IES83743Y1 - Transaction processing - Google Patents
Transaction processing Download PDFInfo
- Publication number
- IES83743Y1 IES83743Y1 IE2004/0389A IE20040389A IES83743Y1 IE S83743 Y1 IES83743 Y1 IE S83743Y1 IE 2004/0389 A IE2004/0389 A IE 2004/0389A IE 20040389 A IE20040389 A IE 20040389A IE S83743 Y1 IES83743 Y1 IE S83743Y1
- Authority
- IE
- Ireland
- Prior art keywords
- customer
- server
- account server
- security
- security device
- Prior art date
Links
- 238000003672 processing method Methods 0.000 claims description 7
- 238000003780 insertion Methods 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 description 1
- 239000011449 brick Substances 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000000034 method Methods 0.000 description 1
- 239000004570 mortar (masonry) Substances 0.000 description 1
- 229920001690 polydopamine Polymers 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Abstract
ABSTRACT A customer insets a security device (D) into the USB port of his computer (C). When a transaction request confirmation (1) is transmitted to a merchant server (M), the merchant server (M) instructs an account server (AS). The account server (AS) performs customer verification, and payment (either with a local account or remote financial institute server). The account server (AS) communicates directly (3, 5) with the customer computer (C) with an encryption mechanism utilising security data read from the security device (D) and a time stamp. A security key for the security device is updated after each transaction and an embedded hardware key is also used.
Description
Transaction Processing
INTRODUCTION
Field of the Invention
The invention relates to processing of transactions such as purchase transactions.
Prior Art Discussion
One of the problems with conducting transactions over a wide area network such as
the Internet is that many customers are not comfortable with the notion of financial
and account data being transmitted online. This problem has been a major factor in
hindering the growth of Internet shopping.
Approaches to address this problem have not to date achieved widespread success.
For example, single-use or limited—use credit cards assist with security in some
situations. However, they require the user to purchase the credit card in advance of
every purchase or group of purchases. Other disadvantages with existing approaches
are inter alia the inability to counteract repudiation.
WOO2/03286 A1 describes a method and system for electronic payment transactions.
There are interactions between a customer computer, a physical security device, an
independent agent, and a financial institution. The customer computer orders an item
from the merchant and then, with authentication of the physical key, transmits a
message to the trusted agent.
The invention is directed towards providing for simpler transaction processing with
enhanced security.
SUMMARY OF THE INVENTION
According to the invention, there is provided a transaction processing method carried
out by a customer terminal, a merchant server, and an account server, wherein, the
merchant server transmits an instruction to the account server upon receipt of a
transaction request confirmation; and the account server communicates directly with
the customer terminal for customer verification and payment processing.
In one embodiment, the verification includes physical connection of a physical
security device in the customer terminal, and the customer terminal reading security
data from the security device.
In another embodiment, the customer terminal generates a customer prompt for
insertion of the security device using a program downloaded from the account server.
In a further embodiment, the customer terminal transmits the security data to the
account server for customer recognition and verification.
In one embodiment, the security data is hashed, the hash is transmitted, the account
server independently generates a hash with the same algorithm based on a local
database record of the security data, and verifies the customer if the hashes match.
In another embodiment, the customer terminal uses a current real time stamp
together with the security data to generate the hash and the account server uses the
same time stamp to generate its hash.
In a further embodiment, the customer terminal transmits the time stamp together
with its hash, and the account server uses this time stamp to independently generate
its hash.
In one embodiment, data transmitted between the customer terminal and the account
server is encrypted.
In another embodiment, the encryption is performed using information stored on
both the customer terminal and the account server.
In a further embodiment, both the customer terminal and the account server perform
a second encryption according to an encryption protocol, for double encryption.
In one embodiment, said protocol is the HTTPS protocol.
In another embodiment, the security data includes a hardware key embedded in the
security device in non—editable and non-erasable form.
In a further embodiment, the hardware key is recorded in a database of the account
server when the security device is issued to the customer.
In one embodiment, the security data includes a software key, and the method
comprises the further steps of both the customer terminal and the account server
synchronously changing the software key.
In another embodiment, the software key is updated after at least some transactions
involving the customer terminal.
In a further embodiment, the account server generates an updated software key after
at least some transactions and transmits it, in encrypted form, to the customer
terminal, and the customer terminal updates it to the security device.
In one embodiment, the customer terminal requires customer input of a PIN code,
and checks the inputted PIN code against a code stored on the security device.
In another embodiment, the customer terminal displays a virtual keypad for customer
input of the PIN code.
ZINGOI
In a further embodiment, location of the virtual keypad on the screen in dynamically
charged from time to time.
In one embodiment, the account server directs the customer terminal to download a
program for transaction processing.
In another embodiment, the account server performs payment operations in
communication with a remote financial institution server.
The invention provides a security device for performing security device operations of
a method as defined above.
The invention also provides an account server for performing account server
operations of a method as defined above.
The invention also provides a merchant server for performing merchant server
operations of a method as defined above.
DETAILED DESCRIPTION OF THE INVENTION
Brief Description of the Drawings
The invention will be more clearly understood from the following description of some
embodiments thereof, given by way of example only with reference to the
accompanying drawings in which:-
Fig. 1 is a schematic diagram showing signals for completion of a transaction
processing method of the invention; and
Figs. 2 to 5 are a series of screen shots generated during execution of the
method.
ZINGOI
Description of the Embodiments
Referring to Fig. l a transaction processing method is performed by:
a customer computer C,
a customer security device D which may be plugged into the customer
computer’s USB port,
a merchant server M, and
an account server AS.
While in this embodiment the customer uses a computer, he or she may alternatively
use a different device or terminal such as a PDA or a mobile phone. Any device with
computing and communication capability and a hardware device port could be used.
Also, the role of the customer computer C and the merchant server M may
alternatively be played by a merchant system in a “bricks and mortar” premises.
The device D is a hardware circuit storing customer-specific security data. This data
includes the latest 1024 byte unique identifier for the customer and is referred to as
the SOFTWARE KEY. This key is also stored on the account server AS and is
unique to each customer. This key is generated by the account server AS and is
transferred to the device D prior to the initial transaction. The device D also has a
unique serial number, called a HARDWARE KEY, built into it during manufacture.
The hardware architecture of the device D comprises an embedded memory.
Before using the system the customer registers transaction information with the server
AS. The transaction information includes account data and the customer is assigned a
customer ID and the security device with the SOFTWARE KEY, which includes the
assigned customer ID. The server AS also stores the serial number of the assigned
hardware device (HARDWARE KEY) for future validation. The server AS sets up a
deposit account for the customer, or alternatively establishes links with an external
financial system which manages the deposit account.
Transaction Steps
ZTNGOI
To place an order the customer simply uses an ecommerce site in a conventional
manner to purchase from the merchant M. The following are the steps:
On the merchant server’s checkout page, the customer can select to pay
via a “Secure Payment System”. The merchant server M is configured
to route the computer C to a payment page of the server AS when this
option is selected. This page is shown in Figs. 2 to 5. For ease of use the
same page is displayed throughout, merely with different steps being
indicated in sections of the screen.
The merchant server M routes the computer C to the account server AS
and sends information about the current order including the merchant’s
ID, a description of the goods and the price.
When the server AS is sent information from the merchant server M,
the server AS registers the information it receives in a database and
assigns a unique transaction ID. The server AS returns HTML data to
the computer C and attempts to start payment gateway software on the
customer computer C by sending instructions to the computer C to load
the software, an activeX control.
If this software is not already installed on the customer computer C, the
customer will either be given instructions on how to download the
software or the software will begin to install automatically. This
software generates the display 20 of Fig. 2 on the screen of the customer
computer C, prompting insertion of the security device in a window 21.
The computer C, executing the ActiveX program, validates that the
security device D is inserted and reads the customer’s ID and the
SOFTWARE KEY into memory. The program also reads the
HARDWARE KEY (serial number of the device D).
ZINGOI
Once the SOFTWARE KEY is validated the program requests the user
to enter his or her PIN, as shown by the screen of Fig. 3 at 22, and PIN
approval being indicated at 23 in the screen of Fig. 4.
Upon customer selection of “Confirm Order” or “Check Balance”
options the computer C transmits authentication data to the server AS
in encrypted form. This authentication involves generation of a one-
way hash code based on the following components: the customer’s
PIN, the SOFTWARE KEY, the customer ID, the HARDWARE
KEY, the current date and time, and the transaction ID. The one—way
hash code is sent to the server AS and the server AS builds its own
version of the one-way hash code using matching information it has
available in it’s database. The account server AS then compares the two
hashes to authenticate the user. If the two hashes don’t match, the
server AS informs the computer C that the authentication failed.
If “Check Balance” is selected, the computer C transmits an encrypted
message to the server AS to request a balance check. The message is
encrypted using the PIN and the other customer data. Upon receipt of
the request message, the server AS verifies the customer, and returns
back the balance.
If the customer confirms a purchase, the server AS verifies the customer
as set out above. The server AS updates its database to mark the
transaction as started. To approve the transaction the server AS
accesses a relevant deposit account, which it holds on behalf of the
customer. Alternatively, it accesses a remote financial system to
determine if funds are present. It transmits an approval or non-approval
message to the computer C as appropriate.
ZINGOI
To finalise an order, the server AS contacts the merchant server M (by
posting form data to a hidden page) to inform the merchant server that
the order is complete. The merchant server M verifies itself using a
method similar to the one described above involving generating a hash
code. The merchant server M is expected to reply with the simple
message “YES”, to indicate that it has updated its records to indicate
that the order is complete. If the merchant server cannot be contacted
the account server AS informs the computer C that the transaction has
failed. If the merchant server was contacted the message returned by
the merchant server M will in turn be returned by the account server AS
to the computer C.
Also, before final approval of the transaction request, the server AS transmits a new
SOFTWARE KEY to the device D. The device D verifies that it has the key and
transmits a verification message to the server AS.
The server AS then approves the transaction for the merchant system M, and the
computer C generates a window 24 such as shown in Fig. 5. After completion of the
transaction, the server AS transmits electronic payment to the merchant system M in
a batch mode.
Security
An advantageous aspect of the method is that the customer makes inputs by
“clicking” graphics on screen, including keypad graphics with numbers. Also, the
locations of the graphics on the screen are optionally randomised by the computer C
program. This prevents “Trojan” software programs that monitor keyboard taps from
obtaining the customer’s PIN and removes a possibly insecure link.
The server AS is linked with a Web server to allow user maintenance of the account.
If the security device D is lost or stolen, the customer may cancel future transactions
until it has been replaced.
ZINGOI
In the above method, there is encryption between the customer device C and the
server AS. This is perfonned using secure HTTPS client—server communication and
also internal encryption: thus giving double encryption.
A large degree of security is achieved because, after the initial purchase request 1,
subsequent communications involving the customer computer C are with the server
AS. These communications are all encrypted using information which is known only
by the computer C and the server AS. The computer C builds a hash using a number
of items of sensitive data and a time stamp. The hash is transmitted together with the
plain time stamp to the server AS. The server AS builds its own version of the hash,
using its record of the same sensitive data and the plain time stamp received from the
computer C. If the customer is valid then both hashes should match. Thus, there is no
communication of sensitive data, only of hashes. Also, any one hash is unique
because a current time stamp is involved in its generation.
The features for communication between the customer computer C and the server AS
apply also for communication between the merchant server M and the server AS. At
least one of the M—to—AS links involves having an order identifier together with a time
stamp.
It will be noted that, after the initial order confirmation, transaction communication
is between the customer computer and the server AS. This communication is very
safe because the mechanism described above does not involve transmission of
sensitive data, and the hashes which are transmitted are double encrypted.
The SOFTWARE KEY used during the transaction process cannot be used again.
The security device D receives a new SOFTWARE KEY after each transaction. The
server AS also logs the transaction on behalf of the customer in the database, and this
is used later for generation of a statement. The transaction data includes device-
specific data, merchant-specific data, date and time.
It will be appreciated that the invention provides comprehensive security for customer
data, helps to prevent fraud on merchants, and also allows convenient shopping by
the customer.
The invention is not limited to Internet shopping. The device D could alternatively be
used for conventional shopping at a retai1er’s premises. The customer presents the
device D to the retailer at the point-of-sale, it is plugged into the point-of-sale system,
and the system accesses the server AS in a manner akin to the set out above.
The invention is not limited to the embodiments described but may be varied in
construction and detail.
ZING01
Claims (1)
- CLAIMS A transaction processing method carried out by a customer terminal (C), a merchant server (M), and an account server (AS), wherein, the merchant server (M) transmits (2) an instruction to the account server (AS) upon receipt of a transaction request confirmation (1); and the account server (AS) communicates directly (3, 5) with the customer terminal (C) for customer verification and payment processing. A transaction processing method as claimed in claim l, wherein the verification (4) includes physical connection of a physical security device (D) in the customer terminal (C), and the customer terminal (C) reading security data from the security device; and wherein the customer terminal (C) generates a customer prompt for insertion of the security device using a program downloaded from the account server; and wherein the customer terminal (C) transmits the security data to the account server AS for customer recognition and verification. A transaction processing method as claimed in claim 2, wherein the security data is hashed, the hash is transmitted, the account server (AS) independently generates a hash with the same algorithm based on a local database record of the security data, and verifies the customer if the hashes match; and wherein the customer terminal (C) uses a current real time stamp together with the security data to generate the hash and the account server uses the same time stamp to generate its hash. A transaction processing method substantially as described with reference to the drawings. A security device comprising means for performing security device operations of a method of any preceding claim.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| IEIRELAND04/06/20032003/0425 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| IES83743Y1 true IES83743Y1 (en) | 2004-12-30 |
| IE20040389U1 IE20040389U1 (en) | 2004-12-30 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7231373B2 (en) | Transaction processing | |
| US11769186B2 (en) | Use verification code for validating an exchange item use request | |
| US20220114591A1 (en) | Payer-controlled payment processing | |
| US10796313B2 (en) | Method and system for facilitating online payments based on an established payment agreement | |
| US5883810A (en) | Electronic online commerce card with transactionproxy number for online transactions | |
| JP4880171B2 (en) | Authenticated payment | |
| US5724424A (en) | Digital active advertising | |
| EP1267312A1 (en) | A method for performing a secure cashfree payment transaction and a cashfree payment system | |
| EP1407431A2 (en) | Method and apparatus for performing a credit based transaction between a user of a wireless communications device and a provider of a product or service | |
| JP2002297939A (en) | Transaction authenticating method, transaction authenticating system and transaction authenticating program | |
| EP0848343A2 (en) | Shopping system | |
| AU775065B2 (en) | Payment method and system for online commerce | |
| KR100968941B1 (en) | Finance trade system using a otp | |
| JP2005115876A (en) | Settlement processing system using portable terminal, store equipment, server, and portable terminal | |
| JP2002150195A (en) | Electronic settlement system and electronic settlement method | |
| IES83743Y1 (en) | Transaction processing | |
| KR20060049057A (en) | An authentication and settlement method for electronic commerce | |
| IE20040389U1 (en) | Transaction processing | |
| IE20040388A1 (en) | Transaction processing | |
| IES20040389A2 (en) | Transaction processing | |
| US12026714B2 (en) | Payer-controlled payment processing | |
| JP2002109419A (en) | Means of settlement of electronic commerce on internet |