GB2511769A - Methods, devices and systems for verification of financial transactions - Google Patents

Methods, devices and systems for verification of financial transactions Download PDF

Info

Publication number
GB2511769A
GB2511769A GB1304413.6A GB201304413A GB2511769A GB 2511769 A GB2511769 A GB 2511769A GB 201304413 A GB201304413 A GB 201304413A GB 2511769 A GB2511769 A GB 2511769A
Authority
GB
United Kingdom
Prior art keywords
user
identity feature
feature data
data
financial transaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1304413.6A
Other versions
GB201304413D0 (en
Inventor
James David Sinton
Richard John Burdett
Hemal Bhogilal Sanghvi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mastercard International Inc
Original Assignee
Mastercard International Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastercard International Inc filed Critical Mastercard International Inc
Priority to GB1304413.6A priority Critical patent/GB2511769A/en
Publication of GB201304413D0 publication Critical patent/GB201304413D0/en
Publication of GB2511769A publication Critical patent/GB2511769A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Methods, devices and systems for verification of financial transactions are disclosed. To modify a user financial transaction device for verification of financial transactions, a communication link is established between a provider system and the user financial transaction device. Account information for the user is retrieved, and identity feature data for the user obtained. The user identity feature data is associated with the retrieved user account information, and the user identity feature data is stored on the user financial transaction device. On conducting a financial transaction, the user identity feature data is retrieved by a transaction operator system from the user financial transaction device, for comparison with a user identity feature by a transaction operator.

Description

METHODS, DEVICES AND SYSTEMS FOR VERIFICATION OF FINANCIAL
TRANSACTIONS
FIELD OF THE INVENTION
This invention is directed to methods, devices and systems for verification of financial transactions, in particular to the use of user financial transaction devices as a means of verification.
BACKGROUND OF THE INVENTION
Many types of electronic financial transaction are well known. Figure 1 is a diagram illustrating a basic transaction system 1, in this case using a payment transaction card. A point of interaction 2 is controlled by a merchant, a card issuer or issuing bank 3, and a transaction processor 4 interconnecting point of interaction 2 and card issuer 3. The merchant's point of interaction 2 generally is includes one or more of a point of sale device 10, a telephone 11, and/or a merchant website 12, through which authorization requests are initiated.
In order to carry out the transaction, a merchant authorization request 15 is generated at the merchant's point of interaction 2 which is sent to the transaction processor 4 and forwarded to the card issuer 3 as a request for authorization 16.
Upon checking a status of the cardholder account (for example, that a card used is valid, that an account has sufficient finance available) the card issuer 3 responds to the transaction processor 4 with an authorization response 18 which is received by the transaction processor 4 and forwarded to the merchant's point of interaction 2 as an authorization response to merchant 19.
Typically, a cardholder's account number is entered into the merchant's environment with which the cardholder is doing business, in order to obtain the authorization. This conventionally includes one or more of the following: a cardholder giving his card to a merchant to swipe or key into the merchant point of sale device 10, the cardholder or merchant initiating a phone call from telephone 11 to enter a card account number, the cardholder himself swiping or inserting his card in the merchant's point of sale device 10, or the merchant or cardholder entering the account number associated with the financial transaction card into the merchant's website 12. Payments for approved transactions are managed with the card issuer 3 or merchant's acquirer (not shown in FIG. 1) based on the specific card payment network or other closed-loop environment.
Financial transactions using in addition systems of verification or authentication to are also known; these attempt to ensure that the holder of a card or other financial transaction device is the legitimate user. For example, the chip and PIN system requires a user to enter a PIN number or password which is checked against a record on a smart card chip on their transaction card. Transaction cards commonly have a user's signature affixed, which is matched with a user signature at the time of the transaction. ATM users enter a PIN which is checked against the record on their transaction card. Online transactions require passwords and other verification. Mobile devices record user keys or PINs which must be entered by a user before a transaction can be completed, for example on a mobile banking application.
However, such systems can be vulnerable, as it is possible for the password, key or PIN to become known by a third party that is not the authorized user of the financial transaction device or account holder. If this occurs, the third party can fraudulently use the password to undertake a transaction, for example, if a payment card is stolen and the PIN is either found or retrieved from the card, or is bypassed.
Several previously considered types of interaction between two parties require an acceptable method for verifying the party receiving the goods or services. For example, a transaction may require the buyer to present a photo ID in addition to a means of payment. Drinking places also require photo identification along with their age verification, in addition to payment. Some interactions may require a fingerprint ID. However, such interactions typically require some means of identification in addition to a means of payment; the identification card or identification device used is unsuitable for use by itself to perform a financial transaction, as it provides no record verified by the financial institution in question that the holder is the account holder at that institution.
One previously considered system disclosed in US patent application no. 2013/0006857 securely stores a photographic image of an account holder at their to financial institution. A merchant processing a transaction for the user can request a copy of the photographic image from the financial institution, for comparison face-to-face with the user. This system may be limited to transactions in which the merchant can contact the institution, so the timing and range of such transactions may be limited. In addition, the transaction may not be verifiable if the user has not previously provided a photographic image to the institution.
The present invention aims to address these problems and provide improvements upon the known systems, devices and methods.
STATEMENT OF INVENTION
Aspects and embodiments of the invention are set out in the accompanying claims.
In general terms, one embodiment of a first aspect of the invention can provide a method of modifying a user financial transaction device for verification of financial transactions, comprising the steps of: establishing a communication link between a provider system and the user financial transaction device; retrieving account information for the user; obtaining identity feature data for the user; associating the user identity feature data with the retrieved user account information; and storing the user identity feature data on the user financial transaction device.
This allows an additional means of verification of the user, in case other means have been compromised. It is also based on an objective observable feature or characteristic feature of the user, rather than simply on data that the user recalls and enters.
Preferably, the steps of retrieving the user account information, obtaining the to identity feature data and associating the identity feature data with the user account information are performed by the provider system.
Suitably, the step of retrieving comprises retrieving the user account information from the user financial transaction device.
Preferably, the method further comprises retrieving account information for the user from the provider system, and comparing the user account information from the provider system with the user account information from the user financial transaction device.
In an embodiment, the step of retrieving comprises retrieving the user account information from the provider system.
Preferably, the step of storing comprises associating on the device the user identity feature data with the retrieved user account information. Suitably, the step of storing comprises encrypting the user identity feature data before storage.
Preferably, the encryption is public key encryption. In this case, the public keys for users may be distributed to transaction operator systems and/or operators.
The encryption of the user identity feature data may be mobile signature encryption.
In an embodiment, the step of associating comprises comparing the user identity feature data with the retrieved user account information.
Suitably, the step of associating comprises combining the user identity feature data and retrieved user account information into a user data set.
Such steps allow the secure recordal of the identity feature data on the financial transaction device, so that a later transaction operator can be assured that the to data was stored on the device by the provider, rather than by the user or in an attempted compromise of the device.
The user account information may be linked in a number of ways to the user identity feature data in a number of ways, such as those above. Where the account information and identity feature data are combined into a data set, this may be combined so that the identity feature data is only accessible if information matching the user account information is available. The account information may form part of a key for encrypted user identity feature data.
Preferably, the user identity feature data comprises biometric data for the user.
Suitably, the user identity feature data comprises an image of the user. The image may be of an observable feature such as a facial or retina image. The image may also be of a fingerprint of the user.
In an embodiment, the step of obtaining comprises retrieving the user identity feature data from a storage means in the provider system. Preferably, the method further comprises: on previous transmission of identity feature data by the user to the provider system, storing the identity feature data for the user for later retrieval.
In another embodiment, the step of obtaining comprises obtaining the user identity feature data from the user.
Suitably, the step of obtaining comprises: establishing a communication link between a user data device storing user identity feature data and the provider system; and transmitting the user identity feature data from the user data device to the provider system. Preferably, the user financial transaction device comprises the user data device.
to Alternatively, the step of obtaining comprises capturing instant identity feature data of the user. Preferably, the step of capturing comprises capturing an image of the user using an image capture device of the provider system. Such an image capture device can be a camera. The camera can be part of or attached to the provider system. Alternatively, the camera may be pad of a user device, such as a mobile device, and the camera may be controlled to capture an instant identity feature of the user (rather than provide a previously captured feature).
One embodiment of a second aspect of the invention can provide a method of providing data to verify the identity of a user conducting a financial transaction, comprising the steps of: establishing a communication link between a user financial transaction device and a transaction operator system, the userfinancial transaction device storing identity feature data for the user and account information for the user; and retrieving by the transaction operator system from the user financial transaction device the user identity feature data, for comparison with a user identity feature by a transaction operator.
In addition to the above advantages, the methods of verification disclosed herein also remove the need for a separate identification document or device. In addition, this verification is used locally, and does not require establishing contact with a provider network or issuer institution.
Preferably, the user identity feature data and the user account information are associated on the user financial transaction device. More preferably, the user identity feature data and the user account information are combined into a user data set created by a provider system.
Suitably, the user identity feature data on the user financial transaction device is encrypted.
Preferably, the user identity feature data comprises biometric data for the user.
to In an embodiment, the user identity feature data comprises an image of the user.
Suitably, the method further comprises, on retrieval of the user identity feature data, displaying the user identity feature data for comparison with the user identity feature by the transaction operator.
This allows a transaction operator at the operator system to view the retrieved identity feature data, and compare it with an observable feature of the user. For example, the feature data may be a facial photograph, for direct comparison with the user.
In an embodiment, the method further comprises: capturing instant identity feature data of the user; and, on retrieval of the user identity feature data from the user financial transaction device, comparing the instant identity feature data of the user with the user identity feature data from the user financial transaction device. Preferably, the identity feature data comprises an image of the user, and wherein the instant identity feature data is captured using an image capture device of the transaction operator system.
In this way, an un-manned transaction system (such as a kiosk, ATM or online system) can check the identity feature data against the user.
Suitably, the transaction operation system comprises one of: a point-of-interaction device; an automated teller machine; and a computer having a network connection. In an embodiment, the communication link comprises a wireless link.
In an embodiment, the step of retrieving from the user financial transaction device the identity feature data comprises decrypting the identity feature data.
Preferably, the method further comprises: retrieving user password data stored to on the user financial transaction device; obtaining user password data from the user; and comparing the retrieved user password data with the obtained user password data. More preferably, the steps of retrieving, obtaining and comparing password data are performed before retrieving the user identity feature data. Still more preferably, the user password data comprises a PIN.
One embodiment of a third aspect of the invention can provide a user financial transaction device modified for verification of financial transactions, comprising: means for establishing a communication link between the user financial transaction device and a transaction operator system; means for storing data for a user; and identity feature data for the user, associated with account information for the user, stored on the means for storing data, the user identity feature data and the user account information retrievable by a transaction operator system, the user identity feature data for comparison with a user identity feature.
Preferably, the device comprises an integrated circuit chip comprising the means for storing data.
Suitably, the device comprises a financial transaction card comprising the chip.
Alternatively, the device comprises a user data device comprising the chip.
Preferably, the user data device is a mobile telecommunication device.
The user data device may transmit the user identity feature data to the provider system by secure transmission. This may be by encryption of the feature data for transmission. For example, a QR code may be generated by the user data device for the feature data, the code being readable and decryptable by the transaction operator system.
One embodiment of a fourth aspect of the invention can provide a provider system for modifying a user financial transaction device for verification of to financial transactions, comprising: an interface for establishing a communication link between the provider system and the user financial transaction device, the interface configured to: retrieve account information for the user; and obtain identity feature data for the user; a processor for associating user identity feature data with retrieved user account information; and means for transmitting the user identity feature data for storage on the user financial transaction device.
Preferably, the system further comprises an image capture device for capturing instant identity feature data of the user.
Suitably, the interface comprises a reader for accessing data stored on an integrated circuit chip of the user financial transaction device.
In an embodiment, one of: a kiosk; an automated teller machine; and a computer having a network connection, comprises the interface.
Preferably, the system further comprises: a store for storing retrievable user account information; and a network for enabling communication between the store and the interface. The provider system may comprise a local system for storing the data on the device such as an ATM or kiosk, or may include that local system in addition to the other components connecting it to a provider or issuer financial institution, such as a network and storage servers.
One embodiment of a fifth aspect of the invention can provide a transaction operator system for verifying the identity of a user conducting a financial transaction, comprising: an interface for establishing a communication link between a user financial transaction device and the transaction operator system, the user financial transaction device storing identity feature data for the user and account information for the user, wherein the interface is configured to retrieve from the user financial transaction device: the user account information; and the user identity feature data; and means for comparing the retrieved user identity to feature data with a user identity feature.
Preferably, the means for comparing comprises a display for displaying the user identity feature data for comparison with the user identity feature.
Alternatively, the means for comparing comprises: an image capture device for capturing instant identity feature data of the user; and a processor for, on retrieval of the user identity feature data from the user financial transaction device, comparing the instant identity feature data of the user with the user identity feature data from the user financial transaction device.
Suitably, the system comprises one of: a point-of-interaction device; an automated teller machine; and a computer having a network connection.
Further aspects of the invention comprise computer programs which, when loaded into or run on a computer, cause the computer to carry out methods according to the aspects described above.
The above aspects and embodiments may be combined to provide further aspects and embodiments of the invention. -11 -
BRIEF DESCRIPTION OF THE DRAWINGS
The invention will now be described by way of example with reference to the accompanying drawings, in which: Figure 1 is a diagram illustrating a basic transaction system; Figure 2 is a diagram illustrating a basic process for provisioning the user identity feature data onto the user device, according to an embodiment of the invention; Figure 3 is a diagram illustrating processes for providing the user identity data, to according to embodiments of the invention; Figure 4 is a diagram illustrating more detailed processes for provisioning the user identity feature data onto the user device, according to embodiments of the invention; Figure 5 is a diagram illustrating a basic process for verification of the user device, according to an embodiment of the invention; Figure 6 is a diagram illustrating more detailed processes for verification of the user device, according to embodiments of the invention; and Figure 7 is a diagram illustrating a typical user interaction system which may provide basic processes for provisioning and verification of the user device, according to embodiments of the invention.
DETAILED DESCRIPTION OF EMBODIMENTS
Embodiments of the invention provide elements of a system aimed at providing user identity feature data, such as biometric data, as an additional and different means of verification of a user for financial transactions, the data being embedded on the user's financial transaction device.
Because the identity feature is an objective characteristic of the user, it provides an additional degree of security beyond simply additional keys or passwords.
The combination with the financial transaction device itself, such as a srnartcard, means no additional ID document or device is needed, and the verification can be done locally, and instantly.
The two principle elements are: 1. The process of provisioning the account holder's identity feature onto their device; and 2. The process of retrieving the identity feature from the device, during the transaction, for verification of the user by an operator or operator system.
to Provisioning: One example of a simple provisioning process is illustrated in the flow chart in Figure 2. In this case, the user financial transaction device is a transaction card, such as a payment or credit card. In the first step (204) the card I account holder (202) provides their identity feature data to their issuer (206), for example a facial photograph. The issuer pulls relevant account information for the user (208) and maps the data (the photograph) to the account (210). The issuer then pushes (212) the data to the card I account device (214), and the data is embedded (216) onto the chip of the card! account holder device (218).
Some options for the provisioning process are illustrated in Figure 3. The user (302) can provide their identity data via various means, for example sending it using their mobile device (304), laptop computer (306), PDA (308) or using a machine authorized by the issuer (310), such as an ATM or kiosk. The identity data will usually be sent via a network (312) to the issuer (314). The sending itself can be done by email, text, issuer application on a user's mobile device, uploading online, or even by mail (the issuer may convert a hard copy of, for example, a photograph, into an electronic image).
The identity data can also be obtained using some of these items. For example, if the identity data is a photograph of the user, such as a retina or facial photograph, the mobile device (304) such as a mobile phone having a built-in camera can be used to take the photograph. A camera can be installed in the ATM/kiosk (310). Fingerprint scanning attachments for laptop computers have been previously considered -such an attachment may be used here.
Whichever means of providing the identity feature is used, ensuring security of the transfer is likely to be important. If the issuer cannot be sure that the identity feature data is that of the genuine user, then the data will not be of use in transaction verification. The issuer can therefore provide secure, encrypted or to certificated means for accepting identity data from the user. For example, a password or key protected application on a mobile phone may activate the camera. The provider of the ATM/kiosk may take steps against tampering of the camera device similar to those preventing tampering with PIN entry.
Figure 4 illustrates some of the options for provisioning the identity feature data onto the user's device. The issuer (314), having noted which account holder is providing the identity data, and having associated the identity data with that account holder in their records, can then proceed to push the validated identity data to the user's device. In the case of a mobile phone (304) or PDA (308) this may be sent via a network (402) which typically will include a mobile or wireless transmission (404). For the laptop computer (306), the transfer may be via the same, or another network (402); for example, the computer can receive the validated identity data via the internet, or connect to a terminal in a branch of a bank associated with the issuer.
In the above cases, the identity data will be recorded on the device, in a storage means such as the SIM or memory card of a mobile phone or FDA, or hard disk of a computer. The data can also be recorded on a chip in any chip-enabled such devices. The identity data is preferably installed as useable only with the verification processes set out later sections. For example, this might be by providing a complete software application including the identity data to a smart phone, the software providing the data on demand for verification. The data may be encrypted in a way decryptable only by a transaction operator or operator system or interface.
In the case of a transaction card (406), the validated data may be sent to an approved machine (408) such as an ATM or kiosk, into which the user's card can be entered for embedding of the identity data. The means for communication in this case may be the usual magnetic stripe or chip reading interface found in AIMs. The communication may also be performed by contactless link between a to smart card chip and a reader, for example by near field communications (NFC) or Bluetooth.
The machine (408) may be the same machine (310) used to initially provide the identity data. This same machine may execute the steps of obtaining the data and embedding the data, with an intervening step of requesting authorization from the issuer (314). In this case, the identity data itself may not necessarily need to be transferred to the issuer at this time, provided the ATM or kiosk can sufficiently verify the account holder, and combine the identity data with the account holder's details on the card. In certain cases, the step of requesting authorization may be eliminated, in favour for example of notifying the issuer later, if the machine can be sufficiently authorized.
Alternatively, the issuer can itself embed the identity data onto the card, and send the card to the user (410). This would be more usual for example if issuing a new card for the user. In this case, the issuer retrieves its own known user account holder information, and identity feature data sent by the user or otherwise obtained from the user, and combines these on the issued card.
Again, the above steps will require adequate security. The data package containing the identity feature data if transmitted over a network to any of the above devices or machines will usually require some means to ensure that the data cannot be intercepted en route, or tampered with during the embedding process. The data package may be a combination of the user's account details with the identity feature data, and may be encrypted or certificated.
The data package may be compiled so that the account information, or a previously agreed account password or PIN, may be a key for allowing embedding of the identity feature data onto the device presented, ensuring that the device presented is that of the genuine account holder. The account information or password/PIN may also be used as a key for accessing the identity to feature data on the device, once embedded.
In the case of a mobile device, ADA or computer, the issuer will be providing the data over a network. In these cases the user will have to provide sufficient verification that they are the account holder, in order for the issuer to release the identity data associated with that account holder. The user may for example login to a network application, using the account details and/or agreed keys or passwords. A provider system, authorized by the issuer, may communicate directly with the device, via software on the device accessible only by the user, previously confirmed as the account holder, for example by using a password.
The identity feature data may also be encrypted on the device, either during embedding or from encryption applied by the issuer. In the case of a mobile device or ADA, this may be mobile signature encryption of the type known for use with mobile certification or mobile banking. The signature can be generated on the mobile device itself; in the case of embedding this information for use in financial transactions, the signature may be generated on the basis of the account holder information, and access to the signature being given to the user only, for example by a password issued by the issuer or generated by the user or issuer software on the device.
In any of the devices above, the encryption may be public-key encryption, for example with the private key encrypting the identity data on the device, and a database of public keys for all users being distributed to merchants and transaction operator systems.
The user identity data given by the user and provisioned onto their device, may be any sod of data which can objectively identify that user, something that the user is, rather than something the user knows, such as a password or PIN. The data may be biometric data, which may be image data, such as an image of the to user's face or retina, or an image of the user's fingerprint.
The known chip and PIN system may also be provided for the user device, as an additional means of verification.
The validated identity feature data can be provided to devices other than the above. For example, any chip-enabled device which is either already authorized by the issuer, or can securely store and transmit (or allow transmission of) the identity and account information, can be used. Such a chip may be installed in other types of user device, such as other electronic devices, or even a wallet of the user. Alternatively the device, such as a mobile device, may similarly be any with means for storing the identity/account data, which can be authorized by the issuer.
The issuer of the card / account may authorize third parties to provide many of the services set out in the above and the following. For example, the ATM may be owned by a third party, authorized by the issuer to accept photographs from its users for transmission to the issuer. A third party may be contracted to print and embed information onto cards for the issuer.
Verification: One example of a basic retrieval and verification process is illustrated in the flowchart in Figure 5. Again in this example, the user financial transaction device is a transaction card, such as a payment or credit card. Initially, the card / account holder (502) interacts (504) their device with the transaction operator system, for example by inserting the card into the point of interaction device (506), establishing a communication. The P01 then retrieves (508) the identity data (such as a photograph) from the chip of the card I account holder device for to the comparison/verification step. In this example, the P01 displays it on a display device (510). The verifying party (514, the transaction operator, for example a merchant) then verifies (512) the identity feature displayed (such as the user's face) against the user.
Some options for the verification process are illustrated in Figure 6. The user provides their financial transaction device, for example their mobile device (304, 308) or their computer (306), or a transaction card (406). A communication link is established between the user's device and the point of interaction (604), for example by a wireless or wired network connection, or by chip or stripe reading interface, or contactless interface (602). The identity feature data is downloaded by the point of interaction, and used for comparison with the user. In this example, the point of interaction has a display for showing the feature data, in this case a photo of the user. The display may be on a transaction operator monitor, computer, mobile device, or other known operator system, such as a card reader terminal. The identity feature can then be compared with the user, for example: a facial photograph can be directly compared by viewing the user; a retina image can be compared with a retina scan performed instantly by the user; a fingerprint image can be compared with an instant fingerprint scan from the user. Such comparisons may be done or aided by a computed process, for example an algorithm run on the operator system to compare the instant and retrieved images.
Once again, the means for communication of the identity feature data to the operator will usually need to be secure, to avoid interception of the data by third parties, and to ensure that the data cannot be falsified or tampered with en route to the operator. As noted above, the data itself, may be encrypted, which may be sufficient for the card-reading embodiments. The operator system can then decrypt the identity data for comparison, for example by public key for that user/account holder.
to For the mobile devices, the data encryption can be combined with the means of transmission. An example of a transmission method, for instance from a mobile phone, may be a OR (quick response) code. The mobile phone can retrieve the stored encrypted photo, decrypt it, generate a OR code and transmit the OR code to an operator reader device. The reader device can then receive the OR code and interpret it before displaying the photo on the display device.
The transaction operator system may be a point of interaction manned by an operator as in the above example, or may be an un-manned machine, such as an ATM or kiosk, or an enabled computer system. Such an operator system would capture some sort of comparable instant identity feature data for the user, and compare it with the identity feature data retrieved from the user's device. For example, an ATM can include a camera, which would capture a photo of the user, and a processor in the ATM may run an image comparison algorithm on the captured photo and a photo retrieved from the user's card.
In another example, a computer system having a camera may be controlled by proprietary issuer software to, when the user attempts a transaction, activate the camera, and compare the photo to data transmitted or downloaded from the user's transaction device. This example may enable online transactions to be verified in the same way.
Such un-manned orcomputerterminal interfaces can be provided in other situations or for other transaction types. For example, an interface enabled as above may be provided in or for a rental transaction, such as for a hire car or motel room.
As noted above, the known chip and PIN system may be used as usual in addition to the identity verification methods described here. For example, the user may be required by the transaction operator system to enter a PIN, checked against the PIN recorded on the device, before a transaction may be to commenced. The identity verification may then be carried out.
The financial transactions contemplated by the above described embodiments can be any of the transactions permissible by the systems described. The example of payment transactions is used, however the common ATM transactions can be similarly conducted once the user is verified using these methods and systems.
Certain transactions may be more readily available to user devices having these features. For example, for transactions where direct contact with the issuer may not be instantly possible, these methods and systems provide an instant, local means of verification of the user. Transactions conducted out of the range of a network, for example at festivals or on aeroplanes may be suitable.
Figure 7 illustrates an interaction system which may form the basis for the user interaction system employed by a provider system or a transaction system as described above.
User system 704 is operated by a user 702, such as a cardholder. User system 704 includes a processor 708 for executing instructions. Such a processor may implement such steps as set out in the methods described above. In some embodiments, executable instructions are stored in a memory area 710. Memory -20 -area 710 is any device allowing information such as executable instructions and/or written works to be stored and retrieved. Memory area 710 may include one or more computer readable media.
User system 704 also includes at least one media output component 714 for presenting information to user 702. An output adapter is operatively coupled to processor 708 and operatively couplable to an output device such as a display device, a liquid crystal display (LCD), organic light emitting diode (OLED) display, or "electronic ink" display, or an audio output device, a speaker or headphones.
In some embodiments, user system 704 includes an input device 706 for receiving input from user 702, such as option choices, or password or PIN numbers. Input device 706 may include, for example, a keyboard, a pointing device, a mouse, a stylus, a touch sensitive panel, a touch pad, a touch screen, a gyroscope, an accelerometer, a position detector, or an audio input device. User system 704 may also include a communication interface 712, which is communicatively couplable to a remote device such as a server system of a transaction operator or issuer. Communication interface 712 may include, for example, a wired or wireless network adapter or a wireless data transceiver for use with a mobile phone network, Global System for Mobile communications (GSM), 3G, or other mobile data network or Worldwide Interoperability for Microwave Access IMAX).
Stored in memory area 710 are, for example, computer readable instructions for providing a user interface to user 702 via media output component 714 and, optionally, receiving and processing input from input device 706. A user interface may include, among other possibilities, a web browser and client application.
It will be appreciated by those skilled in the art that the invention has been described by way of example only, and that a variety of alternative approaches -21 -may be adopted without departing from the scope of the invention, as defined by the appended claims.

Claims (30)

  1. -22 -CLAIMS1. A method of modifying a user financial transaction device for verification of financial transactions, comprising the steps of: establishing a communication link between a provider system and the user financial transaction device; retrieving account information for the user; obtaining identity feature data for the user; associating the user identity feature data with the retrieved user tO account information; and storing the user identity feature data on the user financial transaction device.
  2. 2. A method according to Claim 1, wherein the steps of retrieving the user account information, obtaining the identity feature data and associating the identity feature data with the user account information are performed by the provider system.
  3. 3. A method according to any preceding claim, wherein the step of retrieving comprises retrieving the user account information from the user financial transaction device.
  4. 4. A method according to Claim 3, further comprising retrieving account information for the user from the provider system, and comparing the user account information from the provider system with the user account information from the user financial transaction device.
  5. 5. A method according to Claim 1 or Claim 2, wherein the step of retrieving comprises retrieving the user account information from the provider system.
    -23 -
  6. 6. A method according to any preceding claim, wherein the step of storing comprises associating on the device the user identity feature data with the retrieved user account information.
  7. 7. A method according to any preceding claim, wherein the step of associating comprises comparing the user identity feature data with the retrieved user account information.
  8. 8. A method according to any preceding claim, wherein the step of associating comprises combining the user identity feature data and retrieved user account information into a user data set.
  9. 9. A method according to any preceding claim, wherein the step of obtaining comprises retrieving the user identity feature data from a storage means in the provider system.
  10. 10. A method according to Claim 9, further comprising: on previous transmission of identity feature data by the user to the provider system, storing the identity feature data for the user for later retrieval.
  11. 11. A method according to any of the Claims I to 8, wherein the step of obtaining comprises obtaining the user identity feature data from the user.
  12. 12. A method according to Claim 11, wherein the step of obtaining comprises: establishing a communication link between a user data device storing user identity feature data and the provider system; and transmitting the user identity feature data from the user data device to the provider system.
  13. 13. A method according to Claim 12, wherein the user financial transaction device comprises the user data device.
    -24 -
  14. 14. A method of providing data to verify the identity of a user conducting a financial transaction, comprising the steps of: establishing a communication link between a user financial transaction device and a transaction operator system, the user financial transaction device storing identity feature data for the user and account information for the user; and retrieving by the transaction operator system from the user financial transaction device the user identity feature data, for comparison with a to user identity feature by a transaction operator.
  15. 15. A method according to Claim 14, wherein the user identity feature data and the user account information are associated on the user financial transaction device.
  16. 16. A method according to Claim 15, wherein the user identity feature data and the user account information are combined into a user data set created by a provider system.
  17. 17. A method according to any of the Claims 14 to 16, further comprising, on retrieval of the user identity feature data, displaying the user identity feature data for comparison with the user identity feature by the transaction operator.
  18. 18. A method according to any of the Claims 14 to 16, further comprising: capturing instant identity feature data of the user; and, on retrieval of the user identity feature data from the user financial transaction device, comparing the instant identity feature data of the user with the user identity feature data from the user financial transaction device.
    -25 -
  19. 19. A method according to any of the Claims 14 to 18, wherein the step of retrieving from the user financial transaction device the identity feature data comprises decrypting the identity feature data.
  20. 20. A method according to any of the Claims 14 to 19, further comprising: retrieving user password data stored on the user financial transaction device; obtaining user password data from the user; and comparing the retrieved user password data with the obtained user password data. I0
  21. 21. A user financial transaction device modified for verification of financial transactions, comprising: means for establishing a communication link between the user financial transaction device and a transaction operator system; means for storing data for a user; and identity feature data for the user, associated with account information for the user, stored on the means for storing data, the user identity feature data and the user account information retrievable by a transaction operator system, the user identity feature data for comparison with a user identity feature.
  22. 22. A user financial transaction device according to Claim 21, wherein the device comprises an integrated circuit chip comprising the means for storing data.
  23. 23. A user financial transaction device according to Claim 21 or Claim 22, wherein the device comprises a financial transaction card comprising the chip.
  24. 24. A user financial transaction device according to Claim 21 or Claim 22, wherein the device comprises a user data device comprising the chip.
    -26 -
  25. 25. A provider system for modifying a user financial transaction device for verification of financial transactions, comprising: an interface for establishing a communication link between the provider system and the userfinancial transaction device, the interface configured to: retrieve account information for the user; and obtain identity feature data for the user; a processor for associating user identity feature data with retrieved user account information; and to means for transmitting the user identity feature data for storage on the user financial transaction device.
  26. 26. A system according to Claim 25, further comprising: a store for storing retrievable user account information; and a network for enabling communication between the store and the interface.
  27. 27. A transaction operator system for verifying the identity of a user conducting a financial transaction, comprising: an interface for establishing a communication link between a user financial transaction device and the transaction operator system, the user financial transaction device storing identity feature data for the user and account information for the user, wherein the interface is configured to retrieve from the user financial transaction device: the user account information; and the user identity feature data; and means for comparing the retrieved user identity feature data with a user identity feature.
  28. 28. A system according to Claim 27, wherein the means for comparing comprises a display for displaying the user identity feature data for comparison with the user identity feature.
    -27 -
  29. 29. A system according to Claim 27, wherein the means for comparing comprises: an image capture device for capturing instant identity feature data of the user; and a processor for, on retrieval of the user identity feature data from the user financial transaction device, comparing the instant identity feature data of the user with the user identity feature data from the user financial transaction device.
  30. 30. A media device storing computer program code adapted, when to loaded into or run on a computer, to cause the computer to carry out a method, according to any of the Claims 1 to 20.
GB1304413.6A 2013-03-12 2013-03-12 Methods, devices and systems for verification of financial transactions Withdrawn GB2511769A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1304413.6A GB2511769A (en) 2013-03-12 2013-03-12 Methods, devices and systems for verification of financial transactions

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1304413.6A GB2511769A (en) 2013-03-12 2013-03-12 Methods, devices and systems for verification of financial transactions

Publications (2)

Publication Number Publication Date
GB201304413D0 GB201304413D0 (en) 2013-04-24
GB2511769A true GB2511769A (en) 2014-09-17

Family

ID=48189762

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1304413.6A Withdrawn GB2511769A (en) 2013-03-12 2013-03-12 Methods, devices and systems for verification of financial transactions

Country Status (1)

Country Link
GB (1) GB2511769A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040234117A1 (en) * 1998-06-19 2004-11-25 Joan Tibor Electronic transaction verification system
US20060224504A1 (en) * 2005-03-31 2006-10-05 Enenia Biometrics, Inc Mobile biometric merchant transaction processing
US20070003111A1 (en) * 2005-06-30 2007-01-04 Fujitsu Limited Biometrics authentication method and biometrics authentication system
US20070033150A1 (en) * 2005-08-08 2007-02-08 Enenia Biometrics, Inc. Biometric web payment system
US20080126212A1 (en) * 2006-07-12 2008-05-29 Cox Mark A Method of Marketing Credit Card Accounts and Point-Of-Sale Payment Devices
US20080282334A1 (en) * 2005-03-07 2008-11-13 Chemla Yves Security Device, Method and System For Financial Transactions, Based on the Identification of an Individual Using a Biometric Profile and a Smart Card
US20120185397A1 (en) * 2011-01-16 2012-07-19 Levovitz Yeruchem Variable fractions of multiple biometrics with multi-layer authentication of mobile transactions

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040234117A1 (en) * 1998-06-19 2004-11-25 Joan Tibor Electronic transaction verification system
US20080282334A1 (en) * 2005-03-07 2008-11-13 Chemla Yves Security Device, Method and System For Financial Transactions, Based on the Identification of an Individual Using a Biometric Profile and a Smart Card
US20060224504A1 (en) * 2005-03-31 2006-10-05 Enenia Biometrics, Inc Mobile biometric merchant transaction processing
US20070003111A1 (en) * 2005-06-30 2007-01-04 Fujitsu Limited Biometrics authentication method and biometrics authentication system
US20070033150A1 (en) * 2005-08-08 2007-02-08 Enenia Biometrics, Inc. Biometric web payment system
US20080126212A1 (en) * 2006-07-12 2008-05-29 Cox Mark A Method of Marketing Credit Card Accounts and Point-Of-Sale Payment Devices
US20120185397A1 (en) * 2011-01-16 2012-07-19 Levovitz Yeruchem Variable fractions of multiple biometrics with multi-layer authentication of mobile transactions

Also Published As

Publication number Publication date
GB201304413D0 (en) 2013-04-24

Similar Documents

Publication Publication Date Title
US11263691B2 (en) System and method for secure transactions at a mobile device
US11157905B2 (en) Secure on device cardholder authentication using biometric data
US10706136B2 (en) Authentication-activated augmented reality display device
KR101699897B1 (en) A personalized multifunctional access device possessing an individualized form of authenticating and controlling data exchange
US20200090182A1 (en) Authenticating remote transactions using a mobile device
CN106688004B (en) Transaction authentication method and device, mobile terminal, POS terminal and server
US20180137502A1 (en) Dynamic Card Verification Values and Credit Transactions
US20180189767A1 (en) Systems and methods for utilizing payment card information with a secure biometric processor on a mobile device
US8843757B2 (en) One time PIN generation
US20160217461A1 (en) Transaction utilizing anonymized user data
US20060136332A1 (en) System and method for electronic check verification over a network
EP3186739B1 (en) Secure on device cardholder authentication using biometric data
CN112823368B (en) Tokenized contactless transactions through cloud biometric identification and authentication
US20230206214A1 (en) BioPurse
TWM603166U (en) Financial transaction device and system with non-contact authentication function
GB2511769A (en) Methods, devices and systems for verification of financial transactions
CN117242470A (en) Multi-factor authentication through encryption-enabled smart cards

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)