JP4411781B2 - Management method of electronic transaction by chip card, terminal and chip card for implementing this method - Google Patents

Description

【００６０】
表２は、カードの最長有効期間に達した場合を示す。
【００６１】
【表２】

【００６２】
本発明によって提案される取引には以下の多数の利点がある。
・引き落としは所持人、商人および銀行によって後から検証されるので、セキュリティは銀行カードと同じである。
【００６３】
・秘密の暗証番号の日常的な入力がなくなり、さらに、無接触の交換が万一中断しても、取引は容易に取り消すことができるので、デビット／クレジット・カードでの支払いが無接触カード上で可能となる。
【００６４】
・銀行カード網は変更されず、銀行カードによる１ヶ月間の公衆電話取引の金額を蓄積するためのサーバを再利用できる。
・取引は所持人の暗証番号が正しい場合だけに継続するので、所持人暗証番号の検証への応答に関して端末を欺くことができなくなる。
【図面の簡単な説明】
【図１】 本発明により提案された方法に関する可能な一実施形態を示すフローチャートである。
【図２】 別の可能な実施形態を示すフローチャートである[0001]
【Technical field】
The present invention relates to electronic transactions executed by chip cards.
The present invention proposes a method for managing such an electronic transaction, and a terminal and chip card for implementing this method.
[0002]
[Background]
Conventionally, during a transaction using a chip card, it is a reading terminal that inserts the chip card that manages the procedure for authenticating the card and its holder and the procedure for verifying the transaction.
[0003]
In particular, the terminal of the reading terminal device routinely requires the card holder to input a password for authentication into the terminal. Further, when the transaction amount exceeds a certain threshold value (limit amount), the reading terminal can determine to make an inquiry to an external authentication center.
[0004]
However, in the future, it is desired to be able to execute extremely high-speed electronic transactions that can be executed within a very short time (for example, within 100 ms) and the authentication of the owner cannot be perceived.
[0005]
Today, high-speed electronic transactions are made possible by so-called “electronic wallet” systems.
An electronic wallet is a device that includes a memory that stores a value corresponding to a total amount that is immediately decremented when a transaction is made by the wallet.
EP829830 already discloses an electronic wallet that performs a cardholder authentication procedure when the transaction amount or the total amount of transactions executed is greater than a predetermined threshold.
[0006]
However, electronic wallets have drawbacks. In particular, the problem with electronic wallets is that the security (safety) of transactions at the same level as bank cards is not guaranteed. Specifically, in the case of an electronic wallet, the electronic wallet may register a debit (withdrawal) even though transactions at the reading terminal level are not considered.
[0007]
SUMMARY OF THE INVENTION
The object of the present invention is to enable electronic transactions to be executed as quickly as an electronic wallet, while providing the same security as is possible with currently known protocols for bank card transactions It is to propose a management method.
[0008]
The solution according to the invention is a method of managing electronic transactions by means of a microprocessor chip format bank card (chip card) used in a post-debit manner and a reading terminal capable of interacting with said card. The reading terminal transmits a signal indicating the transaction amount M to the card, and the card executes a first comparison step of comparing the transaction amount M with a first threshold value (limit amount). When the transaction amount M exceeds the first threshold value, the holder authentication procedure is activated. When the transaction amount M is smaller than the first threshold value, the card is incremented by a first counter. Performing a second comparison step of comparing the value with a second threshold, wherein the first counter is referred to as a small cumulative counter and if a transaction amount falls below the first threshold, A counter that is only sequentially added value of discount amount, the value is added by the card in the first counter (increment) were added by the value of the transaction amount M to the previous value of the first counter value And a procedure for authenticating the cardholder based on the result of the second comparison is triggered by the card , and the second threshold is based on a risk that the card issuer is willing to take. When the value of the transaction amount M is a fixed value and is smaller than a first threshold value, the first counter automatically stores the added value.
[0009]
Therefore, the cardholder, along with his bank card, is similar to the e-wallet service in terms of the user's convenience, but enjoys a safer service because it uses the existing infrastructure for bank cards. be able to.
[0010]
Furthermore, the convenience of using the card is further improved by eliminating the conventional reloading function of the amount from the card.
This method is advantageously supplemented by adopting the various features described below, either alone or according to all technically possible combinations thereof.
[0011]
When the value of the transaction amount is smaller than the transaction amount threshold value, the counter value is replaced with the incremented value.
Based on the result of the comparison, when the card does not trigger the cardholder authentication procedure, the value of the sum of the small value counter is replaced with the incremented value.
[0012]
When the cardholder identification code is verified, the card first increments the sum of the small amount counter and the second counter by the value of the transaction amount, and then the incremented amount is set to a certain threshold. In comparison, based on the result of the comparison, an inquiry to the authentication center by the reading terminal is issued, and when the authentication is performed by the center, the card resets the two counters to zero, and a second counter The value of the counter is reset to zero when the card decides not to ask the reading terminal for an authentication center inquiry based on the result of the comparison. .
[0013]
The increment performed by the chip card is the positive increment.
The increment performed by the chip card is a negative increment.
The present invention also relates to a microprocessor chip card for use in performing electronic transactions, characterized in that it includes means for performing the method described above.
[0014]
Advantageously, the chip card comprises memory means for storing one or more threshold values and / or counter values and comparison means.
The present invention also relates to a terminal for reading a microprocessor chip card for use in performing electronic transactions, characterized in that it includes means for performing the method described above. .
[0015]
Other features and advantages of the present invention will become more apparent from the following description of several embodiments of the present invention. This description is purely illustrative and not restrictive. Accordingly, this description should be read in conjunction with the accompanying drawings.
[0016]
The steps of the management method shown in FIGS. 1 and 2 are carried out during an electronic transaction performed by a chip card in the form of a bank card.
This chip card has a microprocessor programmed to implement the protocols corresponding to these various steps and various values (transaction value, counter value, etc.) that are calculated or considered during these various steps. ROM, EPROM, EEPROM, or RAM memory in which the maximum amount is stored.
[0017]
The reading terminal is programmed to perform the same process, and the chip card and the terminal include means that allow them to interact with each other, and these means are probably of any kind (chip card A bus <transmission path> using a connection track having, an exchange via RF <high frequency> transmission / reception, etc.).
[0018]
In FIG. 1, each step performed by the chip card is shown in a block marked C. These steps are performed by the reading terminal shown in the block marked L.
[0019]
The transaction begins with the initialization of a chip card activated by the reading terminal (step 1).
In response, the card sends its identification (ID) to the reading terminal (step 2).
[0020]
Next, the reading terminal requests the operator (trader) to input the transaction amount M (step 3). The reading terminal sends this amount M to the card.
The card performs test 4 on this value M.
[0021]
If this amount M is smaller than the maximum amount VP1, the card increments the counter COMPT by the amount M (step 5).
The card then compares the value of this counter COMPT with another threshold value VP2, which may be different from the threshold value VP1 (step 6).
[0022]
If the counter COMPT is less than VP2, the card's microprocessor calculates the transaction signature ST (step 7) and sends it to the reading terminal, which the reader verifies to determine the transaction amount as well as the transaction amount. Record the details (steps 8 and 9).
[0023]
Conversely, if the value of the counter COMPT is greater than VP2, the card requests the reading terminal to present the personal identification number (code) of the holder (step 10).
[0024]
The holder inputs the personal identification number (step 11).
The password is sent to the card by the reading terminal, and the card verifies it (step 12).
[0025]
After verification, the card's microprocessor resumes processing and calculates the transaction signature ST (step 7). Between the verification step 12 and the calculation step 7, the counter COMPT is reset to zero. Thus, the counter COMPT is reset to zero each time the secret code number has been verified (step 20).
[0026]
When the amount M is greater than the threshold value VP1 (when the response of test 4 is “yes”), the holder's personal identification number is requested by the card.
In this case, the personal identification number input by the owner is verified, and the amount M is not counted in the counter COMPT.
[0027]
Conventional bank card transaction steps are executed.
Optionally, or alternatively, a configuration is possible in which the card can request to connect a reading terminal to the banking system to obtain transaction authorization from the banking system.
[0028]
With transaction authorization, the reading terminal can instruct the card to re-update the maximum limits VP1 and VP2 based on information provided by the banking system.
[0029]
As already understood, in the embodiment described immediately above with respect to FIG. 1, the payment card counts the amount of transactions on the internal counter COMPT that is less than a certain threshold, and the amount M is the threshold. Only when it exceeds, or when the aggregate amount of previous transactions is greater than a predetermined threshold, the card will require authentication of the holder.
[0030]
As a modification, it is possible to verify that the value of the counter COMPT exceeds the threshold value VP2 in step 6, and the counter COMPT is reset to zero only when the entered password is recognized as correct by the card. It is.
[0031]
In this case, even if it is verified in step 4 that the amount M exceeds the threshold value VP1, the counter COMPT is not reset to zero.
The counter COMPT is reset to zero only if the amount M is less than the threshold VP1 and it is verified in step 6 that the counter COMPT exceeds VP2 and the verified PIN is correct.
[0032]
Thus, the counter COMPT is reset to zero only on the one hand when the small sum reaches the threshold value VP2 and on the other hand the holder is authenticated by its personal identification number.
[0033]
As yet another variation, the card can be used to perform incremental payments, for example in the case of a call from a public telephone.
In this case, an incremental loop is added between steps 7 and 3, the signature ST is incremented at the end of the call based on the total amount (ΣM), and ΣM is reset to zero in the card upon completion of identification step 2. The
[0034]
Therefore, at the end of the call, only a single transfer command ST including the total charge is held, and the user pays immediately at the time of charging based on the duration of the call.
Another alternative embodiment is shown in FIG.
[0035]
This second variant consists of managing the second counter CPT2 in the card, which accumulates the totals performed on the first small value counter CPT1. The value of the counter CPT2 has been the in the card you have already been registered reaches the highest limit VP 22 defined by the bank, the card requires the inspection of the calculated certificate authentication center.
[0036]
The procedure is described below.
The card adds the transaction amount M to the value read from CPT1.
When the total amount of CPT1 + M reaches the maximum limit VP12 (in test 13), the card requests verification of the bearer's secret PIN (steps 10, 11 and 12).
[0037]
If the secret PIN is correct, the card adds the value CPT1 + M to the value read from CPT2.
The new value obtained is compared to the threshold VP 22 (test 14).
[0038]
When the total amount of CPT1 + M + CPT2 reaches the maximum limit VP 22 , the card requests a certificate check (step 15), which is calculated by the authentication center that is the referee of the terminal of the reading terminal device L. (Step 16).
[0039]
If the certificate is correct, the card resets the counters CPT1 and CPT2 to zero (step 17), after which the transaction signature is calculated and delivered (step 7 and below).
[0040]
If the certificate is incorrect, the card does not deliver the transaction signature and leaves the values of counters CPT1 and CPT2 unchanged.
If the sum of CPT1 + M + CPT2 does not reach the maximum limit value VP 22 , the card resets counter CPT1 to zero and updates counter CPT2 by replacing its previous value with CPT2 + CPT1 + M (step 18). The card then calculates and delivers the transaction signature (steps 7, 8 and 9).
[0041]
If the secret PIN is not correct, card C does not deliver the transaction signature and leaves the values of counters CPT1 and CPT2 unchanged.
If the total amount of CPT1 + M does not reach the maximum limit value VP 12 , the card updates the counter CPT1 by replacing its previous value with the total amount of CPT1 + M (step 19), and then delivers the signature of the transaction ( Steps 7, 8 and 9).
[0042]
The card described immediately above can be used in a post-debit method. The amount debited is aggregated for each account number of the holder, for example, over a maximum of 30 days, and the debit of the account of the holder is deducted when the maximum limit VP2 , VP12 is exceeded or at the end of the account It will be carried out when the total amount from the debit is reached on the 30th. The amount can be tabulated at the following locations.
[0043]
On the collection server after collection of transactions stored on the commercial terminal. In this case, if the maximum limit VP2 or VP12 is exceeded, an authentication request with an amount equal to the new maximum limit VP2 , VP12 that can be re-defined by the bank is issued in the card via the terminal.
[0044]
• Inside the card itself. In this case, when the maximum limit amounts VP2 and VP22 are exceeded, the aggregation and the reset of the authentication request are activated in the card via the terminal. In this case, it is necessary to make the customer pay a deposit when the card is acquired, and to prevent the “plan” theft or loss of the card (thus preventing the withdrawal of the total). This deposit can be hidden, i.e. included in the annual membership fee of the card.
[0045]
The card can also be used in a pre-debit method. In this case, the VP 2 value, or in the case of the variant of FIG. 2, the VP 12 value is prepaid by the holder and the value is stored in the card according to the received certificate depending on the amount the user has paid in advance. It is updated with.
[0046]
Should the user notice that the terminal does not have an identification keypad or that the terminal is not connected to a communication network and wants to know the prepaid values for VP 2 , VP 12 , the user must The operation of inspecting the certificate issued by the authentication center can be executed by an operation using (automatic cash dispenser <ATM> -voucher dispenser or public telephone). The transaction in this case is fictitious and no money is deducted from the customer's account, except for predebit applications.
[0047]
Again, as a variant, the card may not require the use of a personal identification number for authentication of the holder.
In this case, the transaction amount is not compared with the threshold value VP1, and VP1 is not used. If the value of COMPT stored in the card is equal to or greater than the threshold value VP2, the card does not deliver the transaction signature ST.
[0048]
The allowable value of VP2 is defined to accept a value of COMPT that is slightly larger than VP2. In this way, COMPT can exceed the VP2 value that renders the card unusable.
[0049]
When VP2 is reached, the card can be discarded and the card can no longer be used. However, especially if the card is refundable, the holder returns the card to the bank, the bank uses a safety procedure to reset the COMPT value to zero, and then reintroduces the card into a new usage cycle. To do.
[0050]
Alternatively, the bank can make the card available using secure online procedures. In this procedure, the holder is authenticated using, for example, another payment card or a PIN verified by the bank's server, and COMPT is reset to zero after verification by the bank with a certificate card.
[0051]
In the example above, the counters CPT1 and CPT2 are incremented from a value of 0 to the maximum limit. Conversely, it is possible to count in the decreasing direction. In that case, after the counter is initially set to the maximum limits VP1 and VP2, it can be decremented to a value of 0 and the count can also be performed for negative values.
[0052]
As you may have already understood, in the management method proposed by the present invention, the aggregate amount is not the amount pre-reloaded on the card, but the maximum value fixed based on the risk that the card issuer is willing to take. To be compared. This comparison with a fixed value is a means of limiting the customer's sacrifice over time, which is one of the roles of this card other than authentication. The selected maximum can be viewed as a kind of permanent credit granted to paying customers, and the bank is rewarded, for example, by transaction fees.
[0053]
Small transactions are submitted as follows:
• Submitted individually by the merchant using the banking infrastructure, just like a regular transaction. In that case, the only function of summing up the customer's amount in the card is to limit the customer's consumption (the role of the mediator).
[0054]
• Or, using the merchant's aggregation option, assuming that the customer's monetary summary is also submitted to the bank for billing (in the course of the transaction, by card). Of course, this option does not allow the same inspection as the first option.
[0055]
Card credit management is performed as follows.
• For a transaction to be valid, the transaction must be signed by a card. The signature ST1 written on the customer's slip is useful for resolving the dispute.
[0056]
Transaction data is stored in the terminal submission file and collected once a day by the merchant bank collection center. Small transactions are sent to the owner's bank but are not processed individually by that bank. These transactions are stored for system auditing, resolving disputes, and reimbursement with the transaction bank.
[0057]
・ The merchant's bank account is deposited according to a small amount collected in the terminal every day.
・ The transaction amount is counted in the credit counter of the card. The card verifies the value of the credit counter and the duration of the credit.
[0058]
Examples of transactions processed by this card are shown in the table below.
Table 1 shows the case where the card's credit counter reaches the maximum limit fixed by the bank. The data of the table is managed in the card. The transaction date and transaction amount are provided to the card by the terminal.
[0059]
[Table 1]

[0060]
Table 2 shows the case where the longest validity period of the card has been reached.
[0061]
[Table 2]

[0062]
The transaction proposed by the present invention has a number of advantages:
• The debit is verified later by the owner, merchant and bank, so the security is the same as the bank card.
[0063]
・ You will not be able to enter your secret PIN on a daily basis, and even if contactless exchanges are interrupted, transactions can be easily canceled, so debit / credit card payments can be made on contactless cards. Is possible.
[0064]
-The bank card network is not changed, and the server for accumulating the amount of public telephone transactions for one month with the bank card can be reused.
Since the transaction continues only when the owner's PIN is correct, the terminal cannot be deceived in response to the verification of the holder's PIN.
[Brief description of the drawings]
FIG. 1 is a flow chart illustrating one possible embodiment of the method proposed by the present invention.
FIG. 2 is a flow chart illustrating another possible embodiment

Claims (11)

A method of managing electronic transactions by means of a bank card in the form of a microprocessor chip and used in a post-debit manner, and a reading terminal capable of interacting with the card, wherein the reading terminal stores the transaction amount on the card A signal indicating M is transmitted, and the chip-type card executes a first comparison step of comparing the transaction amount M with a first threshold value, and possesses when the transaction amount M exceeds the first threshold value. When the person authentication procedure is activated and the transaction amount M is smaller than the first threshold value, the card executes a second comparison step of comparing the added value of the first counter with the second threshold value. and, wherein the first counter, counter der called small cumulative total counter that only the value of the transaction amount are sequentially added when there transaction amount is below the first threshold value The value added by the card in the first counter corresponds to a value obtained by adding the value of the transaction amount M to the previous value of the first counter, and the card based on the result of the second comparison. A procedure for authenticating the holder is triggered by the card, and the second threshold is a fixed value based on a risk that the card issuer is willing to take, and the value of the transaction amount M is the first An electronic transaction management method, wherein a first counter automatically stores the added value when it is smaller than a threshold value.   The first counter automatically stores the added value before the second comparison step, and the second comparison step compares the stored first counter value with the second threshold value. The method of claim 1.   The method of claim 1, wherein a first counter stores the added value after a second comparison step.   A procedure for authenticating the cardholder is invoked while verifying the cardholder's identification code, and when the cardholder's identification code is verified, the card sets the value added to the second counter to the third value. The second counter is incremented by the added value of the first counter, and the card is authenticated by the reading terminal based on the result of the third comparison. The method of claim 1, wherein an inquiry to the center is invoked.   5. The method of claim 4, wherein the card resets first and second counters to zero when authenticated by the center.   If the card determines based on the result of the third comparison not to require the reading terminal to query the authentication center, the second counter stores the added value, and the value of the first counter The method according to claim 4, wherein the method is reset to zero.   7. The method according to claim 1, wherein the addition performed by the chip format card is a positive addition.   7. The method according to claim 1, wherein the addition performed by the chip format card is a negative addition.   A microprocessor chip card for use in performing electronic transactions, the microprocessor chip card comprising means for performing the method of claim 1.   10. The chip card according to claim 9, comprising memory means for storing one or more threshold values and / or counter values and comparison means.   A terminal for reading a microprocessor chip card for use in performing electronic transactions, comprising means for carrying out the method according to any one of claims 1 to 8. Characteristic terminal.

Images