EP2754109A1 - Method for validating an electronic transaction, and system thereof - Google Patents
Method for validating an electronic transaction, and system thereofInfo
- Publication number
- EP2754109A1 EP2754109A1 EP12759087.5A EP12759087A EP2754109A1 EP 2754109 A1 EP2754109 A1 EP 2754109A1 EP 12759087 A EP12759087 A EP 12759087A EP 2754109 A1 EP2754109 A1 EP 2754109A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- server
- validating
- mobile phone
- pin code
- electronic transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/325—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4012—Verifying personal identification numbers [PIN]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
Definitions
- the present invention relates to an associated system for validating an electronic transaction.
- electronic financial instruments such as, for example, smart cards, credit cards and debit cards
- electronic financial instruments are widely used by consumers as a useful and comfortable way to conduct financial transactions with the help of electronic devices .
- NFC Near Field Communications
- RFID devices employing NFC technology operate at a radio frequency range of about 13.56 MHz, use very small amounts of power, and comply with published standards, including ISO (International Standards Organization), ECMA (formerly European Computer Manufacturers Association) and ETSI (European Telecommunications Standards Institute).
- ISO International Standards Organization
- ECMA formerly European Computer Manufacturers Association
- ETSI European Telecommunications Standards Institute
- Said electronic financial instruments have been made even more comfortable with their association with electronic devices, that store and use the account information of the associated financial instrument.
- the account data (for one or more card accounts) may be stored in and used from a single mobile device (e.g. a cell phone) that is carried by the consumer.
- POS Point Of Sale
- PIN Personal Identification Number
- the module 11 may be an RFID card that plugs into a card connector in the phone 10, in particular made in connection with the card connector including a Subscriber Identity Module (SIM) that provides user identification and memory for storage of programming logic and data.
- SIM Subscriber Identity Module
- the POS terminal 20 may also comprise other elements (not shown), such as a computer, a monitor, a cash drawer, a receipt printer, a customer display and a barcode scanner, a debit/ credit card reader, and so on.
- a service provider 40 which communicates with the mobile phone 10, in particular through a telephone network 50, e.g. a cellular network.
- FIG. 2 shows a first embodiment of a method for validating an electronic transaction made with a mobile phone 10 through the system 1.
- the system 1 previously described functions as follows.
- identifying information e.g. phone number, account ID or number
- the electronic payment instrument module 11 of the mobile phone 10 For starting an electronic transaction (step 100), identifying information (e.g. phone number, account ID or number) are transmitted wirelessly from the electronic payment instrument module 11 of the mobile phone 10 to the POS terminal 20, that forwards said identifying information together with the electronic transaction data to the retailer network 21 and to the server 30.
- the method comprises the following steps:
- the mobile phone 10 is activated (at step 110) for effectuating a voice telephone call to the server 30, in particular through the telephone network 50 and the service provider 40;
- the telephone number associated to the server 30 can be manually made by the authorized user of the mobile phone 10 or can be implemented automatically by the mobile phone 10 or sent to the mobile phone, as soon as the POS terminal 20 has finished to acquire said identifying information.
- the server 30 replies (at step 120) to said voice telephone call requesting the customer (i.e. the person who handles said mobile phone 10) to validate the electronic transaction by means of a validating PIN code (in the enclosed drawings mentioned in a short form as "validating PIN”), that is also memorized in the database 31 of the server 30; it must be noted that this validating PIN code can be different from the telephone PIN code that the telephone companies assign usually to every SIM cards and that can be eventually removed by the user.
- the validating PIN code is instead available only to the authorized telephone user and it cannot be known by a thief who has stolen a mobile phone already switched on and for which the protection barrier constituted by the telephone PIN codes has been already overcome.
- the customer validates (at step 130) the transaction communicating the validating PIN code to the server 30 during said telephone call.
- the validating PIN code can be a complex code, constituted, for instance, by a series of different codes that are requested by the server 30 one after the other and where the next one is requested only if the previous one has been inputted correctly, making in this way practically impossible for a non authorized user to know this complex validating PIN code.
- Another system for supplying the server 30 with a complex validating PIN code is to change, every time is performed a voice call for validating an electronic transaction, the type of data that are requested by the server 30. For instance once can be requested as the first part of the complex code the name of the preferred animal of the customer. The next call the name of the preferred movie star, and so on. In this way it is practically impossible for a thief to know all the various data that are requested in a different modes every time a validating proceeding is performed.
- the mobile phone 10 is preferably self- activated for effectuating said telephone call, without any action of the customer; however, it is clear that said telephone call may also be started by the customer.
- the validating PIN code has to be given by the authorized user of the mobile phone in one of the possible manners explained in the following, but never it is sent automatically as the consequence of being stored inside the mobile phone 10. This measure avoids that a stolen mobile phone can send automatically the validating PIN code. Therefore, said validating PIN code should be known only to the authorized user.
- the server 30 checks if the electronic transaction is validated, in particular by checking if the validating PIN code communicated during the telephone call is correct, i.e. if the validating PIN code communicated at step 130) matches with a validating PIN code memorized in the database 31.
- the method and the system 1 according to the present invention allow to eliminate the risk of fraudulent electronic transactions, in particular in the case the mobile phone 10 is stolen; in fact, in establishing a telephone call between the mobile phone 10 and the server 30, the person who handles said mobile phone 10 needs to exactly know the validating PIN code, in order to correctly communicate it to the server 30 for validating the electronic transaction.
- the particular design of the system 1 according to the present invention allows to avoid a multiplication of the efforts needed to avoid the risk of fraudulent electronic transactions, and the system 1 and method according to the present invention require no excessively costly or virtually unfeasible solutions.
- said step 130) of validating the electronic transaction can also be performed through a step 132) of entering said validating PIN code in the mobile phone 10, in particular through the keyboard 12 or touch screen or touchpad of said mobile phone 10, during the voice telephone call occurring between the mobile phone 10 and the server 30.
- the server 30 will provide guidance voice messages for allowing the customer to give the validating PIN code in an appropriate manner.
- Figure 3 shows a second embodiment of a method for validating an electronic transaction made with a mobile 10 through the system 1.
- the server 30 controls the database 31 for retrieving the accounts information associated with the electronic payment instrument module 11 and, at step 102), the server 30 requests the customer (i.e. the person who handle said mobile phone 10) to confirm the transaction by means of an authenticating PIN, that is memorized in a database 31 of the server 30.
- said authenticating PIN is different from the validating PIN code; moreover, also the authenticating PIN is known only by the authorized customer.
- said step 103) can be performed through a step 103B) of entering said authenticating PIN in the mobile phone 10, in particular in a keyboard 12 of said mobile phone 10.
- the authenticating PIN can be transferred from the mobile phone 10 to the POS terminal 20, for further processing toward the server 30, through a wireless system, like Bluetooth, etc.
- the method further comprises the steps previously described with reference to the embodiment of Fig. 2.
- a further advantage of the method and of the system 1 according to the present invention is that they make it unnecessary to use any excessively costly and virtually unfeasible solutions; as a matter of fact, the method and the system 1 according to the present invention can be implemented without requiring any deep modification to the mobile phone 10 already provided with RFID or NFC features.
- a fourth embodiment of the invention which can be based on the first embodiment of Fig. 2, it is not the mobile phone 10 that starts the telephone call with the server but the mobile phone receives a voice telephone call from the server.
- the voice telephone call for validating the electronic transaction is initiated by the server.
- the mobile phone 10 or its user replies or accepts the voice telephone call and the server requests the customer to validate the electronic transaction by means of the validating PIN code, in particular the validating PIN code being memorized in the data base 31 of the server 30.
- the customer validates the electronic transaction by entering the PIN code into the mobile phone 10 and by communicating the validating PIN code to the server 30 during the voice telephone call.
- the voice telephone call is initiated or started by the server.
- the telephone number of the mobile phone of the customer can for example be transmitted wirelessly by the mobile phone 10 together with the identifying information to the POS terminal 20 which then forwards the identifying information (including the telephone number) of the mobile phone together with transaction data to a retailer network and to a server.
- the voice telephone call used for validating the electronic transaction can be initiated by the mobile phone or it can be initiated by the server. If the voice telephone call for validating the electronic transaction is initiated by the server, the user of the microphone does not need to enter the telephone number of the server such that the fourth embodiment appears to be very convenient for the user.
- voice telephone call for validating the electronic transaction is advantageous as with the voice telephone call there will be no delay as is possible for example with SMS.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Telephonic Communication Services (AREA)
Abstract
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP12759087.5A EP2754109A1 (en) | 2011-09-09 | 2012-09-07 | Method for validating an electronic transaction, and system thereof |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2011/065611 WO2013034192A1 (en) | 2011-09-09 | 2011-09-09 | Method for validating an electronic transaction, and system thereof |
PCT/EP2012/067560 WO2013034725A1 (en) | 2011-09-09 | 2012-09-07 | Method for validating an electronic transaction, and system thereof |
EP12759087.5A EP2754109A1 (en) | 2011-09-09 | 2012-09-07 | Method for validating an electronic transaction, and system thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2754109A1 true EP2754109A1 (en) | 2014-07-16 |
Family
ID=50885030
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP12759087.5A Pending EP2754109A1 (en) | 2011-09-09 | 2012-09-07 | Method for validating an electronic transaction, and system thereof |
Country Status (1)
Country | Link |
---|---|
EP (1) | EP2754109A1 (en) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070156436A1 (en) * | 2005-12-31 | 2007-07-05 | Michelle Fisher | Method And Apparatus For Completing A Transaction Using A Wireless Mobile Communication Channel And Another Communication Channel |
-
2012
- 2012-09-07 EP EP12759087.5A patent/EP2754109A1/en active Pending
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070156436A1 (en) * | 2005-12-31 | 2007-07-05 | Michelle Fisher | Method And Apparatus For Completing A Transaction Using A Wireless Mobile Communication Channel And Another Communication Channel |
Non-Patent Citations (1)
Title |
---|
See also references of WO2013034725A1 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11170372B2 (en) | Method for validating an electronic transaction, and system thereof | |
US10423949B2 (en) | Vending machine transactions | |
EP2038227B1 (en) | System and method for activating telephone-based payment instrument | |
CN101809633B (en) | Wirelessly executing transactions with different enterprises | |
KR100783655B1 (en) | Electronic credit card-ecc | |
US9846866B2 (en) | Processing of financial transactions using debit networks | |
US6612488B2 (en) | Method and system to prevent fraudulent payment in credit/debit card transactions, and terminals therefor | |
US20130060701A1 (en) | Electronic payment service method, and electronic payment service apparatus, mobile communication terminal, and transaction terminal for performing the method | |
US20120011007A1 (en) | Mobile Payment Using DTMF Signaling | |
US20090150248A1 (en) | System for enhancing payment security, method thereof and payment center | |
EP1522040A1 (en) | Smart card network interface device | |
CN105493116A (en) | Methods and systems for provisioning payment credentials | |
WO2013001133A1 (en) | Bank-card fraud detection and prevention for bank automats | |
TWI395449B (en) | Electronic wallet verification system and its method | |
WO2010115604A2 (en) | Method and system for contactless proximity transactions | |
KR20120087198A (en) | Method and System for Accumulating Loyalty of Store, Smart Phone | |
KR20050017699A (en) | Portable terminal control device, specially in connection with conducting a stable and convenient payment process while processing a fund transfer service with one click | |
EP2754109A1 (en) | Method for validating an electronic transaction, and system thereof | |
KR20150016649A (en) | NFC (security card) Tag GPS assured payment service using the contact method | |
EP2881908A1 (en) | NFC top-up | |
KR20040075159A (en) | System and Method for Confirming Card Settlement | |
KR101199093B1 (en) | Method and System for Paying Giro using Code Image | |
KR20170118007A (en) | Method for Leading Issuance of Card based on Application | |
KR20050017698A (en) | Portable terminal right approver and approving terminal authenticating/controlling device and a method, especially correlated to completing a payment process with a simple button operation, and encoding payment information | |
KR20050017701A (en) | Cellular phone and a portable terminal data storage device, especially related to recognizing information by performing communication with a portable terminal, and storing the recognized information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20140409 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20151207 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: NAXOS FINANCE SA |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: NAXOS FINANCE SA |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
APBK | Appeal reference recorded |
Free format text: ORIGINAL CODE: EPIDOSNREFNE |
|
APBN | Date of receipt of notice of appeal recorded |
Free format text: ORIGINAL CODE: EPIDOSNNOA2E |
|
APBR | Date of receipt of statement of grounds of appeal recorded |
Free format text: ORIGINAL CODE: EPIDOSNNOA3E |
|
APAF | Appeal reference modified |
Free format text: ORIGINAL CODE: EPIDOSCREFNE |
|
P01 | Opt-out of the competence of the unified patent court (upc) registered |
Effective date: 20230419 |
|
APAF | Appeal reference modified |
Free format text: ORIGINAL CODE: EPIDOSCREFNE |