FR3076027B1 - SECURING THE PROCESSING OF A TRANSACTION - Google Patents

SECURING THE PROCESSING OF A TRANSACTION Download PDF

Info

Publication number
FR3076027B1
FR3076027B1 FR1762826A FR1762826A FR3076027B1 FR 3076027 B1 FR3076027 B1 FR 3076027B1 FR 1762826 A FR1762826 A FR 1762826A FR 1762826 A FR1762826 A FR 1762826A FR 3076027 B1 FR3076027 B1 FR 3076027B1
Authority
FR
France
Prior art keywords
terminal
identifier
transaction
processing
current transaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
FR1762826A
Other languages
French (fr)
Other versions
FR3076027A1 (en
Inventor
Francis Chamberot
Oliveira Marco De
Simon Vaquier
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Idemia France SAS
Original Assignee
Oberthur Technologies SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oberthur Technologies SA filed Critical Oberthur Technologies SA
Priority to FR1762826A priority Critical patent/FR3076027B1/en
Publication of FR3076027A1 publication Critical patent/FR3076027A1/en
Application granted granted Critical
Publication of FR3076027B1 publication Critical patent/FR3076027B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/343Cards including a counter
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/356Aspects of software for card payments
    • G06Q20/3563Software being resident on card
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/403Solvency checks
    • G06Q20/4033Local solvency checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/403Solvency checks
    • G06Q20/4037Remote solvency checks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • G07F7/127Card verification in which both online and offline card verification can take place

Abstract

L'invention propose un procédé de traitement un dispositif électronique (20), comprenant : réception d'un identifiant (IDT) d'un terminal lors d'une transaction en cours ou d'un identifiant (IDE) d'une entité tierce (12) utilisant ce terminal ; détermination, à partir de l'identifiant du terminal ou de l'identifiant de l'entité tierce, de si un refus suspect d'un traitement en ligne de la transaction en cours est susceptible d'être reçu en provenance du terminal (T1) ; dans la négative, envoi d'une première commande (CMD1 ; CMD3) au terminal ; et dans l'affirmative, exécution d'une étape de sécurisation comprenant : envoi au terminal (T1) d'une deuxième commande, distincte de la première commande, pour forcer un traitement en ligne de la transaction en cours par le terminal ; ou blocage de la transaction en cours pour interdire une validation par le terminal de la transaction en cours sans un traitement en ligne préalable.The invention proposes a method for processing an electronic device (20), comprising: receiving an identifier (IDT) of a terminal during a transaction in progress or an identifier (IDE) of a third party ( 12) using this terminal; determination, from the identifier of the terminal or the identifier of the third-party entity, of whether a suspicious refusal of online processing of the current transaction is likely to be received from the terminal (T1) ; if not, sending a first command (CMD1; CMD3) to the terminal; and if so, execution of a securing step comprising: sending to the terminal (T1) a second command, distinct from the first command, to force online processing of the current transaction by the terminal; or blocking of the current transaction to prevent validation by the terminal of the current transaction without prior online processing.

FR1762826A 2017-12-21 2017-12-21 SECURING THE PROCESSING OF A TRANSACTION Active FR3076027B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
FR1762826A FR3076027B1 (en) 2017-12-21 2017-12-21 SECURING THE PROCESSING OF A TRANSACTION

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1762826 2017-12-21
FR1762826A FR3076027B1 (en) 2017-12-21 2017-12-21 SECURING THE PROCESSING OF A TRANSACTION

Publications (2)

Publication Number Publication Date
FR3076027A1 FR3076027A1 (en) 2019-06-28
FR3076027B1 true FR3076027B1 (en) 2021-08-20

Family

ID=62017409

Family Applications (1)

Application Number Title Priority Date Filing Date
FR1762826A Active FR3076027B1 (en) 2017-12-21 2017-12-21 SECURING THE PROCESSING OF A TRANSACTION

Country Status (1)

Country Link
FR (1) FR3076027B1 (en)

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
BR0208337A (en) * 2001-03-29 2004-03-23 Ebestcard Ltd Card transaction system, card transaction processing methods, maintaining data consistency between a server and a terminal, determining whether a card can be used, and permitting online and offline transactions, terminal card reader, computer read log and data table
US7765162B2 (en) * 2002-10-07 2010-07-27 Mastercard International Incorporated Method and system for conducting off-line and on-line pre-authorized payment transactions
US8589335B2 (en) * 2003-04-21 2013-11-19 Visa International Service Association Smart card personalization assistance tool
US20070168260A1 (en) * 2005-09-30 2007-07-19 Mastercard International Incorporated Payment apparatus and method
EP1912182A1 (en) * 2006-10-12 2008-04-16 Proton World International N.V. Authorisation of a transaction between an electronic circuit and a terminal
EP2085921A4 (en) * 2007-11-28 2011-11-02 Intelligent Wave Inc Settlement approval system and settlement approval method of credit card
WO2012037971A1 (en) * 2010-09-21 2012-03-29 Mastercard International Incorporated Financial transaction method and system having an update mechanism
FR3051579B1 (en) * 2016-05-23 2021-11-19 Oberthur Technologies METHOD FOR SECURING AN ELECTRONIC DEVICE, AND CORRESPONDING ELECTRONIC DEVICE

Also Published As

Publication number Publication date
FR3076027A1 (en) 2019-06-28

Similar Documents

Publication Publication Date Title
US20210153017A1 (en) Methods and systems for validating mobile devices of customers via third parties
US20190372994A1 (en) System and methods for protecting users from malicious content
US20190327216A1 (en) Message encryption using public keychains
US20140207679A1 (en) Online money transfer service in connection with instant messenger
TW201516903A (en) Secure payment method, secure payment device, and secure payment system
WO2016058556A1 (en) Service processing method and device
CN109039860B (en) Method and device for sending and displaying message and method and device for identity authentication
US9940608B2 (en) Real time EFT network-based person-to-person transactions
CN107622607B (en) Machine moving monitoring system and machine moving monitoring method of POS terminal
WO2017118315A1 (en) Security verification method and device for smart card application
EP3163834A1 (en) Method and device for equipment control
US20220164789A1 (en) Location based wallets
WO2012031549A1 (en) Method, apparatus, and system for security authentication in mobile payment
FR3076027B1 (en) SECURING THE PROCESSING OF A TRANSACTION
CN105989418B (en) Internet surfing service remote booking method and device
CN107040497B (en) Network account anti-theft method and device
WO2009054165A1 (en) Log-in authentication method, log-in authentication server, and log-in authentication program
WO2017016038A1 (en) Payment method, payment apparatus, terminal and payment system
CN108885654A (en) A kind of method and terminal into target application
WO2016165541A1 (en) Method and apparatus for dialling number
CN105516057B (en) Data processing method, device and system
WO2023151246A1 (en) Code-scanning payment method, user terminal, service device, system, and medium
CN111539742B (en) Information processing method, information processing device, electronic equipment and storage medium
KR101793958B1 (en) Method for Preventing Voice Phishing by using Qualified Caller Information
KR102300193B1 (en) Method and apparatus for preventing error remittance

Legal Events

Date Code Title Description
PLFP Fee payment

Year of fee payment: 2

PLSC Publication of the preliminary search report

Effective date: 20190628

PLFP Fee payment

Year of fee payment: 3

PLFP Fee payment

Year of fee payment: 4

PLFP Fee payment

Year of fee payment: 5

PLFP Fee payment

Year of fee payment: 6

PLFP Fee payment

Year of fee payment: 7