EP2979237A1 - Verfahren zur ausgabe einer standortaussage - Google Patents

Verfahren zur ausgabe einer standortaussage

Info

Publication number
EP2979237A1
EP2979237A1 EP14713484.5A EP14713484A EP2979237A1 EP 2979237 A1 EP2979237 A1 EP 2979237A1 EP 14713484 A EP14713484 A EP 14713484A EP 2979237 A1 EP2979237 A1 EP 2979237A1
Authority
EP
European Patent Office
Prior art keywords
location
address
assertion
user
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP14713484.5A
Other languages
English (en)
French (fr)
Inventor
Michel Leger
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Banks and Acquirers International Holding SAS
Original Assignee
Ingenico Group SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ingenico Group SA filed Critical Ingenico Group SA
Publication of EP2979237A1 publication Critical patent/EP2979237A1/de
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/405Establishing or using transaction specific rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal

Definitions

  • the invention relates to securing payments. More particularly, the invention relates to securing payments made online.
  • Online payments represent a growing share of payments made daily around the world. They can be made either through payment providers, such as Paypal TM, or by making use of traditional banking organizations.
  • This method suffers from two disadvantages: on the one hand it forces the customer to provide his telephone number to the bank before any transaction and in a secure manner (this is done mostly visually with a bank advisor); on the other hand, this method only works if the customer's bank is also the bank that manages the transaction on behalf of the merchant. This is rarely the case, especially abroad. Indeed, a large part of fraud is carried out abroad. Thus, the aforementioned method is not very effective in this case.
  • the method proposed by the inventors does not pose these problems of the prior art. Indeed, it is proposed a method of locating a user making a payment in CNP mode.
  • the invention relates to a method for providing a location assertion of a transactional device, having requested, from a server, via a communication network, an acceptance of a financial transaction involving the use of bank details.
  • this process comprises: a step of receiving a transactional request, resulting from said transactional device, comprising at least one identifier of a user to whom said bank details are associated;
  • the invention makes it possible to validate a bank transaction (such as an online payment) on the basis of the location of the terminal performing the transaction, by using the IP address of this terminal.
  • the proposed method is therefore much simpler and less restrictive to implement than authorization methods based on a MAC address.
  • said method further comprises: a step of obtaining a route taken by data packets to reach said IP address associated with said transactional device, issuing a list of borrowed IP addresses;
  • the invention makes it possible to trace the path taken by a data packet that wishes to join the IP address associated with the terminal. This provides additional data to protect against theft or theft of IP address.
  • said method further comprises:
  • the invention makes it possible to classify the locations at risk and to define thresholds below which transactions are not accepted.
  • said step of issuing the location assertion is performed when none of the transport locations is part of a prohibited location list.
  • said method further comprises: a step of obtaining a current location of a mobile terminal associated with said user;
  • the invention makes it possible to couple the location of the transaction terminal to the location of another device in the possession of the user. It is therefore a double control that is effective because in most cases, transactions are passed from the user's home. At this home, the probability that the user's mobile terminal is connected to the residential home gateway is strong. In this case, the location of the terminals will be identical and will be obtained very quickly.
  • the invention also relates to a server for providing a location assertion of a transactional device, which has requested, from a server, through a communication network, an acceptance of a financial transaction involving the use of bank details.
  • a server for providing a location assertion of a transactional device, which has requested, from a server, through a communication network, an acceptance of a financial transaction involving the use of bank details.
  • a server comprises:
  • the various steps of the methods according to the invention are implemented by one or more software or computer programs, comprising software instructions intended to be executed by a data processor of a relay module according to the invention. invention and being designed to control the execution of the various process steps.
  • the invention is also directed to a program that can be executed by a computer or a data processor, which program includes instructions for controlling the execution of the steps of a method as mentioned above.
  • This program can use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other form desirable shape.
  • the invention also provides a data carrier readable by a data processor, and including instructions of a program as mentioned above.
  • the information carrier may be any entity or device capable of storing the program.
  • the medium may comprise storage means, such as a ROM, for example a CD ROM or a microelectronic circuit ROM, or a magnetic recording medium, for example a floppy disk or a disk. hard.
  • the information medium may be a transmissible medium such as an electrical or optical signal, which may be conveyed via an electrical or optical cable, by radio or by other means.
  • the program according to the invention can be downloaded in particular on an Internet type network.
  • the information carrier may be an integrated circuit in which the program is incorporated, the circuit being adapted to execute or to be used in the execution of the method in question.
  • the invention is implemented by means of software and / or hardware components.
  • module may correspond in this document as well to a software component, a hardware component or a set of hardware and software components.
  • a software component corresponds to one or more computer programs, one or more subroutines of a program, or more generally to any element of a program or software capable of implementing a function or a program. set of functions, as described below for the module concerned.
  • Such a software component is executed by a data processor of a physical entity (terminal, server, gateway, set-top-box, router, etc.) and is capable of accessing the hardware resources of this physical entity (memories, supports recording, communication bus, input / output electronic boards, user interfaces, etc.).
  • a hardware component corresponds to any element of a hardware set (or hardware) able to implement a function or a set of functions, as described below for the module concerned. It can be a programmable hardware component or with an integrated processor for executing software, for example an integrated circuit, a smart card, a memory card, an electronic card for executing a firmware, etc.
  • Figure 1 depicts an embodiment of the location assertion delivery method
  • Figure 2 depicts an embodiment derived from the location assertion delivery method
  • FIG. 3 depicts a complementary embodiment of the location assertion delivery method
  • FIG. 4 illustrates an architecture of a server able to implement a location assertion delivery method
  • FIG. 5 illustrates an architecture of a client capable of implementing a location assertion issuing method.
  • the purpose of the proposed method is to ensure that, when using credit card data in CNP mode, it is still possible to obtain information on the holder of the payment card.
  • the goal is to move from a CNP mode to a mode where the carrier map is located without changing the habits of the cardholder and in any discretion.
  • the IP address from which the transaction is initiated is obtained.
  • this IP address is compared to a list of allowed IP addresses, list maintained by the entity in charge of carrying out the payment transactions (it can be a bank, an institution or an intermediary institution, such as a payment service manager).
  • the IP address is not the data to validate the transaction.
  • the data validating or not the transaction is a location.
  • the IP address of the terminal from which the transaction is made is always obtained, but this IP address serves only as a means of obtaining a location.
  • the location becomes the information to deliver the transaction authorization (that is, to validate that a transaction can be performed).
  • This embodiment has several advantages. In the first place, this embodiment makes it possible to overcome the problems of address translations. Indeed, it is very common that the device that is used to perform a bank transaction be behind a gateway or a proxy. However, it can be complex to recover an IP address that is exploitable. In general, the IP address retrieved is the IP address of the gateway, but this is not assured.
  • this embodiment makes it possible not to limit the number of devices that can be used to carry out transactions. More specifically, unlike a MAC address, for example, an IP address is often shared by multiple devices (for example, the address of a home gateway is shared by all user devices connected to that home gateway. ). It is therefore not necessary to retrieve all the MAC addresses of the devices that can be used.
  • the location used is that of the city of the IP address. In other embodiments, the location may be more precise, like for example a street in the city. The accuracy obtained depends on the one hand on the available databases and on the other hand on the legal constraints in force in the geographical areas where the invention is implemented.
  • the IP address (@IP) of the terminal (Dt) from which the transaction is performed is used.
  • the terminal from which the transaction is made is not a payment terminal (in the sense of a terminal in which the bank card is inserted and in which a PIN code is entered). It is a terminal such as a computer or a tablet or a smartphone and not a payment terminal such as those installed at merchants.
  • the method implemented comprises:
  • a step of receiving (10) a transaction request (q), resulting from a transactional device (Dt), comprising at least one identifier (id) of a user; it is not necessary, in this embodiment, that the query in question includes the bank data (card number, transaction amount, etc.), or even that it comes directly from the transaction terminal.
  • LOCC current location
  • LOCAs authorized location
  • the location assertion (Al) is then provided to validate the bank transaction (this bank transaction validation is performed up to the other parameters and values entering the validation process, of course) to an entity.
  • This bank transaction validation is performed up to the other parameters and values entering the validation process, of course.
  • the entity in question may very well be one that implements the method just described.
  • the method makes it possible to compare the location of the IP address of the terminal that initiates the payment with an authorized location list.
  • These locations can be defined by the user's bank, automatically. Indeed, it is very traditional for users to connect to their online bank account management systems from several different locations. Among the favorite locations of users, two are extremely common: this is on the one hand the user's home and on the other hand his place of work.
  • the proposed method it is possible to retrieve the IP addresses of users when connecting to their online banking.
  • this recovery is not sufficient, as such. It is necessary, after an IP address retrieval, to obtain a more or less precise location of this address and to keep this location as an authorized location.
  • This conservation can be implemented according to several criteria. For example, when an identified location corresponds to more than twenty or thirty percent of all locations of the user (these percentages are given for information only), it can be considered that this location can be preserved.
  • this location when a location does not correspond to a usual location of the user, this location can be excluded from the locations authorized by the bank or the payment institution or the payment service manager. In this embodiment of the invention, the location is a country, a city or a street (or a combination of these data).
  • the current location of the transactional device is further completed by the implementation of a "trace route" type request.
  • a "trace route” type request makes it possible to follow the path taken by an IP packet to reach a given address.
  • at least some of the IP addresses obtained via the "trace route" request are used to obtain “intermediate” locations.
  • This embodiment of the invention although more or less significantly lengthening the delivery process of the location assertion, makes it possible to evaluate the path traversed by packets to reach the IP address of the transactional device. This gives a list of IP addresses at least some of which are associated with a location (for example country, city or street or a combination of these data). This list is ordered, in order to be able to evaluate the route taken by the packets.
  • the locations of the different IP addresses of the list are not in adequacy with the IP address as received from the transactional device (the location of the IP address of the transactional device indicates France while the list of successive locations are outside France such as in Russia, Bulgaria, India, China, etc.), it is possible to modulate the delivery of the location assertion.
  • This modulation can take several forms: either the location assertion is not delivered at all and the process is stopped, or a technique based on confidence coefficients is introduced.
  • countries or regions of a country or even cities and streets are assigned levels of trust. It is a coefficient less than or equal to the value 1.
  • Each location of the list of successive locations is assigned a coefficient.
  • the coefficients of the locations of the list are multiplied to obtain a level of confidence.
  • the confidence level is below a predetermined confidence level, the location assertion is not delivered.
  • This confidence threshold may for example be a function of the number of banking incidents linked to the user or also of the frequency with which the bank has found that the user was moving (according to the withdrawals made in different countries or in different cities).
  • the method therefore comprises:
  • security is enhanced. Indeed, in addition to the location of the place where the transaction is carried out (for example by using the IP address of the terminal from which this transaction is initiated), we use the locating a mobile terminal (for example a smartphone or tablet) in the possession of the user to determine the location of this terminal. In other words, in this embodiment, in addition to the location of the terminal from which the transaction is made, it also seeks to locate a mobile device that is in the possession of the user so as to correlate this location mobile device with that of the device from which the transaction is made.
  • a mobile terminal for example a smartphone or tablet
  • the location assertion is not provided and the transaction can not continue.
  • the method further comprises, in relation to FIG.
  • the step of obtaining a current location of a mobile terminal associated with said user may comprise, depending on the embodiments, a direct transmission of a location by the terminal itself, if the terminal is able to make this transmission (for example via a dedicated application - see below).
  • the obtaining of the location can also be implemented via the communication network to which the communication terminal is connected. As a general rule, this implies implementation through the intermediary of the telecommunication operator to which the user is subscribed (this can cause problems since the operators are generally reluctant to provide this kind of data, which they prefer to keep for their own purposes or for uses imposed by the laws of the Member States. different countries).
  • the method is implemented via a mobile terminal, which terminal is assumed to be in the possession of the user. Unlike known techniques, the method does not include transmitting information to the mobile terminal to verify that the cardholder has its terminal to perform the transaction. On the contrary, the method consists in obtaining information from the terminal, which on the one hand is more discreet and on the other hand makes it possible not to solicit the user unnecessarily.
  • the information obtained can be of several types.
  • the information can be a geographical position obtained via a geolocation module (GPS type, GLONASS, GALILEO, etc.).
  • the information can also be an IP address.
  • This IP address can be the IP address of the gateway to which the terminal is connected, for example in WiFi, when this terminal is at the user's home.
  • This IP address can be the one provided by an access provider in case of connection to the Internet via a 3G / 4G network.
  • the information can still be a base station identifier, to which the terminal is connected (for example on a 2G / 3G / 4G network).
  • this implementation is provided by a mobile application. More particularly, according to a preferred implementation, this application is the user's banking application. It is indeed very common for users to have an application allowing them to manage their account from their mobile terminal. In general, this type of application enjoys enhanced security. More specifically, this type of application often uses a session data encryption protocol (SSL or TLS), which ensures a certain confidentiality of the transmitted data.
  • SSL session data encryption protocol
  • the mobile application transmits, upon request, the data necessary for a bank server, which retransmits this data (or data transformed into location data) to the third party server (for example to the transactional server).
  • the method described is implemented via a transactional server, presented in connection with FIG. 4.
  • a transactional server may, as desired, be implemented by a banking organization, a payment service provider or provider acting as an intermediary between one or more banks or payment institutions.
  • Such a management server comprises a memory 41, a processing unit 42 equipped for example with a microprocessor, and driven by the computer program 43, implementing the method according to the invention.
  • the invention is implemented in the form of a bank server, a payment system.
  • a server includes:
  • connection interface means for receiving a transaction request, from said transactional device, comprising at least one identifier of a user to which said bank details are associated;
  • connection interface means for receiving a transaction request, from said transactional device, comprising at least one identifier of a user to which said bank details are associated;
  • These means can be embodied in the form of a connection interface (I) to one or more communication networks. They may be software interfaces or hardware interfaces (network card type or network communication hardware modules).
  • connection interface I
  • network card type or network communication hardware modules
  • means for determining a current location associated with said IP address means for comparing said current location with at least one authorized location, according to said identifier of said user;
  • These means can be embodied in the form of a connection interface to one or more communication networks. They may be software interfaces or hardware interfaces (network card type or network communication hardware modules).
  • such a server also comprises means for obtaining at least one piece of information coming from a mobile terminal that is supposed to be in the possession of the user whose transaction is to be validated.
  • this server may for example transmit a request to obtain this information to the mobile terminal.
  • it can implement several techniques, the first being for example the transmission of an SMS-type message to an application installed on the terminal (see Application and Mobile Terminal).
  • the server Upon receipt of the location information, the server performs a concordance check between the location previously obtained (that of the terminal to which the user is connected) and the location obtained via the mobile terminal. When these locations are not matched, the transactional server does not provide a location assertion and the transaction is rolled back.
  • a simplified architecture of a mobile device capable of transmitting its position is presented.
  • a mobile device comprises a memory 51, a processing unit 52 equipped for example with a microprocessor, and driven by the computer program 53, implementing the method according to the invention.
  • the invention is implemented in the form of a mobile application installed on a mobile device in the possession of the user.
  • a mobile device comprises:
  • connection interface I
  • networks may be software interfaces or hardware interfaces (network card type or network communication hardware modules);
  • transmission means said server, said at least one position.
  • These means can be embodied in the form of a connection interface to one or more communication networks. They may be software interfaces or hardware interfaces (network card type or network communication hardware modules).

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)
EP14713484.5A 2013-03-28 2014-03-28 Verfahren zur ausgabe einer standortaussage Ceased EP2979237A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1352846A FR3003976B1 (fr) 2013-03-28 2013-03-28 Procede de delivrance d'une assertion de localisation
PCT/EP2014/056377 WO2014154902A1 (fr) 2013-03-28 2014-03-28 Procédé de délivrance d'une assertion de localisation

Publications (1)

Publication Number Publication Date
EP2979237A1 true EP2979237A1 (de) 2016-02-03

Family

ID=48741370

Family Applications (1)

Application Number Title Priority Date Filing Date
EP14713484.5A Ceased EP2979237A1 (de) 2013-03-28 2014-03-28 Verfahren zur ausgabe einer standortaussage

Country Status (8)

Country Link
US (1) US20160063495A1 (de)
EP (1) EP2979237A1 (de)
AU (1) AU2014242913A1 (de)
BR (1) BR112015024761A2 (de)
CA (1) CA2907630C (de)
FR (1) FR3003976B1 (de)
RU (1) RU2015146303A (de)
WO (1) WO2014154902A1 (de)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10708778B2 (en) * 2014-04-29 2020-07-07 Taliware, Inc. Method and system for authenticating an individual's geo-location via a communication network and applications using the same
US20170048815A1 (en) * 2015-08-12 2017-02-16 Cisco Technology, Inc. Location Awareness to Packet Flows using Network Service Headers
US9935961B2 (en) * 2015-09-11 2018-04-03 Bank Of America Corporation Controlling access to data
US10810571B2 (en) * 2016-10-13 2020-10-20 Paypal, Inc. Location-based device and authentication system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000022495A2 (en) * 1998-10-15 2000-04-20 Liquid Audio, Inc. Territorial determination of remote computer location in a wide area network for conditional delivery of digitized products
EP2287792A1 (de) * 2009-08-19 2011-02-23 MasterCard International Incorporated Ortungssteuerung von Zahlkartentransaktionen

Family Cites Families (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7685311B2 (en) * 1999-05-03 2010-03-23 Digital Envoy, Inc. Geo-intelligent traffic reporter
US6757740B1 (en) * 1999-05-03 2004-06-29 Digital Envoy, Inc. Systems and methods for determining collecting and using geographic locations of internet users
US20020052841A1 (en) * 2000-10-27 2002-05-02 Guthrie Paul D. Electronic payment system
WO2002071227A1 (en) * 2001-03-01 2002-09-12 Cyber Operations, Llc System and method for anti-network terrorism
US20020194140A1 (en) * 2001-04-18 2002-12-19 Keith Makuck Metered access to content
US8650103B2 (en) * 2001-10-17 2014-02-11 Ebay, Inc. Verification of a person identifier received online
JP2003174443A (ja) * 2001-12-07 2003-06-20 Sony Corp 情報処理装置および方法、プログラム格納媒体、並びにプログラム
US20030172036A1 (en) * 2002-03-05 2003-09-11 Idan Feigenbaum Online financial transaction veracity assurance mechanism
WO2004008700A2 (en) * 2002-07-12 2004-01-22 The Penn State Research Foundation Real-time packet traceback and associated packet marking strategies
US8248968B2 (en) * 2003-10-03 2012-08-21 Apple Inc. Method and apparatus for providing mobile inter-mesh communication points in a multi-level wireless mesh network
AU2004272083B2 (en) * 2003-09-12 2009-11-26 Emc Corporation System and method for risk based authentication
US20050071417A1 (en) * 2003-09-29 2005-03-31 Jeffrey Taylor Method and apparatus for geolocation of a network user
US7760663B2 (en) * 2004-04-19 2010-07-20 Jds Uniphase Corporation Packet tracing using dynamic packet filters
US8059551B2 (en) * 2005-02-15 2011-11-15 Raytheon Bbn Technologies Corp. Method for source-spoofed IP packet traceback
US8418226B2 (en) * 2005-03-18 2013-04-09 Absolute Software Corporation Persistent servicing agent
US8656458B2 (en) * 2005-08-25 2014-02-18 Guy Heffez Method and system for authenticating internet user identity
JP4954979B2 (ja) * 2005-04-29 2012-06-20 オラクル・インターナショナル・コーポレイション 詐欺監視、検出、および階層状ユーザ認証のためのシステムおよび方法
BRPI0615559A2 (pt) * 2005-07-20 2017-09-12 Verimatrix Inc sistema e método de autenticação de usúario de rede
US20070204033A1 (en) * 2006-02-24 2007-08-30 James Bookbinder Methods and systems to detect abuse of network services
US8347368B2 (en) * 2006-03-29 2013-01-01 The Bank Of Tokyo-Mitsubishi Ufj, Ltd. Apparatus, method, and program for validating user
US7856494B2 (en) * 2006-11-14 2010-12-21 Fmr Llc Detecting and interdicting fraudulent activity on a network
GB2449510A (en) * 2007-05-24 2008-11-26 Asim Bucuk A method and system for the creation, management and authentication of links between people, entities, objects and devices
WO2008151321A2 (en) * 2007-06-08 2008-12-11 The Trustees Of Columbia University In The City Of New York Systems, methods, and media for enforcing a security policy in a network including a plurality of components
US8983497B2 (en) * 2007-10-04 2015-03-17 Zos Communications, Llc Method for managing a geo-targeted campaign
US8793758B2 (en) * 2009-01-28 2014-07-29 Headwater Partners I Llc Security, fraud detection, and fraud mitigation in device-assisted services systems
US9392462B2 (en) * 2009-01-28 2016-07-12 Headwater Partners I Llc Mobile end-user device with agent limiting wireless data communication for specified background applications based on a stored policy
US20120254333A1 (en) * 2010-01-07 2012-10-04 Rajarathnam Chandramouli Automated detection of deception in short and multilingual electronic messages
US8381281B2 (en) * 2010-04-07 2013-02-19 International Business Machines Corporation Authenticating a remote host to a firewall
WO2012006098A2 (en) * 2010-06-28 2012-01-12 Vivotech Inc. Methods, systems, and computer readable media for facilitating in-store or near-store ordering and payment of goods and services through a single-tap of a near field communication (nfc) device
US8566233B2 (en) * 2010-07-29 2013-10-22 Intel Corporation Device, system, and method for location-based payment authorization
KR101327434B1 (ko) 2010-10-20 2013-11-20 비씨카드(주) 고객 단말기의 맥 어드레스 정보를 이용한 결제 방법 및 시스템
US10373160B2 (en) * 2011-02-10 2019-08-06 Paypal, Inc. Fraud alerting using mobile phone location
US9380102B2 (en) * 2011-03-02 2016-06-28 Verizon Patent And Licensing Inc. Secure management of SIP user credentials
US9424603B2 (en) * 2011-09-13 2016-08-23 Visa International Service Association Mobile location notifications system and method
TWI439033B (zh) * 2012-04-06 2014-05-21 Anpec Electronics Corp 應用於靴帶電路之直流轉換器
US20130282523A1 (en) * 2012-04-20 2013-10-24 Howard Pfeffer Network service provider assisted payment fraud detection and mitigation methods and apparatus
US9853995B2 (en) * 2012-11-08 2017-12-26 AO Kaspersky Lab System and method for restricting pathways to harmful hosts in computer networks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000022495A2 (en) * 1998-10-15 2000-04-20 Liquid Audio, Inc. Territorial determination of remote computer location in a wide area network for conditional delivery of digitized products
EP2287792A1 (de) * 2009-08-19 2011-02-23 MasterCard International Incorporated Ortungssteuerung von Zahlkartentransaktionen

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2014154902A1 *

Also Published As

Publication number Publication date
RU2015146303A (ru) 2017-05-04
CA2907630A1 (en) 2014-10-02
US20160063495A1 (en) 2016-03-03
CA2907630C (en) 2022-07-19
AU2014242913A1 (en) 2015-11-12
FR3003976B1 (fr) 2016-08-26
BR112015024761A2 (pt) 2017-07-18
FR3003976A1 (fr) 2014-10-03
WO2014154902A1 (fr) 2014-10-02

Similar Documents

Publication Publication Date Title
EP3032799B1 (de) Authentifizierungsverfahren eines benutzers, entsprechender server, entsprechendes kommunikationsendgerät und entsprechende programme
FR3038429A1 (fr) Conteneur de paiement, procede de creation, procede de traitement, dispositifs et programmes correspondants
WO2014154902A1 (fr) Procédé de délivrance d'une assertion de localisation
EP3163487A1 (de) Verfahren, computerterminal und computerprogramm zur sicherung der verarbeitung transaktioneller daten
EP1762037A2 (de) Verfahren und system zur bestätigung einer benutzeridentität
WO2020064890A1 (fr) Procede de traitement d'une transaction, dispositif, systeme et programme correspondant
FR3061971A1 (fr) Procede d'authentification en deux etapes, dispositif et programme d'ordinateur correspondant
EP3588418A1 (de) Verfahren zur durchführung einer transaktion, endgerät, server und entsprechendes computerprogramm
FR2888691A1 (fr) Procede et dispositif d'autorisation de transaction
EP3479518A1 (de) Verfahren zur authentifizierung von zahlungsdaten, zugehörige vorrichtungen und programme
CA2973836A1 (fr) Procede de traitement de donnees par un dispositif electronique d'acquisition de donnees, dispositif et programme correspondant
EP3095223B1 (de) Verfahren zur übertragung von verschlüsselten daten, empfangsverfahren, vorrichtungen und computerprogramme im zusammenhang damit
WO2018002349A1 (fr) Procédé d'authentification de données de paiement, dispositifs et programmes correspondants.
EP3113094B1 (de) Verarbeitungsverfahren von transaktionellen daten, vorrichtung und entsprechendes programm
EP3570238B1 (de) Verfahren zur durchführung einer transaktion, endgerät, server und entsprechendes computerprogramm
EP2897095B1 (de) Sicherungsverfahren einer mit einer Bankkarte durchgeführten Transaktion
EP2911365B1 (de) Verfahren und System zur Sicherung von Transaktionen, die von einer Vielzahl von Diensten zwischen einem Mobilgerät eines Benutzers und einer Akzeptanzstelle angeboten werden
CA2946145C (fr) Procedes de traitement de donnees transactionnelles, dispositifs et programmes correspondants
WO2017005644A1 (fr) Procédé et système de contrôle d'accès à un service via un média mobile sans intermediaire de confiance
FR3011111A1 (fr) Securisation d'une transmission de donnees d'identification
EP3371760A1 (de) Verfahren zur identitätsprüfung bei der virtualisierung
FR3031217A1 (fr) Procede de verification d'une requete de paiement comprenant la determination de la localisation du provisionnement d'un jeton de paiement
FR3031609A1 (fr) Procede de traitement d'une transaction a partir d'un terminal de communication

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20150917

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20180917

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: BANKS AND ACQUIRERS INTERNATIONAL HOLDING

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20221128