WO1998025220A1 - Systeme de paiement par carte a microprocesseur - Google Patents

Systeme de paiement par carte a microprocesseur Download PDF

Info

Publication number
WO1998025220A1
WO1998025220A1 PCT/SG1997/000065 SG9700065W WO9825220A1 WO 1998025220 A1 WO1998025220 A1 WO 1998025220A1 SG 9700065 W SG9700065 W SG 9700065W WO 9825220 A1 WO9825220 A1 WO 9825220A1
Authority
WO
WIPO (PCT)
Prior art keywords
microprocessor card
card
bank
joint
payment
Prior art date
Application number
PCT/SG1997/000065
Other languages
English (en)
Inventor
Huijie Deng
Teow-Hin Ngair
Original Assignee
Kent Ridge Digital Labs (Krdl)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kent Ridge Digital Labs (Krdl) filed Critical Kent Ridge Digital Labs (Krdl)
Priority to EP97954503A priority Critical patent/EP1012762A4/fr
Priority to AU58935/98A priority patent/AU5893598A/en
Publication of WO1998025220A1 publication Critical patent/WO1998025220A1/fr

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/388Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Definitions

  • the present invention relates to the field to a system for making payment electronically.
  • the present invention pertains to a system for conducting electronic commerce efficiently and securely using a temper resistant microprocessor card.
  • the present invention is a system for implementing electronic payment with a tamper resistant microprocessor card.
  • the microprocessor card generates joint digital signatures under a joint digital signature scheme which derives- its secret signature key from secret values contributed by different parties such as user, bank and card manufacturer.
  • the joint signature is used to certify the payment among other information. It follows that no one party has complete knowledge of the secret signature keys of the other parties; therefore, the use of joint digital signature in conjunction with a microprocessor card provides unprecedented security.
  • the present invention also defines a protocol including payment, deposit, withdrawal and account opening in providing added protection against potential security attacks. Above all, the protocol also supports off-line payment transactions, thus allowing transaction to be conducted scalably and economically over various forms of electronic networks, including unsecured ones.
  • FIG. 1 illustrates three basic transactions in an electronic payment system.
  • FIG. 2 depicts an account opening transaction between a bank and a user.
  • FIG. 3 depicts an account opening transaction between a bank and a service provider (denoted by SP).
  • FIG. 4 shows a flowchart of the interaction between the user and the bank under the microprocessor card (denoted by MC) account opening protocol of the present invention.
  • FIG. 5 shows a set of possible data entries in the bank's database representing a microprocessor card account with the bank after the bank issues the new card to the user.
  • FIG. 6 illustrates a set of possible entry records in a user's microprocessor card after the user initialises it.
  • FIG. 7 is a protocol for a microprocessor card to generate a PAYMENT-CERT using the joint digital signature scheme of the present invention.
  • FIG. 8 shows a flowchart of the interaction between the user and the service provider under the payment protocol of the present invention.
  • FIG. 9 shows a flowchart of the interaction between the service provider and the bank under the deposit protocol of the present invention.
  • FIG. 10 shows the flowchart of the interaction between the user and the bank under the withdrawal protocol of the present invention.
  • the manipulations performed are often referred to in terms such as adding or comparing, which are commonly associated with the mental operations performed by a human operator. No such capability of a human operator is necessary, or desirable.
  • the operations are machine operations.
  • Useful machines for performing the operations of the present invention include general purpose digital computers or similar devices such as digital signal processors. In all cases, it should be borne in mind that there is a distinction between the method operation in operating a computer and the method of computation itself.
  • the present invention relates to method steps for conducting electronic payment with a tamper resistant microprocessor card.
  • the present invention also relates to an apparatus for performing these operations.
  • This apparatus may be specially constructed for the required purpose or it may comprise a general purpose computer as selectively activated or reconfigured by a computer program stores in the computer.
  • the algorithms presented herein are not inherently related to any particular computer or other apparatus.
  • various general purpose machines may be used with programs written in accordance with the teachings herein, or it may prove more convenient to construct specialised apparatus such as Smart Card terminal to perform the required method steps. The required structure for a variety of these machines would appear from the description given below.
  • FIG. 1 shows a general model of an electronic payment system.
  • a bank 10 refers to an agent responsible for issuing microprocessor card for electronic payment.
  • the bank 10 may also be at least one clearing house which acts on behalf of a plurality of banks in clearing electronic payments.
  • a user 20 using the microprocessor card issued by the bank 10 represents a payer who engages in electronic payment with a service provider 30 or a payee.
  • a transaction 40 between the user 20 and the service provider 30 for payment involves, but not limited to, a microprocessor card and a card reader with a link to a terminal used by the service provider 30.
  • the card reader can either be the property of the service provider 30 or the user 20.
  • the link can be a dedicated physical cable, a telephone line, a wireless link, or through other electronic networks like the internet.
  • a transaction 50 between the service provider 30 and the bank 10 for deposit involves, but not limited to, a terminal used by the service provider with a link to computer used by the bank. Similarly, this link can be any type of electronic connection.
  • the transaction 60 between the bank 10 and the user 20 for withdrawal involves, but not limited to, a microprocessor card and a card reader linked to the bank computer.
  • the card reader can be attached to a bank terminal or it can belong to some third party or the user. Similarly, the link between the card reader and the bank computer can be any type of electronic connection.
  • the bank 10 or the service provider 30 is usually represented by, but not limited to, a fully automated machine, a computer process, or a terminal.
  • a user 20 can be any type of purchasing agent like a computer system routine or an organisation representing many people.
  • FIG. 2 shows symbolically a transaction 70 for opening an electronic payment account.
  • Transaction 70 involves, but not limited to, a new microprocessor card and a trusted bank terminal with at least one card reader. It is unnecessary for the user 20 to be present and his role is taken by a proxy who can be a trusted third party or the bank 20 itself.
  • the microprocessor card is transferred or sold to the user 20 after transaction 70.
  • FIG. 3 illustrates symbolically a transaction 80 for opening an electronic deposit account.
  • the transaction 80 involves, but not limited to, a new microprocessor card and a trusted bank terminal with a card reader.
  • the microprocessor card referred to above can be any form of secure microprocessor devices including but not limited to Smart Card, PCMCIA card, or specialised computing devices.
  • the card reader mentioned briefly before can be any form of devices including but not limited to Smart Card reader and PCMCIA card reader.
  • the link between the microprocessor card and the card reader can be any type of digital signal transmission link including but not limited to physical electrical contacts, wireless communication, and infra-red link. It should be understood by one skilled in the art that the insertion of a microprocessor card into the card reader may therefore be any form of linkage between a card and a card reader including but not limited to physical insertion of card and position the card close to the card reader.
  • a PIN-number for a microprocessor card can be a short number, a number computed from an end-user's biometrics information, or any other numbers.
  • the activation can also be substituted by any other means of enabling or unlocking the access to the microprocessor card.
  • This invention describes methods of executing electronic payment using a tamper resistant microprocessor card.
  • tamper resistant microprocessor card refers to a microprocessor card which repels most but not all forms of security attack. Tamper resistant microprocessor card contrasts with its tamper proof counterpart.
  • the unique combination of public keys and digital signature achieves enhanced security without relying on tamper proof microprocessor card. This is one of the key features of the present invention.
  • identification is implemented by using a combination of hash function, digital signature and public key certificate.
  • hash function digital signature and public key certificate
  • W. Stallings “Network and Internetwork Security -- Principles and Practice", IEEE Press, Prentice Hall, Englewood Cliffs, New Jersey, 1995; and C. Kaufman, R. Perlman, and M. Spender, “Network Security -- Private Communication in a Public World”, PTR Prentice Hall, Englewood Cliffs, New Jersey, 1995.
  • a public key certificate CARD-CERT is embedded in each microprocessor card to certify its authenticity.
  • the details of how the CARD-CERT is generated and its data structure are elaborated further below in connection with the process flow as illustrated in FIGS. 4 - 6.
  • a different payment transaction certificate PAYMENT-CERT is issued by the microprocessor card.
  • the CARD-CERT and PAYMENT-CERT are not necessarily generated with the same digital signature scheme nor with the same security strength.
  • PAYMENT-CERT incorporates a notion called joint digital signature.
  • a joint digital signature is created by a signature scheme that derives its joint public and private keys from multiple (in this embodiment two) public and private key pairs. In the preferred embodiment of the present invention, the different key pairs are contributed by the bank 10 and the user 20.
  • the purpose of using joint digital signature in conjunction with a microprocessor card is to prevent any single party in electronic commerce except the microprocessor card itself from knowing the private key of the joint digital signature scheme. As such, any party receiving the PAYMENT-CERT is assured that the payment is generated by the microprocessor card on behalf of the user.
  • the present invention also allows the service provider 30 to identify and authenticate itself. As shall be elaborated further below, the overall security of electronic payment is enhanced by having a microprocessor card generate joint digital signature.
  • FIG. 4 illustrates the account opening process.
  • the user 20 requests from the bank 10 for a microprocessor card by, for example, supplying its identification information, a bank account from where cash or electronic equivalent thereof can be transferred to a new microprocessor card account, and the initial cash value of the microprocessor card.
  • the bank 10 verifies user's information in step 210 and issues the user 20 a new microprocessor card in step 230.
  • the bank 10 may optionally provide the user 20 with the hardware and software necessary for the user to perform some of the electronic payment transactions over various electronics networks. Referring again to FIG.
  • the user 20 in step 240 selects its PIN-number and a public/private key pair denoted by Pu and Su.
  • the private key Su should only be known to the microprocessor card and possibly the user.
  • Some methods in which the secrecy of key Su can be maintained are: 1 ) using a trusted bank terminal, a list of appropriate random keys is presented to the user for selection. After storing the user's selected private key into the microprocessor card, the bank terminal discards the values permanently; 2) the microprocessor card comes with a random private key generation routine, and the bank's terminal relies on this routine to create the key Su and the corresponding public key Pu", 3) since the user needs not know the value of key Su, a random private key can be stored in the card during the card's manufacturing process.
  • the bank 10 in step 250 selects a different public/private key pair denoted by Pc and Sc and an optional master key for the microprocessor card.
  • the bank 10 uses its own private key S ⁇ to create a public key certificate of the joint public key of Pc, Pu and some other information denoted by cert ⁇ (inter, info, Pc, Pu) public key certificate in the present invention contains a digital signature of the data items it certified.
  • the certificate is hereafter referred to as the CARD-CERT.
  • the CARD-CERT contains a data item inter that indicates the validity interval of the certificate. Another information data item info that identifies the bank and the microprocessor card.
  • the info also contains other relevant information like the currency unit of the microprocessor card and any constraint placed on the use of the certificate, for example, that the CARD-CERT can be used only to make telephone calls.
  • the identity of the bank is useful for electronic payment when there are multiple electronic payment systems provided by different banks or even by one single bank.
  • step 270 of FIG. 4 the bank transfers an appropriate amount of electronic cash from the user's bank account to the user's new microprocessor card account.
  • the new microprocessor card account is represented by a database record with the bank and illustrated in FIG. 5.
  • the C_balance entry of the database record is initialised accordingly.
  • step 280 the bank signals the completion of the user's microprocessor card account opening process and prompts the user to collect the new microprocessor card.
  • FIG. 6 shows a possible set of data entries which are stored in the microprocessor card after the bank and the user initialise and customise it.
  • the card# represents a number unique for each microprocessor card; the bank identifies the microprocessor card with this entry.
  • the user record entry in FIG. 5 identifies the user and its bank account from where electronic cash can be transferred to its microprocessor card account. In this same entry the bank records other important information about the user.
  • FIGS. 5 and 6 the initial value of the entry C_balance is identical.
  • This entry in the user's microprocessor card account as shown in FIG. 5 is adjusted by an appropriate value (plus any optional service fee) when the bank 10 approves an electronic payment or withdrawal.
  • FIG. 5 illustrates a possible entry record in a user's microprocessor card account after the bank and the user initialise it. While only record 1 is explicitly shown, a microprocessor card can have multiple CARD-CERT in its lifetime, and new records are added to the microprocessor card account to reflect this change.
  • sequence numbers seqf# and serif are non-repeating numbers that are used to generate PAYMENT-CERT and permit the user to participate in various other transactions.
  • the bank and service provider rely on such sequence numbers to prevent various well-known security attacks on the public key certificate and digital signature scheme, such as the replay attack.
  • the service provider 30 needs to register itself with the bank 10 before it can process any electronic payment from the user 20.
  • the registration procedure is depicted in FIG. 3
  • the account opening process is substantially the same as that of the user opening a microprocessor card account with the bank as described in FIG. 4. The only differences are:
  • the account type is designated as a deposit account in step 200 instead of a microprocessor card account
  • the service provider's bank account information in step 210 will be used for deposit instead of withdrawal; 3.
  • the entry card in FIGS. 5 and 6 is known as S_id to allow the service provider to communicate with the user and the bank; 4.
  • the entry C_balance has no value and step 270 in FIG. 4 is omitted as service provider's microprocessor card account with the bank is used for authenticating the service provider; and 5.
  • the service provider has the necessary software and hardware to accept from the user electronic payments and to deposit them with the bank.
  • FIG. 8 is a flowchart of the interaction between the user and the service provider under the payment protocol of the present invention.
  • the user uses its microprocessor card to engage in an electronic payment with a service provider.
  • the service provider is assumed to have registered with the bank so that the service provider has at least the following information: 1 ) the bank's public key and related signature information; and 2) a unique value S_id that identifies the service provider with the user and the bank.
  • S_id unique value that identifies the service provider with the user and the bank.
  • the service provider When the user 10 makes a purchase with its microprocessor card, it approaches a service provider 30, either physically or through an electronic network.
  • the user presents its microprocessor card to either the service provider's terminal or the user's own personal computing device coupled to an electronic network as shown in step 400 in FIG. 8.
  • the service provider reads the CARD-CERT within the microprocessor card and verifies its validity in step 420.
  • the verification in step 420 includes, but not limited to, checking the bank's signature on the CARD-CERT, possible blacklisting of the CARD-CERT, and the time validity specified in the value inter .
  • the service provider presents the user in step 440 with a payment specification (denoted by spec) to confirm.
  • the specification includes, but not limited to, time, date and amount of the payment, and the identity of the service provider.
  • the amount should be converted to the microprocessor card's currency unit if that is not the default unit. Should the transaction be carried over insecure transmission channel or devices, additional information specifying the full details of the purchase and delivery may also be included and probably in a compressed form. If further security is needed, the service provider will have to digitally sign the payment specification.
  • the user in step 450 enters its PIN number to approve the payment.
  • the approval of the payment is send to the microprocessor card.
  • step 480 the microprocessor card performs validity checks. If the microprocessor card has been locked due to possible errors including, but not limited to, consecutive entry of incorrect PIN numbers (the microprocessor card adjusts an error counter value whenever an incorrect PIN number is entered as in step 490), then the transaction is terminated in step 500. Otherwise, the microprocessor card checks additionally in step 510 for, but not limited to, cash balance, and any authenticated information. If successful, the microprocessor card generates in step 530 the PAYMENT-CERT using the joint digital signature on the payment specification. After receiving the PAYMENT-CERT from the microprocessor card, the service provider verifies in step 540 the joint digital signature and other possible anomalies such as duplicate PAYMENT-CERT. The service provider confirms the payment in step 570 if the verification is successful.
  • the service provider 30 performs a random on-line electronic clearance with the bank 10 or a clearing house for additional security.
  • Such clearance may be a requirement if the payment amount exceeds certain predetermined approved value.
  • FIG. 7 shows the protocol of a microprocessor card in generating a PAYMENT-CERT. It shows that a PAYMENT-CERT is a joint digital signature generated by the joint private keys represented by Sc, Su-
  • the information being signed includes the payment specification spec and an increasing sequence number ser#.
  • the payment specification can incorporate additional information.
  • the serif is a non-repeating number used to distinguish every payment under a specific CARD-CERT or a specific service provider and needs not be an increasing value.
  • the preferred embodiment of the present invention illustrates a practical implementation of generating the PAYMENT-CERT using a joint digital signature based on the Schnorr signature scheme. For information on the Schnorr signature scheme, please refer to C.P.
  • the bank chooses two prime numbers Q and P such that Q divides P - 1.
  • the bank also chooses a number g such that g is a generator of order Q.
  • the numbers P, Q, and g are public information and are made known to the public in an authenticated manner.
  • the service provider conducts a deposit transaction with the bank as illustrated in FIG. 9.
  • the data item that the service provider sends to the bank is the same information that it received from a microprocessor card - the CARD-CERT and the PAYMENT-CERT.
  • the service provider makes a deposit with the following steps:
  • the service provider can sort the payments it receives accordingly and contacts different banks appropriately. Where there are multiple PAYMENT- CERTs under the same CARD-CERT, the service provider can combine these payments for efficient transmission. It is also possible for a clearing house to process the service providers' deposits before it re-transmits to various issuing banks. In this way, the clearing house can reduce the total communication costs for deposit. With respect to verification, the clearing house can help the banks by performing the front end tasks of checking the certificates and thus alleviate the computation required of the banks' computers. Therefore, the transaction protocols of the present invention facilitate the set up of multiple clearing houses to scale up the present invention on electronic payment system.
  • the bank verifies the information it receives from the service provider in step 620 of FIG. 9.
  • the service provider identifies itself with a bank by using a unique S_id value which is incorporated in the service provider's microprocessor card or terminal. If the bank's verification is successful, then the service provider continues to transmit the electronic payments it wishes to deposit with the bank in step 640.
  • the bank transmits optionally a receipt, for example a check sum value, to confirm the transmission is error free.
  • an iteration process steps 650 - 700 follows next. For every electronic payment the bank receives, it checks if the associated CARD-CERT is valid in step 660. Such verification comprises checking the CARD-CERT's signature, validity period, and cross referencing against a list of blacklisted CARD-CERTs and the user's microprocessor card account. The bank rejects the electronic payment if any of such checks fails, and take the appropriate action for such failure. Otherwise, it continues in step 670 to check if the associated PAYMENT-CERT is valid.
  • This step involves checking its signature, its data and time validity, its SJd information against the current depositing service provider, its embedded sequence number serff against that of the user's or service provider's microprocessor card account with the bank, and the payment amount against C_balance in the user's microprocessor card account. Note that a double deposit of PAYMENT-CERT will be detected during the check of serff against that in the user's or service provider's microprocessor card account. If the preceding checks fail, then the particular payment will be rejected and the bank should be alerted of possible security breach, if any, accordingly.
  • step 690 the bank proceeds in step 690 to transfer the amount specified in the PAYMENT-CERT from the user's microprocessor card account to the service provider's deposit account, It will also update the user's or service provider's microprocessor card account on the new payment to prevent double deposit in the future.
  • step 700 the iteration process is repeated for the remaining PAYMENT-CERTs.
  • the bank sends a summary of status of the deposit session to the service provider in step 710 and ends the transaction in step 720.
  • the bank may also transmit a status report and error report to the service provider immediately after the checks in steps 660 and 670 for each payment deposit.
  • freshness identifier such as time stamp and sequence number
  • integrity check value such as digital signature
  • Withdrawal takes one of several forms: 1 ) through a bank teller by completing a transfer form; 2) via a bank terminal; or 3) from the user's computer with a link to the bank's computer.
  • FIG. 10 is a flowchart of the withdrawal protocol.
  • Authentication between the bank 10 and the user 20 is realised with digital signature.
  • Alternate means includes secret keyed one-way hash value based on non-repeating contents. The latter can be used because the tamper resistant nature of a microprocessor card resolves many potential disputes. Furthermore, verifying one-way hash value is computationally economical than verifying digital signature.
  • the contents comprise secret values and non-repeating numbers shared between the bank 10 and the user 20.
  • the user begins the withdrawal process in step 800 by inserting its microprocessor card into the appropriate bank terminal. It should be understood by one skilled in the art that withdrawal is executable through an electronic network.
  • the bank computer in step 810 reads the microprocessor card's CARD-CERT before verifying its validity in step 820. If successful, the user in step 840 is prompted to enter its PIN number, the withdrawal amount, and request for a withdrawal transaction. The information in step 840 is sent to the microprocessor card and validity of the PIN number checked in step 850. If again successful, the microprocessor card in step 870 computes an authenticated withdrawal request and sends it to the bank.
  • the request contains preferably non-repeating information, i.e., non-repeating value of seqff to foil or identify replay attack.
  • the authenticated withdrawal request optionally contains the microprocessor card's cardff , C_balance , and the specified withdrawal amount. As described above, the request contains either a digital signature or a secret keyed hash value for authentication.
  • the bank in step 880 checks the validity of the request. The check includes verifying the authentication data included in the request, and comparing the respective cash balances in the microprocessor card and the user's microprocessor card account. If successful, the bank in step 900 adjusts the user's microprocessor card account to reflect the transaction and in step 910 sends an authenticated acknowledgment to the microprocessor card.
  • the microprocessor card checks to confirm that correct transaction has been carried out by the bank.
  • the microprocessor card then adjusts its internal state in step 920 to reflect the successful conclusion of the withdrawal process.
  • the bank proceeds in step 930 to print out a transaction record and ends the withdrawal process in step 940.
  • an optional renewal of the CARD-CERT of the microprocessor card may be performed. This is done generally for the purpose of increasing the security of the system as well as helping to optimise various bookkeeping processes in the electronic payment system. Some of the conditions for such renewal may depend on values like the remaining validity period of the current CARD-CERT. As a special case, the user may request for a zero value renewal. This is useful if the user just wants to renew its microprocessor card CARD-CERT.
  • the opening of a user account is identical to that of the preferred embodiment for an electronic cash payment. The only differences are that C__balance is now used as a credit limit that the bank sets for the microprocessor card, and no cash value is transferred to the user's microprocessor card account as shown in step 270 in FIG. 4 during the account opening process.
  • Opening a service provider account is substantially the same as the steps described in the preferred embodiment of the present invention which covers an electronic cash payment system.
  • one of the advantages of the present invention is the simple and uniform setup and protocol for the service provider with respect to various forms of electronic payment.
  • the off-line payment protocol for a credit card payment is the same as that for an electronic cash payment described above. However, on-line account checking with the bank or clearing house is recommended as a policy because of the increased risk of credit card payment.
  • the deposit protocol for off-line credit card payment is substantially the same as that for off-line debit card payment.
  • One major change to the previously described deposit protocol is the manner in the bank's transfer of funds from the user's microprocessor card account. For each valid PAYMENT-CERT, the bank does not transfer the payment amount directly from the user's microprocessor card account to the service provider's account as in step 690 of FIG. 9. Instead, the payment amount subtracting any appropriate fees is deducted from the bank's own account and such transfer may be delayed according to the on-going credit card clearing policy. 3.
  • the withdrawal protocol of an off-line electronic cash payment is adaptable for a settlement protocol of a credit card payment.
  • This settlement protocol is substantially the same as the withdrawal protocol as shown in FIG. 10. The differences are that the bank's ability to impose a maximum top-up amount in step 840 in line with the bank's credit limit for that user, and that interests are chargeable for each credit transaction and late payment.
  • the protocol of the present invention does not conflict with existing credit card payment systems.
  • the present invention complements existing financial practices.
  • An example is the extension of the withdrawal protocol to accommodate a variety forms of settling credit card payments, whether be it cheques or electronic fund transfer.
  • the bank is able to reconcile such settlements and adjust the value of the entry C_balance accordingly.
  • an optional on-line withdrawal protocol can be embedded into the payment protocol where the service provider or its terminal executes transparently if the value of C-balance is insufficient to cover payment amount. In such instances, no transfer of funds occurs but the bank can update the value C_balance in the user's microprocessor card via the service provider or its terminal as soon as the user settles its credit card payment by other means. As such, the user's credit information is updated efficiently without requiring additional hardware and software overhead.
  • the third embodiment of the present invention describes a secure electronic cheque payment system.
  • the difference between an electronic cash payment and an electronic cheque is akin to the difference between cash and cheque.
  • Description below highlights changes to the setup procedure and protocol relating to the description of the preferred embodiment for electronic cash payment.
  • Opening a user account A user opens an electronic cheque account in substantially the same way as the account opening procedure for electronic cash payment. The significant changes are the omission of the C_balance entry and the absence of any cash transfer to the user's microprocessor card account in step 270 of FIG. 4.
  • C balance may optionally represent the number of cheques issued.
  • Opening a service provider account The step a service provider takes to open an electronic cheque account is substantially the same as that for electronic cash.
  • the off-line payment protocol for electronic cheque is substantially the same as that for electronic cash. The only difference is that no verification of payment amount in PAYMENT-CERT with a preset spending limit is necessary but a decrement of the C_balance , if present, limits the number of cheques issuable.
  • the deposit protocol for executing electronic cheque in this embodiment of the present invention is substantially the same as that for electronic cash in the preferred embodiment.
  • the bank transfer the payment amount directly from the user's bank account, instead of its microprocessor card account, to the service provider's account. It is possible to have insufficient fund in the user's bank account and therefore electronic cheque may bounce just as any ordinary cheque.
  • the Withdrawal Protocol does not envisage the need for a withdrawal protocol for executing electronic cheque in this embodiment of the present invention.

Abstract

Cette invention concerne un système permettant d'effectuer des paiements électroniques à l'aide d'une carte à microprocesseur (230) qui permet d'éviter toute utilisation frauduleuse. Cette carte à microprocesseur (230) va générer des signatures conjointes à l'aide d'un programme de signatures numériques conjointes dont la clé de signature secrète est dérivée de valeurs secrètes (240, 250) fournies par différentes parties telles que l'utilisateur, la banque, ainsi que des fournisseurs de services commerciaux et électroniques. La signature conjointe peut être utilisée afin de certifier (260) des paiements entre autres informations. Aucune partie n'a pleinement connaissance des clés de signature secrètes (240, 250) des autres parties, de sorte que l'utilisation d'une signature numérique conjointe et d'une carte à microprocesseur (230) permet d'atteindre un niveau de sécurité sans précédent. Cette invention concerne également un protocole de paiement, de dépôt, de retrait et d'ouverture de compte (200) qui permet d'augmenter le niveau de protection contre d'éventuelles atteintes à la sécurité. Ce protocole permet surtout d'effectuer des transactions de type paiement autonomes, ce qui permet à la transaction de se faire de manière échelonnée et économique sur divers types de réseaux électroniques, y compris ceux qui ne sont pas protégés.
PCT/SG1997/000065 1996-12-04 1997-12-03 Systeme de paiement par carte a microprocesseur WO1998025220A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP97954503A EP1012762A4 (fr) 1996-12-04 1997-12-03 Systeme de paiement par carte a microprocesseur
AU58935/98A AU5893598A (en) 1996-12-04 1997-12-03 Microprocessor card payment system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SG9611524-1 1996-12-04
SG1996011524A SG64957A1 (en) 1996-12-04 1996-12-04 Microprocessor card payment system

Publications (1)

Publication Number Publication Date
WO1998025220A1 true WO1998025220A1 (fr) 1998-06-11

Family

ID=20429528

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SG1997/000065 WO1998025220A1 (fr) 1996-12-04 1997-12-03 Systeme de paiement par carte a microprocesseur

Country Status (4)

Country Link
EP (1) EP1012762A4 (fr)
AU (1) AU5893598A (fr)
SG (1) SG64957A1 (fr)
WO (1) WO1998025220A1 (fr)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998052151A1 (fr) * 1997-05-15 1998-11-19 Access Security Sweden Ab Transaction electronique
GB2352319A (en) * 1999-05-20 2001-01-24 Mag Tek Inc Processing a data-bearing card
EP1365363A2 (fr) 2002-05-02 2003-11-26 Giesecke & Devrient GmbH Méthode pour effectuer des transactions de données à l' aide d' un dispositif de transaction comportant un composant principal et un composant annexe séparable
EP1464138A1 (fr) * 2001-12-21 2004-10-06 Qualcomm, Incorporated Procede et dispositif d'authentification audio simplifiee
WO2007121631A1 (fr) * 2006-04-24 2007-11-01 Beijing E-Hengxin Authentication Science & Technology Co. Ltd. Système et procédé de certification bancaire électronique sécurisée
US7966497B2 (en) 2002-02-15 2011-06-21 Qualcomm Incorporated System and method for acoustic two factor authentication
EP2341658A1 (fr) * 2009-12-31 2011-07-06 Gemalto SA Compteur d'erreur de cryptographie asymétrique
US8690054B1 (en) 2013-05-29 2014-04-08 The Toronto-Dominion Bank System and method for chip-enabled card transaction processing and alert communication
US8943583B2 (en) 2002-05-15 2015-01-27 Qualcomm Incorporated System and method for managing sonic token verifiers
EP2991262A1 (fr) * 2014-08-29 2016-03-02 Gemalto SA Procédé permettant de signer des données, premier et second dispositif et système correspondants
US9996826B2 (en) 1999-04-30 2018-06-12 Paypal, Inc. System and methods for facilitating value exchanges using mobile devices

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5144665A (en) * 1990-02-21 1992-09-01 Hitachi, Ltd. Cryptographic communication method and system
EP0539727A2 (fr) * 1991-10-31 1993-05-05 International Business Machines Corporation Sauvegarde/restauration d'environnement dans une installation cryptographique et duplication dans un système cryptographique à clé publique
WO1997037461A1 (fr) * 1996-04-01 1997-10-09 Hewlett-Packard Company Transmission de messages via un reseau

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2046222T3 (es) * 1987-03-04 1994-02-01 Siemens Nixdorf Informationssysteme Ag Sistema de intercambio de datos con varios terminales de usuario que contienen, respectivamente, una instalacion de lectura de tarjetas de chips.
EP0383985A1 (fr) * 1989-02-24 1990-08-29 Claus Peter Prof. Dr. Schnorr Procédé d'identification d'abonnées ainsi que de génération et de vérification de signatures électroniques dans un système d'échange de données
GB9121995D0 (en) * 1991-10-16 1991-11-27 Jonhig Ltd Value transfer system
US5396558A (en) * 1992-09-18 1995-03-07 Nippon Telegraph And Telephone Corporation Method and apparatus for settlement of accounts by IC cards
US5511121A (en) * 1994-02-23 1996-04-23 Bell Communications Research, Inc. Efficient electronic money
US5557678A (en) * 1994-07-18 1996-09-17 Bell Atlantic Network Services, Inc. System and method for centralized session key distribution, privacy enhanced messaging and information distribution using a split private key public cryptosystem
US5588061A (en) * 1994-07-20 1996-12-24 Bell Atlantic Network Services, Inc. System and method for identity verification, forming joint signatures and session key agreement in an RSA public cryptosystem

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5144665A (en) * 1990-02-21 1992-09-01 Hitachi, Ltd. Cryptographic communication method and system
EP0539727A2 (fr) * 1991-10-31 1993-05-05 International Business Machines Corporation Sauvegarde/restauration d'environnement dans une installation cryptographique et duplication dans un système cryptographique à clé publique
WO1997037461A1 (fr) * 1996-04-01 1997-10-09 Hewlett-Packard Company Transmission de messages via un reseau

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ROY BRIGHT, "Smart Cards", Published 1988, by ELLIS HORWOOD LIMITED, Chapter 6. *
See also references of EP1012762A4 *

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6308886B1 (en) 1996-01-31 2001-10-30 Magtek, Inc. Terminal for issuing and processing data-bearing documents
US7254561B1 (en) 1997-05-15 2007-08-07 Comex Electronics Ab Method and device for performing electronic transactions
WO1998052151A1 (fr) * 1997-05-15 1998-11-19 Access Security Sweden Ab Transaction electronique
US9996826B2 (en) 1999-04-30 2018-06-12 Paypal, Inc. System and methods for facilitating value exchanges using mobile devices
GB2352319A (en) * 1999-05-20 2001-01-24 Mag Tek Inc Processing a data-bearing card
EP1464138A1 (fr) * 2001-12-21 2004-10-06 Qualcomm, Incorporated Procede et dispositif d'authentification audio simplifiee
EP1464138A4 (fr) * 2001-12-21 2006-07-26 Qualcomm Inc Procede et dispositif d'authentification audio simplifiee
JP2011008801A (ja) * 2001-12-21 2011-01-13 Qualcomm Inc 簡易音声認証方法および装置
US7966497B2 (en) 2002-02-15 2011-06-21 Qualcomm Incorporated System and method for acoustic two factor authentication
EP1365363A2 (fr) 2002-05-02 2003-11-26 Giesecke & Devrient GmbH Méthode pour effectuer des transactions de données à l' aide d' un dispositif de transaction comportant un composant principal et un composant annexe séparable
EP1365363A3 (fr) * 2002-05-02 2004-08-25 Giesecke & Devrient GmbH Méthode pour effectuer des transactions de données à l' aide d' un dispositif de transaction comportant un composant principal et un composant annexe séparable
US8943583B2 (en) 2002-05-15 2015-01-27 Qualcomm Incorporated System and method for managing sonic token verifiers
WO2007121631A1 (fr) * 2006-04-24 2007-11-01 Beijing E-Hengxin Authentication Science & Technology Co. Ltd. Système et procédé de certification bancaire électronique sécurisée
WO2011080274A1 (fr) * 2009-12-31 2011-07-07 Gemalto Sa Compteur d'erreurs de cryptographie asymétrique
EP2341658A1 (fr) * 2009-12-31 2011-07-06 Gemalto SA Compteur d'erreur de cryptographie asymétrique
US8690054B1 (en) 2013-05-29 2014-04-08 The Toronto-Dominion Bank System and method for chip-enabled card transaction processing and alert communication
US8864024B1 (en) 2013-05-29 2014-10-21 The Toronto-Dominion Bank System and method for chip-enabled card transaction processing and alert communication
EP2991262A1 (fr) * 2014-08-29 2016-03-02 Gemalto SA Procédé permettant de signer des données, premier et second dispositif et système correspondants
WO2016030132A1 (fr) * 2014-08-29 2016-03-03 Gemalto Sa Procédé de signature de données, et premier dispositif et système correspondants

Also Published As

Publication number Publication date
EP1012762A1 (fr) 2000-06-28
SG64957A1 (en) 1999-05-25
AU5893598A (en) 1998-06-29
EP1012762A4 (fr) 2001-01-24

Similar Documents

Publication Publication Date Title
US7330836B2 (en) Method and system for secure authenticated payment on a computer network
Asokan et al. The state of the art in electronic payment systems
US7444676B1 (en) Direct authentication and authorization system and method for trusted network of financial institutions
US7096494B1 (en) Cryptographic system and method for electronic transactions
US6868408B1 (en) Security systems and methods applicable to an electronic monetary system
US8438116B2 (en) Token based new digital cash protocols
US10535065B2 (en) Secure payment transactions based on the public bankcard ledger
US6908030B2 (en) One-time credit card number generator and single round-trip authentication
CA2329032C (fr) Systeme et procede cryptographiques pour transactions electroniques
US20010039535A1 (en) Methods and systems for making secure electronic payments
US20040059952A1 (en) Authentication system
US20040236632A1 (en) System and method for conducing financial transactions using a personal transaction device with vehicle-accessed, payment-gateway terminals
US20020128983A1 (en) Method and device for returning of change in an electronic payment system
KR20020039318A (ko) 전자 화폐 시스템
EP1012762A1 (fr) Systeme de paiement par carte a microprocesseur
Levi et al. CONSEPP: Convenient and secure electronic payment protocol based on X9. 59
CN116802661A (zh) 基于令牌的链外交互授权
Van Herreweghen et al. Risks and Potentials of Using EMV for Internet Payments.
US20220101286A1 (en) Method of authenticating a customer, method of carrying out a payment transaction and payment system implementing the specified methods
US20040015688A1 (en) Interactive authentication process
WO2002091144A1 (fr) Procede de transactions securisees au moyen de deux reseaux public
Kravitz Highly scalable on-line payments via task decoupling
Xiao et al. A purchase protocol with live cardholder authentication for online credit card payment
Al-Meaither Secure electronic payments for Islamic finance
Waidner Electronic Payment Systems

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AU CN JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 09319373

Country of ref document: US

WWE Wipo information: entry into national phase

Ref document number: 1997954503

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1997954503

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1997954503

Country of ref document: EP