GB2595214A - A method and system for securing a transaction between a customer and a merchant - Google Patents

A method and system for securing a transaction between a customer and a merchant Download PDF

Info

Publication number
GB2595214A
GB2595214A GB2007182.5A GB202007182A GB2595214A GB 2595214 A GB2595214 A GB 2595214A GB 202007182 A GB202007182 A GB 202007182A GB 2595214 A GB2595214 A GB 2595214A
Authority
GB
United Kingdom
Prior art keywords
customer
merchant
service provider
biometric information
response
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
GB2007182.5A
Other versions
GB202007182D0 (en
Inventor
Guzminov Pavel
Telyatnikova Natalia
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Finlab 2000 Ltd
Original Assignee
Finlab 2000 Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Finlab 2000 Ltd filed Critical Finlab 2000 Ltd
Priority to GB2007182.5A priority Critical patent/GB2595214A/en
Publication of GB202007182D0 publication Critical patent/GB202007182D0/en
Publication of GB2595214A publication Critical patent/GB2595214A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/206Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/062Pre-authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication

Abstract

A method and system are provided for securing a transaction. The method comprises a merchant 10 detecting a device 30 having a customer ID and, in response, acquiring biometric information for the customer. The merchant sends the customer ID and biometric information to a service provider 20 which compares the received data with stored data, and sends a pre-authorisation to the merchant if there is a match. In response the merchant requests confirmation of the transaction from the customer, and sends a confirmation to the service provider. In response to detecting the device, the merchant may determine whether a data connection to the service provider is above a threshold.

Description

A METHOD AND SYSTEM FOR SECURING A TRANSACTION BETWEEN A.
CUSTOMER AND A MERCHANT
The present invention relates generally to a method and system for securing a transaction between a customer and a merchant, and finds particular, although not exclusive, utility in securing financial transactions.
Security is an important consideration in all types of transactions, whether they are financial (e.g. the purchasing of a product or service) or non-financial (e.g. providing access to a limited group of people to information or a geographical location). Attempting to secure such transactions has been a prime concern for centuries, with solutions used such as requiring possession of a piece of confidential information, and/or possession of a security token. Where more than one solution is used to secure a single transaction (such as two pieces of confidential information, two security tokens, or one piece of confidential information and one security token), this is known as "multi-factor authentication".
Biometric authentication uses metrics related to human characteristics (e.g. body measurements) as a form of security token that is difficult to duplicate/forge/steal, and can thetefiare be relatively secure. I lowever, automating biometric authentication by using computers is very difficult, as an immense amount of processing power is required to identify a single individual from a reservoir of all possible individuals. In addition, the recording of biometric information of a person can lead to security vulnerabilities for that individual, for example if that recorded information is intercepted and used in a subsequent transaction.
According to a first aspect of the present invention, there is provided a method of securing a transaction between a customer and a merchant, the method comprising the steps oft the merchant detecting a customer ID device having a unique customer ID; in response to detecting the customer ID device, the merchant performing biometric recognition on the customer to form biometric information; in response to forming the biometric information, the merchant sending the customer ID and the biometric information to a service provider; in response to receiving the customer ID and the biometric information from the merchant, the service provider comparing the biometric information with parameters stored on a database corresponding to the customer ID; in response to the service provider determining a match between the biometric information and the parameters stored on the database corresponding to the customer ID, the service provider sending a pre-authorisation reply to the merchant; in response to receiving the pre-authorisation reply from the service provider, the merchant requesting confirmation of approval of the transaction from the customer; and in response to receiving confirmation of approval of the transaction from the customer, the merchant sending the confirmation of approval of the transaction to the service provider.
In this way, the customer is identified by virtue of the customer ID device, and only verification is performed on the basis of the biometric information. if the customer Ill device is lost, stolen or compromise, it cannot be used without the person itself, and it can be revoked or reassigned to another user only by the person to whom these ID elements were assigned originally.
If more than one customer ID device is detected, the biometric information may be compared to parameters stored on the database corresponding to each customer ID. Nevertheless, this is still orders of magnitude faster and more efficient than performing full and traditional facial recognition.
The biometric information and the customer ID may be the only personal information transmitted, so third parties (for instance via man-in-the-middle attacks) are unable to extract any other personal identifiable information from the customer.
The customer TD device may be incorporated into and/or onto a card, smartphone, bracelet, sticker, watch, kcyring and/or any article. The customer ID device may be a passive device; that is, it relies upon no internal or external power source to operate. the customer Ill device may permit remote detection of i unique customer ID from a distance of at least 0.5m, in particular at least 1m, more particularly at least 1.5m. The customer ID device may permit remote detection of its unique customer ID from a distance of at most 10m, in particular at most 7m, more particularly at most 5m.
In this way a customer can perform a transaction securely without needing to manually manipulate a customer ID device, for example without haying to take a card or mobile device out of their pocket/bag.
The customer ID device may comprise a microchip and an antenna. Alternatively or additionally, the customer ID device may comprise an RFID tag. Alternatively or additionally, the customer ID device may comprise a QR and/or bar code.
Detecting the customer ID device may comprise reading the unique customer ID, for example visually and/or via radio frequencies. The customer Ill may comprise a unique serial number, which may have been encrypted with an open key of the service provider.
Detecting the customer ID may comprise a customer passing through a gate (e.g. entrance to a premises), or into proximity with a merchant device (e.g. adjacent to a cash point and/or till).
The customer Ill device may include additional information such as, but not limited to, the date that it became associated with the customer, parameters of the article to which it is incorporated (such as smartphone operating system and/or FM-FT number), telephone number(s) email address(es), biometric information (relating to facial recognition, fingerprint, eyes/retina, voice recognition, etc.), password(s), PIN(s),and/or security question(s) and answer(s).
Facial recognition may be via any conventional means, including elastic graph matching, neuron networks, hidden Markov's models, principal component analysis, active appearance models (21.211N4) and/or active shape models (ASM).
Recognition may involve checks to ensure that biometric information is not being counterfeited, such as by holding up a photograph to a camera, playing a recording to a microphone, etc. Method for such mitigation are well known in the art, for example by taking a video of a person (rather than a still picture), asking them to say a specific sentence, and/or measuring blood flow in a finger or retina.
Recognition may involve repeating individual processes. For example, recognition may comprise acquiring biometric information on multiple occasions, for example by taking one or more videos and extracting biometric information/parameters from each of a plurality of frames of said video(s). Similar approaches may be taken using audio, iris, or other forms of biometric identification.
In some cases, these Iwo steps may be combined to establish that minor differences exist between each extraction, to confirm that (for example) a photograph has not been provided for recording by a video camera.
The additional information may be encrypted. In particular, the additional information may comprise a cryptographic hash, or a plurality of cryptographic hashes, relating to one, some or all of the preceding examples. In this way, sensitive information need not be made vulnerable by being stored on the customer ID device, but it can be used to authenticate validation queries of a carrier of the customer ID device.
Biometric recognition may comprise acquiring a photograph and/or video of a person (e.g. their Lice and/or gait), an audio recording of a person's voice (e.g. when saying a predetermined phrase), and/or an image of a person's fingerprint, retina and/or Sending any message and/or information (such as the customer TD and the biometric information) may comprise combining the message and/or information into a single package and/or a series of packages. 't he or each package may be signed with a private key of the sender, may be encrypted with a public key of the recipient and may be transmitted over a telecommunications network (e.g. the Internet, GSM, etc.).
Similarly, receiving such a message and/or information may comprise decrypting it/them with the private key of the recipient, verifying its/their authenticity with the public key of the sender, and extracting the component messages and/or information.
In this way, conventional asymmetric cryptographic methods may be employed to secure the communication. In particular, in some cases rather than using asymmetric cryptography to encrypt an entire package, it may be used to encrypt a portion of the message information that contains a symmetric cryptographic key, which is used to encrypt the remainder of the message/information. In this way, processing power required for encryption/decryption may be reduced.
Alternatively, separate packages may be created for each separate message and/or piece of information, but this is not preferred.
The service provider may comprise a bank, credit company, or other financial institution that carries out financial transactions. Alternatively or additionally, the service provider may be a distinct authentication/verification establishment used by such financial institutions to secure the transactions. Similarly, the service provider rnay comprise a physical security service and/or Internet security provider.
The database may comprise a series of entries for each subscribed user, associating a customer ID with biometric information for that user. The database may also comprise additional information on each user, such as personal identifiable information (name, address, date of birth, etc.), other security information (password (s), security question(s), etc. and/or a hash thereof), contact details (telephone number, email address etc.) and may include information relating to behaviour (such as trends in past transactions, perhaps including time of day, location, anaounts). In this way, certain behaviour can be predicted (such as purchasing a train ticket at the same time each day) in order to reduce processing/validation time. The database may be part of the service provider, or may be separate and/or distinct therefrom.
The step of comparing the biometric information may merely comprise validating the acquired biometric information against parameters stored in the database. In this way, full identification of the customer can be avoided, so that comparison of biometric information with all subscribed users is avoided in favour of comparison with the single user associated with the customer Ill, thereby speeding up processing time.
The comparing may involve comparing parameters from the acquired biome-Eric information with parameters stored on the database.
The parameters may comprise characteristics of distinguishing features, for example the relative positions, sizes, and/or shapes of a user's eyes, nose, cheekbones, jaw, etc. in facial recognition. Alternatively or additionally, the parameters may comprise values representative of a biometric acquisition's variance from a template and/or mean. It is to be appreciated that various methods may be used for various types of biometric 1 5 information.
The request for confirmation of approval may comprise an explicit request such as 'do you want to proceed', presented visually (on a computer screen) or audibly (via a loudspeaker). Alternatively or additionally, the ca ga.nnation of approval II my COT 1 Trisc an implicit request such as the customer taking an item and/or passing a certain point implies consent to the transaction.
Confirmation or approval may be by any convenient means depending on the transaction under consideration. For example, confirmation of approval may be by walking past a checkpoint (e.g. by passing a line, virtual line and/or turnstile in a train/metro/tube station), pressing 'accept' or 'approve' on a keypad, saying yes' or 'confirm' into a microphone, or any similar process.
The method may further comprise the step of: in response to receiving the confirmation of approval of the transaction from the merchant, the service provider executing the transaction.
Tn response to failing to receive the confirmation of approval of the transaction from the customer, and/or receiving a decline-of-transaction from the customer, the merchant may end the transaction and/or method. Ending the transaction and/or method may comprise reporting ending of the transaction and/or method to the service provider and/or the customer.
The method may further comprise the step of: in response to executing the transaction, the service provider sending confirmation that the transaction has been executed to the merchant and/or the customer.
lit response the service provider sending, and/or the merchant and/or customer receiving, confirmation that the transaction has been execute, the transaction and/or method may end.
The method may further comprise the steps of: the merchant acquiring transactional information relating to the transaction to be secured; and in response to acquiring the transactional information, the merchant sending the transactional information to the service provider.
The transactional information comprises data relating to the transaction being secured. The transactional information may comprise, for example, an amount, currency, location of the customer ID device, time of detection of the customer ID device and/or type of transaction. Alternatively or additionally, the transactional information may comprise the location of an area to which the customer requires access (for example to pass through a checkpoint or door).
The transactional information may comprise information about the merchant, such as location of the merchant, time of transaction request and/or an identification of the merchant.
The transactional information may comprise secondary verification information, such as data relating to a PIN, password, or other form of identity verification, for the customer and/or merchant. In this way, additional levels of security may be applied by conventional means, as might be appropriate in general, or for specific types of transactions. These could be required by the merchant, service provider and/or customer, based on input preferences.
The transactional information may be combined with the biometric information and the customer ID in a similar manner to that discussed above with respect to the biometric information and the customer ID alone. In this way, even if someone were to intercept the encrypted package of customer ID and biometric information, they would not be able to use this to fool the service provider, as that information would effectively make the package a single use package.
The method may further comprise the step of: in response to the service provider failing to determine a match between the biometric information and the parameters stored on the database corresponding to the customer ID, the service provider sending a filed match reply to the merchant.
The failed match reply may comprise a request for additional verification. For example, this might be a request for the merchant to re-acquire the biometric information.
Alternatively or additionally, the request may comprise a request for the merchant to acquire different biometric information (e.g. if facial recognition was first used, voice recognition may now be requested) and/or another form of verification (such as the insertion of a password. PTN, etc.).
It can be appreciated, that this approach of requesting additional verification may not be limited to merely when there is a failure to determine a match between the biometric information and the parameters stored on the dattbase corresponding to the customer ID. Rather, this additional information may be required as a matter of course (to enable multi-factor authentication), and/or may be requested for certain transactions. For example, this could be for transactions above a certain threshold (L,30, £50, £100, etc.) and/or such as where a transaction is inconsistent with customer behaviour (e.g. where a user purchases a first train ticket from point A to point B, then shortly afterwards purchases a second train ticket from point A to point C, where a ticket is bought at a time inconsistent with established routines, or where a purchase is made sufficiently geographically displaced from a prior purchase such that travel between the two locations is unlikely /impossible).
The method may further comprise the steps of: in response to the merchant receiving the request for additional verification, the merchant seeking additional verification of the customer; and in response to the merchant obtaining further verification information from the customer, the merchant sending the further verification information to the service provider.
The further verification information may be combined with the biometric information, the customer ID and/or the transactional information in a similar manner to that discussed above with respect to the biometric information and the customer ID alone.
Alternatively or additionally, the failed match reply may comprise instructions to end the transaction and/or method. Ending the transaction and/or method may comprise reporting ending of the transaction and/or method to the service provider and/or the customer.
The step of the merchant perflirming biometric recognition on the customer to form biometric int-cm-nation may comprise first processing of the biometric information. The first processing may comprise removing extraneous data from the biometric information. In this way, the data being sent to the service provider may be reduced at the cost of only minimal processing by the merchant.
The step of the service provider determining a match bemeen the biometric information and the parameters stored on the database corresponding to the customer ID may comprise second processing of the biometric information. The second processing may comprise: converting the biometric information into a set of parameters; and comparing the set of parameters to the parameters stored on the database corresponding to the customer ID.
In this way, intensive processing of the biometric information to extract useful parameters may be carried out centrally at the service provider.
The method may further comprise the steps of in response to detecting the customer TD device, the merchant determining whether a data connection to the service provider is above a predetermined threshold level; and in response to determining that the data connection to the service provider is above a predetermined threshold level, the merchant performing the biometric recognition on the customer to form the biometric information.
The threshold may be a measure of bandwidth, speed and/or reliability of connection. Alternatively or additionally, the threshold may comprise a balance of these measures with a processing power available at the merchant.
The method may farther comprise the steps of: in response to determining that the data connection to the service provider is below the predetamined threshold level, the merchant sending the customer ID to the service provider; and in response to the service provider receiving the customer ID, the service provider creating a one-time key and sending the one-time key to the merchant for use in processing the biometric information.
Some transactional information may be combined with the customer ID in a similar manner to that discussed above with respect to the biometric information and the customer ID alone. In this way, even if someone were to intercept the encrypted package of customer ID, they would not be able to use this to fool the service provider, as the additional transactional information (e.g. date, tinae, location) would effectively make the package a single use package.
The one-time key may be authorised for usc for a predetermined length of time, for example at least and/or at most 2 minutes, 5 minutes, 10 minutes, 20 minutes, etc. Tn some circumstances, this approach of using a one-time kcy may not be limited to low data connection quality, but may be used irrespective of the data connection quality to add a further level of security.
The first processing of the biometric information may comprise converting the biometric information into a set of parameters, and the second processing may comprise comparing the set of parameters to the parameters stored on the database corresponding to the customer ID.
In this way, in cases where processing at the merchant is possible quickly (due to a sufficiently powerful processor) and where data connection quality is low (demanding minimal data transmission to the service provider and/or back again), substantial processing may be performed on the merchant side.
Converting the biometric information into a set of parameters may comprise combining the biometric information with the one-time key. That is, an algorithm that processes die biometric infiltration (either as part of the first processing and/or the second processing) involves an input of the one-time key such that the parameters produced are effectively encrypted by this one-time key. The service provider can similarly encrypt the database parameters with the one-time key, and then compare the encrypted parameters sent from the merchant with the encrypted parameters from the database in order to determine whether or not there is a match.
The above method may be used whether the customer is present at the merchant or not; for instance, when carrying out an e-commerce transaction.
According to a second aspect of the present invention, there is provided a system for securing a transaction between a customer and a merchant, the system comprising: a customer ID device having a unique customer TD; a service provider device; a database holding a plurality of parameters, each parameter being associated with a respective customer ID; and a merchant device configured to detect the customer ID device, performing biometric recognition on the customer to form biometric information, and send the customer ID and the biometric information to the service provider device; wherein the service provider device is configured to compare the biometric information with the parameters stored on the database corresponding to the unique customer ID and send a pre-authorisation reply to the merchant device; wherein the merchant device is further configured to requesting confirmation of approval of the transaction from the customer in response thereto and send the confirmation of approval of the transaction to the service provider device.
The customer and the merchant may register with the service provider in a similar manner to each other. This authorisation may last indefinitely, or may be authorised for a specific time period, dependant on appropriate fraud-protection policies.
In some cases, the customer may not be carrying the customer Ill device, in which case, the customer can perform identity verification by other means, including using the biometric systems disclosed herein.
The above and other characteristics, features and advantages of the present invention will become apparent from the following detailed description, taken in conjunction with the accompanying drawings, which illustrate, by way of example, the principles of the invention. This description is given for the sake of example only, without limiting the scope of the invention 'The reference figures quoted below refer to the attached drawings.
Figure 1 is a representation of a system; for securing a transaction between a customer and a merchant.
Figure 2 is a flow chart showing a method of securing a transaction between a customer and a merchant.
The present invention will be described with respect to certain drawings but the invention is not limited thereto but only by the claims. The drawings described are only schematic and are non-limiting. Each drawing may not include all of the features of the invention and therefore should not necessarily be considered to be an embodiment of the invention. In the drawings, the size of some of the elements may be exaggerated and not drawn to scale for illustrative purposes. The dimensions and the relative dimensions do not correspond to actual reductions to practice of the invention.
Furthermore, the terms First, second, third and the like in the description and in the claims, are used for distinguishing between similar elements and not necessarily for describing a sequence, either temporally, spatially, in ranking or in any other manner. It is to be understood that the terms so used are interchangeable under appropriate circumstances and that operation is capable in other sequences than described or illustrated herein. Likewise, method steps described or claimed iii a particular sequence may be understood to operate in a different sequence.
Moreover, the terms top, bottom, over, under and the like in the description and the claims are used for descriptive purposes and not necessarily for describing relative positions. it is to be understood that the terms so used arc interchangeable under appropriate circumstances and that operation is capable in other orientations than described or illustrated herein.
Tt is to be noticed that the term "comprising" used used in the claims, should not be interpreted as being restricted to the means listed thereafter; it does not exclude other elements or steps. It is thus to be interpreted as specifying the presence of the stated features, integers, steps or components as referred to, but does not preclude the presence or addition of one or more other features, integers, steps or components, or groups thereof Thus, the scope of the expression "a device comprising means A and B" should not be limited to devices consisting only of components A and B. It means that with respect to the present invention, the only relevant components of the device are A and B. Similarly, it is to be noticed that the term "connected", used in the description, should not be interpreted as being restricted to direct connections only. Thus, the scope of the expression "a device A connected to a device B" should not be limited to devices or systems wherein an output of device A is directly connected to an input of device B. It means that there exists a path between an output of A and an input of B which may be a path including other devices or means. "Connected" may mean that two or more elements are either in direct physical or electrical contact, or that two or more elements are not in direct contact with each other but yet still co-operate or interact with each other. For instance, wireless connectivity is contemplated.
Reference throughout this specification to "an embodiment" or "an aspect" means that a particular feature, structure or characteristic described in connection with the embodiment or aspect is included in at least one embodiment or aspect of the present invention. Thus, appearances of the phrases "in one embodiment", "in an embodiment", or "in an aspect" in various places throughout this specification are not necessarily all referring to the same embodiment or aspect, but may refer to different embodiments or aspects. Furthermore, the particular features, structures or characteristics of any one embodiment or aspect of the invention may be combined in any suitable manner with any other particular feature, structure or characteristic of another embodiment or aspect of ii the invention, as would be apparent to one of ordinary skill in the art from this disclosure, in one or more embodiments or aspects.
Similarly, it should be appreciated that in the description various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Moreover, the description of any individual drawing or aspect should not necessarily be considered to be an embodiment of the invention. Rather, as the following claims reflect, inventive aspects lie in fewer than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Furthermore, while some embodiments described herein include some features included in other embodiments, combinations of features of different embodiments are meant to be within the scope of the invention, and form yet further embodiments, as will be understood by those skilled in the art For example, in the following claims, any of the claimed CT 1 lboclitncnts can be used in any combination.
Tn the description provided herein, numerous specific details are set forth.
TIowever, it is understood that embodiments of the invention may be practised without these specific details. In other instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
In the discussion of the invention, unless stated to the contrary, the disclosure of alternative values for the upper or lower limit of the permitted range of a parameter, coupled with an indication that one of said values is more highly preferred than the other, is to be construed as an implied statement that each intermediate value of said parameter, lying between the more preferred and the less preferred of said alternatives, is itself preferred to said less preferred value and also to each value lying between said less preferred value and said intermediate value.
The use of the term "at least one" may mean only one in certain circumstances.
The use of the term "any" may mean "all" and/or "each" in certain circumstances.
The principles of the invention will now be described by a detailed description of at least one drawing relating to exemplary features. It is dear that other arrangements can be configured according to the knowledge of persons skilled in the art without departing from the underlying concept or technical teaching, the invention being limited only by the terms of the appended claims.
Figure 1 is a representation of a system for securing a transaction between a customer and a merchant. A merchant device 10 can offer a service to a customer (not shown). Securing a transaction between the customer and the merchant device 10 is a service provider 20.
The customer possesses a customer ID device 30. the merchant device 10 can detect the customer ID device 30, and can request authentication from the service provider 20. In order to establish authentication of the customer, the service provider 20 can interrogate a database 40, which may form part of the service provider, or may be separate and distinct therefrom.
Communication between the merchant device 10 and the service provider 20 may be via a communications network 50, such as the Internet or a wireless network (e.g. GSM network).
Figure 2 is a flow chart showing a method of securing a transaction between a customer and the merchant 10, mediated by the service provider 20.
At 100, the merchant 10 identifies a customer ID device 30 and obtains a customer Ill therefrom. This triggers the merchant 10 performing biometric recognition 200 on the customer, and subsequently performing limited processing of the biometric information 220 obtained by the biometric recognition 200.
Optionally, identifying 100 the customer ID device 30 may also trigger a check of the connection quality with the service provider 20 over the network 30. In practice, the result of this check will be pre-programmed into the merchant device 10 such that it will not have to perform a comprehensive check (e.g. of bandwidth, etc.) every time a customer TD device 30 is detected 100, but can rely on a predetermined result (e.g. from an earlier check, or manually input by a merchant).
At 110, if the connection quality, is determined to be high, no further action may be taken by this optional step; however, if the connection quality is determined to be low, the customer ID may be sent 120 to the service provider 20. The service provider 20 may then create 130 a one-time key and pass 140 this back to the merchant for subsequent use in processing the biometric information. The one-time key may for example by an eight-digit integer, but various other forms of key are also envisaged.
Specifically, at 220, if the connection quality is determined to be low from step 110, the one-time key from step 130 is used to perform more in-depth processing of the biometric information, resulting in the attainment of a set of encrypted parameters of the biometric information. 'the encrypted parameters are of a much smaller data size than the biometric information would be after only the limited processing mentioned above. Tn either case, the merchant 10 also acquires 210 transactional information. This could relate to the merchant 10 (e.g. unique identification, such as a twelve-digit integer, location, etc.) or to the transaction itself (e.g. nature, value, date, time, etc.).
In step 230, the transactional information is combined together with the customer ID and the biometric information (and where appropriate the one-time key). This combining is performed using a predetermined algorithm known to the merchant and the service provider, and may even be a public/known algorithm. The algorithm is also an asymmetric/one-way algorithm. In this way, if the merchant 10 and service provider 20 use the algorithm on the same transactional information, and on biometric information about the same person, they will arrive at the same result; however, a person in possession of the result would not be able to reconstruct the biometric information nor identify the person therefrom.
The combined information is then sent to the service provider 20. This involves signing the package with a private key of the merchant 10, encrypting it with a public key of the service provider 20, and then transmitting it over the network 50 to the service provider 20. The service provider 20 then decrypts it using its private key, verifies the signature with the merchant's public key and extracts the relevant information 300, which includes the combined information discussed above.
In particular, the package sent (signed and encrypted) from the merchant 10 may comprise: the combined information (i.e. at least the biometric information and sonic transactional information); the customer TD; and the transactional information. in this way, the service provider may extract the combined information, the customer ID and the transactional information from the package, and then use the customer ID to acquire from the database biometric parameters relating to the customer. The service provider 20 could then use the same algorithm as the merchant 10 to form its own version of the combined information (i.e. at least the databases biometric information and the same transactional information), and then compare the result with the combined information received from the merchant 10.
Alternatively, if only, limited processing is performed at step 220, then the service provider 20 may be able to extract the biometric information, and then determine parameters from this 300, and compare these directly with those held on the database that correspond to the customer Ill 310.
At 310, if no match is found, then the service provider may send 320 a request to the merchant to perform additional verification330. The form of this additional verification may be dictated by the service provider 20, or may be chosen by the merchant 10.
This additional verification information can be re-combined with the customer ID, transactional information and/or biometric information as before at step 230, if appropriate. However, in some arrangements it may be necessary to send only the new verification infatuation back to the service provider, such that steps 300 and 310 may be carried out again.
If the result of step 310 is a match, then the service provider may inform 400 the merchant 10 of this At 410, the merchant may ask the customer to approve the transaction. Failure to do so results in the process ending 420. I 1owever, if approved, this is sent at 500 to the service provider 20, who is able to execute the transaction 510.
Optionally a confirmation may be sent to the merchant 520, and/or to the customer 520, after which the process ends.

Claims (16)

  1. CLAIMS1. A method of securing a transaction between a customer and a merchant, the method comprising the steps of: the merchant detecting a customer TD device having a unique customer TD; in response to detecting the customer device, the merchant performing biometric recognition on the customer to form biometric information; in response to forming the biometric information, the merchant sending the customer Ill and the biometric information to a service provider; in response to receiving the customer ID and the biometric information from the merchant, the service provider comparing the biometric information with parameters stored on a database corresponding to the customer ID; in response to the service provider determining a match between the biometric infonnation and the parameters stored on the database corresponding to the customer TD, the service provider sending a pre-authorisation reply to the merchant; in response to receiving the pre-authorisation reply from the service provider, the merchant requesting confirmation of approval of the transaction from the customer; and in response to receiving confirmation of approval of the transaction from the customer, the merchant sending the confirmation of approval of the transaction to the service provider.
  2. 2. The method of claim 1, further comprising the step of: in response to receiving the confirmation of approval of the transaction from the merchant, the service provider executing the transaction.
  3. 3. The method of claim 2, further comprising the step of: in response to executing the transaction, the service provider sending confirmation that the transaction has been executed to the merchant and/or the customer.
  4. 4. The method of any preceding claim, further comprising the steps of: the merchant acquiring transactional information relating to the transaction to be secured; and in response to acquiring the transactional information, the merchant sending the transactional information to the service provider.
  5. 5. The method of any preceding claim, further comprising the step of in response to the service provider failing to determine a match between the biometric information and the parameters stored on the database corresponding to the customer Ill, the service provider sending a failed match reply to the merchant.
  6. 6. The method of claim 5, wherein the failed match reply comprises a request for additional verification.
  7. 7. The method of claim 6, further comprising the steps of: in response to the merchant receiving the request for additional verification, the merchant seeking additional verification of the customer; and in response to the merchant obtaining further verification information from the customer, the merchant sending the further verification information to the service provider.
  8. 8 The method of any preceding claim, wherein the step of the merchant performing biometric recognition on the customer to form biometric information comprises first processing of the biometric information.
  9. 9. The method of claim 8, wherein the first processing comprises removing extraneous data from the biometric information.
  10. 10. The method of any preceding claim, wherein the step of the service provider determining a match between the biometric information and the parameters stored on the database corresponding to the customer ID comprises second processing of the biometric information.
  11. 11. The method of claim 10, wherein the second processing comprises: converting the biometric inftmnation into a set of parameters; and comparing the set of parameters to the parameters stored on the database corresponding to the customer TD.
  12. 12. The method of any preceding claim, further comprising the steps of: in response to detecting the customer Ill device, the merchant determining whether a data connection to the service provider is above a predetermined threshold level; and in response to determining that the data connection to the service provider is above a predetermined threshold level, the merchant performing the biometric recognition on the customer to form the biometric information.
  13. 13. The method of claim 12, fitrther comprising the steps oft in response to determining that the data connection to the service provider is below the predetermined threshold level, the merchant sending the customer Tr) to the service provider; and in response to the service provider receiving the customer ID, the service provider creating a one-time key and sending the one-time key to the merchant for use in processing the biometric information.
  14. 14. The method of any preceding claim, wherein the first processing of the biometric information comprises converting the biometric information into a set of parameters, and the second processing comprises comparing the set of parameters to the parameters stored on the database corresponding to the customer ID.
  15. 15. The method of claim 14, when dependent on claim 13, wherein converting the biometric information into a set of parameters comprises combining the biometric information with the one-time key.
  16. 16. A system for securing a transaction between a customer and a merchant,the system comprising: a customer device having a unique customer Ill; a service provider device; a database holding a plurality of parameters, each parameter being associated with a respective customer ID; and a merchant device configured to detect the customer TD device, performing biometric recognition on the customer to form biometric information, and send the customer 113 and the biometric information to the service provider device; wherein the service provider device is configured to compare the biometric information with the parameters stored on the database corresponding to the unique customer Ill and send a pre-authorisation reply to the merchant device; wherein the merchant device is further configured to requesting confirmation of approval of the transaction from the customer in response thereto and send the confirmation of approval of the transaction to the service provider device.
GB2007182.5A 2020-05-15 2020-05-15 A method and system for securing a transaction between a customer and a merchant Pending GB2595214A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB2007182.5A GB2595214A (en) 2020-05-15 2020-05-15 A method and system for securing a transaction between a customer and a merchant

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB2007182.5A GB2595214A (en) 2020-05-15 2020-05-15 A method and system for securing a transaction between a customer and a merchant

Publications (2)

Publication Number Publication Date
GB202007182D0 GB202007182D0 (en) 2020-07-01
GB2595214A true GB2595214A (en) 2021-11-24

Family

ID=71135170

Family Applications (1)

Application Number Title Priority Date Filing Date
GB2007182.5A Pending GB2595214A (en) 2020-05-15 2020-05-15 A method and system for securing a transaction between a customer and a merchant

Country Status (1)

Country Link
GB (1) GB2595214A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100325002A1 (en) * 2008-06-11 2010-12-23 Lmr Inventions, Llc System and method for verifying user identity information in financial transactions
US20140297529A1 (en) * 2013-03-14 2014-10-02 Kachyng, Inc. Point Of Access Device For Use With A Mobile Device
US20190333050A1 (en) * 2009-07-02 2019-10-31 Biometric Payment Solutions Electronic transaction verification system with biometric authentication
US20200082408A1 (en) * 2015-03-17 2020-03-12 Visa International Service Association Multi-device transaction verification

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100325002A1 (en) * 2008-06-11 2010-12-23 Lmr Inventions, Llc System and method for verifying user identity information in financial transactions
US20190333050A1 (en) * 2009-07-02 2019-10-31 Biometric Payment Solutions Electronic transaction verification system with biometric authentication
US20140297529A1 (en) * 2013-03-14 2014-10-02 Kachyng, Inc. Point Of Access Device For Use With A Mobile Device
US20200082408A1 (en) * 2015-03-17 2020-03-12 Visa International Service Association Multi-device transaction verification

Also Published As

Publication number Publication date
GB202007182D0 (en) 2020-07-01

Similar Documents

Publication Publication Date Title
US10701068B2 (en) Server based biometric authentication
Gunasinghe et al. PrivBioMTAuth: Privacy preserving biometrics-based and user centric protocol for user authentication from mobile phones
US7788500B2 (en) Biometric authentication device and terminal
WO2012042775A1 (en) Biometric authentication system, communication terminal device, biometric authentication device, and biometric authentication method
KR20180061168A (en) Wireless biometric authentication system and method
US11588638B2 (en) Digital notarization using a biometric identification service
US20220407709A1 (en) Biometric sensor on portable device
CN107592308A (en) A kind of two server multiple-factor authentication method towards mobile payment scene
US11451394B2 (en) Efficient hands free interaction using biometrics
BR112021009895A2 (en) method, and, digital assistant device
CN105550928A (en) System and method of network remote account opening for commercial bank
CN106936775A (en) A kind of authentication method and system based on fingerprint recognition
Yang et al. Biometrics for securing mobile payments: benefits, challenges and solutions
US20160342996A1 (en) Two-factor authentication method
Deswarte et al. A Proposal for a Privacy-preserving National Identity Card.
GB2595214A (en) A method and system for securing a transaction between a customer and a merchant
SE1550401A1 (en) Financial transactions with a varying pin
US20200204377A1 (en) Digital notarization station that uses a biometric identification service
Garba A new secured application based mobile banking model for Nigeria
CN109005158B (en) Authentication method of dynamic gesture authentication system based on fuzzy safe
Han et al. Biometric authentication for mobile computing applications
WO2019114813A1 (en) Biometric authentication system and method
WO2021211054A1 (en) A communication system and method for enabling payment to an offline payee using offline markers
Saranya et al. MF-Secure: Multifactor Security Framework for Distributed Mobile Systems
KR20120041088A (en) Method for secure binding and integrity ensurance of identity reference and biometric reference in a separated database environment