGS. 4 and 5, is used to perform a code communication step 904.
  • Step 904 is activated by a transition 903 which is validated when the data and the ALEA code are introduced in the second electronic device.
  • the second electronic device is the bank terminal 5
  • the data displayed in step 462 and the ALEA code communicated in step 464 are inputted by the receiving person.
  • step 462 When the second electronic device is the mobile phone 4, the data stored in step 462 already reside in the second electronic device. Only the ALEA code communicated in step 464, is introduced by the receiving person.
  • a third main step 366 is activated by a transition 365 which is validated when the secure server 3 receives from the second electronic device 4 or 5, the ALEA withdrawal code and all or part of said data comprising at least the designation code of the object as a second request.
  • the third step 366 which corresponds to the step 306 of FIG. 2 or the step 336 of FIG. 3 essentially consists in checking a concordance between the ALEA retrieval code and at least the designation code of the object for provide the object of teletransmission to the receiver 22 when the concordance of the codes is positively verified.
  • a step 764 is activated by a transition 763 which is validated when the personal equipment E receives a report of the teletransmission from the secure server 3.
  • the step 764 essentially consists of displaying the report.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
EP11727258.3A 2010-05-27 2011-05-24 Verfahren und system für sichere teleübertragung Withdrawn EP2577629A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1054098A FR2960675B1 (fr) 2010-05-27 2010-05-27 Procede et systeme de teletransmission securisee
PCT/FR2011/051174 WO2011148096A1 (fr) 2010-05-27 2011-05-24 Procédé et système de télétransmission sécurisée

Publications (1)

Publication Number Publication Date
EP2577629A1 true EP2577629A1 (de) 2013-04-10

Family

ID=43499963

Family Applications (1)

Application Number Title Priority Date Filing Date
EP11727258.3A Withdrawn EP2577629A1 (de) 2010-05-27 2011-05-24 Verfahren und system für sichere teleübertragung

Country Status (4)

Country Link
US (1) US20130117822A1 (de)
EP (1) EP2577629A1 (de)
FR (1) FR2960675B1 (de)
WO (1) WO2011148096A1 (de)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8346672B1 (en) * 2012-04-10 2013-01-01 Accells Technologies (2009), Ltd. System and method for secure transaction process via mobile device
US8910161B2 (en) * 2012-07-13 2014-12-09 Vmware, Inc. Scan systems and methods of scanning virtual machines
FR2996663A1 (fr) * 2012-10-04 2014-04-11 Naama Bak Procede de transfert de fonds d'une personne a une autre personne
EP2738724A1 (de) * 2012-12-03 2014-06-04 The Roberto Giori Company Ltd. System und Verfahren zum überweisen von elektronischem Geld
US9536240B2 (en) 2014-07-21 2017-01-03 Paypal, Inc. Secure cardless cash withdrawal
US10692085B2 (en) * 2015-02-13 2020-06-23 Yoti Holding Limited Secure electronic payment
US10853592B2 (en) 2015-02-13 2020-12-01 Yoti Holding Limited Digital identity system
US10594484B2 (en) 2015-02-13 2020-03-17 Yoti Holding Limited Digital identity system
US11176527B2 (en) * 2015-04-28 2021-11-16 Ncr Corporation Cross-network action approval
FR3043232A1 (fr) * 2015-11-03 2017-05-05 Orange Procede de verification d'identite lors d'une virtualisation
US10104055B2 (en) * 2016-05-27 2018-10-16 David Joseph Ponder System and process of protecting client side information in electronic transactions
US11037114B2 (en) 2018-03-22 2021-06-15 Diebold Nixdorf, Incorporated System and method for financial transactions
CA3050480A1 (en) * 2018-07-24 2020-01-24 Edison U. Ortiz Payment card with secure element and replenishable tokens
US11451538B2 (en) * 2019-04-05 2022-09-20 University Of South Florida Methods and systems of authenticating of personal communications
US11431512B2 (en) * 2019-10-16 2022-08-30 Microsoft Technology Licensing, Llc Cryptographic validation of media integrity
US11113685B2 (en) * 2019-12-23 2021-09-07 Capital One Services, Llc Card issuing with restricted virtual numbers
US11334887B2 (en) * 2020-01-10 2022-05-17 International Business Machines Corporation Payment card authentication management

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE69738743D1 (de) 1996-05-16 2008-07-17 Nippon Telegraph & Telephone Verfahren zum Einführen elektronischen Geldes mit einer Überwachungseinrichtung, Gebrauchervorrichtung und Überwachungseinrichtung zum Durchführen desselben
US5963647A (en) 1997-02-14 1999-10-05 Citicorp Development Center, Inc. Method and system for transferring funds from an account to an individual
JP2002014681A (ja) 2000-06-28 2002-01-18 Pioneer Electronic Corp 情報提供システム
AU2001277033A1 (en) * 2000-07-20 2002-02-05 Citicorp Development Center, Inc. Method and system for performing a cash transaction with a self-service financial transaction terminal
US20080313061A1 (en) * 2004-06-30 2008-12-18 Paysetter Pte Ltd System and Method for Facilitating Transfer of Physical Money and/or Credit
MD3964C2 (ro) * 2004-07-05 2010-04-30 Bankinter А.О. Procedeu de extragere a numerarului de la bancomate, fără card, folosind ordinul de plată prin SMS
DE102008011192A1 (de) * 2008-02-26 2009-08-27 Wincor Nixdorf International Gmbh Verfahren und Diensterechner sowie System zur Transaktion eines Geldbetrages

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2011148096A1 *

Also Published As

Publication number Publication date
FR2960675B1 (fr) 2015-05-22
FR2960675A1 (fr) 2011-12-02
WO2011148096A1 (fr) 2011-12-01
US20130117822A1 (en) 2013-05-09

Similar Documents

Publication Publication Date Title
EP2577629A1 (de) Verfahren und system für sichere teleübertragung
EP3113099B1 (de) Zahlungsbehälter, erstellungsverfahren, verarbeitungsverfahren, entsprechende vorrichtungen und programme
EP0820620B1 (de) Verfahren zum elektronischen bezahlen bei der durchführung von kauf-transaktionen in einem rechnernetzwerk
CA2552257A1 (fr) Dispositif transactionnel a pre-traitement anticipe
WO2002001521A1 (fr) Système de transaction avec dispositif personnel portatif d'identification et de contrôle de transaction
EP1110186B1 (de) Verfahren zum elektronischen bezahlen
EP2987124B1 (de) Verfahren und system zur verbesserung der sicherheit elektronischer transaktionen
EP3142054A1 (de) Datenübertragungsverfahren und entsprechende vorrichtungen und computerprogramme
WO2008104704A1 (fr) Systeme de paiement electronique comportant un terminal mobile incorporant un porte-monnaie electronique et un serveur
EP1323140B1 (de) Verfahren zum liefern von identifikationsdaten einer bezahlkarte an einen anwender
EP1354288B1 (de) Verfahren mit elektronischen bankdaten zur durchführung sicherer transaktionen
FR2810759A1 (fr) Procede pour effectuer une transaction commerciale en ligne par l'intermediaire d'un reseau de communication et dispositif electronique pour passer des commandes commerciales en ligne
EP2724305B1 (de) Verfahren für dematerialisierte transaktionen
EP3215991A1 (de) Vereinfachte transaktion anhand einer zahlungsvorrichtung und einem kommunikationsendgerät
WO2003010721A2 (fr) Procede et systeme permettant de garantir formellement un paiement, en mettant en oeuvre un telephone portable
EP2048632A1 (de) Verfahren zur Übertragung eines vertraulichen Kodes, entsprechendes Kartenlesegerät, entsprechender Verwaltungsserver und entsprechende Computerprogramm-Produkte
FR2828966A1 (fr) Procede pour communiquer de facon securisee des donnees d'identification d'une carte de paiement
FR2824208A1 (fr) Procede et dispositif d'attribution d'un code d'authentification
FR2806185A1 (fr) Procede securise de transaction entre un acheteur et un vendeur
EP4016427A1 (de) Verfahren zur erstellung eines zahlungsinstruments zugunsten eines drittbegünstigten
BE1016964A3 (fr) Methode et systeme de paiements electroniques entre porte-monnaies electroniques.
EP1371036A2 (de) Verfahren und system für erneuerung von identifikationsdaten in einer tragbaren transaktionseinrichtung
FR3123741A1 (fr) procédé de traitement d’une transaction, dispositif et programme correspondant.
FR2996663A1 (fr) Procede de transfert de fonds d'une personne a une autre personne
FR2860622A1 (fr) Procede et dispositif d'autorisation d'utilisation de ressource

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20121220

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20140314

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

19U Interruption of proceedings before grant

Effective date: 20141218

PUAJ Public notification under rule 129 epc

Free format text: ORIGINAL CODE: 0009425

32PN Public notification

Free format text: NOTIFICATION ETABLIE CONFORMEMENT A LA REGLE 142 CBE (INTERRUPTION DE LA PROCEDURE CONFORMEMENT A LA REGLE 142(1)(B) CBE EN DATE 10.06.2016)

19W Proceedings resumed before grant after interruption of proceedings

Effective date: 20220110

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20220712