NL2014958B1 - Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user. - Google Patents

Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user. Download PDF

Info

Publication number
NL2014958B1
NL2014958B1 NL2014958A NL2014958A NL2014958B1 NL 2014958 B1 NL2014958 B1 NL 2014958B1 NL 2014958 A NL2014958 A NL 2014958A NL 2014958 A NL2014958 A NL 2014958A NL 2014958 B1 NL2014958 B1 NL 2014958B1
Authority
NL
Netherlands
Prior art keywords
mobile communication
communication device
user
transaction
code
Prior art date
Application number
NL2014958A
Other languages
Dutch (nl)
Other versions
NL2014958A (en
Inventor
Laurens Jakob Liezenberg Michiel
Van Eijnatten Ruben
Original Assignee
Ok Top B V
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ok Top B V filed Critical Ok Top B V
Priority to NL2014958A priority Critical patent/NL2014958B1/en
Publication of NL2014958A publication Critical patent/NL2014958A/en
Application granted granted Critical
Publication of NL2014958B1 publication Critical patent/NL2014958B1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Abstract

The present invention relates to a method for configuring a mobile communication device, comprising the steps of installing an application from an app store on the mobile communication device; activating or personalising the application on the mobile communication device; providing a list of possible service providers by the application; selecting a service provider from a list of possible service providers in the application; generating a unique code for a selected service provider by a platform server, and communicating said unique code to the mobile communication device; entering the unique code on a website of said service provider; sending the entered unique code by the service provider to the platform server for verification; upon verification of the unique code, generating a unique identification code and sending it to the service provider, and to the application.

Description

Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user
This invention is directed to an authorization method and system and more particularly an authorization method and system that utilizes an application for a mobile telephone.
Various (payment) authorization methods and systems are well known in the art and used in relation to specifically checks, or credit cards, or debit cards, or wallets, or money transfers, or the like, also in relation to the mobile phone. When authorization is required in the context of an in-store, on-site, online or mobile point of sale or bill payment or person to person payment, the transaction can be time consuming and may require a user to carry and maintain multiple (payment) authorization instruments for multiple accounts with different providers, memorizing different authorization methods and codes. Also, for online authorizations a user is required to input both personal and financial information, which is time consuming and risk prone. All of these methods are complicated if the user wishes to include additional payment instruments, use marketing or loyalty instruments or use alternative currencies in the same transaction, e.g. use a gift card, redeem a coupon, use or receive reward points or punches, use virtual currencies. In addition, being able to combine such payment and loyalty instruments in transactions in all the said contexts could create new possibilities that are simply not feasible today for different reasons. E.g. pay with payment account+giftcard+coupon for a single transaction, issue instant rewards on early bill payment, coupon redemption and rewards issuing at on-site payment or delivery of goods, forwarding or sharing coupons.
Therefore a need exists for an authorization method and system that enables end-to-end secured authorization of transactions on online accounts, with a simple and consistent user experience across all transaction contexts. The transactions may comprise all kinds of transactions that require authorization, such as performing payments and providing credentials. The method and system includes a simple application used with a smartphone that is capable of issuing tickets, capturing merchant coupons, punch cards and the like, and authorizing mobile transactions through existing (online) (payment) accounts. The application, that can be downloaded from supported app stores, links the application on a mobile phone directly and securely to user's (online) (payment) accounts through a verification process involving the (online) (payment) accounts. The application provides a single, universal solution for authorizing and initiating transfer of multiple, different value components between the parties involved in a transaction.
An objective of the present invention is to provide an authorization method and system that is easy and simple to use, and completely self-service for the end user in its entire configuration and use. A further objective of the present invention is to provide an authorization method and system that combines the purchase of goods with additional benefits from loyalty and marketing instruments, e.g. the redemption or issuance of a coupons, rewards, points, punches, etc. A further objective of the present invention is to provide an authorization method and system that can be used for non-financial authorization requests, e.g. access to a website or physical location, verifying an email address, adding an entry to a white list, signing a mandate, giving consent for an action.
The invention thereto proposes a method for configuring a mobile communication device, comprising the steps of installing and activating (or personalising) an application on the mobile communication device, providing a list of possible service providers by the application, selecting at least one service provider from a list of possible service providers in the application, generating a unique code for the at least one service provider by a platform server, and communicating said unique code to the mobile communication device, entering the unique code on a website of said service provider, sending the entered unique code by the service provider to the platform server for verification and upon verification of the unique code, generating a unique identification code and sending it to the application.
The invention provides several advantages. In general, it provides a generic authorization method using a mobile phone (in particular a smartphone with an internet connection) with an app downloaded from supported app stores. Properties of the invention are further that activation (or personalisation) of the combination of the mobile phone and a mobile number and an app are always initiated from the app, and not, for instance, from the web. The same goes for linking (online) (payment) accounts, and authorizing transaction requests. A verification of an e-mail address from a set of credentials provided by a user, may -according to the present invention, comprise the steps of:
Downloading an app from an application provider by a user to his phone; Providing a number of credentials, the credentials comprising an e-mail address by the user in the app;
Sending an e-mail by the application provider to the e-mail address provided by the user; o The e-mail comprising a link to a website;
Upon opening the link, sending a (push) notification to the mobile phone of the user.
Upon confirmation of acceptance of the notification, marking the e-mail address as verified.
Herein, the e-mail further comprises a unique code; and confirmation of acceptance of the notification further requires entering the unique code in the app by the user.
In particular, the unique identification code is a machine-readable code, such as an optical code, i.e. a barcode and/or a QR code, to be displayed by the mobile communication device. A barcode on the mobile device may be preferred when being scanned, as consumers are used to that. For scanning by a user, QR codes may be preferred. In general, any code that can be ‘read’ remotely, that is, optically, or wirelessly or via radiofrequency may be applied.
The method may further comprise the steps of entering and verifying a mobile number and email address, in the application at the mobile communication device, and sending this information to the platform server, preferably in an encrypted form.
The method may further comprise the steps of choosing and confirming a PIN code in the application at the mobile communication device, and sending the PIN code to the platform server, preferably in an encrypted form.
The invention further relates to a method for authorizing transactions at the expense of an (online) account, using a mobile communication device, configured according to a method as described above, comprising the steps of communicating, by a mobile communication device to a receiver device, the selected unique identification code on the communication device, and upon receiving the unique identification code, sending an authorization request for the unique identification code by the receiver device to the platform server, receiving by the platform server from a receiver device the unique identification code and a transaction request, forwarding the transaction request to the mobile communication device, returning an authorization of said transaction request to the platform server by the mobile communication device, receiving authorizations from the mobile communication device, initiating the settlement of the transactions at the expense of an (online) account upon confirmation, confirming the transaction to the receiver device and the mobile communication device. A PIN code may be used in addition.
In a further embodiment, communicating a unique identification code, coupled to a mobile communication device by said mobile communication device to a receiver device, comprises communicating the code from the mobile communication device.
In an alternative embodiment, the invention relates to a method for authorizing transactions at the expense of an (online) account, using a mobile communication device, configured as described above, comprising the steps of sending at online checkout an authorization request by the receiver device to the platform server, receiving by the platform server from a receiver device a transaction request, providing a reference code in a mobile communication device readable format to the receiver device, reading, with the mobile communication device the reference code on the receiver device, selecting, at the mobile communication device, the unique identification code to perform the transaction with, sending the reference code and selected unique identification code to the platform server, adding the received unique identification code to the authorization request by the platform server, forwarding the transaction request to the mobile communication device, returning an authorization of said transaction request to the platform server by the mobile communication device, receiving authorizations from the mobile communication device, initiating the settlement of the transactions at the expense of an (online) account upon confirmation, confirming the transaction to the receiver device and/or the mobile communication device. A PIN code may be used in addition.
The method may further comprise the step of confirmation of an authorization request at the mobile communication device by means of a PIN code and/or a biometric code.
The method may even comprise the step of indicating at the mobile communication device which part of the amount of a proposed transaction is to be processed, or the step of authorizing at least part of the amount of a proposed transaction by a coupon, or other value components that may apply to or are included in the transaction.
Furthermore, the invention relates to a mobile communication device, configured as described above, and a system for authorizing transactions at the expense of an (online) account, comprising a mobile communication device configured for receiving a transaction request from a platform server, returning an authorization of said transaction request to the platform server, a platform server connected with a database containing information regarding (online) accounts of a user of said mobile communication device and/or a merchant issuing a transaction requests configured for receiving from a receiver device a unique identification code and a transaction request, forwarding the transaction request to the mobile communication device, receiving authorizations from the mobile communication devices, initiating the settlement of the transactions at the expense of an (online) account upon confirmation, confirming the transaction to the receiver device and the mobile communication device, a receiver device, configured for receiving from a mobile communication device a unique identification code and sending a transaction request to the platform server, and receiving a payment confirmation from the platform server.
In yet another aspect, the invention relates to a method for obtaining, by an Initiating Party (IP), an authorization from an Authorizing Party (AP), to a Service Provider (SP) for performing a transaction on an (online) account of the user, comprising the steps of: 10.Sending a transaction request (A) by the Initiating Party (IP) to a Routing Service (RS) for performing a transaction on the (online) account of an Authorizing Party (AP) at a Service Provider (SP); o the transaction request (A) comprising an ID of the link to the account (LINK_ID) and properties of the transaction (TRAC_PROP A); 11.Sending a transaction request (B) for the transaction by the Routing Service (RS) to the Service Provider (SP); o the transaction request (B) comprising the ID of the link to the account (LINK_ID) and properties of the transaction (TRAC_PROP B); 12.Sending an authorization request (C) for the transaction by the Service Provider (SP) to a Validation Service (VS); o the authorization request (C) comprising the ID of the link to the account (LINK_ID) and properties of the transaction (TRAC_PROP C); 17.Sending an authorization for the execution or cancelation of the transaction by the Authorizing Party (AP) to the Validation Service (VS) to process the transaction; Entering a PIN CODE by the Authorizing Party (AP); o the authorization (G) comprising the Transaction ID (TRAC_ID), a execute/cancel indication and a PIN CODE; 18. Responding to the authorization request (C) by the Validation Service (VS) to the Service Provider (SP) after validation of the PIN CODE; o the response (I) comprising the execute/cancel indication; 19. Executing the transaction by the Service Provider (SP) and generating transaction info; 20. Responding to the transaction request (B) by the Service Provider (SP) to the Routing Service (RS), o the response (J) comprising the (TRAC_INFO J); 21. Responding to the transaction request (A) by the Routing Service (RS) to the Initiating Party (IP), o the response (K) comprising (TRAC_INFO K). 22.Sending a confirmation of the transaction (L) by the Routing Service (RS) to the Validation Service (VS), o the confirmation (L) comprising (TRAC_INFO K); 23. Responding to the authorization (G) by the Validation Service (VS) to the Authorizing Party (AP); o the response (H) comprising (TRAC_INFO H); 24. Acknowledging the confirmation of the transaction (M) by the Validation Service (VS) to the Routing Service (RS).
The method is to be seen as a protocol, and preferably, the requests A, B, C and corresponding responses K, J, I are nested HTTP sessions, and the request-response G-H is interlocked with both the request-response C-I and the request-response L-M. Figure 3 illustrates the nesting method and interlocking method.
In a preferred embodiment, a user of a mobile device, in particular the Authorizing Party (AP), receives a notification of an authorization request. For that purpose, the may comprise the steps of: 13.Assigning a Transaction ID (TRAC_ID) to request (C) by the Validation Service (VS); 14.Sending a notification (D) by the Validation Service (VS) to the authorizing Party (AP); o the notification (D) comprising the Transaction ID (TRAC_ID); 15.Sending a request for properties of the transaction by the Authorizing Party (AP) to the Validation Service (VS); o the request (E) comprising the Transaction ID (TRAC_ID); ló.Responding to the request (E) by the Validation Service (VS) to the Authorizing Party (AP); o the response (F) comprising the properties of the transaction (TRAC_PROP F);
The transaction may be initiated by providing a code, such as a barcode, on a smartphone of the Authorizing Party (AP). In that case, the method may comprise the step of: 9.Receiving a code (N) by the Initiating Party (IP) from the Authorizing Party (AP), o the code (N) comprising the ID of the link to the account (LINK_ID).
In another embodiment, the step 10 in the method comprises the steps of: 10.1.Sending a request (0) for performing a transaction by a Initiating Party (IP) to the Routing Service (RS); o the request (0) comprising the transaction properties (TRANS_PROP) and an ID for the Initiating Party (IP). 10.2.Responding to the request (0) by the Routing Services (RS) to the Initiating Party (IP), o the response (P) comprising a reference code to the registered transaction properties (TRANS_PROP) 10.3.Sending a request (Q) for a virtual representation of the reference code by the Initiating Party (IP) to the Routing Service (RS); o the request (Q) comprising the reference code 10.4. Responding to the request (Q) by the Routing Service (RS) to the Initiating Party (IP) ; o the response (R) comprising the virtual representation of the reference code, e.g. a QR code. 10.5. Presenting the virtual representation (R) by the Initiating Party (IP) to the Authorizing Party (AP); 10.6.Scanning the virtual representation (R) by the Authorizing Party (AP) using the application on the mobile communication device and selecting the Service Provider (SP) to perform the transaction with; o the virtual representation comprising the reference code 10.7.Sending a request (S) by the Authorizing Party (AP) to the Routing Service (RS) to add the ID of the link to the account (LINK_ID) to the registered transaction properties (TRANS_PROP) and initiating a request B to the Service Provider (SP) o the request (S) comprising the reference code and ID of the link to the account (LINK_ID).
The numbering of the steps in the above described methods indicates a sequence for performing the steps.
The method may further comprise:
Sending a request (W) by the Validation Service (VS) to an external system for a status of an account; o the request (W) comprising an account ID;
Receiving a response (X) from the external system; o the response X comprising an account status.
Sending a request (Y) by the Validation Service (VS) to a external settlement system for executing an authorized transaction; o the request (Y) comprising the transaction properties;
Receiving a response (Z) from the external settlement system; o the response (Z) comprising a transaction result.
The invention will now be elucidated into more detail with reference to the following figures. Herein:
Figure 1 shows system components of an embodiment of the present invention; Figure 2 shows a schematic overview of a method according to the present invention; and
Figure 3 shows the principle of ‘nested’ and ‘interlocking’ HTTP sessions.
Referring to figure 1, the mobile authorization system 10 includes a computer 22 having a database 24 and an application 11 that can be uploaded over an electronic network 14 by an administrator 19 to an app store 21. The application 11 can be downloaded by a user 16 to the user’s mobile phone 18 over a network 14.
To use the application 11 the user 16 first downloads the generic application 11 via the electronic network 14 to the mobile phone 18.
On the first opening of the app 11, the app 11 connects to the platform 20 and a key pair is generated and issued for securing all communication. On the platform 20 the app 11 is authenticated and an account 101 is created for use with this instance of the app 12, on this mobile device 18. All communication between app 12 and platform 20 is secured using this key pair. This is also used for encryption of data, e.g. PIN code 28.
Once downloaded, the user 16 activates the user’s 16 application 12 on the user’s 16 mobile phone 18, from the mobile phone 18, and provides information 26 that includes entry and verification of the mobile phone number, upon which a uniquely associated account 101 is created in the database 24 and an account identification code 30 is provided to the user's 16 phone 18 via the electronic network 14. Creating an account 101 and activating it can in fact only happen from the app 12 on the mobile phone 18.
The user 16 may also provide other personal information 26 such as email address or payment card or loyalty account details depending upon services requested. The information 26 is transmitted via the electronic network 14 to the administrator's 19 platform 20 where the user's 16 information 26 is stored in the database 24. The user 16 also creates a code 28 such as a personal identification number (PIN code) or a biometric element of which a cryptographic equivalent is stored in the database 24. All the information 26 that is received by the administrator’s 19 platform 20 from the application 12 from the user’s 16 phone 18 through the network 14 is stored in the account 101 in the database 24, preferably in encrypted form.
Once an account 101 with an account code 30 has been uniquely and securely related to the application 12 on the user’s 16 mobile phone 18, the user 16 can establish one or more linked accounts 32 through the application 12 on the phone 18. To add a linked account 32 the user 16 selects an issuer 34 from an issuer list 33 of enabled and contracted 104 financial institutions/account issuers 34 maintained by the administrator 19 and transmitted to the application 12 on the user’s 16 phone 18. The selected issuer 34 is transmitted to the administrator 19 and a unique verification code 36 is generated by the administrator 19 associated with the user's 16 account 101 and then code 36 is transmitted and shown in the application 12 to the user 16.
The user 16 then accesses the website 35 of the account issuer 34 through the network 14, selects the account 102 to be linked, enters the unique code 36 and confirms the linking action with the means that is custom for authorizing such actions on the account issuer’s 34 website 35. The entered code 36 is then transmitted to the administrator’s 19 platform 20, and is then validated against the issued code 36 by the administrator 19. When validation occurs a barcode 38 is created by the administrator 19 and provided to the account issuer 34 and to the application 12 on the user’s 16 mobile phone 18 via the electronic network 14. The barcode 38 may include a routing identifier. Once linked the account 102 is added to the user's 16 list of linked accounts 32 where the user 16 is able to access the barcode 38, review and modify details of the account 32, and unlink the linked account 32 from account 102. Optionally, a key tag and/or sticker 40 may be provided to the user 16 by the administrator 19.
Only through the application 12 on the user’s 16 mobile phone 18, the user 16 has access to the information stored in the account 101 uniquely associated with the application 12 on the user’s 16 phone 18. The user can select various options through the settings section 44 of the application 12. For example, the user 16 can add additional functions, such as open a web account 103 on the administrator’s platform 20 with web access to the user’s 16 account 101. The user 16 can also deactivate the application 12 on the user’s 16 phone 18 where the user's 16 encrypted PIN 28, all linked accounts 32 and all information 26 are instantly removed. Some of the information in the removed account 101, e.g. coupons 111 or the like, may be ported to a newly created account 101.
To use the application 12 in an in-store point of sale 105 transaction for purchasing e.g. goods, the user 16 opens the application 12 on the user’s 16 phone 18, chooses a linked account 32 and accesses the barcode 38. Alternatively, the user 16 presents their key tag or sticker 40 that have the barcode 38. The merchant 54 scans the barcode 38 with a scanner 106 and then submits the transaction details 56 to a routing service 58. The routing service adds the (payment) account 66 details of the merchant 54 to the transaction details 56, and then routes the barcode 38 and transaction details 56 to the account issuer 34 associated with the barcode 38 The account issuer 34 relates the received barcode 38 to the linked user's account 102, and checks the status, e.g. the balance 107, of the user’s account 102. Depending on this check by the issuer 34, a subset of transaction information is transmitted to the user’s 16 phone 18 causing a notification to be displayed on the phone 18. If not approved by the issuer 34 the user 16 will be notified to try again or seek authorization through other means. If approved by the issuer 34, the user 16 may close the notification or view a subset of the transaction details 56 for authorization by the user 16. If the user 16 has any applicable coupons 111 or the like they are applied to the same transaction. The user 16 then approves or disapproves of the transaction by selecting the desired response on the phone 18. The user 16 is then prompted to enter their PIN code 28 that is validated against the cryptographic equivalent stored in the database 24. The user may eliminate this step for amounts below a value set in the settings 44.
Once the PIN code 28 is validated, authorization 110 is transmitted from the administrator 19 to the account issuer 34. The account issuer 34 then instantly initiates the required settlement transactions 109 in the appropriate settlement systems 108 (debiting the user 16 on the account 102 and crediting the merchant 54 on the account 66) and immediately passes the approval 110 on to the routing service 58, who forwards it to the merchant 54, who stores the approval 110. The approval 110 is also displayed to the user 16 in the application 12 on the phone 18, and the merchant 34 hands over the goods. The settlement of the transaction 109 through the settlement system 108 is processed asynchronously and may take some time to complete.
Application 12 can also be used for authorizations for online purchases, (payment on) delivery, and bill payments. For such transactions 116 the user 16 accesses the merchant's 54 website 68, fills the online shopping cart, and proceeds to checkout. At checkout, the user 16 selects the present method as the method of payment. Upon selection, rather than have the user 16 input any payment details, the merchant 54 submits the transaction details 56 to the administrator’s 19 platform 20 which temporarily stores the received transaction details 56 in a transaction 116 for which it generates a QR code 70 for the user 16 to scan using application 12. The QR code 70 is displayed on the merchant’s website 68 for online purchases, on a (e- or paper) bill for bill payment, or on a delivery label for payment upon delivery. The QR code 70 may contain extra visual elements for visual recognition purposes. If the QR code 70 is scanned by a third party app, the QR code will simply redirect to a mobile web page inviting the person to download and activate app 11 and scan again. Once the QR code 70 is scanned with application 12 the user 16 selects a barcode 38 of a linked account 32 for the transaction, and submits this information to the administrator’s 19 platform 20. The administrator complements the stored transaction 116 submitted earlier by the merchant 54 with the barcode 38, and from this point forward the process is exactly the same as for an in-store point of sale transaction.
Another option is to use the application 12 for person to person transactions. To use this feature on the application 12 the user 16 selects reverse use in which the application 12 can be used for user 16 to become the beneficiary of transactions with another user 72. To initiate a person to person transaction the user 16 enters the transaction details 56 such as a description of the goods, the amount and scans a user's 72 barcode 38. Other barcodes 38 may be scanned if the user 16 wishes to e.g. split a bill. Once entered, the transaction details 56 including the barcode(s) 38 are submitted to the administrator’s 19 platform 20 where the (payment) account 102 details of the user 16 are now added to the transaction details 56. From this point forward the process is exactly the same as for an in-store point of sale transaction, the only difference being that the settlement transaction initiated now debits the user 72 on one account 102 and credits the user 16 on another account 102, and the approval 110 is displayed to both user 72 and user 16 in the applications 12 on their phones 18
The use of the coupon 111 feature of the application 12 is that merchant 54 creates a campaign 76 with special offers and deals under certain conditions 115 at the administrator's 19 website 20, for which a campaign code 112 is generated by the administrator 19. Such campaigns 76 can be used to issue coupons 111, punch cards, vouchers, tickets and the like to users 16. In addition to a campaign, a third party loyalty program can be managed through the application 12 in a similar manner. The merchant 54 then advertises the campaign 76 through conventional communication channels 113 such as print, billboard, online and radio or TV. For each channel a specific QR code 78 is created to be placed on the ad. The user 16 gets a coupon 111 or the like under the campaign 76by scanning the code 78 into the application 12. If the QR code 78 is scanned by a third party app, the QR code will simply redirect to a mobile web page inviting the person to download and activate app 11 and scan again. Once scanned, the QR code 78 is submitted to the administrator’s 19 website 20 and a coupon 111 or the like is displayed in the application 12. When adding the coupon 111 is confirmed by the user 16, a coupon is issued under the campaign 76 and a barcode 84 is generated for the coupon 111 by the administrator’s 19 website 20 and the coupon 111 or the like is stored in the user's 16 account 101, complemented with time and location information, if allowed by the user 16 in settings 44. On scan, the user can also choose to share or forward the coupon with other user’s 72 from the address book 114 on the user’s 16 phone 18. In that case a notification is sent to the other user’s 72 phone 16, to notify them of the shared coupon 11 lor the like that user 16 has shared with them and invite them to download the app 11. For user 72 the process of adding a coupon 111 or the like to their account 101 is the same as for user 16. For a new user, this means first downloading and activating the app, where the coupon will then be shown. Once linked the coupon 111 or the like is added to the user's 16 list of coupons 111 where the user 16 is able to access the barcode 84, review and modify details of the coupon 111, and delete the coupon 111 or the like through the application 12. Coupons 111 or the like may be automatically deleted based on the campaign’s 76 conditions 115.
After issuing of coupons 111 to users 16, the merchant 54 can be provided with communication channel specific reports 80 for campaigns 76. Users 16 may receive notifications in the application 12 with information relating to the coupon 111 or the like, e.g. expiration date and or redemption location, if set by the user in settings 44. A user 16 receives the benefits of the coupon 111 or the like either automatically in a (combined) transaction or by the merchant 54 scanning the barcode 84 of the coupon 111 or the like directly.
Yet another option is to use the application 12 for authorizing non-financial requests sent to the user’s 16 phone 18 requested by a third party 54. E.g. a request for access to a third party’s website 68 or physical location, verification of user information 26 such as an email address or the like, signing a mandate or standing order on an account 102, entry on a whitelist. To use this feature on the application 12 the user 16 enters their mobile number directly into the website or application 68 of the third party 54, or scans a QR code 70. In both cases the transaction details 56 to initiate are sent to the routing service 58. From this point onward the process is exactly the same as for an in-store point of sale transaction, with the difference that when no account 32 is needed, the issuer 34 is not involved in the process and when an issuer 34 is involved in the process, no settlement transaction 109 needs to be initiated.
Figure 2 shows a schematic overview of a protocol or method for obtaining, by an Initiating Party (IP), a authorization from an Authorizing party (AP), to a Service Provider (SP) for executing a transaction on an (online) account of the user, comprising the steps of: lO.Sending a transaction request (A) by the Initiating Party (IP) to a Routing Service (RS) for performing a transaction on the (online) account of an Authorizing Party (AP) at a Service Provider (SP); o the transaction request (A) comprising an ID of the link to the account (LINK_ID) and properties of the transaction (TRAC_PROP A); 11.Sending a transaction request (B) for the transaction by the Routing Service (RS) to the Service Provider (SP); o the transaction request (B) comprising the ID of the link to the account (LINK_ID) and properties of the transaction (TRAC_PROP B); 12.Sending an authorization request (C) for the transaction by the Service Provider (SP) to a Validation Service (VS); o the authorization request (C) comprising the ID of the link to the account (LINK_ID) and properties of the transaction (TRAC_PROP C); 13.Assigning a Transaction ID (TRAC_ID) to request (C) by the Validation Service (VS); 14.Sending a notification (D) by the Validation Service (VS) to the authorizing Party (AP); o the notification (D) comprising the Transaction ID (TRAC_ID); 15.Sending a request for properties of the transaction by the Authorizing Party (AP) to the Validation Service (VS); o the request (E) comprising the Transaction ID (TRAC_ID); 16.Responding to the request (E) by the Validation Service (VS) to the Authorizing Party (AP); o the response (F) comprising the properties of the transaction (TRAC_PROP F); 17.Sending an authorization for the execution or cancelation of the transaction by the Authorizing Party (AP) to the Validation Service (VS) to process the transaction; Entering a PIN CODE by the Authorizing Party (AP); o the authorization (G) comprising the Transaction ID (TRAC_ID), a execute/cancel indication and a PIN CODE; 18. Responding to the authorization request (C) by the Validation Service (VS) to the Service Provider (SP) after validation of the PIN CODE; o the response (I) comprising the execute/cancel indication; 19. Executing the transaction by the Service Provider (SP) and generating transaction info; 20. Responding to the transaction request (B) by the Service Provider (SP) to the Routing Service (RS), o the response (J) comprising the (TRAC_INFO J); 21. Responding to the transaction request (A) by the Routing Service (RS) to the Initiating Party (IP), o the response (K) comprising (TRAC_INFO K). 22.Sending a confirmation of the transaction (L) by the Routing Service (RS) to the Validation Service (VS), o the confirmation (L) comprising (TRAC_INFO K); 23. Responding to the authorization (G) by the Validation Service (VS) to the Authorizing Party (AP); o the response (H) comprising (TRAC_INFO H); 24. Acknowledging the confirmation of the transaction (M) by the Validation Service (VS) to the Routing Service (RS).
In the figure, on the vertical axes, the maximum response times according to the protocol of the present invention for each of the steps are indicated.
Figure 3 shows the workings of ‘nested’ and ‘interlocking’ HTTP(S) sessions, which are applied in different ways and combination in the protocol or method as shown in Figure 2.
In nested HTTP sessions, receiving the request of HTTP session A triggers a request of a HTTP session B. Only when a response is received for HTTP session B, is a response created for HTTP session A. This way both sessions are effectively combined into a session across multiple processing nodes.
In interlocking HTTP sessions, after receiving a request of HTTP session C, only a request of HTTP session D triggers the response for HTTP session C, which in turn only triggers the response for HTTP session D.

Claims (6)

1. Werkwijze voor het instellen van een mobiele communicatie-inrichting, omvattende de stappen van: • het installeren van een applicatie uit een applicatiewinkel op een mobiele communicatie-inrichting, door een gebruiker van de mobiele communicatie-inrichting; • het activeren of personaliseren van de applicatie op de mobiele communicatie-inrichting, door een gebruiker van de mobiele communicatie-inrichting; • het door de applicatie voorzien in een lijst van mogelijke serviceaanbieders; • het in de applicatie selecteren van een serviceaanbieder van een lijst van mogelijke serviceaanbieders door de gebruiker van de mobiele communicatie-inrichting; • het door een platformserver genereren van een unieke code voor een serviceaanbieder, en het naar de mobiele communicatie-inrichting communiceren van genoemde unieke code; het in de applicatie op de mobiele communicatie-inrichting kiezen van een pincode of een biometrisch element; • het versturen van de pincode naar de platformserver; • het invoeren van de unieke code op een website van genoemde serviceaanbieder door de gebruiker van de mobiele communicatie-inrichting; • het voor verificatie door de serviceaanbieder naar de platformserver versturen van de ingevoerde unieke code; • het bij verificatie van de unieke code door de platformserver genereren van een unieke identificatiecode en deze versturen naar de serviceaanbieder; en naar de applicatie door de platformserver; waarbij: • de unieke identificatiecode een door een machine, optisch door d.w.z. een streepjescode en/of een QR-code, of draadloos door een radiofrequentie- of draadloze overdracht, leesbare code is, die door de mobiele communicatie-inrichting wordt afgegeven.A method for setting up a mobile communication device, comprising the steps of: • installing an application from an application store on a mobile communication device, by a user of the mobile communication device; • the activation or personalization of the application on the mobile communication device by a user of the mobile communication device; • the application providing a list of possible service providers; • selecting a service provider in the application from a list of possible service providers by the user of the mobile communication device; Generating a unique code for a service provider by a platform server, and communicating said unique code to the mobile communication device; selecting a pin code or a biometric element in the application on the mobile communication device; • sending the pin code to the platform server; • the user of the mobile communication device enters the unique code on a website of said service provider; • sending the entered unique code to the platform server for verification by the service provider; • upon verification of the unique code by the platform server, generate a unique identification code and send it to the service provider; and to the application through the platform server; wherein: the unique identification code is a code readable by a machine, optically by i.e. a bar code and / or a QR code, or wirelessly by a radio frequency or wireless transmission, issued by the mobile communication device. 2. Werkwijze voor het autoriseren van transacties voor rekening van een account, gebruikmakend van een mobiele communicatie-inrichting, ingesteld volgens een werkwijze volgens claim 1, omvattende de stappen van: • het door een mobiele communicatie-inrichting naar een ontvangstinrichting communiceren van de unieke identificatiecode van een geselecteerde account; • het bij ontvangen van de unieke identificatiecode deze toevoegen aan de transactiegegevens; • het met een unieke code van de ontvangstinrichting naar de platformserver verzenden van een transactieverzoek; • het van een ontvangstinrichting door een platformserver ontvangen van een accountidentificatiecode en een transactieverzoek; • het voor het transactieverzoek naar de mobiele communicatie-inrichting versturen van een autorisatieverzoek; • het door de platformserver van de mobiele communicatie-inrichting ontvangen van een autorisatie van genoemd transactieverzoek; • het door de platformserver valideren van de autorisatie; • het bij bevestiging voor rekening van een online account uitvoeren van de transacties en het afwikkelen initiëren in een afwikkelingsnetwerk- of systeem; • het aan de ontvangstinrichting en/of de mobiele communicatie-inrichting bevestigen van de betaling; waarbij: • het communiceren van een unieke identificatiecode, gekoppeld aan een mobiele communicatie-inrichting door genoemde mobiele communicatie-inrichting naar een ontvangstinrichting, omvattende het optisch tonen van de code op de mobiele communicatie-inrichting.Method for authorizing transactions on behalf of an account, using a mobile communication device, set according to a method according to claim 1, comprising the steps of: • communicating the unique device through a mobile communication device to a receiving device identification code of a selected account; • adding the unique identification code to the transaction data upon receipt; Sending a transaction request with a unique code from the receiving device to the platform server; Receiving an account identification code and a transaction request from a receiving device by a platform server; • sending an authorization request for the transaction request to the mobile communication device; • the platform server of the mobile communication device receiving an authorization of said transaction request; • validation of the authorization by the platform server; • executing the transactions on confirmation of an online account and initiating the settlement in a settlement network or system; • confirming the payment to the receiving device and / or the mobile communication device; wherein: communicating a unique identification code coupled to a mobile communication device by said mobile communication device to a receiving device, comprising optically displaying the code on the mobile communication device. 3. Werkwijze voor het autoriseren van online transacties voor rekening van een account, gebruik makend van een mobiele communicatie-inrichting, ingesteld volgens een werkwijze van claim 2, omvattende de stappen van: • het door een gebruiker bij een kassa selecteren van een optie om een betaling te doen door middel van de huidige mobiele autorisatiewerkwijze; • het door een winkelier naar een platformserver versturen van een transactieverzoek; • het door de platformserver voorzien in een in een door een mobiele communicatie-inrichting leesbaar formaat door de winkelier aan de gebruiker te presenteren verwijzing naar het transactieverzoek; • het door de gebruiker met de mobiele communicatie-inrichting scannen van de verwijzing naar een transactieverzoek; • het op de mobiele communicatie-inrichting selecteren van een serviceaanbieder om de transactie mee te verrichten en het ter verwerking versturen van de transactie; • het voor het transactieverzoek naar de mobiele communicatie-inrichting versturen van een autorisatieverzoek; • het op de mobiele communicatie-inrichting door middel van een pincode of biometrische code bevestigen van een autorisatieverzoek; • het door de platformserver van de mobiele communicatie-inrichting ontvangen van een autorisatie van genoemd transactieverzoek; • het door de platformserver valideren van de autorisatie; • het bij bevestiging voor rekening van een online account uitvoeren van de transacties en het afwikkelen initiëren in een afwikkelingsnetwerk- of systeem; • het aan de ontvangstinrichting en/of de mobiele communicatie-inrichting bevestigen van de betaling; • het op de mobiele communicatie-inrichting aangeven welk deel van het bedrag van de voorgestelde transactie moet worden verwerkt; • het met een coupon betalen van ten minste een deel van het bedrag van de voorgestelde betaling.Method for authorizing online transactions on behalf of an account, using a mobile communication device, set according to a method of claim 2, comprising the steps of: • selecting an option by a user at a cash register to make a payment through the current mobile authorization method; • the sending of a transaction request by a retailer to a platform server; • the platform server providing a reference to the transaction request to the user in a format readable by a mobile communication device to the user; • the user scans the reference to a transaction request with the mobile communication device; • selecting a service provider on the mobile communication device to execute the transaction and sending the transaction for processing; • sending an authorization request for the transaction request to the mobile communication device; • confirming an authorization request on the mobile communication device by means of a pin code or biometric code; • the platform server of the mobile communication device receiving an authorization of said transaction request; • validation of the authorization by the platform server; • executing the transactions on confirmation of an online account and initiating the settlement in a settlement network or system; • confirming the payment to the receiving device and / or the mobile communication device; • indicating on the mobile communication device which part of the amount of the proposed transaction must be processed; • paying at least a part of the amount of the proposed payment with a coupon. 4. Mobiele communicatie-inrichting, ingesteld volgens conclusie 1.A mobile communication device, set according to claim 1. 5. Systeem voor het autoriseren van transacties voor rekening van een account, omvattende: o een mobiele communicatie-inrichting, hebbende een unieke identificatiecode, en ingesteld om: • het ten minste op verzoek naar een ontvangstinrichting communiceren van genoemde identificatiecode; • het van een platformserver ontvangen van een transactieverzoek; • het naar de platformserver terugzenden van een autorisatie van genoemd transactieverzoek; o een platformserver verbonden met een database bevattende informatie aangaande een online account van een gebruiker van genoemde mobiele communicatie-inrichting en/of een winkelier die een transactieverzoek uitgeeft; ingesteld om: • van een ontvangstinrichting een identificatiecode van een mobiele communicatie-inrichting en een transactieverzoek te ontvangen; • het transactieverzoek naar de mobiele communicatie-inrichting door te sturen; • autorisaties van de mobiele communicatie-inrichtingen te ontvangen; • de transacties voor rekening van een online account bij bevestiging uit te voeren; • de betaling aan de ontvangstinrichting en/of de mobiele communicatie-inrichting te bevestigen; o een ontvangstinrichting, ingesteld om: een unieke identificatiecode van een mobiele communicatie-inrichting te ontvangen; een transactieverzoek voor een ontvangen unieke identificatiecode aan de platformserver te versturen; een transactiebevestiging van de platformserver te ontvangen.A system for authorizing transactions on behalf of an account, comprising: o a mobile communication device, having a unique identification code, and set to: • communicate said identification code at least on request to a receiving device; • receiving a transaction request from a platform server; • sending an authorization of said transaction request back to the platform server; o a platform server connected to a database containing information regarding an online account of a user of said mobile communication device and / or a retailer issuing a transaction request; set to: • receive from a receiving device an identification code of a mobile communication device and a transaction request; • forward the transaction request to the mobile communication device; • Receive authorizations from the mobile communication devices; • carry out the transactions on behalf of an online account upon confirmation; • confirm payment to the receiving device and / or the mobile communication device; o a receiving device, configured to: receive a unique identification code from a mobile communication device; send a transaction request for a received unique identifier to the platform server; receive a transaction confirmation from the platform server. 6. Werkwijze voor het verifiëren van een e-mailadres middels een door een gebruiker verschafte set van legitimatiegegevens, omvattende: • het door een gebruiker naar zijn telefoon downloaden van een applicatie van een applicatieaanbieder; • het voorzien in een aantal legitimatiegegevens, de legitimatiegegevens omvattende een door de gebruiker in de applicatie verschaft e-mailadres; • het door de applicatieaanbieder naar het door de gebruiker verschafte e-mailadres versturen van een e-mail; o de e-mail omvattende een link naar een website; • het bij openen van de link naar de mobiele telefoon van de gebruiker sturen van een (push)notificatie; • het bij bevestiging van het aanvaarden van de notificatie als geverifieerd markeren van het e-mailadres; waarbij: • de email verder een unieke code omvat; en • de bevestiging van het aanvaarden van de notificatie verder het door de gebruiker in de applicatie invoeren van de unieke code vereist.6. Method for verifying an e-mail address by means of a set of credentials provided by a user, comprising: • a user downloading an application from an application provider to his telephone; • providing a number of identification data, the identification data comprising an e-mail address provided by the user in the application; • sending an e-mail by the application provider to the e-mail address provided by the user; o the e-mail comprising a link to a website; • sending a (push) notification when opening the link to the user's mobile phone; • when confirming the acceptance of the notification, mark the e-mail address as verified; wherein: • the email further comprises a unique code; and • the confirmation of acceptance of the notification further requires the user to enter the unique code in the application.
NL2014958A 2015-06-11 2015-06-11 Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user. NL2014958B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
NL2014958A NL2014958B1 (en) 2015-06-11 2015-06-11 Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user.

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
NL2014958A NL2014958B1 (en) 2015-06-11 2015-06-11 Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user.

Publications (2)

Publication Number Publication Date
NL2014958A NL2014958A (en) 2016-12-14
NL2014958B1 true NL2014958B1 (en) 2017-02-03

Family

ID=53901081

Family Applications (1)

Application Number Title Priority Date Filing Date
NL2014958A NL2014958B1 (en) 2015-06-11 2015-06-11 Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user.

Country Status (1)

Country Link
NL (1) NL2014958B1 (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8700729B2 (en) * 2005-01-21 2014-04-15 Robin Dua Method and apparatus for managing credentials through a wireless network
US20110208659A1 (en) * 2006-08-15 2011-08-25 Last Mile Technologies, Llc Method and apparatus for making secure transactions using an internet accessible device and application
WO2012168457A1 (en) * 2011-06-10 2012-12-13 Swedbank Ab Electronic transactions
WO2014044751A1 (en) * 2012-09-19 2014-03-27 Greenchilli B.V. Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user

Also Published As

Publication number Publication date
NL2014958A (en) 2016-12-14

Similar Documents

Publication Publication Date Title
US20200250648A1 (en) Systems and methods for facilitating bill payment functionality in mobile commerce
US11232437B2 (en) Transaction token issuing authorities
JP7197631B2 (en) Transaction token issuing authority
US20150235198A1 (en) Method for Configuring a Mobile Communication Device, Device thus Configured, Method, System for Authorizing Transactions on an Online Account, and Method for Obtaining, by an Initiating Party, a Permission from an Authorizing Party to a Service Provider for Performing a Transaction on an Account of the User
US9639837B2 (en) Transaction token issuing authorities
US11250414B2 (en) Cloud based system for engaging shoppers at or near physical stores
JP6023162B2 (en) Transaction management system and operating method thereof
US20160247149A1 (en) Method, system and device for executing a mobile transaction
CA2819936C (en) Secure payment system
US9292870B2 (en) System and method for point of service payment acceptance via wireless communication
US20190066089A1 (en) Secure transactions using digital barcodes
KR20200041290A (en) Customer initiated payment system and method
US20150193803A1 (en) Systems and methods for redeeming discounts
NL2014958B1 (en) Method for configuring a mobile communication device, device thus configured, method, system for authorizing transactions on an online account, and method for obtaining, by an initiating party, a permission from an authorizing party to a service provider for performing a transaction on an account of the user.
WO2013115703A2 (en) A mobile delivery method and a system therefore
KR20190142021A (en) Apparatus for services that support integrated mobile easy payment
WO2016085378A1 (en) A mobile delivery method and a system therefore
WO2014063192A1 (en) Mobile payments
KR20150118660A (en) A settlement method using mobile app for coupon

Legal Events

Date Code Title Description
MM Lapsed because of non-payment of the annual fee

Effective date: 20230701