NL1004235C2 - Facilitating unit for aiding ordering and payment of services - has user telephone with smart card interface and intermediate facilitator organising funds transfer for service provider - Google Patents

Abstract

The service ordering and payment system has a user at a telephone (8) connecting to a service provider (7) and a facilitator (2) to organise payments. The user has a smart card (9) entered by an interface (10) or a self-standing tone generating unit. The user dials a number related to the service provider and can conduct an ordering process with the provider. The provider can issue tones or use a separate channel to advise the facilitator what service is provided and payment required. The facilitator has a voice response unit and issues instructions to the user for accessing his card to arrange payment. The user card can also be re-valued.

Description

System for taking care of ordering and paying for services through a communication network.

BACKGROUND OF THE INVENTION

The invention relates to a system for remote electronic transactions, which system comprises a telecommunications network, such as a telephone network. The invention relates in particular to a system for providing electronic services, including financial transactions and identifications, using electronic payment means, such as so-called "smart cards" or integrated circuit cards ("chip cards"). ”), And a communication network for transferring 10 payment data.

Remote ordering, for example using a telephone, is known per se. It is possible, for example by telephone, to order items from a mail order company. However, the payment must be made later, on delivery. This is experienced as bothersome by the service provider (the mail order company) and by the consumer (the ordering customer), especially in the case that the customer orders for another.

Electronic payment systems are also known per se. It is known, for example, to execute financial transactions (“banking”) using a remote computer 20 (PC), whereby the customer's computer is used as a tool for giving orders to the payment institution's computer. The customer's computer can also be used to identify the user by means of, for example, a PIN (Personal Identification Number).

It is further known to use card-shaped electronic payment means to pay electronically. For example, telephone booths today are usually equipped for payment by means of a “smart card.” It should be noted that in this text the term “smart card” or IC card (integrated circuit card) will be used to denote electronic payment means containing an integrated circuit with at least one memory, but preferably also a processor Such electronic payment means, which usually consist of a card in which an integrated circuit is included, in most cases enable the storage of a balance which is a value (so-called "pre-paid cards"), and often also allow identification of the 1004235 2 user, but it will also be clear that payment cards with a magnetic strip for storing a balance and / or identification data (so-called "magnetic stripe" cards "(magnetic stripe cards)) are equivalent to 5" smart cards "for many applications.

Existing electronic payment systems make it possible to pay for certain services in use, for example in the case of the above public card-activated telephone booth. However, it is often not possible to securely prepay a number of different services using an IC card and a telephone. In addition, existing systems do not allow the systems to be easily expanded as the demand for remote transactions increases.

International patent application WO 94/11849, for example, discloses a system for making payments using mobile telephony (GSM). In the known system, the user's rights are checked using the user card (SIM) and an identification code, which is checked locally. The known system does not offer any provisions for the use of payment cards such as so-called "pre-paid cards".

International patent application WO 92/21110 discloses a system for the acquisition of services using a telephone equipped with a "smart card reader". The "smart card" is used to identify the reader. This known system provides a link between the user's “smart card” and a service provider's computer, but does not include a specialized remote transaction management system. Furthermore, this known system does not include means that provide a shortened enable transaction time.

European patent application EP 0 590 861 discloses a method for credit card or payment card authorization. If the cardholder is authorized to bear the cost of a purchase, the seller will be issued an authorization code. The seller then charges the credit card organization for the purchase, using the authorization code. This known method does not offer the option of direct payment. The use of "smart cards" is not disclosed.

1004235 3

European patent application EP 0 618 539 discloses a method of service using credit cards via a telephone network. There is no direct debit or credit for “smart cards”.

European patent application EP 0 658 862 discloses a method and a system for mediating transactions using “smart cards.” A “smart card gateway” acts as a mediator between the user and a service provider to obtain credit data. A "host" of a credit bureau is used to validate 10 credit data. In this known system, "smart cards" are used for identification purposes only. Direct payment through "smart cards" is not disclosed.

European patent application EP 0 588 339 and the corresponding US patent 5 396 558 disclose a method and equipment for paying bills by means of IC cards. The method uses secret and public keys and digital signatures to secure the card data and enable a direct exchange of data between the card stations. There is no disclosure of a system in which payment information is stored with a trusted third party.

SUMMARY OF THE INVENTION

The object of the invention is to eliminate the above and other drawbacks of the prior art, and to provide a system which allows a variety of different remote services using an electronic payment method, such as a “smart card”, The invention also aims at providing a system which makes it possible to handle electronic payments remotely in a simple but reliable manner. The invention further aims at providing a system that makes use of existing telecommunication means, such as for instance the public telephone network. Another object of the invention is to provide a system which offers the possibility of topping up “smart cards” remotely. A further object of the invention is to provide a system 35 which provides the ability to remotely upgrade a smart card and / or remote identification. The present invention further aims to provide a remote transaction system that is scalable and is easily expandable 1004235 4.

To this end, the invention provides a system for remote electronic services, such as financial services, comprising a communication network, a facilitating unit ("facilitating unit") coupled both to the network and to one or more support units, a terminal connected to the communication network is coupled, a service unit coupled to the communication network, the terminal being provided with means for exchanging information with a payment means.

The said service unit for enabling services by providing communication routes between a user terminal, a service unit and support units preferably comprises a voice response system and a communication server interconnected by a control connection and a data connection, the voice response unit being arranged for processing a service request and passing the request via the control connection to the communication server, the communication server being arranged to set, in response to the service request, a communication route from the voice response system via the data connection and the communication server to a support unit.

With the aid of such a system it is possible for a user to establish a direct communication route with the providing unit via his terminal and the communication network, after which the providing unit contacts the service unit of a service provider and the transaction. ie unit of the system. In this way, a service can be ordered and, through the transaction unit in combination with the “smart card *, 30 be paid directly and remotely. Moreover, with such a system it is possible to top up electronic payment means remotely if the system is also provided with an top-up unit coupled to the providing unit. Furthermore, if the system is also equipped with an identification unit coupled to the providing unit, it is possible to identify a card user.

1004235 5

BRIEF DESCRIPTION OF THE DRAWINGS

The invention will be explained in more detail below with reference to the drawings, in which:

Figure 1 schematically shows an embodiment of a system 5 according to the invention for the electronic execution of financial transactions and ordering of services;

Figure 2 schematically shows the caring unit and associated parts of the system of Figure 1;

Figure 3 schematically shows the processes of the caring unit 10 of Figure 2;

Figure 4 schematically shows an example of a resource table, as used in the care unit of Figure 2 and Figure 3;

Figure 5 schematically shows the exchange of messages between the constituent parts of a remote payment system according to the invention.

IMPLEMENTATION EXAMPLES

The system 1 20 shown in figure 1 as an example comprises a caring unit 2 which is coupled to three support units by means of communication connections 13, 14 and 15, namely a transaction unit 3, an upgrade unit 4 and an extension unit 5. The caretaker unit 2 is connected via a communication connection 16 to a communication network 6. A service unit 7 and a terminal 8 are connected to the communication network 6 by means of communication connections 17 and 18 respectively. It will be clear that in practice a variety of terminals 8 and service units 7 can be coupled to the communication network 6 by means of a variety of parallel communication connections 17 and 18, respectively.

The communication network 6, which provides communication between a consumer (via a terminal 8), a service provider (via a service unit 7) and the transaction, top-up and extension units 3, 4 and 5, respectively (via the providing unit 2), is preferably constituted by a fixed telephone network (PSTN). It will be clear, however, that the communication network 6 can equally consist of a mobile communication network, such as 1004235 6, for example a GSM or DECT network, or another fixed communication network, such as an ISDN network. In the example shown, the communication connections 16 to 18, as well as communication connection 24, consist of telephone lines.

The terminal 8 of a consumer (user) may consist of a normal telephone, but possibly also of a mobile telephone, an ISDN telephone or possibly a fax machine. The terminal 8 is provided with (internal or external) interface means 10 for exchanging data with an electronic payment means 9, such as 10 a "smart card", which is provided with an integrated circuit for storing and processing payment and / or payment or identification data. A terminal 8, which is specially equipped for carrying out electronic payment transactions and which for this purpose comprises a read / write unit for "smart cards", can be used. However, an ordinary telephone set can also advantageously be used in combination with a device as described in international patent application PCT / EP96 / 01739. Such a device (acting as interface means 10) provides a transparent interface between a “smart card” and a telephone, converting electrical “smart card” signals into acoustic signals, and vice versa, without changing the actual transmitted signals The transparent interface provides a transparent path between the “smart card” and (the security module of) a transaction unit, as will be discussed in more detail later on 25. An appropriate interface 10 can also be connected in the communication link 18 and thus electrically connected to terminal 8.

The service unit 7 preferably includes a voice generating system (voice response system) which can be controlled by DTMF-30 tones which can be generated either by the user terminal or by the response unit itself. The response unit of the service provider may be constituted by a computer programmed in an appropriate manner, however, the service unit 7 may also consist of a further terminal, such as a telephone, and a data processing device, such as a human-operated personal computer. for the provision of services against payment, for example, the supply of food or booking 1004235 7 transport, but also for financial services such as the transfer of funds, although it has been indicated that service unit 7 is connected to the caring unit 2 by means of the network 6, one can imagine alternative embodiments in which a dien stone 7 5 is directly coupled to the speech response system 21 of the caring unit 2.

In the example shown, the caring unit provides services by providing a (preferably transparent) intermediary between: (a) the terminal 8 and the "smart card" 9 of a consumer, (b) the service unit 7 of a service provider, and (c) the transaction unit 3 that allows for the payment of services offered. In addition, the caring unit 2 can act as a (preferably transparent) intermediary between, for example, a consumer “smart card” 9 and an upgrading unit 4 in order to provide financial services.

The caretaker unit 2 consists of at least one voice response system 21 and at least one communication server 22. These two constituent components of the caretaker unit 2 are interconnected by means of a control link 23 and a data link 24. As will be explained in more detail later , the control connection 23 and the data connection 24 may comprise a communication network (e.g. PSTN, ISDN or X.25). The transaction unit 3, the upgrade unit 4 and the extension unit 5 are connected to the communication server 22 of the service unit 2 by means of communication links 13, 14 and 15 respectively. The communication links 13, 14 and 15 may consist of transmission lines, but may also include suitable networks.

The system of Figure 1 can be applied as follows (it will be assumed that the terminal 8 is an ordinary telephone and that the relevant consumer has a coupling or transfer device 10 in accordance with the international patent application PCT / EP96 / 01739 for coupling of the “smart card” 9 and the telephone 8). The consumer uses the terminal 35 (telephone set) 8 to set up a connection in a conventional manner to the voice response system 21 of the caring unit 2. The consumer selects a particular service, either by using a (telephone) number related to that service , or (in the 1004235 8 case of a common number for different services) by entering additional numbers at terminal 8, possibly in response to questions posed by query response system 21. The voice response system 21 then makes a connection, via the network 6, to the service unit 7 of the relevant service provider.

In this regard, the speech response system 21 can produce some (cryptographically secured) identification information in order to identify the speech response system 21 and the service units 7 among themselves.

The consumer orders his service (or product), on which the service unit's service unit 7 produces a series of DTMF tones representative of the service and its cost. Alternatively, the service unit 7 can use another protocol for the exchange of control information. The voice response system 21 then places the service provider on hold and instructs the consumer regarding payment. Almost simultaneously, the speech response system 21 establishes a connection with the transaction unit 3 by means of the communication server 22. To control the switching process in the communication server 22, the speech response system 21 then sends commands to the server 22 via connection 23.

The consumer starts the payment process by pressing a certain key (for example *) on his telephone (terminal) 8 or on his transfer (interface) device 10. Which key to press may have been communicated to the consumer by the voice response system 21. Another key (eg #) can be used to cancel the transaction. In the event that the payment process continues, the subscriber's subscriber's line is connected to transaction unit 3. The consumer places his payment means 9 (“smart card”) in the relevant device 10 and keeps this device 10 (the handset) of) the telephone 8. Next, he presses a key of the device 10, on which the card 9 and (a security module 31 of) the transaction unit 3 exchange payment information 35. Preferably, such a device 10 is provided with a display screen that shows the status of the payment transaction.

After the payment has been made, the consumer receives a 1004235 9 (for example, an acoustic) signal indicating that the transaction has been completed and that a new transaction can possibly be started. To this end, the service provider receives a feedback from the voice response system. The voice response system 21 can invite the consumer 5 to choose other services using DTMF tones.

The system 1 of the present invention thus provides a transparent end-to-end path between the “smart card” (9 in Figure 1) and a security module (SM, “security module”, 31 in Figure 1) for exchanging of payment information. Alternatively, system 1 may provide a (preferably transparent) path between the "smart card" 9 and the top-up unit 4 (for increasing the balance of the card 9) or the expansion unit 5 (for providing additional services, such as The system 1 also provides a (speech) connection between the terminal 8 of the user and the service unit 7 of the service provider.

The structure of the caring unit 2 will now be explained in more detail with reference to Figure 2.

In the embodiment shown in figure 2, the speech response system 21 comprises two switching stations 211 and 212, at least one speech response unit 213 (indicated in figure 2 by VRU) and a control unit 214. The first switch 211 is coupled to a network, for example the network 6 of Figure 1, via a communication connection 16. As indicated in Figure 2, the connection 16 may consist of a variety of sub-connections, eg individual telephone lines. The first switching station 211 connects an incoming call to an available speech response unit 213. The speech response system 21 preferably includes a variety of speech response units 213, for example, twenty or twenty. The second switch 212 is also coupled to the voice response unit 213 to connect such a unit to the communication server 22 via the data link 24. The data link 24 used for exchanging data messages (data signals) is shown in FIG. that instead of consisting of only one transmission line, it comprises a separate network. However, a direct connection between switching station 212 and the first interface 222 of the communication server 22 is also possible. It should be noted that the 1004235 network constituting the data connection 24 can be a PSTN network, and this network can be identical to the network 6 of Figure 1.

The speech response system 21 of Figure 2 further includes a control unit 214, which may include a microprocessor system, such as a personal computer. The control unit 214 is connected to the voice response units 213 and to the control connection 23. The control connection 23 in Figure 2 is shown to comprise a separate network, such as a local area network (LAN), for transmitting control messages (control signals) to and from the communication server 22. This allows the speech response system 21 and the communication server 22 to be in different locations, and to interconnect a variety of speech response systems 21 and a variety of communication servers 22. However, a direct connection 15 between the operating system 214 and the second interface 223 of the communication server 22 is also possible.

It should be noted that alternative embodiments, in which the speech response system 21 is much simpler and gives only an alert signal, after which the system switches to transparent mode 20 and provides a connection to the server 22, are also possible.

The communication server 22 includes a processor system 221, a first interface 222 (which preferably includes at least one modem), a second interface 223, and a third interface 224. The processor system 221 may consist of a commercially available microprocessor microcomputer system and a memory that uses, for example, the UNIX operating system. The processor system 221 is coupled to the control link 23 through the second interface 223. Likewise, the processor system 221 is coupled to the data link 24 through the 30 modems of the first link 222. As previously mentioned, the data link 24 preferably includes a telephone network (PSTN) , in which case modems are used to convert the data into the appropriate formats. However, in case the data link 24 is formed by a data network, the modems 222 may be replaced or optionally omitted by another suitable interface.

In Figure 2, the communication link 14 includes a 1004235 11 data network, such as a network based on the ITU X.25 recommendation. The third interface 224 provides a suitable interface between the processor system 221 and the data network 14. It will be appreciated that the upgrade unit 4 may include an internal interface (not shown).

For the purpose of securely storing transaction data, a transaction unit 3 connected to the processor system 221 via communication link 13 may include at least one security module (designated as SM, "security module") 31. Such security modules are preferably removably mounted in the transaction unit 3 and are secured against unauthorized access. An example of the use of a security module and of the related exchange of messages is described in European patent application EP 0 637 004.

15 For the authentication of users (consumers) on the basis of payment means 9, the transaction unit 3 is provided with authentication means. To this end, the transaction unit 3 may comprise a data file with key data, including, for example, master keys and / or diversified keys, and possibly also encryption programs. Although a transaction unit has a separate processor and memory, for example for executing of cryptographic operations and for securely storing data in memory means associated with the processor (eg hard disks), such a unit may in its simplest form consist of a card reading / writing device into which a security module card is inserted. where the integrated circuit is designed to securely store transaction data, it is similar to a common "smart card".

By way of example, in Figure 2 two transaction units 3, labeled A and B, are indicated. Likewise, two upgrade units 4 labeled A and B are indicated. It will be appreciated that the number of transaction units 3 and upgrade units 4 that can be connected to the serving unit 2 is limited only by the processing power of the processor system 221. Additional communication servers 22 can be added if necessary.

Thus, the serving unit 2 is easily scalable (with 1004235 12 increasing the number of communication links 16) and expandable (with the number of communication servers 22 increasing).

The upgrade units 4 are shown as separate units in Figures 1 and 2, but may be included in the transaction units 3. The top-up unit 4 comprises means for increasing the balance of a smart card *. Such means for increasing a balance may include a processor system (e.g. a PC) on which suitable software is processed. During the top-up, the top-up unit 4 exchanges data by means of the service unit 2, the communication network 6, the terminal 8 and the interface device 10, with the payment means 9, preferably by means of a security protocol.

The operation of the caring unit 2 will be further elucidated with reference to figure 3.

Figure 3 schematically shows the functionalities of the communication server 22. The main process 200 running in the processor system 221 of Figure 2 includes three parts: a session manager 201, processes 202, and resource tables 203. The session manager 201 exchanges control information with the voice response system 21 through the second interface 223. In response to an appropriate request the session manager 201 the resource tables 203 to determine whether a new process can be initiated. If possible, a new process 202 is created. This is indicated in the resource tables 203, as will be explained later with reference to Figure 4.

Each process 202 exchanges data with the voice response system 21 through a modem 222. A modem 222 can be assigned to a particular process through the resource tables 203.

Depending on the specific transaction requested by a consumer, a process 202 interacts with, for example, the upgrade unit 4 or the transaction unit 3.

As will be apparent from the above, the attending unit 2 operates in two phases: a control phase and a data phase. A connection is established in the control phase, while a (transparent) exchange of messages takes place in the data phase.

Figure 4 shows an exemplary embodiment of a resource table 203. The table includes several columns, 1004235 13 having a first column labeled “Type.” This column indicates the type of a resource, for example, processes, transaction units, upgrade units, extension units. , modems, etc. The number of types can be expanded as the need arises 5. Each type includes a group of items, each item having a reference number.

The second column of Table 203 is labeled “Item” and lists the resources of each type. Since each transaction unit can include more than one security module (SM), in the case of transaction units, a further subdivision is made made.

The last column of table 203 indicates whether the resource is available (“V” = “free”) or not (“G” = »“ in use ”). The resource table, and in particular its last column, is regularly updated by the session manager, for example, every 15 times a new process 202 is started and closed. To determine whether the necessary tools can be assigned to the new process, the session manager searches the tools table before starting a new process 202.

In the example shown, the shaded areas indicate that downgrading process No. 5, transaction unit B, security module No. 2 (of transaction unit B) and modem B have been claimed for a downgrade process (some other tools may have been claimed for other processes). The downgrading process that claims the said resources is a process 202, as indicated in Figure 3.

The process is initiated by the session manager 201 in response to a service request from the voice response system 21. When the relevant downgrading process 202 is closed, the claimed resources are returned to the set of available resources. This will be indicated in Table 203 by setting the corresponding inputs in the last column to “V” (“Free”).

Figure 5 shows the exchange of card data (commands and data sent to the IC card and their responses) between an integrated circuit card on the one hand and a security module of a transaction unit on the other hand. The integrated circuit card may correspond to the card 9 of Figure 1, the transfer device may correspond to the interface device 10 of Figure 1, the transaction unit may be the f004235 14 unit 3 of Figure 1, and the security module may correspond to the security module ( SM) 31 in Figure 1.

In accordance with a further aspect of the present invention, a distinction is made between two levels of card job exchange. A low-level exchange takes place between the IC card and the transfer device: the actual card orders and card data are sent to and received from the card. Since this exchange is performed with electrical signals within the transfer device 10, this exchange can have a high data rate. However, an acoustic path is present between the transfer device and the transaction unit (between the device 10 and the handset of the terminal 8). This part of the connection between IC card and safety module usually has a limited transmission speed. For this reason, exchange takes place in this high level section where several low level commands are bundled together and replaced by a single high level command. In this way, the transmission time required for a transaction can be considerably reduced. However, the content of the 20 transferred information is not changed. This will be further elucidated with reference to figure 5.

As shown in Figure 5, the transaction unit 3 can issue a high level command (indicated by H). In response to receiving this high-level single command, the transfer device exchanges several low-level commands (indicated by L) with the IC card 9. The result of this exchange becomes as a single high-level command (H ) sent by the transfer device to the transaction device. This high level command then results in the exchange of several low level (L) commands between the transaction unit and the security module. Thus, each high-level (H) command represents a routine that includes a variety (e.g., five or ten) low-level (L) commands. The high-level commands are preferably optimized for efficiency, for example, because each frequently used routine is represented by a single high-level command.

The transfer device preferably supports two different modes of data exchange. In a first mode 1004235 15 (indicated by "Mode I" in Figure 5), the transfer device operates as described above: a high level command represents several low level commands. In a second mode (indicated by "Mode II" in Figure 5), a single low level command (L) is sent as a high level command (H *) to the transfer device, which commands the command as a "low command level to the IC card The resulting low level (L) command produced by the card is again sent as a high level (H *) command by the transfer device to the transaction unit, which issues the command then back to a low-level (L) command. It will be understood that the high-level H * commands transport only low-level (L) commands, that is, for example, high-level (H *) commands may consist of a low-level command plus an appropriate header, so that low-level commands can be transparently passed to the IC card while using the command's structure and / or data protocol n of a high level. This transparent retransmission has the advantage that low-level commands for which no high-level command is available, that is, which cannot be grouped into an existing high-level command, can be used. This is especially advantageous because the introduction of an IC card with one or more new commands does not require an upgrade of the software of the transfer device.

The transfer device, as well as the transaction unit, is preferably capable of switching back and forth between mode I and mode II so that high level commands (H) representing a number of low level commands can be alternated with commands of high level (H *) which transport only a single low level transfer.

All high-level commands are passed directly to an application, for example, the upgrade and mark-down processes shown in Figure 3. Thus, the system of the present invention provides a high degree of transparency regarding the messages exchanged between the "smart card" 9 and the applications.

The exchange of messages of Figure 5 will now be explained in more detail, using the write-down of a 1004235 16 “smart card” (i.e. a payment) as an example.

The transaction unit 3, which handles card write-downs, issues a high level order Hj - DEVALU (2.00, R), where 2.00 is the amount to be debited from the card and R is a 5 random number that serves to complete the transaction reliably identify and prevent fraudulent recurrence. This high-level command Hj, which itself may be only a few bytes in length, results in the transfer device 10 exchanging a series of low-level messages Lj-L10 with the card 9. Such messages are, for example:

Lj: select wallet (<-) L2: ready (->) L3: select application (<-) 15 La: ready (->) L5: present value (2.00) (<-) L6: ready (->) L7 : present random number (R) (<-)

Lg: ready (->) 20 Lg: calculate response (<-) L10: response «W (->)

The arrows indicate the direction of a message: from the transfer device to the card (<-) and from the card to the transfer device (->). W is the value of the calculated response.

As can be seen, the actual data (2.00 and R) of the high level H1 command are not modified by the low level L5 and L7 commands.

After receiving the response W in the low-level message L10, the transfer device sends a high-level message H2 «30 RESPON (W) to the transaction unit. The actual value of W is not changed by the transfer device.

After receiving the high level message H2, the transaction unit initiates an exchange of low level messages L10 -L20 with the security module: 35 Ln: select upgrade SM (->) L12: OK (<-) L13: present value (2.00) (->) L1A: 0K (<-) 1004235 17 L15: present random number (R) (->) L16: OK (<-) L17: present response (W) (->) L18: OK ( <-) 5 L19: calculate (->) L20: OK (<-)

The arrows indicate the direction of a message: from the transaction unit to the security module (->) and from the security module to the transaction unit (<-).

As mentioned above, the actual content of the messages (the value, the random number R and the response W) is transmitted transparently, while the length of the messages exchanged between the transaction unit and the transfer device is significantly reduced.

15 The use of mixed low and high level commands will now be explained, still with reference to Figure 5. For the sake of the example, it will now be assumed that the syntax of the “calculate response” statement is changed with a new release of the "smart card". In the example given above, the low-level message Lg will consistently produce an error message L10. "unknown instruction". This message L10 will then be transparently passed to the transaction unit, which in turn will issue an appropriate instruction and send this command as a high-level command H * 3 to the transfer device.

The transfer device then transfers the command H * 3 as a low-level command L22 to the card, which then produces the correct response W. The response W is then sent as commands L23, H * 6 and to the safety module.

In this way, only a single low-level command is needed to correct the use of an incorrect (e.g. obsolete) command. Nevertheless, a significant saving is maintained in the amount of commands sent over the network (6 in Figure 1), and thus a significant saving in transmission time is achieved.

Although the system 1 of Figures 1 to 3 is preferably used in combination with "smart cards" with a prepaid balance (so-called "pre-paid cards"), which balance is reduced during a payment, the system can also are applied with means of payment 1004235 18 for identification purposes only and where payments are debited from an account. Such means of payment can also be formed by so-called magnetic stripe cards. Furthermore, the system of the invention is not substantially modified if "magnetic stripe cards" are used instead of "smart cards", for example, as "prepaid cards" for storing balances.

It will be apparent to those skilled in the art that the invention is not limited to the embodiments shown and that many modifications and additions are possible without departing from the scope of the invention.

1004235

Claims (20)

A service unit (2) for enabling services by providing communication routes between a user terminal (8), a service unit (7) and support units (3, 4, 5), 5 where the service unit has a voice response system (21 ) and comprises a communication server (22) interconnected by a control connection (23) and a data connection (24), the voice response unit (21) being arranged to handle a service request and transmit via the control connection (23) the request to the communication server (22), wherein the communication server (22) is arranged to set, in response to the service request, a communication route from the voice response system (21) via the data connection and the communication server (22) to a supporting unit ( for example 15 3). The caring unit (2) of claim 1, comprising a variety of speech response systems (21). A service unit (2) according to claim 1 or 2, comprising a variety of communication servers (22). The attendant unit according to any of the preceding claims, wherein a speech response system (21) one or more speech response units (213), a first switching station (211) for routing an incoming call to a speech response unit (213), a second switching station (212) for routing an incoming call to the communication server (22), and includes a control unit (214) for controlling the voice response units (213) and for passing control signals to the communication server (22). A service unit (2) according to any of the preceding claims, wherein the communication server (22) has a processor mirror system (221), a first interface (222) for exchanging data signals, and a second interface (223) for exchanging control signals with the speech response system (21). The service unit (2) according to claim 5, wherein the first interface (222) comprises at least one modem. The serving unit (2) according to claim 5 or 6, wherein the communication server (22) further comprises a third interface (224) for exchanging data signals with a supporting unit (4) via a data network (14). 7004235 The service unit (2) according to claim 5, 6 or 7, wherein the processor system (221) of the communication server (22) is arranged to provide a session manager (201) that provides new processes (202) that provide communication routes, initiates in response to 5 information stored in resource tables (203), A service unit (2) according to claim 8, wherein a resource table (203) includes a list of available processes (202), support ranks (3, 4, 5) and interfaces (e.g. 222). The nurturing unit (2) of claim 9, wherein an extensible resource table (203) allows resources to be added without changing the session manager (201). 11. System (1) for electronic financial services, comprising a communication network (6), a service unit (2) according to one or more of the preceding claims and coupled to the network (6) and one or more support units (3, 4 , 5), a terminal (8) coupled to the communication network, a service unit (7) coupled to the communication network, the terminal (8) being provided with means (10) for exchanging information with a payment means (9). The system of claim 11, wherein a supporting unit is a transaction unit (3), comprising at least one security module (31) for storing transaction data. System according to claim 11 or 12, wherein a support unit is an upgrade unit (4) for upgrading smart cards (9). The system of claim 13, further comprising a data network (14) for exchanging transaction data 30 between the providing unit (2) and the updating unit (4). System according to one or more of claims 11 to 14, wherein the interface device (10) is arranged to communicate with a support unit (3, 4, 5) on a first level, and with the IC card (9 ) on a second level, with each level involving a different data rate. The system of claim 15, wherein a first level command (H *) comprises a single second level command (L). The system of claim 14 or 15, wherein a 1004235 first level (H) command represents one or more second level (L) commands. System according to one or more of claims 11 to 17, wherein the communication network (6) comprises a fixed telephone network. System according to one or more of claims 11 to 17, wherein the communication network (6) comprises a mobile telephone network. Financial transaction carried out using a system (1) according to one or more of claims 11 to 19. 1004235