JP2024058277A - Settlement system - Google Patents

Abstract

To provide a high-security settlement system for cashless settlement at a comparatively low cost, while consolidating sales information of a store.SOLUTION: A settlement system includes: an information input encryption apparatus having a function of encrypting input cashless settlement information and converting the information into encrypted cashless settlement information; a communication module; a settlement server for issuing a token; a key management server for converting the encrypted cashless settlement information into cashless settlement information; and a settlement information storage apparatus for storing the cashless settlement information and the token. The communication module includes an interface for connecting to the information input encryption apparatus. The communication module and an order reception application of a store can be connected by software development kit software.SELECTED DRAWING: Figure 1

Description

The present invention relates to a payment system that enables retailers to make cashless payments for sales by credit card or other means.

Patent Document 1 describes a card reservation payment system for phone-accepted reservations, which is characterized by having a reservation receiving means, such as a reservation recipient that accepts the reservation from the reservation sender, a card information transmitting means that transmits information required for card payment to the card company, a card company collation response means, and a reservation completion means, when making payments by card for travel, mail order, and other telephone reservations.

Patent document 2 describes a portable online payment assistance device that uses a one-time password to authenticate the identity of a subscriber, and when identity verification is successful, enables online commercial transactions through payment using identification information.

Patent document 3 describes the use of tokenization technology in a card transaction service management server.

Patent document 4 describes a payment system for paying for sales at retail stores by credit card.

WO 2004/104882 JP 2008-15924 A JP 2018-14088 A JP 2019-149075 A

In order to sell products, a retail store may receive orders from customers and use cashless payment such as credit cards to settle payments from customers to the retail store. Retail stores may also process cashless payments using point of sale information management terminals (POS terminals) at their stores. Retail stores may also receive orders from customers by telephone, fax, mail (postcards, letters, etc.) (hereinafter referred to as "telephone, etc.") and use credit cards to settle payments from customers to the retail store.

In recent years, in order to improve the security of credit card information, there has been a demand for retailers not to retain credit card information. Not retaining credit card information at retailers means that the retailer does not directly process payments by credit card, does not transmit credit card information, and does not store credit card information.

To eliminate the need to retain credit card information, the Payment Card Industry Data Security Standard (PCI DSS), a security standard for credit cards, has been proposed. However, because PCI DSS has numerous requirements, it places a huge burden on retailers who try to implement PCI DSS, and the implementation costs are high.

Retailers are seeking seamless integration between credit card payment systems and their core systems. If seamless integration between credit card payment information and the core system for managing the sales of the retailer is possible, the retailer can centrally manage sales information. The connection of a payment network for credit card payments using the core system of the retailer is generally called an "inner loop connection." If the retailer makes an inner loop connection, the credit card payment information and the core system for managing the sales of the retailer can seamlessly integrate, and sales information can be centrally managed. However, in order for the retailer to make an inner loop connection, it is necessary to satisfy security standards that meet certain technical requirements. The hurdle of this security standard is high, and it is not easy for the retailer to make an inner loop connection. For this reason, retailers may not adopt credit card payment via an inner loop connection, but may request a credit card company or a payment agent to select an "outer loop connection" in which the credit card company or the payment agent manages security. In the case of an outer loop connection, the connection between the credit card payment system and the core system of the retailer is extremely limited, making it difficult for the retailer to centrally manage sales information. As a result, there may be discrepancies between the sales amount paid by credit card and the sales amount recorded in the retailer's core system.

In addition, in conventional payment systems, in order to obtain an information input encryption device that is compatible with a specific information input encryption device, the application of the payment system's communication module was created to match the specifications of the information input encryption device, making it very time-consuming and not easy to add a new information input encryption device (terminal) to the lineup. Also, for manufacturers of information input encryption devices, it is not easy to have their own information input encryption devices (terminals) adopted as information input encryption devices for a specific payment system, and it has not been easy to expand sales of their own terminals.

The above problems also apply to cashless payments other than credit cards, such as debit cards, electronic money, prepaid cards and barcode payments.

The present invention aims to provide a relatively low-cost, highly secure payment system for cashless payments such as credit card information, and to provide a payment system that allows retailers to centrally manage sales information. It also aims to provide a payment system that makes it easy to obtain a compatible information input encryption device.

The present invention also aims to provide a payment system that allows retailers to eliminate the need to retain credit card information at a relatively low cost. The present invention also aims to provide a payment system that can prevent the leakage of credit card information even if a retailer is subject to a cyber attack.

To solve the above problems, the present invention has the following configuration.

(Configuration 1)
Configuration 1 is a payment system for making a cashless payment for a sales price at a retail store,
The payment system is
An information input encryption device for inputting cashless payment information, the information input encryption device having a function of encrypting input cashless payment information and converting it into encrypted cashless payment information;
a communication module for connecting to the information input encryption device and transmitting and receiving information via the Internet;
a payment server connected to the communication module via the Internet for issuing a token corresponding to cashless payment information;
a key management server connected to the payment server, the key management server being configured to decrypt the encrypted cashless payment information and convert the encrypted cashless payment information into cashless payment information;
a payment information storage device connected to the payment server for storing cashless payment information and a token;
Including,
the communication module includes an interface for connecting to the information input encryption device;
This is a payment system configured so that the communication module can be connected to the store's order-accepting app using SDK (software development kit) software.

(Configuration 2)
Configuration 2 is the payment system of configuration 1, wherein the information input encryption device includes a connection module for connecting to an interface of the communication module.

(Configuration 3)
Configuration 3 is a payment system of configuration 1 or 2, in which the cashless payment information is credit card information.

(Configuration 4)
Configuration 4 is any of the payment systems of configurations 1 to 3, in which the payment system includes an information processing device, the information processing device includes a communication module and an order receiving application, and the information processing device is a point of sales information management terminal (Point Of Sales terminal, POS terminal).

(Configuration 5)
Configuration 5 is any of configurations 1 to 4, in which the information input encryption device further includes a payment information reading device for receiving cashless payment information.

(Configuration 6)
Configuration 6 is any of configurations 1 to 5, in which the information input encryption device is configured to encrypt the input cashless payment information and then erase the pre-encrypted cashless payment information without transmitting the pre-encrypted cashless payment information outside the information input encryption device.

(Configuration 7)
Configuration 7 is any of the payment systems of configurations 1 to 6, in which the information input encryption device satisfies the Secure Reading and Exchange of Data (SRED) requirements of PCIPTs (Payment Card Industry Pin Transaction Security).

(Configuration 8)
Configuration 8 is any of the payment systems of configurations 1 to 7, in which encryption of cashless payment information by the information input encryption device is performed using a key management protocol based on DUKPT (Derived Unique Key Per Transaction).

(Configuration 9)
Configuration 9 is any of the payment system of configurations 1-8, wherein the token is described by a 16-digit number.

(Configuration 10)
Configuration 10 is any of the payment systems of configurations 1 to 9, in which the payment server is configured to link the issued token and/or cashless payment information and store it in the payment information storage device.

(Configuration 11)
Configuration 11 is the payment system of any of configurations 1 to 10, wherein the payment server is configured to transmit the issued token to the communication module.

(Configuration 12)
Configuration 12 is a payment system of configuration 11, in which the payment server is configured to receive the token and sales item information from the communication module, and obtain cashless payment information stored in the payment information storage device based on the received token.

(Configuration 13)
Configuration 13 is the payment system of configuration 12, in which the payment server is configured to transmit cashless payment information and sales item information to a payment agency.

(Configuration 14)
Configuration 14 is a payment system of any of configurations 1 to 13, in which the payment agency is a token service provider, and the payment agency or token service provider has a payment server, a key management server, and a payment information storage device.

The present invention makes it possible to provide a highly secure payment system for cashless payments such as credit card information at a relatively low cost, and also to provide a payment system that allows retailers to centrally manage sales information.

The present invention provides a payment system that allows retailers to eliminate the need to retain credit card information at a relatively low cost. Furthermore, the present invention can prevent the leakage of credit card information even if the retailer is subjected to a cyber attack, since the retailer does not hold the credit card information.

FIG. 1 is a configuration diagram showing an example of the configuration of a payment system according to an embodiment of the present invention. FIG. 11 is a configuration diagram showing another example of the configuration of the payment system of the present embodiment. FIG. 3 is a configuration diagram for further explaining the configuration of the payment system of the present embodiment shown in FIG. 2. FIG. 11 is a flow diagram showing an example of an operation for issuing a token by the payment system of the present embodiment. FIG. 11 is a flow diagram showing an example of an operation for making a payment using a token by the payment system of the present embodiment.

The following describes in detail the embodiments of the present invention with reference to the drawings. Note that the following embodiments are forms for embodying the present invention and do not limit the scope of the present invention.

In this specification, "device A connects to device B" means that device A and device B are connected to each other via a wired or wireless information communication means, including the Internet, so that device A and device B can send and receive information to each other at least when sending and receiving information is necessary. In addition, "device A connects to device B" includes connecting device A and device B via another device between them.

Figure 1 is a diagram showing an example of the configuration of a payment system according to this embodiment. The payment system according to this embodiment is a payment system that allows a retailer 10 to make cashless payments for sales.

Figures 2 and 3 are configuration diagrams showing another example of the configuration of the payment system of this embodiment. Figures 2 and 3 show an example in which the payment system of this embodiment is used in a vending machine 50 of a retail store 10.

As shown in FIG. 1, the payment system of this embodiment includes at least an information input encryption device 12, a communication module 22, a payment server 32, a key management server 34, and a payment information storage device 36. The payment system of this embodiment may further include an order receiving app 24. The order receiving app 24 may be managed by the retail store 10. According to this embodiment, a predetermined information input encryption device 12 encrypts input cashless payment information (e.g., credit card information) in a predetermined manner, thereby providing a payment system with high security for cashless payment information at a relatively low cost. According to the payment system of this embodiment, the information input encryption device 12 has a predetermined function, allowing the retail store 10 to non-retain cashless payment information (e.g., credit card information) at a relatively low cost.

In the example used in the vending machine 50 shown in Figures 2 and 3, the payment server 32, key management server 34, and payment information storage device 36 in the token service provider 30, as well as the payment agency 40, are omitted from the illustration. The vending machine 50 shown in Figures 2 and 3 is basically the same as the example shown in Figure 1.

As shown in Figures 1 and 3, the communication module 22 (also called a "token coupler") of the payment system of this embodiment includes an interface 23 for connecting to the information input encryption device 12. In addition, the information input encryption device 12 can include a connection module 13 for connecting to the interface 23 of the communication module 22.

The connection from the communication module 22 to the information input encryption device 12 can be made via the interface 23 of the communication module 22 (token coupler) and the connection module 13 of the information input encryption device 12. The specifications of the interface 23 of the communication module 22 (token coupler) are published by businesses such as a predetermined token service provider 30 and/or a predetermined payment agency 40. Therefore, the manufacturer of the information input encryption device 12 can easily design and manufacture the connection module 13 for connecting the company's communication module 22 (token coupler) to the interface 23 of the information input encryption device 12. Therefore, by developing a predetermined connection module 13, the manufacturer of the information input encryption device 12 can provide the existing information input encryption device 12 (terminal) manufactured by the company as an information input encryption device 12 compatible with the payment system of this embodiment. Therefore, in this embodiment, an information input encryption device 12 compatible with the payment system of this embodiment can be easily obtained.

In other words, by developing the connection module 13 by itself, the manufacturer of the information input encryption device 12 can easily manufacture an information input encryption device 12 (terminal) that is compatible with the services of the payment system of this embodiment (i.e., the services of the payment system provided by a specified token service provider 30 and/or a specified payment agency 40). Therefore, the payment system of this embodiment has the advantage for the manufacturer of the information input encryption device 12 that it becomes easier to expand sales of their own terminals.

In addition, conventionally, the token service provider 30 and/or the payment agency 40 selected the information input encryption device 12 and created applications such as the communication module 22 according to the specifications of the information input encryption device 12, so adding a new terminal to the lineup was very time-consuming and not easy. In the payment system of this embodiment, a specific token service provider 30 and/or a specific payment agency 40 can publish the specifications of the interface 23 of the communication module 22 (token coupler). The manufacturer of the information input encryption device 12 can develop a specific connection module 13 for the information input encryption device 12 based on the published specifications of the interface 23. Therefore, the specific token service provider 30 and/or the specific payment agency 40 can increase the lineup of new terminals (information input encryption devices 12) without much effort.

As described above, adopting the payment system of this embodiment has benefits not only for the retailer 10, but also for the token service provider 30, the specified payment agency 40, and/or the manufacturer of the information input encryption device 12.

1 and 3, the payment system of this embodiment is configured so that the communication module 22 and the order receiving application 24 of the store 10 can be connected by the SDK (software development kit) software 25. The specifications of the SDK (software development kit) software 25 are made public by businesses such as the token service provider 30. Therefore, the store 10 can create the SDK software 25 itself to connect the core system of the store 10 to the communication module 22 of the payment system of this embodiment. As a result, the store 10 can centrally manage sales information by linking the information obtained when making a cashless payment with the core system for managing the sales of the store 10. In other words, by using the payment system of this embodiment, the store 10 can seamlessly link the system for cashless payment (e.g., credit card payment) with the core system of the store 10 as if the payment system was an inner loop connection, even though the payment system is an outer loop connection. As a result, the retailer 10 can centrally manage sales information, preventing discrepancies between sales made through cashless payments (e.g., credit card payments) and sales recorded in the retailer's 10 core system.

The payment system of this embodiment is a payment system for making a cashless payment for the sales price of the retail store 10. Examples of cashless payment include credit cards, debit cards, electronic money, prepaid cards, and barcode payments. In this specification, information for making a cashless payment is called cashless payment information. For example, information for making a payment by credit card includes a credit card number, expiration date, and security code. The sales price of the retail store 10 can be the sales price from the store's point of sale information management terminal (Point Of Sales terminal, POS terminal). The sales price of the retail store 10 can also be the sales price of the vending machine 50 of the retail store 10. The sales price of the retail store 10 can also be the sales price generated by orders from customers by telephone, fax, and mail.

In the payment system of this embodiment, it is preferable that the cashless payment information is credit card information. In the following explanation, the devices constituting the payment system of this embodiment will be specifically explained using an example in which the cashless payment information is credit card information.

In the payment system of this embodiment shown in FIG. 1, an information processing device 20 including at least a communication module 22 and an order receiving application 24 is placed in a sales store 10. The information processing device 20 in the sales store 10 can be, for example, a point of sale information management terminal (POS terminal). A salesperson 14 uses the information processing device 20 (POS terminal) to accept orders from customers. Note that customers can input cashless payment information such as credit card information by operating the information processing device 20 (POS terminal).

In another embodiment of the payment system of this embodiment, a call center is arranged at the store 10, and a salesperson 14 (e.g., an operator) can accept orders from customers by telephone or the like. An information processing device 20 including at least a communication module 22 and an order receiving application 24 is arranged at the store 10. The information input encryption device 12 is connected to the communication module 22 of the information processing device 20. The information processing device 20 is also connected to a display device 26. The salesperson 14 can make the necessary inputs to the order receiving application 24 and the information input encryption device 12 in order to receive orders from customers, according to the images displayed on the display device 26.

In this specification, a "retailer 10" is an organization for selling products (for example, a company such as a joint stock company, a private shop, or a corporation such as an incorporated association). The components inside the dashed line in Figs. 1 to 3 as the retailer 10 do not necessarily need to be physically located in the same place. For example, the information processing device 20 can be located at the main store and the information input encryption device 12 can be located at a call center, and other appropriate locations can be used as needed. The information processing device 20 can also be configured to include multiple servers and the like located at different locations. However, when the payment system of this embodiment is used at a call center, the information input encryption device 12 needs to be located so that the salesperson 14 of the retailer 10 can input information from customers via telephone, etc. Furthermore, the display device 26 needs to be located so that it can be seen by the salesperson 14.

In this specification, the "information processing device 20" of the retail store 10 can include at least a part or all of the order receiving system of the retail store 10. In addition, the information processing device 20 can be configured to be connected to the order receiving system so that information can be sent and received between the information processing device 20 and the order receiving system of the retail store 10. The information processing device 20 can be an information processing system that connects a point of sale information management terminal (Point Of Sales terminal, POS terminal), a personal computer, a server, etc. In addition, the information processing device 20 can be a system to which a specific information processing device is connected via the Internet. If the information processing device 20 is a POS terminal, the information processing device 20 (POS terminal) can be placed in the store where the salesperson 14 interacts with customers.

<Information Input Encryption Device 12>
The information input encryption device 12 is a device for inputting cashless payment information such as credit card information. When the cashless payment method is a credit card, the cashless payment information is credit card information such as the credit card number and expiration date. Below, an example will be described in which the cashless payment information is credit card information.

The information input encryption device 12 has the function of encrypting input credit card information and converting it into encrypted credit card information. The information input encryption device 12 can be a standalone device and can be connected to the communication module 22 via a connection that complies with the USB (Universal Serial Bus) standard and a connection that complies with the RS232C standard, etc.

After encrypting the input credit card information, the information input encryption device 12 used in this embodiment does not retain the information within the information input encryption device 12. In other words, after encrypting the input credit card information, the information input encryption device 12 can automatically erase the unencrypted credit card information without transmitting the credit card information to the outside. Note that the retailer 10 does not retain the encryption key for decrypting the credit card information encrypted by the information input encryption device 12, and therefore cannot decrypt the encrypted credit card information. This makes it possible to achieve non-retention of credit card information by the retailer 10.

In the payment system of this embodiment, it is preferable that the information input encryption device 12 meets the SRED (Secure Reading and Exchange of Data) requirements of PCI PTS (Payment Card Industry Pin Transaction Security). The SRED requirements are security requirements for encryption that comply with PCI PTS and realize the non-retention of credit card information by the retailer 10 as described above. In other words, by having the information input encryption device 12 meet the SRED requirements, it becomes possible to encrypt credit card information the moment it is entered into the information input encryption device 12.

The credit card information encrypted by the information input encryption device 12 can only be decrypted (decoded) by the key management server 34 described below. In this embodiment, it is preferable that the decryption of the encrypted credit card information by the key management server 34 is performed based on P2PE (Point-to-Point Encryption). By adopting a P2PE-based method in which the information input encryption device 12 encrypts the information and the key management server 34 decrypts the encryption, credit card information can be transmitted and received with high security.

The information input encryption device 12 with the SRED function for encryption and the encryption method that cannot be decrypted until a specified endpoint is reached are sometimes referred to as the PCI P2PE solution. The PCI P2PE solution is one of the security standards established by the PCI SSC (Payment Card Industry Security Standards Council, LLC., a council jointly established by VISA, MasterCard, JCB, AmericanExpress, and Diners). The payment system of this embodiment can be a system that complies with the PCI P2PE solution.

In order for the payment system of this embodiment to comply with the PCI P2PE solution, a method can be adopted in which a business entity, the token service provider 30, is certified for the PCI P2PE solution, and the merchant 10 uses a payment system that complies with the PCI P2PE solution provided by that business entity. In this case, the token service provider 30 can prepare a specified information input encryption device 12 (a device that meets the PCI PTS requirements) and lend it to the merchant 10. Credit card information is encrypted by the specified information input encryption device 12 arranged at the merchant 10, and is decrypted only within the token service provider 30 (business entity) that is PCI DSS compliant. The merchant 10 cannot decrypt the credit card information at all.

In the payment system of this embodiment, the information input encryption device 12 encrypts credit card information using a key management protocol based on DUKPT (Derived Unique Key Per Transaction). By encrypting credit card information using the information input encryption device 12 using a key management protocol based on DUKPT, the encrypted credit card information can be transmitted and received with higher security.

An example of an information input encryption device 12 that complies with the above-mentioned SRED and DUKPT is "SREDKey" manufactured by ID TECH.

The information input encryption device 12 may include a connection module 13 for connecting to the interface 23 of the communication module 22. The connection between the communication module 22 and the information input encryption device 12 may be made via the interface 23 of the communication module 22 (token coupler) and the connection module 13 of the information input encryption device 12. The specifications of the interface 23 of the communication module 22 (token coupler) are published by businesses such as a specified token service provider 30 and/or a specified payment agency 40. Therefore, the manufacturer of the information input encryption device 12 can easily design and manufacture the connection module 13 for connecting the specified communication module 22 (token coupler) to the interface 23 of the information input encryption device 12.

<<Payment information reader>>
In the payment system of this embodiment, the information input encryption device 12 can include a payment information reading device for receiving cashless payment information.

2 and 3 show an example in which the information input encryption device 12 of the vending machine 50 has a payment information reading device. The payment information reading device can be a part of the information input encryption device 12. The payment information reading device is a device for receiving cashless payment information (e.g., credit card number and expiration date, etc.) of a cashless payment means 64 such as a credit card and an IC-type prepaid card. The payment information reading device can contact a cashless payment means 64 having cashless payment information such as a credit card and read the payment information, like a credit card reading device. The payment information reading device can also be a camera. In that case, the camera of the payment information reading device can read the cashless payment information as a barcode or two-dimensional code displayed on the customer terminal 62 of a customer 60 having a cashless payment means, and the information input encryption device 12 can decode the contents of the barcode. The barcode or two-dimensional code can be a barcode or two-dimensional code (e.g., QR code (registered trademark)) for so-called barcode payment.

<<Non-contact communication device>>
In the payment system of this embodiment, the information input encryption device 12 may include a non-contact communication device for receiving cashless payment information. In the example of the vending machine 50 shown in Figs. 2 and 3, the cashless payment information can be input to the non-contact communication device of the information input encryption device 12 by wireless communication. The non-contact communication device may be a part of the information input encryption device 12. The non-contact communication device is configured to be capable of wireless communication by electromagnetic waves with a customer terminal 62 such as a smartphone having cashless payment information, a credit card capable of contactless communication, and a non-contact IC card. The non-contact communication device, like the payment information reading device, can receive cashless payment information (e.g., credit card number and expiration date, etc.) held by the cashless payment means 64 by wireless communication by electromagnetic waves.

<Communication module 22>
The communication module 22 (also called a "token coupler") is disposed in the information processing device 20 of the store 10. The communication module 22 is connected to the information input encryption device 12. The communication between the information input encryption device 12 and the communication module 22 (information processing device 20) can be performed, for example, by a connection conforming to the USB (Universal Serial Bus) standard and a connection conforming to the RS232C standard. The communication module 22 can receive credit card information encrypted by the information input encryption device 12. The communication module 22 can also transmit and receive information to the payment server 32 via the Internet. Therefore, the communication module 22 can transmit the encrypted credit card information to the payment server 32. After transmitting the encrypted credit card information to the store 10, the communication module 22 immediately erases the encrypted credit card information from within itself without transmitting the information to other devices of the store 10.

In the information processing device 20 of the retail store 10, the communication module 22 connects to the order receiving application 24. Note that the communication module 22 does not transmit credit card information or encrypted credit card information to the order receiving application 24. Therefore, by using a specific communication module 22, it is possible to realize the retail store 10 not retaining credit card information.

The communication module 22 can transmit information other than credit card information and encrypted credit card information to the order receiving app 24 of the retailer 10. The communication module 22 can also receive predetermined information from the order receiving app 24. The payment system of this embodiment is configured so that the connection between the communication module 22 and the order receiving app 24 of the retailer 10 can be made by SDK (software development kit) software 25. The SDK software 25 will be described later.

As shown in Figures 1 and 3, the communication module 22 (also called a "token coupler") of the payment system of this embodiment includes an interface 23 for connecting to the connection module 13 of the information input encryption device 12. The interface 23 of the communication module 22 (token coupler) is made public by an operator such as a token service provider 30. Therefore, the manufacturer of the information input encryption device 12 can easily develop a connection module 13 of the information input encryption device 12 that can be connected to the interface 23 of a specified communication module 22 (token coupler).

<Order application 24>
The order application 24 is disposed in the information processing device 20 of the store 10, such as a POS terminal, and controls functions related to orders. The order application 24 can be at least a part of the order system of the store 10. The order application 24 can be connected to a display device 26 for notifying the salesperson 14 of information related to orders. The salesperson 14 can input predetermined items to the order application 24 using a predetermined input device such as a keyboard and mouse. The order application 24 can record necessary information such as tokens in a storage device connected to the information processing device 20.

The order receiving app 24 is configured not to receive credit card information or encrypted credit card information. The encrypted credit card information is not sent to any other party except via the communication module 22 and the internet to the payment server 32.

1 and 3, the payment system of this embodiment is configured so that the communication module 22 and the order receiving application 24 of the retailer 10 can be connected by the SDK (software development kit) software 25. The specifications of the SDK (software development kit) software 25 are published by the token service provider 30. Therefore, the retailer 10 can create the SDK software 25 by itself to connect the core system of the retailer 10 to the communication module 22 of the payment system of this embodiment. As a result, the retailer 10 can centrally manage sales information by linking the credit card payment information with the core system for managing the sales of the retailer 10. In other words, by using the payment system of this embodiment, the retailer 10 can seamlessly link the system for credit card payment with the core system of the retailer 10 as if the payment system was an inner loop connection, even though the payment system is an outer loop connection. As a result, the retailer 10 can centrally manage sales information, preventing discrepancies between the sales details recorded in the retailer's 10 core system and the sales details made through credit card payments.

<Payment Server 32>
The payment server 32 is located in the token service provider 30 and is connected to the communication module 22 of the merchant 10 via the Internet. The payment server 32 functions as a token server that issues a token corresponding to credit card information. A known method can be used as a tokenization technique such as a method for issuing a token.

In this specification, the term "token service provider 30" refers to a business entity such as a token processing company that uses tokens to enable the merchant 10 to retain credit card information. The system within the token service provider 30, including the payment server 32, key management server 34, and payment information storage device 36 (also referred to as "Token Vault"), is configured to comply with, for example, PCI DSS in order to maintain a certain high level of security.

In the payment system of this embodiment, it is preferable that the token is described as a 16-digit number. By describing the token as a 16-digit number, the same as a credit card number, it becomes possible to convert the token to a system used for processing credit cards, thereby increasing the versatility of the payment system.

The payment server 32 is connected to the key management server 34 and the payment information storage device 36 within the token service provider 30.

Encrypted credit card information is sent from the payment server 32 to the key management server 34 for decryption. The credit card information decrypted by the key management server 34 is sent from the key management server 34 to the payment server 32.

The payment server 32 sends credit card information and the corresponding token to the payment information storage device 36. It is preferable that the credit card information and the corresponding token are encrypted by the key management server 34 before being sent to the payment information storage device 36. In response to a call by the payment server 32 using a specific token, the payment information storage device 36 sends credit card information corresponding to the specific token to the payment server 32.

The payment server 32 is connected to a payment agency 40. The payment agency 40 can be an external business. In this case, the connection between the payment server 32 and the payment agency 40 can be established via the Internet using a communication method that ensures high security, such as HTTPS (Hypertext Transfer Protocol Secure).

It is also possible for the payment agency 40 to also function as the token service provider 30. In this case, the payment agency 40 is the token service provider 30, and the payment agency 40 or the token service provider 30 has a payment server 32, a key management server 34, and a payment information storage device 36. When the payment agency 40 is the token service provider 30, the connection between the payment server 32 and the payment agency 40 can be made by a predetermined communication method that ensures internal security. The method of payment by the payment agency 40 to the credit card company is publicly known.

In the payment system of this embodiment, the payment server 32 can transmit the issued token to the communication module 22. By transmitting the token to the communication module 22 located at the merchant 10, the merchant 10 can use the token for payment without the merchant 10 having to hold credit card information.

In the payment system of this embodiment, the payment server 32 receives a token and sales item information from the communication module 22, and can obtain credit card information stored in the payment information storage device 36 based on the received token. The payment server 32 of the token service provider 30 obtains the credit card information stored in the payment information storage device 36 based on the token obtained from the merchant 10, so that the token service provider 30 can prepare the credit card information without the merchant 10 having to hold the credit card information.

In the payment system of this embodiment, the payment server 32 can transmit credit card information and sales item information to the payment agency 40. The payment agency 40 can receive the credit card information and sales item information and send them to the credit card company through secure communication. As a result, the payment by credit card can be completed. Note that if the token issuing procedure described below has already been performed and the retailer 10 has the token, the payment can also be completed by directly transmitting the token and sales item information from the retailer server 16 to the payment agency 40 without going through the payment server 32. Also, if the retailer 10 has the token, information on cancellation of the sale and changes to the sales amount can be sent directly to the payment agency 40 without going through the payment server 32.

<Key management server 34>
The key management server 34 is connected to the payment server 32. The key management server 34 decrypts the encrypted credit card information and converts the encrypted credit card information into credit card information.

As described above, the credit card information is encrypted by the information input encryption device 12. Therefore, the key management server 34 is configured to be capable of decryption corresponding to the encryption by the information input encryption device 12. Specifically, when the encryption of the credit card information is based on P2PE, the key management server 34 is configured to be the decryption end point. Also, when the encryption of the credit card information by the information input encryption device 12 is performed using a key management protocol based on DUKPT, the key management server 34 is configured to be capable of decrypting the encryption corresponding to the key management protocol based on DUKPT of the information input encryption device 12. The key management server 34 can convert the credit card information encrypted by the information input encryption device 12 into the credit card information before encryption, thereby decrypting the credit card information into a usable format.

The key management server 34 is configured to encrypt the credit card information and/or token stored in the payment information storage device 36 in a predetermined manner. By encrypting the credit card information and/or token, security can be further improved.

<Payment information storage device 36>
The payment information storage device 36 is connected to the payment server 32. Credit card information and tokens are stored in the payment information storage device 36. The payment server 32 is configured to associate the issued token with the credit card information and store them in the payment information storage device 36.

When storing the token and credit card information in the payment information storage device 36, it is preferable to encrypt the token and/or credit card information and store it in the payment information storage device 36. The token and/or credit card information can be encrypted by using the key management server 34. Specifically, the payment server 32 transmits the token and/or credit card information to the key management server 34, and the key management server 34 encrypts the token and/or credit card information. The encrypted token and/or credit card information is transmitted to the payment server 32 and further stored in the payment information storage device 36. In this way, by encrypting the token and/or credit card information and storing it in the payment information storage device 36, the security of the credit card information in the token service provider 30 can be improved.

By using the payment system of this embodiment described above, it is possible to realize, at a relatively low cost, the retailer 10 not retaining credit card information when settling sales prices by credit card.

The payment system of this embodiment can seamlessly link the credit card payment system with the core system of the retailer 10 as if the payment system were an internal connection, even though the payment system is an external connection. Therefore, the payment system of this embodiment allows the retailer 10 to centrally manage sales information.

The above explanation has been given using an example of cashless payment by credit card, but this is not limited to this. In the payment system of this embodiment, cashless payment can be made in the same way as with the credit card described above, even in the case of cashless payment such as debit card, electronic money, prepaid card, and barcode payment.

The following describes a specific example of using the payment system of this embodiment. However, this example is not intended to limit the present invention.

Figure 1 shows an example of a payment system in this embodiment. The payment system in this embodiment includes at least an information input encryption device 12, a communication module 22, a payment server 32, a key management server 34, and a payment information storage device 36. In Figure 1, the information input encryption device 12 and the communication module 22 are included in an information processing device 20 such as a POS terminal. In Figure 1, the parts connected via the Internet in this embodiment are shown with thick lines.

The information processing device 20, which includes the information input encryption device 12 and the communication module 22, is placed in the store 10. The information processing device 20 may further include an order receiving app 24. Here, an example will be described in which the information processing device 20 is a standalone device (e.g., a POS terminal and a personal computer). Note that the information processing device 20 may also be in the form of an information processing system to which a personal computer, a server, etc. are connected.

The payment server 32, key management server 34, and payment information storage device 36 are located within the business that is the token service provider 30. The business is also a business that complies with PCI DSS and P2PE solutions. In contrast, the merchant 10 does not need to comply with either PCI DSS or P2PE solutions.

Figure 4 shows a flow diagram illustrating an example of the operation for issuing a token by the payment system of this embodiment. Symbols S101 to S111 in Figure 4 indicate the steps of the operation by the payment system of this embodiment.

First, the salesperson 14 of the store 10 receives an order from a customer. The salesperson 14 inputs the required information into the order application 24 while looking at the display device 26. The required information can also be input by reading a barcode, etc. At this time, credit card information such as the credit card number and expiration date for payment is not input into the order application 24. When the required information (name, product name, quantity, etc.) is input into the order application 24, a required signal is sent from the order application 24 to the communication module 22 (S101). The communication module 22 and the order application 24 of the store 10 can be connected by a required SDK (software development kit) software 25. The specifications of the SDK software 25 are made public by the token service provider 30, so the store 10 can create the SDK software 25 itself.

The communication module 22 sends a signal to the information input encryption device 12 having the connection module 13 via the specified interface 23 and the connection module 13 to prompt the input of credit card information (S102). As a result, a message prompting the input of credit card information is displayed on the display unit of the information input encryption device 12. The specified interface 23 is made public by a business operator such as the token service provider 30. Therefore, the manufacturer of the information input encryption device 12 can easily develop a connection module 13 for the information input encryption device 12 that can be connected to the interface 23 of the specified communication module 22 (token coupler).

The credit card information is input to the information input encryption device 12 (S103). In this case, the salesperson 14 can input the credit card information using the numeric keypad of the information input encryption device 12. When inputting the information, the salesperson 14 inputs the credit card information only to the information input encryption device 12 without taking a record such as writing down the credit card information heard from the customer. Also, in the case of sales using a POS terminal or the like, the credit card information can be input to the information input encryption device 12 by the customer operating the information input encryption device 12. For example, the credit card information can be input to the information input encryption device 12 by reading the IC chip or magnetic tape of the credit card.

The information input encryption device 12 immediately encrypts the entered credit card information using a function based on the SRED requirements. This encryption is performed using a key management protocol based on the DUKPT. The "SREDKey" manufactured by ID TECH can be used as an information input encryption device 12 with such functions.

The credit card information encrypted inside the information input encryption device 12 is transmitted from the connection module 13 of the information input encryption device 12 to the communication module 22 via a specified interface 23 (S104).

The communication module 22 transmits the encrypted credit card information to the payment server 32 of the token service provider 30 via the Internet (S105). After transmitting the encrypted credit card information, the communication module 22 does not transmit it to other devices of the retailer 10, and does not record the encrypted credit card information in the communication module 22. In other words, the credit card information encrypted by the information input encryption device 12 passes through the communication module 22 and is transmitted to the payment server 32.

After receiving the encrypted credit card information, the payment server 32 transmits the encrypted credit card information to the key management server 34 (S106). The key management server 34 decrypts the encrypted credit card information using a predetermined decryption means. Specifically, the key management server 34 decrypts the encrypted credit card information based on a key management protocol based on DUKPT.

The decrypted credit card information is sent from the key management server 34 to the payment server 32. The payment server 32 issues a token based on the credit card information (S107).

The decrypted credit card information and issued token are then sent again to the key management server 34 and encrypted. The encrypted credit card information and token are then sent to the payment server 32 (S108).

The encrypted credit card information and token are sent from the payment server 32 to the payment information storage device 36, where the credit card information and token are linked and stored (S109).

The payment server 32 transmits the token to the communication module 22 of the retailer 10 via the Internet (S110).

The token received by the communication module 22 of the retail store 10 is sent to the order receiving app 24 (S111). The token is stored in the order receiving app 24 and waits for use. The order receiving app 24 can also display on the display device 26 that the token is now available for use.

The payment system of this embodiment is configured so that the communication module 22 and the order receiving app 24 of the retailer 10 can be connected by the SDK software 25. Because the specifications of the SDK software 25 are published by the token service provider 30, the retailer 10 can create the SDK software 25 appropriate for connecting the communication module 22 and the order receiving app 24 of the retailer 10. Therefore, information other than cashless payment information (credit card information) can be appropriately communicated between the communication module 22 and the order receiving app 24 of the retailer 10. As a result, the retailer 10 can centrally manage sales information.

Next, we will explain how to use the tokens obtained by the retailer 10 as described above.

Figure 5 shows a flow diagram illustrating an example of the operation for making a credit card payment using a token issued by the payment system of this embodiment. Symbols S201 to S209 in Figure 5 indicate the operational steps when using the issued token.

To start credit card payment using the token obtained through steps S101 to S111 described above, for example, a salesperson 14 at the store 10 makes a specified input to the order receiving app 24. As a result, the token is sent from the order receiving app 24 to the communications module 22 via the SDK software 25 (S201). At this time, information about the ordered product is also sent from the order receiving app 24 to the communications module 22 via the SDK software 25.

The communication module 22 transmits the token and sales item information to the payment server 32 of the token service provider 30 via the Internet (S202).

After receiving the token and the sales item information, the payment server 32 sends the token to the payment information storage device 36 and receives encrypted credit card information corresponding to the token (S203).

The payment server 32 transmits the encrypted credit card information to the key management server 34. The key management server 34 decrypts the encrypted credit card information using a predetermined decryption means and transmits it to the payment server 32 (S204).

As a result, the payment server 32 will hold the specified credit card information and sales product information required for credit card payment (S205). If the token has the same number of digits as the credit card number, the format of the credit card information can be obtained by replacing the specified number of digits of the token with the card number of the decrypted credit card information. Similarly, by making the expiration date and the like the same number of digits, replacement can be made easier.

The payment server 32 transmits the credit card information and sales product information to the payment agency 40. If the payment agency 40 is a different business from the token service provider 30, the credit card information and sales product information can be transmitted to the payment agency 40 by secure communication via the Internet, as shown in FIG. 5 (S206). If the payment agency 40 is the same business as the token service provider 30, the credit card information and sales product information can be transmitted from the payment server 32 to a server corresponding to the payment agency 40 using an internal network.

The payment agent 40 sends this information to the credit card company through secure communication. After the credit card company receives the required approval, payment for the product is completed by credit card. The payment agent 40 sends the result of the credit card payment to the payment server 32 of the token service provider 30 (S207).

The payment server 32 of the token service provider 30 sends the result of the credit card payment to the communication module 22 of the merchant 10 (S208).

The result of the credit card payment is sent from the communication module 22 to the order receiving application 24 via the SDK software 25 (S209). The order receiving application 24 can display the result of the credit card payment on the display device 26. The salesperson 14, who has confirmed the result of the credit card payment, can communicate the result of the credit card payment to the customer. In addition, the display device 26 can display the result of the credit card payment directly to the customer.

It goes without saying that the above example is an example of the payment system of this embodiment, and that a person skilled in the art can make certain modifications as necessary within the scope of this embodiment.

As another embodiment of the present invention, for example, in S202, if the merchant 10 has a token, the merchant 10 can complete the payment by directly transmitting the token and merchandise information to the payment agency 40 without going through the payment server 32. In this case, the steps corresponding to S202 to S205 can be performed by the payment agency 40 transmitting the token to the token service provider 30 that issued the token and requesting the token service provider 30 to transmit the credit card information corresponding to the token. Alternatively, the steps corresponding to S202 to S205 can be performed by the payment agency 40 itself. In step S207, the payment agency 40 can transmit the result of the credit card payment directly to the merchant server 16.

In addition, when canceling a sale or changing the sales price, the retailer 10 can send information directly to the payment agency 40 without going through the payment server 32 as described above.

A token can be valid for only one payment, or it can be valid for multiple payments. In the case of a token that is valid for only one payment, the token and the sales item information in the payment information storage device 36 are deleted after the token is used for payment according to the procedure shown in S201 to S205. In the case of a token that can be used for multiple payments, the merchant 10 holds the token, and the token and sales item information in the payment information storage device 36 remain without being deleted. When the merchant 10 reuses the token to make a payment, by following the procedure of S201 to S209 described above, payment for the sales item can be made multiple times using a specific customer 60's specified credit card.

In the above embodiment, a credit card is used as a cashless payment method, but this is not limited to this. The payment system of this embodiment can be used for cashless payment methods such as debit cards, electronic money, prepaid cards, and barcode payments, just as in the case of credit cards.

According to the above embodiment, credit card payments are made using a token without credit card information being stored in the retailer 10. In other words, the retailer 10 can achieve non-retention of credit card information even though it does not need to comply with PCI DSS. Therefore, the payment system of this embodiment can be said to be a payment system that provides high security for credit card information at a relatively low cost. Furthermore, the payment system of this embodiment can be said to be a payment system that allows the retailer 10 to achieve non-retention of credit card information at a relatively low cost.

In addition, according to this embodiment, the retailer 10 can create the SDK software 25 by itself to connect the core system of the retailer 10 with the communication module 22 of the payment system of this embodiment. As a result, the retailer 10 can centrally manage sales information by linking the information obtained when making credit card payments with the core system for managing sales of the retailer 10.

When using the payment system of this embodiment, even if the retailer 10 is subjected to a cyber attack, the retailer 10 does not have any credit card information, so it can be said that leakage of credit card information can be prevented.

REFERENCE SIGNS LIST 10 Retailer 12 Information input encryption device 13 Connection module 14 Salesperson 16 Retailer server 20 Information processing device 22 Communication module (token coupler)
23 Interface 24 Order receiving application 25 SDK (software development kit) software 26 Display device 30 Token service provider (token processing company)
32 Payment server (token server)
34 Key management server 36 Payment information storage device (Token Vault)
40 Payment agent 50 Vending machine 60 Customer 62 Customer terminal 64 Cashless payment means

Claims (14)

A payment system for making cashless payments for sales at a retail store,
The payment system is
An information input encryption device for inputting cashless payment information, the information input encryption device having a function of encrypting input cashless payment information and converting it into encrypted cashless payment information;
a communication module for connecting to the information input encryption device and transmitting and receiving information via the Internet;
a payment server connected to the communication module via the Internet for issuing a token corresponding to cashless payment information;
a key management server connected to the payment server, the key management server being configured to decrypt the encrypted cashless payment information and convert the encrypted cashless payment information into cashless payment information;
a payment information storage device connected to the payment server for storing cashless payment information and a token;
Including,
the communication module includes an interface for connecting to the information input encryption device;
A payment system configured so that the communication module can be connected to a retailer's order-entry application using SDK (software development kit) software. The payment system of claim 1, wherein the information input encryption device includes a connection module for connecting to an interface of the communication module. The payment system according to claim 1 or 2, wherein the cashless payment information is credit card information. The payment system according to claim 1 or 2, wherein the payment system includes an information processing device, the information processing device includes a communication module and an order receiving application, and the information processing device is a point of sale information management terminal (Point Of Sales terminal, POS terminal). The payment system according to claim 1 or 2, wherein the information input encryption device further includes a payment information reading device for receiving cashless payment information. The payment system according to claim 1 or 2, wherein the information input encryption device is configured to erase the pre-encryption cashless payment information after encrypting the input cashless payment information without transmitting the pre-encryption cashless payment information to an outside of the information input encryption device. The payment system according to claim 1 or 2, wherein the information input encryption device meets the PCI PTS (Payment Card Industry Pin Transaction Security) SRED (Secure Reading and Exchange of Data) requirements. The payment system according to claim 1 or 2, wherein the encryption of cashless payment information by the information input encryption device is performed using a key management protocol based on DUKPT (Derived Unique Key Per Transaction). The payment system according to claim 1 or 2, wherein the token is described by a 16-digit number. The payment system according to claim 1 or 2, wherein the payment server is configured to link the issued token and/or cashless payment information and store them in a payment information storage device. The payment system according to claim 1 or 2, wherein the payment server is configured to transmit the issued token to the communication module. The payment system according to claim 11, wherein the payment server is configured to receive the token and sales item information from the communication module, and obtain the cashless payment information stored in the payment information storage device based on the received token. The payment system according to claim 12, wherein the payment server is configured to transmit cashless payment information and sales product information to a payment agent. The payment system according to claim 1 or 2, wherein the payment agent is a token service provider, and the payment agent or the token service provider has a payment server, a key management server, and a payment information storage device.