RU2641219C1 - Method of processing data for cashless payment - Google Patents

Abstract

FIELD: physics.

SUBSTANCE: in the method, the customer's client device is connected to the issuer's server, from which the customer's identifier is transmitted to the customer's client device, the seller's client device is connected to the acquirer's server, from which the seller's identifier is transmitted to the seller's client device, the customer's identifier and the seller's identifier do not contain payment information, the identifier is transmitted from the customer's client device to the seller's client device or from the seller's client device to the customer's client device, the customer's identifier and the seller's identifier are transmitted to the data protection server, a request containing the customer's identifier is transmitted from the data protection server to the issuer's server, the customer's payment data are transmitted in response to the data protection server, data for cashless payment containing the customer's identifier and the customer's received payment data are transmitted from the data protection server to the acquirer's server, wherein purchase data are also transmitted to the data protection server along with the customer's identifier and the seller's identifier.

EFFECT: increasing the security of the operation of electronic cashless payment.

17 cl, 4 dwg

Description

FIELD OF THE INVENTION

This invention relates to methods intended for commercial, financial, purposes, and more particularly to methods of processing data for non-cash payment, in which the customer’s client device is connected via an integrated network to the issuer’s server, the seller’s client device is connected through an integrated network to the acquirer server, on the issuer's server and transmit the buyer's identifier to the customer’s client device, and can be used to process payment transaction data.

The following terms are used in this description.

"Server" (Eng. Server) - an electronic device that performs service functions at the request of the client, giving him access to certain resources. For the purposes of this description, a server is considered having a permanent connection to a federated network that can transmit data to the server from client devices. The server can process this data and transfer the processing result back to the client device.

The "Unified Network", as well as all connections between all modules and blocks, include various topologies, configurations, and layouts of the components of the interconnect, configured to interconnect corporate, global, and local area networks, and includes, without limitation, traditional wired, wireless, satellite, optical and equivalent network technologies. Advantageously, the Internet is typically used as an integrated network.

An “image or other data input unit” is a server unit that can represent a receiver of incoming signals, and a converter for subsequent processing.

A “computing unit” is a server unit that is a microprocessor specially adapted for signal processing.

“Database or database storage unit” is a server unit that stores data corresponding to this data module, which can be executed as a hard disk drive or as flash memory, which refers to semiconductors electrically reprogrammable memory. However, some modules can be combined in separate implementations. For example, different databases can be stored in one memory module.

“Customer’s client device” is any form of computing platform that connects to a network, such as an integrated network, and allows interaction with application programs. Typical examples of individual client devices include, but are not limited to, stationary and portable personal computers, smart cell phones (in English, a smartphone), laptop computers, including tablet computers, lightweight clients, workstations, and non-smart terminals connected to application server, as well as their various layouts and configurations, that is, both physical devices for interacting in communication interaction systems, and virtual devices Properties implemented on programmable computer devices and having a software interface for the implementation of communication functions. Mostly, this is a smartphone (smart phone, that is, a cell phone that includes the functions of a computer device) that has a touch screen or tablet computer, and similar devices - smart watches, glasses, etc.

“Seller’s client device” is any form of computing platform that connects to a network, such as a federated network, and allows interaction with application programs. But mainly, this is a stationary device that has the functions of a computer, such as a cash register, including a scanner.

“Near field communication, NFC” (“near field communication”, “near contactless communication”) is a short-range wireless high-frequency communication technology that enables the exchange of data between devices located at a distance of about 10 centimeters.

“QR-code” (from the English “quick response” means “quick response”) or “barcode”, “matrix code” (two-dimensional barcode), which encodes any information, be it plain text or a link to the site.

“Issuer” - a remote server that allows connection to it through an integrated network, processes requests and issues answers to them automatically, on which there is a database with customer’s personal payment details. A typical example is any bank server that issues (issues) payment cards, or any payment service that has a connection to a bank server. Examples of this option for issuers are PayPal, CardsMobile's Wallet mobile app, or Apple Pay.

That is, in general, this is an organization that stores the full payment details of the buyer (usually a bank card). This can be in two cases:

- either the organization itself issued this card (the bank that serves this or that card, where the account of this card is located, is always one bank for each particular card), or

- the organization somehow received them for its own use (for example, the buyer himself transmitted the data once, but there are other options for receiving payment details of payment cards, including from the banks that issue them). In the second case, it may be some kind of third-party service.

An acquirer is a remote server that allows you to connect to it through an integrated network, processes requests and issues answers to them automatically, on which there is a module for generating requests for debiting funds from a customer’s account. That is, it is any server that performs the function of making a payment. A typical example is any bank server that has the function of debiting funds from the buyer's account. Specialized processing centers (independent or part of the systems of specific banks) that exclusively perform the functions of receiving and transferring payment details by banks for further processing by banks are also considered issuers within the framework of this document.

Means of payment - any of the means used for payment, cash account, virtual money and so on.

Buyer payment details - bank details of the buyer’s personal account from which funds or their equivalents can be debited to pay for goods and / or services, for example:

- a current account with a bank or other credit institution, for example, a debit or credit card account,

- an account in an electronic payment system, for example Yandex money,

- an account with a telecom operator when payment is made by sending SMS messages,

- an internal account on the server when an advance payment is made for some services, which is taken into account in your personal account, for example, in hosting services.

The buyer’s identifier is not only the identifier of a specific individual, but it’s the identifier of a specific means of payment of a certain individual. That is, the same individual can have different identifiers for different means of payment.

Merchant’s identifier - this can be the identifier of a specific order, of any trading group, and sometimes really the identifier of the seller as such.

The level of technology.

In fact, all areas of trade and services where cashless payments are possible are dangerous for buyers - phishing sites, as well as keylogger viruses and video capturing Trojans on computers and laptops of buyers are a threat on the Internet, and there is a high risk of card compromise in retail outlets, how it can almost always be remembered or photographed by waiters, cashiers and sellers (at the same time, the data on the front of the bank card, that is, only the number and validity period, is enough to complete transactions on some websites, including amazon.com). Even when withdrawing cash from ATMs, the payment card holder is not safe - fraudulent devices, such as skimmers or hidden cameras, can be introduced into banks' equipment. The architecture of cashless payments itself is vulnerable, since the user scenarios common today were invented by international payment systems 50 years ago, even before the advent of personal consumer devices (mobile phones, tablets, smart watches, etc.). Distrust of cashless payments leads to their inefficient development in Russia, which, among other things, breeds the ground for illegal commercial activities and tax evasion, as well as increases the cost of banking products for end consumers and impedes the implementation of innovative payment solutions based on cashless payments in Russia .

The present invention relates to methods for processing data for non-cash payment, in which the customer’s client device is connected via an integrated network to the issuer’s server, and the seller’s client device is connected via an integrated network to the acquirer server.

This method is described in the patent application of the Russian Federation for invention No. 2006110237, published in 2007. It uses the processing center as the issuer's server. They also assign a unique consumer identifier to the consumer, send it to the consumer’s mobile device.

This method is the closest in technical essence and the achieved technical result and is selected for the prototype of the invention.

The disadvantage of this prototype is its vulnerability to intercept payment information, that is, the possibility of unauthorized actions when processing data for non-cash payment. This is always possible, since all data is transferred from the client’s client device to the trading terminal (seller’s client device). This is the problem.

Indeed, in case of non-cash payment of the goods, for example at the checkout, by a buyer having his own customer’s client device, for example, a smartphone that has a special application that allows him to connect to the issuer’s server (for example, the bank that issued the payment instrument, for example, a card), The seller’s cash desk is the seller’s client device, which connects via the Internet to its acquirer server, that is, a bank server that has the ability to debit money from the means of payment buyer's. At the same time, the buyer’s payment data is transferred to the acquirer's server, which can be intercepted by intruders, and thus unauthorized persons can gain access to the possibility of debiting funds from the buyer's account.

It can also happen when paying for purchases on the Internet.

Therefore, the problem to which the present invention is directed is the ability to intercept data for cashless payments.

Disclosure of the invention as a method

Based on this original observation, the present invention mainly aims to propose a data processing method for cashless payments, which allows at least smoothing out at least one of the above disadvantages, namely, to prevent unauthorized actions when processing data for cashless payments , which is the technical task of the present invention.

To achieve this goal:

• connect the seller’s client device through an integrated network with the acquirer’s server,

• form on the server of the acquirer and transmit to the client device of the seller the identifier of the seller,

• transmit the identifier from one client device to another,

• transmit the customer identifier and the seller identifier through the integrated network to the data protection server,

• transmit a request containing the identifier of the buyer through the integrated network from the data protection server to the issuer’s server,

• send the buyer’s payment data in response to the data protection server,

• transmit data for cashless payments, containing the seller’s identifier and the buyer’s received payment data, through an integrated network from the data protection server to the acquirer server.

Thanks to these advantageous characteristics, it becomes possible to exclude open input and transfer of payment data, which can be intercepted and used for unauthorized access to the buyer's payment details.

That is, an important advantage now appears - this is a fundamental lack of direct exchange of information between absolutely all participants of settlements: senders of funds (buyers), issuers, acquirers and recipients of funds (sellers), which completely excludes the possibility of compromising any payment data on any of levels of settlements and maximizes the security of non-cash payments between any persons in any combination thereof (individuals, individual entrepreneurs, legal entities ). The buyer neither at the software nor at the hardware level does not operate with his payment data, including details of the means of payment, in connection with which it is impossible to forget, lose, steal. The seller does not operate with the payment data of the buyer either at the software or hardware level, and therefore it is impossible to compromise, pick up, intercept them. The issuer neither at the software nor at the hardware level interacts with the recipient of funds (seller), in connection with which it is impossible to fake the write-off of funds from the buyer in favor of the seller, including by penetration into the issuer's server resources.

The acquirer independently decides on the methods and volumes of processing the received data from the data protection server, since in fact this data is the initial data of the acquirer as a result of its interaction with the recipient of money, supplemented by the issuer and certified by the data protection server.

Issuers and acquirers interact with each other only through a data protection server, which in the sole person has the right and power to pair the buyer and seller, which generates (or does not generate) the operation of transferring payment data, including payment card details, by the issuer on behalf of the sender funds to the acquirer.

At the same time, the transferred data does not leave traces and is not saved, including in the data protection server itself, with the exception of their short-term operation with the aim of:

- verification of electronic digital signatures of the issuer and the acquirer (KSKEPP) (qualified certificate certificate key electronic signature),

- decrypting the received data from the issuer (using its own copy of the asynchronous encryption key from the pair with the specific issuer), and

- encryption and signature of data transmitted to the acquirer (using your own copy of the asynchronous encryption key from a pair with a specific acquirer).

There is also an embodiment of the invention in which purchase data is also transmitted along with the customer identifier and the seller identifier to the data protection server.

Thanks to this advantageous characteristic, it becomes possible to form a complete set of data for conducting a transaction for a specific operation.

There is also an embodiment of the invention in which a graphic image in the form of symbolic or alphanumeric information is used as an identifier.

Thanks to this advantageous characteristic, it is possible to display or simply print to be able to demonstrate, scan or photograph a graphic image in the form of symbolic or alphanumeric information. That is, it is something that can be easily entered into any device by entering characters, for example, from a real or virtual keyboard (displayed on the display), for example a code word, a meaningful or completely meaningless set of letters and numbers.

There is an embodiment of the invention in which a graphic image in the form of a matrix two-dimensional barcode and / or linear barcode is used as an identifier.

Thanks to this advantageous characteristic, it is possible to display or simply print to be able to demonstrate, scan or photograph a graphic image in the form of a matrix two-dimensional barcode and / or linear barcode. That is, it can be a barcode or a QR code, which can be easily digitized by a standard device.

There is also a variant of the invention in which the identifier is transferred from one client device to another by displaying graphic information on the seller’s client device and receiving it by the client’s client device by scanning or photographing.

Due to this advantageous feature, it becomes possible to display the seller’s client device on the display, for example, on the cash register screen or simply print or display the seller’s website on the seller’s website, so that the buyer can simply photograph or scan it with his device.

There is another alternative to the previous embodiment of the invention, in which the identifier is transferred from one client device to another by printing graphic information to any medium using the client device of the seller, and receiving the identifier from this medium by the client device of the buyer by scanning or photographing.

Thanks to this advantageous feature, there is an alternative possibility of printing graphic information on any medium using the seller’s client device, for example, simply sticking a code sheet to the cashier.

There is another embodiment of the invention in which the identifier is transferred from one client device to another by displaying graphic information on the customer’s client device and receiving it by the seller’s client device by scanning or photographing.

Thanks to this advantageous characteristic, an alternative opportunity arises when buying to display the customer’s identifier on the display of the client’s client device, for example, on the smartphone’s screen, so that the seller can simply photograph it or scan it with his device, for example, a cash register scanner.

There is, in addition, an embodiment of the invention in which an identifier is transmitted from one client device to another by short-range wireless high-frequency communication.

Thanks to this advantageous feature, it becomes possible to use NFC technology, in which it is easy to transfer an identifier from one client device to another by moving one device to another, mainly the customer’s client device, to the seller’s client device.

There is also an embodiment of the invention in which an audio signal is used as an identifier.

Thanks to this advantageous characteristic, another alternative opportunity arises to use a sound code instead of the graphical option and the electromagnetic identifier.

There is also such an embodiment of the invention in which the identifier is transmitted from one client device to another by generating an audio signal by one device, while receiving it by another device.

Due to this advantageous characteristic, it becomes possible to transfer the identifier from one client device to another by the fact that one device emits an encoded sound signal, for example, by a speaker, and the second device receives it, for example, by a microphone

There is an embodiment of the invention in which an identifier of a buyer, which includes an identifier of the issuer, is formed on the issuer's server and transmitted to the customer’s client device.

Thanks to this advantageous characteristic, it becomes possible to process data for non-cash payment in the case of many issuers. The data protection server will always be able to select the issuer from the set of issuers the one to whose server you want to send a request.

There is an additional embodiment of the invention in which an acquirer is generated on the acquirer server and the seller identifier, which includes the acquirer identifier, is transmitted to the seller’s client device.

Thanks to this advantageous feature, it becomes possible to process data for cashless payments in the case of many acquirers. The data protection server will always be able to select from the set of acquirers the identifier from the acquirer identifier, the server of which needs to send data for processing.

There is, among other things, an embodiment of the invention in which a customer identifier is formed on the issuer’s server and transmitted to the customer’s client device, and a new customer identifier is periodically generated and transmitted to the customer’s client device.

Thanks to this advantageous feature, it becomes possible to increase the degree of protection of cashless payments due to the fact that a new customer identifier is periodically generated, and the old one, even if it is used by intruders who can send it to the data protection server, will no longer be valid.

But for the direct generation of a customer identifier, communication with the issuer's server is not necessary constantly, but periodically, for example, at least once every 24 hours in order to update the keys. In this case, the consumer’s identifier itself can be updated more often, for example, every minute, but according to certain keys and rules that can be stored and used locally on the customer’s client device, within these 24 hours, so that the consumer can take advantage of the proposed solution while offline.

In addition to the foregoing, there is such an embodiment of the invention in which the seller identifier is formed on the acquirer server and the seller identifier is transmitted to the seller’s client device, and a new seller identifier is periodically generated and transmitted to the seller’s client device

Thanks to this advantageous feature, it becomes possible to increase the degree of protection of cashless payments due to the fact that a new seller identifier is periodically generated, and the old one, even if it is used by attackers who can send it to the data protection server, will not be valid.

There is another embodiment of the invention in which the buyer identifier and the seller identifier are transmitted via the integrated network to the data protection server using one of the signal transmission options: directly from the seller’s client device, directly from the buyer’s client device, through the issuer’s server, through the acquirer’s server.

Due to this advantageous characteristic, it becomes possible to ensure the operation of the whole method in case of breaks in connections, for example, when a customer is offline, that is, has no connection with either the issuer server or the data protection server.

There is also a variant of the invention in which the payment data of the buyer, as well as information available for interpretation only to certain acquirers, are transmitted from the issuer’s server in response to the data protection server.

Thanks to this advantageous feature, it becomes possible to specifically limit the circle of acquirers.

There is also an embodiment of the invention in which data on the amount entered from the client’s client device is transmitted to the data protection server along with the customer identifier and the seller identifier

Thanks to this advantageous characteristic, it becomes possible to introduce a new parameter “Amount”, which can be additionally used with different options:

 - as the amount of payment chosen by the buyer, if in the order this amount is "open", i.e. selected by buyer

- enter the maximum payment amount, i.e. the established limit, in case of exceeding the purchase amount for which the transaction should not be initiated,

 - the amount allowed for payment by the buyer in excess of the purchase amount, if it exceeds the purchase amount (the difference is the tip).

The set of essential features of the invention is unknown from the prior art for methods of similar purpose, which allows us to conclude that the criterion of "novelty" for the invention in relation to the method. The non-obviousness of the solution and the global nature of the problem being solved, which still remained unresolved, speaks of the non-obviousness of the solution for a specialist in this field of technology and thus the compliance of the invention with the criterion of "inventive step".

Brief Description of the Drawings

Other distinguishing features and advantages of this invention clearly follow from the description below for illustration and not being restrictive, with reference to the accompanying drawings, in which:

- figure 1 depicts a functional diagram of a data processing system for non-cash payment in the variant of data transfer from the client device of the buyer to the client device of the seller, according to the invention,

- figure 2 depicts a functional diagram of a data processing system for non-cash payment in the option of transferring data from the client device of the seller to the client device of the buyer, according to the invention,

- figure 3 schematically depicts the steps of a data processing method for non-cash payment in the embodiment of data transfer from the customer’s client device to the seller’s client device, according to the invention,

- figure 4 schematically depicts the steps of a method of processing data for cashless payments in the option of transferring data from the client device of the seller to the client device of the buyer, according to the invention.

According to figures 1 and 2, the client device of the buyer 1 is connected via an integrated network 3 to the server of the issuer 4, and the client device of the seller 2 is connected via an integrated network 3 to the server of the acquirer 5.

The way on which the issuer 4 is formed on the server and the buyer identifier Id is transmitted to the customer’s client device 1_oneand form on the server of the acquirer 5 and transmit to the client device of the seller 2 seller ID Id₂shown by arrows with captions Id_oneand id₂.

The way the identifier Id _{2 is} transferred from the client device of seller 2 to the client device of buyer 1 — the QR code corresponding to Id ₂ is scanned from the display 21 of device ₂ , see FIG. 1, or

how the identifier Id _{1 is} transferred from the client device of the buyer 1 to the client device of the seller 2 — the QR code corresponding to Id ₁ is scanned from the display of the client device of the buyer ₁ , see figure 2, is shown by a large arrow.

Also arrow marked Id_one+ Id₂shown as transmitting the customer identifier and the seller identifier, as well as purchase data via the combined network 3 to the data protection server 6, a direct transmission option is shown.

The arrow from position 6 to position 4 shows how the request containing the customer identifier Id _{1 is} transmitted from the data protection server 6 to the issuer 4 server, and in response to the data protection server 6, the payment data of the buyer D _{1 is} transmitted.

The arrow from position 6 to position 5 shows how the payment data of the buyer D ₁ and the seller ID Id ₂ are transmitted to the server of the acquirer 5.

The implementation of the invention

The method of processing data for cashless payments works as follows. Here is the most comprehensive example of the invention. Keeping in mind that this example does not limit the application of the invention.

Example 1. Data transfer from the client’s client device to the seller’s client device, which ensures that the buyer’s client device cannot connect to the network at the time of checking the data for cashless payments and permanent Internet access on the seller’s side (the seller scans the buyer’s device), see FIG. one.

According to figure 3:

Stage A1. Pre-connect the client device of the buyer 1 through the combined network 3 with the server of the issuer 4, connect the client device of the seller 2 through the combined network 3 with the server of the acquirer 5. The step may also include validation of access and, optionally, entering the amount on the personal device of the buyer to activate the camera based on identifier of the issuer and other possible data, incl. geolocation.

Stage A2. Form on the server of the issuer 4 and transmit to the client device of the buyer 1 customer ID Id ₁ . That is, the server of the issuer 4 for the buyer constantly generates temporary identifiers that change at some intervals and are transmitted to his client device 1.

Stage A3. Form on the server of the acquirer 5 and transmit to the client device of the seller 2 seller ID Id ₂ . That is, an identifier is preliminarily generated for the seller by the server of the acquirer according to the rules of the data protection server with a certain validity period based on the identifier of the acquirer (one-time or reusable) and, optionally, the amount and purpose of the payment. As an identifier for our example, we use a graphic image in the form of a two-dimensional code (QR code).

The acquirer can also set the expiration date for each generated seller identifier, after which these identifiers will be automatically deactivated, and also have the opportunity to prematurely terminate their generated seller identifiers (in particular, in cases where the corresponding invoice has already been paid and reuse of a specific seller identifier is not implied).

Stage A4. The identifier is transferred from one client device to another by displaying on the client’s client device 1 the above QR code corresponding to Id ₁ and receiving it by the client device of seller 2 by scanning or photographing.

Stage A5. Buyer identifier Id ₁ and seller identifier Id _{2 are} transmitted, as well as purchase data via the combined network 3 to the data protection server 6. This can be either direct data transfer from the seller’s client device 2 to the data protection server, or data transfer from the seller’s client device 2 first to the acquirer server 5, and from there to the data protection server 6.

On this server 6, they are paired, that is, data is decrypted by which the seller’s existence can be verified, the seller’s identifier is correct and up-to-date, the acquirer keys are valid and buyer’s authentication is valid, and the issuer’s keys are validated with further determination of the acquirer and issuer for the transaction. Since in general there can be many issuers and acquirers, in the received data containing Id identifiers_oneand id₂, distinguish from them a particular issuer and a specific acquirer (since the buyer identifier includes the issuer identifier, and the seller identifier includes the acquirer identifier).

Additionally, the issuer’s identifier can identify a specific means of payment for the buyer (if it has several accounts), and the acquirer identifier can identify a specific account or outlet in the form of a specific instance of cash register equipment or a POS terminal (in which you need to pay for the current invoice received in processing of the transaction in question).

At these stages, the data can be used in a conditionally open form, and their operation can be carried out without involving all possible protection technologies - to ensure maximum performance (due to the logical impossibility of interpreting such data to anyone other than the data protection server itself). Indeed - the identifiers Id ₁ and Id ₂ do not contain any payment data that can be decrypted.

Stage A6. A request containing the customer identifier Id _{1 is} transmitted via an integrated network 3 from the data protection server 6 to the issuer server 4.

Stage A7. In response to the data protection server 6, the buyer’s payment data D _{1. The} issuer may transmit additional data intended for a particular acquirer, as The complex’s request at this stage always contains a unique acquirer number in the complex, for which payment data is intended for a specific customer identifier (the acquirer may be taken into account by the issuer in a special way).

Stage A8. The data for non-cash payment containing the seller’s identifier Id ₂ and the received payment data of the buyer D ₁ are transmitted via an integrated network 3 from the data protection server 6 to the acquirer server 5. The acquirer server can identify the seller by identifier Id ₂ and restore the seller’s details.

Stages 7 and 8 are the only ones at which payment data appear, but these stages are exclusively server-based, where data is practically impossible to compromise (here, KSCEPP parties and asynchronous encryption using unique pairs of public and private keys are mandatory in information and technology exchange up to 2048 bit, and the exchange itself is possible only using IP addresses from the allowed lists on each side and only through a secure SSL connection).

Stage A9. Optionally, a money transaction is performed without the participation of a data protection server, but with the possible participation of third parties, that is, the acquirer performs the transaction.

Stage A10. It is optionally possible to notify the seller's acquirer of payment, as well as to notify the buyer of payment by the issuer according to its own rules.

Example 2. Data transfer from the seller’s client device to the buyer’s client device, which ensures that the seller’s client device cannot connect to the network at the time of checking data for cashless payments and constant Internet access on the sender’s side (the buyer scans the seller’s device), see FIG. . 2.

According to figure 4:

Steps B1-B3. Same as steps A1-A3.

Stage B4. The identifier is transferred from one client device to another by displaying the seller’s client device 2 on the display of the above QR code corresponding to Id ₂ and receiving it by the client device of the buyer 1 by scanning or photographing.

Stage B5. Buyer identifier Id ₁ and seller identifier Id _{2 are} transmitted, as well as purchase data via the combined network 3 to the data protection server 6. This can be either direct data transfer from the client device of the buyer 1 to the data protection server 6, or data transfer from the client device Buyer 1, first to the issuer's server 5, and from there to the data protection server.

On this server 6, they are paired, that is, the data is decrypted, which can verify the existence of the seller, verify the correctness and relevance of the seller’s identifier, the validity of the acquirer keys and authentication of the buyer and verify the validity of the issuer’s keys with further determination of the acquirer and issuer for the transaction. Since in general there can be many issuers and acquirers, in the received data containing Id identifiers_oneand id₂, distinguish from them a particular issuer and a specific acquirer (since the buyer identifier includes the issuer identifier, and the seller identifier includes the acquirer identifier).

Additionally, the issuer’s identifier can identify a specific means of payment for the buyer (if it has several accounts), and the acquirer identifier can identify a specific account or outlet in the form of a specific instance of cash register equipment or a POS terminal (in which you need to pay for the current invoice received in processing of the transaction in question).

At these stages, the data can be used in a conditionally open form, and their operation can be carried out without involving all possible protection technologies - to ensure maximum performance (due to the logical impossibility of interpreting such data to anyone other than the data protection server itself). Indeed - the identifiers Id ₁ and Id ₂ do not contain any payment data that can be decrypted.

Steps B6-B10. Similar to steps A6-A10.

The sequence of steps is approximate and allows you to rearrange, reduce, add or perform some operations at the same time without losing the ability to process data for cashless payments, bypassing the direct transfer of data from the issuer server to the acquirer server. For example: in cases when the issuer and the acquirer are the same person, they can process data by identifiers for the purpose of making settlements without the participation of the server itself 6.

Industrial applicability

The proposed method of processing data for cashless payments can be carried out by a specialist in practice and, when implemented, ensure the implementation of the declared purpose, which allows us to conclude that the criterion of "industrial applicability" for the invention is met.

In accordance with the proposed invention, an experimental system for processing data for non-cash payment was manufactured, and servers capable of processing all data were tested.

Tests of the experimental system have shown that it provides the ability to:

- the formation of identifiers of buyers and sellers, and these identifiers are updated and can be transferred again to the devices of buyers and sellers;

- authentication of pairings of identifiers of buyers and sellers;

- processing authenticated pairings.

And also the fact that:

- issuers and acquirers interact with each other only through the data protection server, which in the sole person has the right and the power to pair the buyer and seller, while the transmitted data does not leave traces and is not stored, including in the data protection server itself, except for short-term their operation in order to:

- verification of electronic digital signatures of the issuer and the acquirer (KSKEPP) (qualified certificate certificate key electronic signature),

- decrypting the received data from the issuer (using its own copy of the asynchronous encryption key from the pair with the specific issuer), and

- encryption and signing of data transmitted to the acquirer (using your own copy of the asynchronous encryption key from the pair with the specific acquirer - API for information and technological interaction with issuers and acquirers, including the SDK for issuers).

  Thus, in this invention the task is achieved - the prevention of unauthorized actions in the processing of data for cashless payments.

An additional useful technical result of the claimed invention is that:

- any bank can join this decision (upon successful certification and admission) only as an issuer, only as an acquirer, as an issuer and acquirer at the same time;

- joining this decision is carried out by each bank independently and independently of other banks, the types and volume of roles can be freely determined at any time;

- issuers receive a new payment function in their own mobile applications, which eliminates the need for customers to carry plastic cards / risks or lose or forget plastic cards and allows them to pay by phone;

- acquirers, in addition to directly reducing their losses on fraud, increase with this solution the volume of processed turnovers in trade and service enterprises (they start processing payment cards without the need for their physical presence, or their details), which, as a result, increases profitability transaction business;

- after the refusal of the need for bank card details, it is possible to refuse the bank cards themselves, as they are no longer involved and are not required for settlement.

Claims (26)

1. A method of processing data for non-cash payment, in which the customer’s client device is connected through an integrated network to the issuer’s server, a customer’s identifier is generated on the issuer’s server and transmitted to the customer’s client characterized in that: - connect the seller’s client device through an integrated network with the acquirer’s server, - form on the server of the acquirer and transmit to the client device of the seller the identifier of the seller, - moreover, the identifier of the buyer and the identifier of the seller do not contain payment data, - the identifier is transferred from the client’s client device to the seller’s client device, from which the buyer’s identifier and seller’s identifier are transmitted to the data protection server, or the identifier is transferred from the seller’s client device to the buyer’s client device, from which the buyer’s identifier and seller’s identifier are transmitted to the data protection server , - transmit the identifier of the buyer and the identifier of the seller through the integrated network to the data protection server, - transmit a request containing the identifier of the buyer, through an integrated network from the data protection server to the issuer's server, - transmit the payment data of the buyer in response to the data protection server, - transmit data for non-cash payment, containing the seller’s identifier and received payment data of the buyer, through an integrated network from the data protection server to the acquirer server, and the purchase data is also transmitted to the data protection server along with the buyer identifier and seller identifier. 2. The method according to claim 1, characterized in that the purchase data is also transmitted to the data protection server along with the customer identifier and the seller identifier. 3. The method according to p. 1, characterized in that as the identifier use a graphic image in the form of symbolic or alphanumeric information. 4. The method according to p. 1, characterized in that as the identifier use a graphical image in the form of a matrix two-dimensional barcode and / or linear barcode. 5. The method according to p. 3 or 4, characterized in that the identifier is transferred from one client device to another by displaying graphic information on the seller’s client device and receiving the buyer by the client device by scanning or photographing. 6. The method according to p. 3 or 4, characterized in that the identifier is transferred from one client device to another by printing graphic information to any medium using the seller’s client device and receiving the identifier from this medium by the client’s client device by scanning or photographing. 7. The method according to p. 3 or 4, characterized in that the identifier is transferred from one client device to another by displaying graphic information on the customer’s client device and receiving the seller’s client device by scanning or photographing. 8. The method according to claim 1, characterized in that the identifier is transmitted from one client device to another by means of wireless high-frequency short-range communication. 9. The method according to p. 1, characterized in that the sound signal is used as an identifier. 10. The method according to p. 9, characterized in that the identifier is transmitted from one client device to another by generating an audio signal by one device, while receiving it by another device. 11. The method according to p. 1, characterized in that they form on the server of the issuer and transmit to the client device of the buyer the identifier of the buyer, which includes the identifier of the issuer. 12. The method according to p. 1, characterized in that they form on the acquirer server and transmit to the seller’s client device the seller’s identifier, which includes the acquirer identifier. 13. The method according to claim 1, characterized in that a customer identifier is formed on the issuer’s server and transmitted to the customer’s client device, and a new customer identifier is periodically generated and transmitted to the customer’s client device. 14. The method according to claim 1, characterized in that the seller identifier is formed on the acquirer server and transmitted to the seller’s client device, and a new seller identifier is periodically generated and transmitted to the seller’s client device. 15. The method according to p. 1, characterized in that the buyer’s identifier and the seller’s identifier are transmitted via the integrated network to the data protection server using one of the signal transmission options: directly from the seller’s client device, directly from the buyer’s client device, through the issuer’s server, through the acquirer’s server . 16. The method according to claim 1, characterized in that the buyer’s payment data, as well as information available for interpretation only to certain acquirers, is transmitted from the issuer’s server in response to the data protection server. 17. The method according to claim 1, characterized in that the data on the amount entered from the client’s client device is transmitted to the data protection server together with the customer identifier and the seller identifier.

Images