EP2783335A1 - Procédé d'exécution d'une transaction électronique entre un appareil terminal mobile et un terminal - Google Patents
Procédé d'exécution d'une transaction électronique entre un appareil terminal mobile et un terminalInfo
- Publication number
- EP2783335A1 EP2783335A1 EP12794871.9A EP12794871A EP2783335A1 EP 2783335 A1 EP2783335 A1 EP 2783335A1 EP 12794871 A EP12794871 A EP 12794871A EP 2783335 A1 EP2783335 A1 EP 2783335A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- terminal
- data carrier
- portable data
- information
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
Definitions
- the invention relates to a method for carrying out an electronic transaction between a mobile terminal and a terminal, and to a corresponding system and a portable data carrier which can be used to carry out the electronic transaction.
- the mobile terminal As part of the implementation of electronic transactions between a mobile terminal and a terminal, it is usually required that corresponding information is confirmed by the user of the terminal.
- the mobile terminal itself is used to display this information or to confirm it, i. the information is displayed on the display of the terminal and corresponding keys of the terminal are used to confirm the information. It proves to be disadvantageous that this process for the user is often uncomfortable, especially when the mobile terminal must be removed by the user only from a corresponding protective cover.
- the use of the display and the keys of the terminal are safety-critical, because these components may not be able to be used. be manipulated by attackers.
- the publication DE 102006 048 797 A1 describes a method for executing an application which can be used, for example, for a home banking application.
- a portable data carrier in the form of a chip card is used, which transactional data, which originate from a browser and are to be forwarded to a server, first transmitted to a mobile phone.
- the transaction data is displayed on the mobile phone and the user is requested to release the transaction data.
- the document DE 103 16 771 AI discloses a self-adhesive security label for security or value documents, which comprises an integrated circuit and a transponder for contactless communication. For example, user-specific data can be stored in the integrated circuit.
- the object of the invention is to make the execution of an electronic transaction between a mobile terminal and a terminal secure and comfortable for the user.
- the method according to the invention serves to carry out an electronic transaction between a mobile terminal and a terminal.
- the terminal represents a counterpart in the electronic transaction and is e.g. a publicly accessible terminal through which transactions can be processed.
- the terminal provides, for example, a connection to a remote server, which offers so-called e-services. Under E-Services, all services and activities are grouped together as transactions Computers can be created and executed interactively and / or statically via electronic media.
- server in this application is synonymous with the term application server.
- One transaction is an information and education service, such as e-education, e-learning, e-teaching, e-pubhshing, e-book and e-catalog, to provide bespoke, trade and ordering services such as e-business, e-business Commerce, e-procurement, e-cash, e-shop, e-intermediary, e-auction, to provide cultural and administrative services such as e-culture, e-government or e-voting to improve marketing, product or service the customer relationship to electronic consulting such as E-Consult or E-Advising.
- an information and education service such as e-education, e-learning, e-teaching, e-pubhshing, e-book and e-catalog
- bespoke, trade and ordering services such as e-business, e-business Commerce, e-procurement, e-cash, e-shop, e-intermediary, e-auction
- cultural and administrative services such as
- information which is to be confirmed by a user in the context of the transaction is transmitted to the terminal by the terminal via a first contactless communication link. Subsequently, this information is transmitted from the terminal via a second contactless communication link to a portable data carrier attached to the mobile terminal comprising a display unit and an input unit operable by the user.
- the portable data carrier can be attached directly and in particular also indirectly to the terminal.
- the portable data carrier is provided on a protective cover attached to the terminal and preferably designed as a sticker (ie as a flat element), which is glued, for example, on the protective cover.
- the data carrier is in particular mounted on the terminal or provided on the protective cover, that the display unit by the user from the outside is perceptible and the input unit by the user from the outside (eg via the protective cover) can be actuated.
- the portable data carrier is in particular an RFID transponder. Conventionally, both the power supply of an RFID transponder in an RFID system and the data exchange between the
- RFID transponders have an electronic circuit and, depending on the frequency range, an antenna coil (e.g., 13.56 MHz) or an electromagnetic antenna (e.g., 868 MHz). About the antenna, the field required for the operation of the transponder energy can be removed from the field and the data transmission can be performed. For this purpose, the terminal provides the corresponding energy. Alternatively, the power is provided by the terminal where the transaction is to be performed. Up to a certain distance between the terminal / terminal and the transponder, which is also referred to as the energy range, the transponder can draw just enough energy from the field of the terminal terminal to operate its own circuit.
- an antenna coil e.g., 13.56 MHz
- an electromagnetic antenna e.g. 868 MHz
- Typical energy ranges of such systems are about 10 cm for ISO 14443 and up to 1 m for ISO 15693 compatible systems.
- the range within which communication in the system is possible through data transmission can be increased by using active transponders, ie transponders with their own energy supply.
- the power supply of the active transponder for example in the form of a battery or a charging capacitor, operates its electronic circuit.
- Conventional transponders without their own power supply are referred to as passive transponders.
- RFID systems for example for different types of coupling, as well as a load modulation using an auxiliary carrier in inductively coupled
- RFID systems are described in Chapter 3.2 of the "RFID Handbook” by Klaus Finkenzeller.
- the so-called Nah Near Field Communication technology is integrated in order to enable communication between the terminals or with the terminal.
- the coupling of the devices / terminals takes place via coils, with the carrier frequency being 13.56 MHz, as in RFID systems.
- the carrier frequency being 13.56 MHz, as in RFID systems.
- the active mode two NFC units alternately generate their own RF field as signal carriers, switching back and forth between transmit and receive mode, as in a classic mobile radio system, both tuned to each other.
- passive mode however, the two NFC units must agree on which unit acts as a reader and creates a field that can then influence the other unit by means of load modulation.
- NFC end devices are very similar to those of contactless data carriers. NFC devices are therefore also able to communicate with contactless data carriers. To realize the communication, the operating modes “Card Emulation”, “Reader Emulation” and “Peer to Peer” (P2P) are possible.
- the information to be confirmed is displayed on the display unit of the portable data carrier, whereupon the user can confirm the information via the input unit.
- an acknowledgment signal is transmitted from the portable data carrier via the second contactless communication link to the terminal, whereupon confirmation data are transmitted from the terminal via the first contactless communication link to the terminal and thereby complete the transaction becomes.
- the portable data carrier is preferably an RFID sticker which can be attached mechanically detachably to the terminal.
- an adhesive layer on the disk ensures the appropriate liability between the device and the disk.
- the data carrier is configured with security functionalities and designed, for example, as a smart card, chip card, token, mass storage card, multimedia card or electronic identity document.
- the inventive method is characterized in that in the context of the confirmation of information, a separate, not belonging to the terminal portable data carrier with display unit and input unit is used.
- a separate, not belonging to the terminal portable data carrier with display unit and input unit is used.
- the user has access to the disk directly through his terminal.
- he does not use the display unit or the keys of the terminal, but rather the display unit and the input unit of the data carrier.
- This increases user comfort and security.
- the portable data carrier is provided on the protective cover of the terminal, the acceptance of the use of the terminal in carrying out the transactions is increased because a user does not need to remove the protective cover from the terminal to confirm this information.
- the first and / or the second communication link based on the now widespread near-field or NFC communication, with information over short ranges in the decimeter range are transmitted.
- the input unit of the portable data carrier can be configured differently.
- the input unit comprises a single, operable by the user key with which the corresponding information displayed on the display unit can be confirmed.
- the input unit may also include a plurality of keys for entering more complex acknowledgments in the manner of a PIN.
- the input unit can be configured as a gesture recognition means or as a biometric sensor for the recognition of biometric features and in particular as a fingerprint sensor.
- the inventive method can be used to carry out any electronic transactions in which a confirmation by a user is required.
- the method is used for carrying out a payment transaction, in the case of information which is to be confirmed by the user in the context of the electronic transaction, being an amount of money to be paid to the terminal.
- the terminal communicates in a particularly preferred embodiment by means of a known security element (English: Secure Element) and / or a secure runtime environment, which are provided in the terminal, via the first and / or the second contactless Garurukationsuite.
- the security element is then configured in particular as a hardware component and arranged as a fixed integrated component in the mobile terminal, where it can not be removed either in the form of the mobile device, for example as M2M module, co-processor or Trusted Base or as a removable module withrissafunktionaHtusch is connected to the mobile terminal, for example as a smart card, in particular a Subscriber Identification Module, SIM / USIM card short, smart card, mass memory card, USB token, multimedia card, Secure MicroSD card, mobile network token, eg a UMTS Surf stick.
- the security element is designed as a software component as a trusted part of the operating system kernel of the mobile terminal or as a security software algorithm.
- the known per se ARM TrustZone ® can be used as a secure runtime environment on the example which is also known operating system MobiCore ® running.
- the security element signs the confirmation data to be transmitted via the first contactless communication link. In this way, it is possible to check at the terminal that the confirmation data actually comes from the terminal to which the information to be confirmed has previously been transmitted.
- the security of the method is increased by providing both a secure runtime environment and a security element in the terminal, wherein the secure runtime environment supports the portable data carrier and the security device. element is driving.
- the portable data carrier By controlling the portable data carrier through the secure runtime environment, a tamper-proof display of the information on the display unit of the data carrier is achieved.
- the security element via the secure runtime environment, manipulation of the generation or processing of the confirmation data to be transmitted to the terminal can be avoided.
- the confirmation signal is transmitted from the portable data carrier to the terminal in the form of a rolling code, wherein the rolling code for each newly transmitted acknowledgment signal changes and wherein the rolling code on a shared secret between portable data carrier and Terminal or between portable data carrier and another (external) unit.
- the common secret used in the generation of the rolling code is determined by a manual, user-paired pairing between the terminal and the portable data carrier.
- the pairing can be based on a barcode which is applied to the portable data carrier or its packaging and is read during the first use of the portable data carrier, for example via the terminal by means of a suitable reader.
- the security element described above verifies the rolling code transmitted by the portable data carrier based on the shared secret and generates the confirmation signal upon successful verification. Preferably, it also signs the confirmation signal.
- the secure runtime environment described above verifies the transmitted rolling code based on the shared secret and causes the security element to successfully generate the verification signal and possibly also to sign.
- the shared secret may also be defined between the portable data carrier and another (external) device.
- the terminal transmits the rolling code as confirmation data or together with the confirmation data on the first con murtikationsddle to the terminal, whereupon the terminal causes the verification of the rolling code and only upon successful verification, the electronic transaction is completed.
- the terminal may represent the external unit.
- the external unit may also be an external server of a background system to which the rolling code is forwarded by the terminal for verification.
- the invention further relates to a system for performing an electronic transaction between a mobile terminal and a terminal.
- the system includes the mobile terminal and the terminal as well as a portable data carrier.
- the system is designed such that in its operation, the method according to the invention or one or more variants of the method according to the invention can be carried out.
- the invention further relates to a portable data carrier for use in the method according to the invention or in one or more variants of the method according to the invention.
- It comprises a display unit, a contactless communication interface, in particular for NFC communication, and a user-operable input unit, which are configured such that the portable data carrier, in operation, has information to be confirmed by the user about the contact Medunikationsssdinittstelle receives from the terminal and then displayed on the display unit, wherein the portable data carrier sends the acknowledgment signal via the contactless communication interface to the terminal after a subsequent confirmation of the information via the input unit.
- the portable data carrier is preferably provided on a protective cover, which can be attached to the terminal. The attachment takes place in particular mechanically detachable, for example by means of an adhesive layer on the portable data carrier. In this sense, the invention also relates to a protective cover with the portable data carrier provided thereon.
- the portable data carrier is arranged in communication range with the mobile phone and is used instead of the terminal for confirming the transaction.
- the mobile phone performs the transaction without user interaction.
- User interaction in the meaning of the invention means, on the one hand, that the user does not have to carry out an interaction on the mobile phone either when setting up or when carrying out the transaction.
- the user does not have to remove the terminal from his storage, for example a pocket of the user. to perform the transaction as the acknowledgment is taken from the volume.
- a mobile telephone 1 is used as the mobile terminal, which communicates wirelessly via an IS 1 C communication link K 1 with a payment terminal 2.
- the BezaH Terrrtinal includes a schematically indicated kontaküose NFC interface or antenna 201, which communicates with a corresponding NFC interface or antenna 103 (also shown schematically) of the mobile phone 1.
- the mobile telephone further comprises a display 101 and a per se known security element 102 (English: Secure Element), which is realized in the illustrated variant via the USIM / SIM card of the user.
- a user wants to contactlessly pay a predetermined amount via his mobile phone 1.
- the BezaW terminal 2 may be provided for the issue of public transport tickets, the payment of the ticket being made contactlessly via the correspondence link K1.
- the amount to be paid to the User is displayed and confirmed by this.
- a portable data carrier 3 in the form of a so-called sticker is used for this purpose.
- This sticker is provided in a protective cover 4 into which the mobile telephone 1 is inserted.
- the protective cover is indicated by a thicker edge around the mobile phone 1.
- the sticker 3 comprises a separate display 301 as well as a button 302 and in turn an NFC interface or antenna 303, by means of which a Kornmunikation with the mobile phone via the antenna 103 based on the contactless Kornmunikationstier K2.
- a barcode is attached to the sticker, which is indicated schematically by the reference numeral 304.
- the sticker used in the embodiment described here is very simple and preferably does not have its own power supply, i. it is only operated by the field energy received via the NFC interface 303 in the context of contactless communication. Nevertheless, there may also be the possibility that a buffer memory or a battery may be provided in the sticker which, depending on the application, supplies the sticker additionally or completely with energy.
- step Sl an information IN about the contactless Communication line Kl transmitted from the terminal 2.
- This information contains the amount of money to be paid by the user.
- step S2 After receiving the information IN in the mobile phone 1 or security element 102, this is - in contrast to known methods - not displayed on the display 101, but forwarded in step S2 via the contactless communication path K2 to the sticker 3. Since the sticker is provided in the protective cover 4 of the mobile phone, it is also ensured that it is in communication range with the mobile telephone 1.
- the information IN received in the sticker is then displayed on the display 301 of the sticker.
- the user can then read the amount without having to remove the protective cover 4 from the mobile phone 1. If the amount corresponds to the payment amount communicated to the user in the context of the transaction (eg via a display on the terminal), the user can now confirm the amount by pressing the key 302.
- a corresponding acknowledgment signal BS is transmitted from the sticker 3 to the mobile telephone 1 in step S3 via the contactless communication link K2.
- corresponding confirmation data BD are generated in step S4, which are provided with a signature SIG via the security element 102.
- the confirmation data may possibly correspond to the confirmation signal.
- the signed confirmation data are finally transmitted to the terminal 2 via the first contactless communication link K 1 in step S 5.
- the received confirmation data inform the Terrninal that the payment process has been authorized by the user and that the transaction process is now complete.
- the terminal can also check that the confirmation data actually originate from the mobile phone 1 of the user.
- corresponding applications or applets that are integrated in the security element 102 of the terminal 1 are used to support electronic transactions.
- the applet already supports the integration of the sticker 3 in the transaction in the security element.
- the applet does not support the integration of the sticker.
- a second sticker applet is installed on the terminal 1, which does not necessarily have to be stored on the security element 102.
- This applet then takes over the communication between the security element or the terminal and the sticker.
- the output of the payment applet on the terminal or on the mobile terminal intercepts and forwards the information relating to the amount to be paid to the sticker.
- this applet receives the response from the sticker and generates a response that meets the requirements of the payment applet on the security element.
- step S2 the information IN transmitted in step S2 is transmitted unencrypted with regard to the payment amount. This is not a problem, because if this amount were corrupted by an attacker, the wrong amount would be visible to the user on the display 301 of the sticker 3 and therefore not confirmed by the user.
- step S2 it is also dispensed with transmitting further information, such as the identification of the terminal, together with the information IN.
- further information such as the identification of the terminal
- an attacker could readjust and send the acknowledgment signal BS sent on pressing the key 302 to the terminal 1, so that external transactions could be performed unnoticed.
- corresponding safety mechanisms are provided, which should preferably be as simple as possible.
- so-called rolling codes can be used, which are always generated in the manner of a one-time password only once upon actuation of the key 302 and thus change from actuation to actuation. That is, the sticker 3 sends after displaying the amount to be paid on the display 301 and after the corresponding confirmation of the user via the key 302 in each payment transaction another code back to the terminal 1. This requires that the terminal can verify the code appropriately as a confirmation signal.
- this is achieved by a manual pairing (English: Pairing) between the terminal 1 and the sticker 3.
- This pairing ensures that the device and the sticker share a common secret upon which the corresponding rolling code is based. An attacker is then no longer possible to pretend the output of a confirmation signal to the terminal.
- the manual pairing between the terminal 1 and the sticker 3 can be made in various ways.
- the barcode 304 printed on the sticker 3 is used, which can be one-dimensional or two-dimensional. If necessary, the barcode can also be applied to the packaging of the sticker, which then, after being unpacked, is placed on the protective cover of the mobile telephone, for example via a corresponding adhesive surface is attached.
- the barcode contains the part of the secret that the terminal needs to verify the rouoding code.
- the corresponding barcode is read via a reader of the terminal for commissioning the sticker and then used to personalize the payment applet on the security element or the separate sticker applet.
- the manual pairing can possibly also be carried out in other ways, for example by entering a sequence of numbers using the keyboard of the terminal, similar to the pre-shared key in WLAN. The sequence of numbers can in turn be applied to the sticker or its packaging.
- the sticker can be made more complex in order to further increase transaction security.
- the input of a key combination in the manner of a PIN may be provided.
- additional buttons are provided on the sticker.
- the confirmation may be entered by means of a gesture of the user, e.g. can be detected by a strain gauge on the sticker.
- a biometric sensor is used for this purpose. Only if a fingerprint detected via the sensor coincides with an imprint pattern deposited in the sticker is a corresponding confirmation signal BS emitted.
- a trust zone known per se is provided on the microprocessor of the mobile terminal, within which the verification of the rolling codes takes place.
- the trust zone represents a secure runtime environment and uses the known per se operating system MobiCore in a preferred embodiment.
- the activation of the sticker 3 and the security element 102 is carried out exclusively via a TrustZone.
- the sticker display 301 is a so-called. Secure display, which is protected against manipulation. As a result, the amount of payment displayed on the display is trusted.
- the TrustZone also checks the receipt of a received acknowledgment signal and in particular a corresponding rolling code.
- the TrustZone triggers the security element 102 to sign corresponding confirmation data. Possibly. It is also possible that the rolling code is checked by the security element. For example, the rolling code can be linked to the confirmed payment amount, creating a kind of TAN.
- the correctness of the rolling codes is always checked by the terminal. If necessary, it is also possible for a remote, trustworthy server, for example the server of the payment system provider, to check the rolling codes.
- the code is sent together with the confirmation data BD via the communication links Kl from the terminal 1 to the terminal 2.
- the terminal then passes the code to the remote server, which checks it.
- This variant of the invention has the advantage that a Trojan attack on the terminal has much less chance of success. This is due to the fact that the terminal is no longer personalized and a Trojan thus has no access to the common Has secret between sticker and server. Consequently, a Trojan can no longer trigger hidden transactions, since this always requires the generation of an appropriate acknowledgment signal, but for which the shared secret is needed.
- the embodiments of the invention described above have a number of advantages.
- the use of a terminal-mounted sticker with display and push-button ensures simple and convenient transaction processing with low additional costs. Since the sticker is preferably provided in the protective cover of the terminal, it is no longer necessary that the terminal must be removed from the protective envelope to complete the transactions, which increases the acceptance in the Durkri arrangement the transactions at the user. Furthermore, the risk is reduced that the terminal falls off during removal from the protective cover and thereby damaged or destroyed.
- only minor modifications are required in comparison with conventional transactions carried out without the interposition of a sticker. In particular, only the software on the terminal needs to be adapted.
- the inventive method can be easily integrated into existing payment systems.
- the data carrier 3 is not necessarily mounted on the protective cover 4 of the mobile phone 1. Rather, the disk 3 can also serve as a low-cost terminal, which makes handling of the mobile phone 1 superfluous. In this case, the data carrier 3 would be in the form of an ID-1 chip card.
- the described procedure of the transaction does not change. The customer / user just pulls the card out of his pocket and confirms the transaction. Since the communication range between disk 3 you terminal 1 as usual in RFID and NFC systems is up to 20cm, such a configuration is possible in principle. But more attractive for the user is a greater communication range for data transmission.
- an RFID system for transmission in Ultra High Frequency, UHF short range used, so that a greater communication range for transmitting the data from the terminal 1 to the disk 3 is made possible.
- the data carrier 1 has in particular a Energyversorugn 305 in the form of a battery.
- the data is transferred from the terminal 1 to the data carrier 3 before pulling out the data carrier 3 from a pocket of the user. After insertion into the bag, the confirmation from the disk 3 is sent back to the terminal 1.
- the data carrier 1 is a chip card, its enormous robustness against environmental influences can be used.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Telephone Function (AREA)
Abstract
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE201110119441 DE102011119441A1 (de) | 2011-11-25 | 2011-11-25 | Verfahren zur Durchführung einer elektronischen Transaktion zwischen einem mobilen Endgerät und einem Terminal |
PCT/EP2012/004803 WO2013075819A1 (fr) | 2011-11-25 | 2012-11-20 | Procédé d'exécution d'une transaction électronique entre un appareil terminal mobile et un terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2783335A1 true EP2783335A1 (fr) | 2014-10-01 |
Family
ID=47278753
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP12794871.9A Withdrawn EP2783335A1 (fr) | 2011-11-25 | 2012-11-20 | Procédé d'exécution d'une transaction électronique entre un appareil terminal mobile et un terminal |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2783335A1 (fr) |
DE (1) | DE102011119441A1 (fr) |
WO (1) | WO2013075819A1 (fr) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102013012285A1 (de) * | 2013-07-24 | 2015-01-29 | Giesecke & Devrient Gmbh | Verfahren und Vorrichtung zur Wertdokumentbearbeitung |
DE102014002602B4 (de) * | 2014-02-24 | 2021-10-21 | Giesecke+Devrient Mobile Security Gmbh | Verfahren zum Autorisieren einer Transaktion sowie Verwendung einer Uhr und eines Kassensystems in diesem Verfahren |
DE202019104321U1 (de) * | 2019-08-06 | 2020-09-11 | Tiger Media Deutschland Gmbh | Verwaltungssystem für digitale Medien |
DE202019104316U1 (de) * | 2019-08-06 | 2020-04-01 | Tiger Media Deutschland Gmbh | Wiedergabevorrichtung, System und Datenserver |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004032414A1 (fr) * | 2002-09-27 | 2004-04-15 | Giesecke & Devrient Gmbh | Signature numerique de donnees dans une carte a puce comportant un dispositif d'affichage integre |
WO2006029758A1 (fr) * | 2004-09-14 | 2006-03-23 | Giesecke & Devrient Gmbh | Appareil portatif pour liberer un acces |
US20090240625A1 (en) * | 2008-03-20 | 2009-09-24 | Faith Patrick L | Powering financial transaction token with onboard power source |
DE102009008854A1 (de) * | 2009-02-13 | 2010-08-19 | Giesecke & Devrient Gmbh | Sicherung von Transaktionsdaten |
DE102009016532A1 (de) * | 2009-04-06 | 2010-10-07 | Giesecke & Devrient Gmbh | Verfahren zur Durchführung einer Applikation mit Hilfe eines tragbaren Datenträgers |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8103881B2 (en) * | 2000-11-06 | 2012-01-24 | Innovation Connection Corporation | System, method and apparatus for electronic ticketing |
EP1233570A1 (fr) * | 2001-02-16 | 2002-08-21 | TELEFONAKTIEBOLAGET L M ERICSSON (publ) | Procédé et réseau pour établir une connexion de communication sans fils |
KR20020078989A (ko) * | 2001-04-12 | 2002-10-19 | (주)엠커머스 | 휴대단말기를 이용한 신용카드 거래인증 시스템 및 그 방법 |
US7493288B2 (en) * | 2001-07-10 | 2009-02-17 | Xatra Fund Mx, Llc | RF payment via a mobile device |
US6816083B2 (en) * | 2002-02-04 | 2004-11-09 | Nokia Corporation | Electronic device with cover including a radio frequency indentification module |
ATE489799T1 (de) * | 2002-03-26 | 2010-12-15 | Nokia Corp | Vorrichtung, verfahren und system zur authentisierung |
DE10316771A1 (de) | 2003-04-10 | 2004-10-28 | Giesecke & Devrient Gmbh | Sicherheitslabel und Herstellungsverfahren für dasselbe |
US8275312B2 (en) * | 2005-12-31 | 2012-09-25 | Blaze Mobile, Inc. | Induction triggered transactions using an external NFC device |
DE102006048797A1 (de) | 2006-10-16 | 2008-04-17 | Giesecke & Devrient Gmbh | Verfahren zum Ausführen einer Applikation mit Hilfe eines tragbaren Datenträgers |
TW200912761A (en) * | 2007-07-20 | 2009-03-16 | Soon Huat Leonard Wee | A radio frequency transponder |
WO2009100230A1 (fr) * | 2008-02-07 | 2009-08-13 | Inflexis Corporation | Appareil électronique mobile de sécurité et procédé associé |
EP2187592A1 (fr) * | 2008-11-13 | 2010-05-19 | Vodafone Holding GmbH | Dispositif de communication entre machines et carte intelligente à utiliser dans le dispositif |
EP2224375B1 (fr) * | 2009-02-25 | 2018-11-14 | Vodafone Holding GmbH | Alimentation pour système incluant une carte à puce connectée à un dispositif hôte |
-
2011
- 2011-11-25 DE DE201110119441 patent/DE102011119441A1/de not_active Withdrawn
-
2012
- 2012-11-20 WO PCT/EP2012/004803 patent/WO2013075819A1/fr active Application Filing
- 2012-11-20 EP EP12794871.9A patent/EP2783335A1/fr not_active Withdrawn
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004032414A1 (fr) * | 2002-09-27 | 2004-04-15 | Giesecke & Devrient Gmbh | Signature numerique de donnees dans une carte a puce comportant un dispositif d'affichage integre |
WO2006029758A1 (fr) * | 2004-09-14 | 2006-03-23 | Giesecke & Devrient Gmbh | Appareil portatif pour liberer un acces |
US20090240625A1 (en) * | 2008-03-20 | 2009-09-24 | Faith Patrick L | Powering financial transaction token with onboard power source |
DE102009008854A1 (de) * | 2009-02-13 | 2010-08-19 | Giesecke & Devrient Gmbh | Sicherung von Transaktionsdaten |
DE102009016532A1 (de) * | 2009-04-06 | 2010-10-07 | Giesecke & Devrient Gmbh | Verfahren zur Durchführung einer Applikation mit Hilfe eines tragbaren Datenträgers |
Non-Patent Citations (2)
Title |
---|
ALFRED KOBSA ET AL: "Usability of Display-Equipped RFID Tags for Security Purposes", 12 September 2011, COMPUTER SECURITY - ESORICS 2011, SPRINGER BERLIN HEIDELBERG, BERLIN, HEIDELBERG, PAGE(S) 434 - 451, ISBN: 978-3-642-23821-5, XP019164083 * |
See also references of WO2013075819A1 * |
Also Published As
Publication number | Publication date |
---|---|
DE102011119441A1 (de) | 2013-05-29 |
WO2013075819A1 (fr) | 2013-05-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2982046B1 (fr) | Dispositif pourvu de moyens de communication et d'un logement pour une carte à puce | |
CN102648476B (zh) | 放大射频信号 | |
US8718551B2 (en) | Method and apparatus for a multi-band, multi-mode smartcard | |
WO2010032215A4 (fr) | Système et procédé d’autorisation sans contact d’un paiement | |
DE102009006872A1 (de) | Kontaktloses Chipmodul, kontaktlose Vorrichtung, kontaktloses System und Verfahren zur kontaktlosen Kommunikation | |
US20090100511A1 (en) | Method and apparatus for use in personalizing identification token | |
WO2007073904A2 (fr) | Procede d'autorisation d'acces a un service et appareil pour mettre en oeuvre ce procede | |
US20170364905A1 (en) | Method of Providing a Gateway between Mobile Devices and Radio Frequency Identification (RFID) Enabled Readers | |
DE102008023914A1 (de) | Verfahren zur Authentifizierung eines RFID-Tags | |
DE102012108645A1 (de) | Vorrichtung zur Absicherung elektronischer Transaktionen mit sicheren elektronischen Signaturen | |
WO2013056783A1 (fr) | Terminal mobile, terminal de transactions et procédé de réalisation d'une transaction à partir d'un terminal de transactions en utilisant un terminal mobile | |
WO2013075819A1 (fr) | Procédé d'exécution d'une transaction électronique entre un appareil terminal mobile et un terminal | |
KR100973553B1 (ko) | 가맹점 결제단말의 결제전문 처리 방법 및 가맹점 결제단말 | |
EP2052370B1 (fr) | Lecteur pour un document, procédé de lecture d'un objet de données et produit de programme informatique | |
EP2041727B1 (fr) | Procédés pour sélectionner et composter des billets électroniques au moyen d'un terminal électronique apte à la communication par champ proche | |
DE102010012565A1 (de) | Übertragung von Daten an einen Fahrzeugschlüssel | |
EP2948899A1 (fr) | Procédé et dispositif pour empêcher des accès cachés, non autorisés, sans fil, à des données | |
DE102011089579A1 (de) | Verfahren zur Durchführung authentifizierter Zahlungen | |
WO2014068136A1 (fr) | Procédé de fonctionnement d'une unité électronique d'authentification | |
DE102017128807A1 (de) | Verfahren und Anordnung zum Auslösen einer elektronischen Zahlung | |
DE102013207477A1 (de) | Durchführung einer Chipkartenfunktion | |
EP2234030B1 (fr) | Carte à puce, système informatique, procédé d'activation d'une carte à puce et procédé de personnalisation d'une carte à puce | |
EP3486852A2 (fr) | Procédé et dispositif de déclenchement d'un paiement électronique | |
WO2011124335A1 (fr) | Système pour entrer un secret | |
DE102010054061A1 (de) | Tragbares System aus Datenträger und Eingabemittelträger, Verwendung und Verfahren des Systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20140625 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20150910 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: GIESECKE+DEVRIENT MOBILE SECURITY GMBH |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: GRANT OF PATENT IS INTENDED |
|
INTG | Intention to grant announced |
Effective date: 20201016 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN |
|
18W | Application withdrawn |
Effective date: 20210212 |