Title
System and method for payment Technical field
The present invention pertains to a system and a method, in a network for telecommunication and data communication, for consumption of at least one of the categories services and goods comprising a code signaling scheme for authorization of the consumption of services and goods.
Background art Actors described in the following make up the current electronic payments market. Consumers purchase from merchants and service providers using cards issued them by issuers. Issuers enable their consumers to conduct electronic purchases. Typical issuers include card scheme enablers, mobile operators, consumer banks and retail chains, i.e. parties that either hold the consumer account or that bill the consumer on a regular base. Merchants and Service Providers sell their goods and services to consumers and expect to get paid soon after a transaction has been authorized. Acquirers enable merchants and Service Providers to accept electronic purchases. Typically, acquirers are the merchant banks. Collectors provide the necessary network between the merchant, issuer and acquirer, and route transactions and authorizations between the parties. Issuers and acquirers are part of an interoperability network that ensures them a correct funds transfer during transaction clearing. All of the above mentioned players need a form of technical infrastructure to facilitate an electronic purchase or other consumption. Those are named technology providers which provide players with appropriate technology. In order to enable electronic payments a certain amount of infrastructure and interfaces are required. To make a purchase a consumer needs a number of identification tools, depending on the situation examples are: • A card
• A PIN code
• An item of identification
• His / her signature
• A PC with an internet connection
To accept a payment a merchant / service provider needs authorizing equipment such as:
• Electronic Point-of-Sales (ePOS) terminal
• A phone line that links the ePOS terminal to the collector.
• Internet payment provider technology
In order to allow their customers to make purchases an issuer needs to:
• Have card purchase authorization infrastructure (white list, black list, online authorization)
• Be a member of an interoperability scheme
In order to acquire payments the acquirer needs to:
• Have electronic acquisition infrastructure • Be a member of an interoperability scheme
In order to collect payments the collector needs to:
• Assume the role as the backbone for connection to merchants and service providers
• Control the card purchase authorization infrastructure (white list, black list) Between the above mentioned market actors using the existing infrastructure and interfaces there exist a number of established relationships where the actors are interacting.
An issuing relationship must exist between an issuer and the consumer prior to any purchase. Issuers issue payment means to their consumers. Today, these payment means typically consist of debit or credit cards. Often, yet not always, the issuer can also be a consumer account holder. There exists a relationship between the issuer / account holder and the consumer that is based on trust and some form of legal agreement that stipulates the rights and responsibilities of the consumer and of the issuer / consumer account holder with regard to the rights and obligations at the moment of purchase. An acquisition relationship must exist between a merchant or service provider and an acquirer prior to any purchase. There exists a relationship between the acquirer and the merchant in which the acquirer agrees to debit the merchant if the merchant can provide a correct proof of transaction. In electronic payment schemes, the acquirer typically provides a hardware or software tool to the merchant that automates the purchase authorization process and transaction collection for the merchant.
At the moment of purchase a consumer presents the issued payment means to the merchant, who will request for an authorization from his acquirer with the help of the terminal the acquirer has provided to the Merchant. At a physical store, the card is typically
swiped in a point of sales terminal into which the in-store personnel has already entered the transaction amount. Depending on the type of POS terminal the consumer will be requested to either enter a PIN code or provide identification. Over the Internet the card number and expiration date is normally enough to initiate a payment. The issuer steers the authorization of its consumers' purchases. When a consumer attempts to conduct a payment, a request for authorization arrives at the issuer where the transaction is either denied or authorized depending on whether or not the consumer has available means or enough credit to cover the transaction. It should be noted that the authorization can also take place off-line in the merchant terminal or at the collector. Authorization rules are always controlled by the issuer however, e.g. through a white-list or black-list.
After a transaction has taken place it has to be cleared; money has to be moved from the consumer's account and transferred to the merchant's account. This typically takes place during the night and the merchant can count on having his/her money within 24 to 48 hours.
As an example of a purchase or consumption of it, the following fictive but possible scenario is provided. Joe Smith's bank issues him a Visa card (and a PIN code). The card has a direct debit link to Joe's bank account. Joe goes to Johnson's Pet store and presents his card at the moment of purchase. The shop attendant swipes the card in the standard credit card terminal and types in the amount. An authorization request is routed to the collector, who forwards it to Joe's bank. After authorization at the bank, the transaction authorization is sent back via the collector to the Pet store. The authorization approval pops up on the termmal screen, a transaction is stored in the credit card terminal, and the Mr. Johnson happily provides the purchased goods to Joe. Later during the evening, Mr. Johnson sends all transactions collected during that day via the collector to his acquiring bank, which reimburses him the total transaction amount. The acquiring bank clears the transactions with Joe's bank through the local clearing house.
It is a problem with current day transactions when a consumer transfers authorization through the same communication channel as a provider of services and goods. There should be possibilities free from demanding the consumer identification and authorization input through a provider authorization means, which would minimize the risk for possible eavesdropping or fraud at a provider site. Such possibilities would increase consumer integrity in omitting to expose the consumer identity at the provider.
Summary of the described invention
The present invention provides a system and method to order a service or make a purchase at a provider of services and goods, separated from using the provider's equipment in order to be authorized for the services and goods consumed. The expression consume in accordance with the present invention should be interpreted as a consumer closing a transaction to the provider, i.e., the consumer consumes the services or goods through a monetary payment or through a payment with bonus points. Alternatively, consuming a service refers to the consumer gaining access to a location, in which the transaction closed by the consumer to the provider is an authorization transaction.. Hence, the present invention sets forth a system, in a network for telecommunication and data communication, for consumption of at least one of the categories services and goods comprising a code signaling scheme for authorization of the consumption of services and goods. It comprises an issuer of identification and authorization rights using an authorization host for storing and managing the authorization rights. Further it comprises a provider for services and goods. The provider using an electronic authorization means comprising a authorization means unique identification code, the authorization means being adapted to accept a global issuer identification code issued by the issuer, through an interface means. Said global issuer identification code identifying the issuer in the network, and the authorization means being provided interface means connected to the network for transmission of data to the issuer used host in which the issuer identification code is used to identify and find the issuer used host in the network.
It further comprises a standardized protocol signaling between the issuer used host and the provider authorization means in order to accomplish a transaction that authorizes a consumption of the services and goods. Still further it comprises an issuer consumer identification code, provided to a consumer and also electronically stored at the issuer used host. The consumer having access to a communication means free from the provider authorization means enabling communication from the consumer to the issuer used authorization host.
At the time for a consumption of the services and goods by the consumer, the provider authorization means signals the authorization means unique identification code together with the global issuer identification code through the network to the issuer host. Thus, the standardized protocol signaling recognizes the issuer used host as the receiving party through the global issuer identification code. The consumer, at or close to the time for consumption, transmitting an authorization means unique identification code, together with
the issuer consumer identification code to the issuer host through the communication means.
Further, the issuer used host receiving the issuer consumer identification code and the authorization means unique identification code identifying the consumer as being a registered consumer. Whereby, the issuer used authorization host is verifying that the authorization means unique identification codes transmitted from the authorization means and the communication means are corresponding to each other. Hence authorizing the consumption by acknowledge signaling the authorization to the provider authorization means, without or free/distincted from demanding the consumer identification and authorization input through the provider authorization means. Hence, minimizing the risk for possible eavesdropping or fraud at the provider site, and increasing consumer integrity in omitting to expose the consumer identity at the provider.
One embodiment of the present invention comprises that the providers authorization means is an electronic point of sales terminal, such as POS or ePOS. Another embodiment provides that the issuer identification code is stored on a provider card at the point of sales terminal, and that at the time for a consumption of said services and goods by said consumer, said provider card is used to provide the issuer identification code to the provider authorization means through said interface means.
A further embodiment provides that the issuer identification code is stored in a software program at the point of sales terminal, and that at the time for a consumption of said services and goods by said consumer, said software is used to provide the issuer identification code to the provider authorization means through said interface means.
A still further embodiment comprises that the providers authorization means is providing said unique authorization means identification code on a web-page. Yet a still further embodiment provides that the interface means are presented to the consumer in the form of a web-page. Yet a still further embodiment provides that the issuer identification code is entered to the provider authorization means web-page at the time for a consumption of said services and goods by said consumer.
Another embodiment provides that the issuer identification code is stored in a software program connected to the web-page, and that at the time for a consumption of said services and goods by said consumer, said software is used to provide the issuer identification code to the provider authorization means through said connected interface means. Yet another embodiment comprises that a consumer enters the issuer identification code at said web-page.
Yet a further embodiment provides that said consumers communication means free/distinct from said authorization means is a mobile commumcation device.
In a further embodiment the issuer consumer identification code is the CLI number of said mobile communication device. In another embodiment the authorization means unique identification code, communicated to said issuer host through said communication means, consists of a telephone number that is terminated at the issuer used authorization host, said consumer being able to communicate the telephone number to the issuer host by dialing it.
Still another embodiment comprises that the issuer identification code has the format of a standard transaction card number.
The present invention also sets forth a method, in a network for telecommunication and data communication, for consumption of at least one of the categories services and goods comprising a code signaling scheme for authorization of the consumption of services and goods as claimed in the attached set of method claims. Brief description of the drawings
Henceforth the present invention is described by reference to the attached figures for a better understanding of given embodiments and examples, whereby:
Fig. 1 schematically illustrates a prior art signalling scheme for a momentary purchase relationship; Fig. 2 schematically illustrates a signalling scheme for a purchase in accordance with the present invention; and
Fig. 3 schematically illustrates block diagram for a purchase in accordance with the present invention.
Definitions The following definitions are used or relied on throughout the description of the present invention.
Issuer:
A person or organisation that issues to a consumer right for identification and/or transaction authorization at providers, either by providing the consumer with a physical and/or electronic identification means (e.g. standard cards) or by guaranteeing identification and or transaction authorization at providers if the consumer communicates at least a consumerlD to an authorization host via an ePOS (electronic Point Of Sales) equipment or via a different communication means according to an agreed-upon procedure. The issuer also provides or
directs to an authorization host with means to perform a consumer authorization based on at least the consumerlD and an ePOSID from the ePOS at a provider.
Typical issuers include card scheme enablers, mobile operators, consumer banks and retail chains, i.e., parties that either hold a consumer account or that bill a consumer on a regular basis. The means for authorization typically includes a standard card.
Consumer:
A person or organisation to which is issued identification right by an issuer. Identification means can be used for identification or transaction authorization at a provider in an authorization scheme.
Card holder:
A card holder is a consumer that receives a standard card as the identification means in a standard card authorization scheme.
Provider:
A provider is a person or organization that requires to receive identification of a consumer or to receive transaction authorization in a standard authorization scheme or in accordance with the authorization scheme of the present invention in order to provide services or goods to the consumer. This person or organization is having access to a standard ePOS infrastructure for this purpose.
Authorization:
The term authorization refers here to both the identification of a consumer at an provider, or to the authorization of a transaction (for monetary, loyalty or other purposes) between an consumer and a provider in a standard authorization scheme or in the authorization scheme of the present invention in order to deliver services or goods to the consumer.
One example of consumer identification with an electronic card at a provider is a person (consumer) using a card (standard card) to get access to a building. The card reading infrastructure and electronic door opener at the building is than the ePOS.
Another example of the authorization of a transaction between an consumer and a provider by means of a standard card is a consumer paying goods at a merchant (provider)
with a credit card, for example a VISA ® card (standard card), in which the merchants ePOS receives the transaction authorization from the consumer bank (issuer).
Card authorization: A card authorization is a consumer authorization at a provider in a standard card authorization scheme.
Standard card authorization scheme:
This is the authorization scheme in any electronic card transaction scheme, for example, the one described above, in which a card holder uses a standard card as identification means in order to be authorized at a provider to gain access to a service or goods, and in which the provider can obtain transaction authorization from the standard authorization host by communicating data stored on the standard card between the standard ePOS and the standard authorization host. It uses a standard card protocol for all communication between the ePOS and standard authorization host during an authorization.
Authorization scheme:
This term refers to both standard card authorization schemes and authorization schemes in accordance with the present invention.
Standard card:
A card that is issued by a card issuer to a consumer and that is used by the consumer for identification and/or transaction purposes and that contains at least the following data: 1) Global issuer identification code=issuerID: data that can be used to identify the card issuer. 2) CardholderlD (an issuer consumer identification code): data that can be used to authorise the card holder.
Provider card:
It is a card, connected to a provider, which has identical functionality as standard cards in every aspect (physical shape, format, functionality, data format,...), except for the following differences:
1) The data field containing an issuerLD on a standard card, is adapted to contain data that identifies the issuer of the consumer, the issuer used authorization host, or any other trusted party agreed on by the issuer (e.g. a collector as described above), in the payment scheme of the present invention.
2) The data field that is used to identify a standard card holder or an account of the standard card holder on a standard card, does not need to contain any useful or meaningful data on a provider card. It may however contain usefull data, e.g. data that is linked to the provider and that may or may not be retrieved by the issuer used authorization host during a transaction.
Card issuer:
Issuer, as defined above, that issues a standard card to its consumers, which the standard consumer can use for identification and/or transaction purposes.
Standard card authorization host:
A system used by a card issuer, or any other trusted party agreed on by the card issuer (e.g. a collector as described above). It is adapted to receive card authorization information from an ePOS of a retail provider and to use that card authorization information to authorize a transaction or delivery of goods or services by a provider to a card holder, and further adapted to communicate this authorization to the provider.
Authorization host:
System in accordance with the present invention, used by an issuer or any other trusted party agreed on by the issuer (e.g. a collector as described above) in a payment in accordance with the present invention. It provides the same interface to provider ePOS systems as are provided by a standard card authorization system to receive card authorization information from an ePOS of a retail provider and to communicate this authorization to the provider. ePOS or ePOS infrastructure: Electronic Point-Of Sales terminal; this is the terminal at a provider, adapted to receive information from standard cards and adapted to communicate with a standard card authorization host with a standard card protocol. It is adapted to send an authorization request AuthREQ and to receive an authorization result AuthRES. Such ePOS are currently available in many providers that accept standard cards. Such ePOS typically contain (but not
necessarily) a magnetic card reader or chip card reader to read electronic data stored on a standard card.
Such epos, also typically provide (but not necessarily) the possibility to manually enter a cardholderlD (e.g. the standard card number presented on the standard card) to the ePOS for authorization purposes.
It should be noted that the term ePOS also can refer as the authorisation provider to an apparatus that is adapted to provide a service to a customer. An example of the latter is an apparatus that is adapted to read card data from a customer and that provides the consumer access to a building if the consumer access to the building is authorized.
Standard card protocol:
The communication protocol used by a standard card authorization scheme in the communication of authorization requests (AuthREQ) and authorization results (AuthRES) between ePOS infrastructure and standard card authorization hosts in which the ePOS identifies itself to the standard card authorization system with an ePOSLD and in which the standard card authorization system communicates the identification or authorization result (AuthRES) to the ePOS. Such standard card protocol includes VISA ® standards or EMV standards, e.g..
ePOSID:
Is data that can be used by an authorization host to identify the ePOS used during an authorization in an authorization scheme. Such data is stored in electronic format in or at an ePOS in an authorization scheme and communicated between ePOS and authorization host during an authorization for the purpose of identifying the ePOS to the authorization system.
In the authorization scheme according to the present invention, such data is also communicated by a consumer to an authorization host in accordance with the present invention as part of identification data. It is to be noted that in the authorization scheme of the present invention, the format of the ePOSLD data may or may not differ in the communication between the ePOS and an issuer used authorization host, and in the communication between the consumer and the issuer used authorization host. The issuer used authorization host is adapted to interpret that the ePOSLD data received from both the consumer and the ePOS refer to the same ePOS.
It is the data communicated by the consumer to the authorization system of the present invention over a communication channel, which is free or distinct from the communication channel between the ePOS during a transaction authorization or identification request that contains the necessary information for the authorization system of the present invention to identify the ePOS infrastructure that requests the transaction authorization or identification.
ConsumerLD = issuer consumer identification code:
The data used by an authorization host to identify the consumer during an authorization in an authorization scheme. In a standard card authorization scheme, the consumerJD consists of a cardholderlD. In a present invention authorization scheme, the consumerLD is communicated by the consumer to the issuer used authorization system as a part of the additional identification data during an authorization. It is the data communicated by the consumer to the authorization system of the present invention over a communication channel different, free or distinct from the communication channel between the ePOS and the novel authorization system, during an transaction authorization or identification request that contains the necessary information for the authorization system of the present invention to identify the consumer or consumer account that needs to be identified or that is necessary to perform the transaction authorization.
IssuerLD:
Data used to identify the issuer during an authorization in an authorization scheme. In a standard card authorization scheme, such data is stored on the standard card and may be, but does not have to be, used by the standard card protocol to determine the authorization host in the authorization. It should be noted that in certain embodiments the issuerLD can be provided to the consumer in the form of a standard card number.
AuthREQ:
This comprises the data communicated between an ePOS and an authorization host as part of a standard card protocol, in which a request for transaction authorization or consumer identification is expressed by the ePOS to the authorization host.
In a standard card authorization scheme, the authorization request information includes at least ePOSID, issuerLD and cardholderlD. In an authorization scheme in
accordance with the present invention, the authorization request information includes at least ePOSID and issuerlD.
AuthRES: The data communicated between an ePOS and an authorization host as part of a standard card protocol, in which the authorization host to the ePOS expresses the authorization result information.
Additional identification data: The consumerLD and the ePOSID, i.e. the minimum amount of data that the consumer communicates to the authorization system of the present invention during an authorization in the authorization scheme in accordance with the present invention.
Detailed description of preferred embodiments If a novel payment scheme comprising a signalling scheme for the same is to be launched on the current market, for example, involving a mobile payment system, there exists a need for a payment infrastructure as describedin Background Art above. The cost of building out such a network over a large area from scratch is humongous. Therefore, the present invention provides a system and a method with which a major part of the existing infrastructure for card transactions can be used as infrastructure for the authorization scheme in accordance with the present invention.
The present invention comprises a new electronic transaction system and method in which a consumer can perform electronic transactions at a provider. It provides that a consumer does not have to possess or carry a card such as a smart card, credit card or the like. In one embodiment the system and method of the present invention makes use of an existing ePOS infrastructure at a provider and an existing ePOS communication network for communicating authorization data to and from the provider. The system and method of the present invention are not requiring any adaptation of an existing provider ePOS infrastructure and/or ePOS communication network, different from the standard adaptation required when enabling a new card issuer at the provider. Also, the system and method are not requiring any new infrastructure at an existing provider ePOS infrastructure and/or ePOS communication network in order to function as a service or goods provider in the proposed payment method. Therefore, the present invention enables a cheap and easy implementation and distribution of a new authorisation or transaction system.
A payment system in accordance with the present invention includes the following parties and components. A consumer can communicate so-called additional identification data. This additional identification data must at least contain: 1) consumerLD 2) ePOSID
It also includes a retailer or provider of services and goods as defined in the present invention, with access to ePOS equipment for card transactions and with access to a so-called retailer card. In the transaction scheme according to the present invention, a consumer identifies him/herself to the issuer used authorization host by means of the so-called additional identification data. This additional identification data should at least contain consumer identification data and ePOS identification data and is provided to the issuer authorization host at or close to the moment of purchase. The additional identification data is used by the issuer used authorization host to identify the consumer and the ePOS terminal at the provider that should authorize the consumer access to service or goods. Providing additional identification data and its transfer from consumer to payment provider authorization infrastructure can take place in different ways.
A transaction could involve placing a phone call by the consumer with his/her mobile communication device, such as a cellular phone, PDA (Personal Digital
Administrator) and/or other devices comprising cellular call technology, to a telephone number displayed at the ePOS terminal. The consumer's mobile device's A-number (also called Calling Line Identification or CLI) in one embodiment of the present invention functions as the consumerLD or issuer consumer identification code, while the B-number, which is the telephone number displayed at the ePOS termmal and which the consumer dials,is used as the ePOSID and routes the telephone call through the telephone network to the issuer used authorization host where it is used to identify the ePOS terminal.
Fig. 1 is schematically illustrating a prior art signalling scheme for a momentary purchase relationship between a consumer 10 and a merchant or service provider 12. Goods and services displayed with reference numeral 14 in Fig. 1 provide examples of services and goods that can be consumed. As mentioned the expression consume in accordance with the prior art example should be interpreted as a consumer closing a payment to the provider, i.e., the consumer consumes the services or goods through a payment. From left to the right in Fig. 1 the icons depicted for a purchase relate to vehicle parking, gambling, food, vending machine
products, cellular phone services and purchasing from a web-page. The present invention is not limited to purchase of services or goods mentioned here. They are only examples of possible items for a purchase. A purchase made by a consumer 10 is often performed by the use of a banking or credit card, which is the case in the embodiment of a prior art purchase depicted through Fig. 1. Thus the consumer card has to be slide in a slot at, for example, an ePOS, or the consumer card number has to be entered on a merchant website, or otherwise the consumer has to identify himself through the use of the ePOS in order to provide an authorization for an intended purchase of services or goods 14.
There are other actors taking part in a purchase in accordance with the scheme of Fig. 1 such as a collector-16 which diverts signalling for authorisation and/or transaction collection of a purchase made by a consumer 10 from the provider 12 to the issuer 18 of a card such as a smart card, credit card or the like by virtue of an issuerLD on the card used. The issuer 18 checks through databases that the consumer 10 is creditable and authorizes a purchase to the provider. An acquirer 20 receives a transaction transmission of the amount of payment for the purchase from an issuer after a clearing instance 22 has cleared the fransaction through an interoperability backbone network between the issuer 18 and the acquirer 20. An acquirer 20 is typically a bank.
An embodiment of a prior art signalling scheme between involved parties is indicated through dotted arrows in Fig. 1. The dashed arrow depicts a monetary purchase relationship between a co stumer 10 and a provider 12. The solid line arrow at the left in Fig. 1 depicts an existing business 18 to customer 10 relationshipbetween an issuer and the consumer, and the solid line arrow at the right in Fig. 1 a long-term business to business relationship between an acquirer 20 and a provider 12.
The present invention provides a new and inventive system and method for a consuming services and goods such as, e.g. purchasing through a web-page, an ePOS terminal or the services of entrance control. Fig. 2 schematically illustrates a signalling scheme for a purchase or consumption in accordance with the present invention. Here, a consumer 10 receives service and product info, for example, from a provider 12 of such information through a web-page, in a store, or at a retailer as indicated with the reference numeral 14 indicated with a dashed arrow in Fig. 2. The used signalling scheme for a consumption of services or goods follows more or less the scheme depicted in Fig. 1 by the use of standard protocols between the parties provider 12, issuer 18 and acquirer 20. A big difference though between the prior art consumption of services and goods is emphasised by the signalling path 24 schematically depicted with a bold solid arrow. Here, in order to close a consumption the
consumer does not provide any kind of identification codes and/or authorization by signalling it to the provider or through devices such as ePOS terminals at a providers premises.
In one embodiment of the present invention, the consumer 10 uses a cellular phone or other device comprising cellular radio equipment, and directly performs his authorization attempts with a mobile payment enabler26, that is part of the issuer used authorisation host. In the embodiment, depicted in Figure 2, at least a part of the issuer used authorisation host is placed at a authorisation /transaction collector. In the embodiment of the present invention a consumer 10 is free/separated from being demanded to enter consumer identification and authorization input through the provider authorization means, i.e. by sliding a credit card in a slot, such as ePOS, and hence minimizing the risk for possible eavesdropping or fraud at the provider site or premises, and thus increasing consumer integrity in omitting to expose a consumer 10 identity at the provider. Also, if the consumer consumes an item over Internet through a web-page he/here do not have to signal any credit card details to the provider of services and goods. In the following, with reference to Fig. 3, a detailed description of how a consumption of services and goods in accordance with the present invention is accomplished will be provided. Fig. 3 schematically illustrates block diagrams for consumption or purchase in accordance with the present invention. The Fig. 3 displays four main blocks which represent a consumer 10, a provider 30 for a consumption, a standard card authorization host 32 and an issuer 18. The blocks 10, 30 and 32 are signal connected in accordance with the depicted solid line arrows. An issuer 18 does not have to be responsible for hosts such as authorization host 32 with its computerized environment for authorization purposes, which is explicitly shown by not being signal connected with the other blocks 10, 30, and 32. Therefore, the standard card authorization 32 host in the following is referred to as used by an issuer 18 in order to promote authorization data.
A non limiting number of possible devices or items that can make up the consumer 10 block and provider 30 block is provided here, whereby the consumer 10 block can depict cellular phone technology equipped devices for authorization communication with the standard card host 32, or it can depict a world wide web communication link. The provider 30 block can depict a web-page for consumption of services and goods, or a provider of services and goods such as a store or a retailer. Provider 30 block can also depict an entrance allowance system, for example, regarding opening of doors etc.
The present invention uses a network for telecommunication and data commumcation, schematically indicated by the solid arrows 34, 36 in Fig. 3, for consumption
of at least one of the categories services and goods 14. It further comprises a code signaling scheme for authorization of the consumption of services and goods 14. It comprises an issuer 18 of identification and authorization rights using an authorization host 32 for storing and managing the authorization rights. Further it comprises a provider 12, 30 for services and goods. The provider 12,
30 is using an electronic authorization means 38 comprising an authorization means unique identification code 40 herein named ePOSID. The authorization means 38 is adapted to accept a global issuer identification code 42 herein named issuerlD and issued by the issuer 18. This global issuer identification code 42 identifies an issuer in the network 34, 36. Also the authorization means 38 is provided interface means 44. It can constitute, for example, a retailer card. It is connected, through the authorization means 38 to the network 34, 36 for transmission of data to the issuer used host 32 in which the issuer identification code 42 is used to identify and find the issuer used host 32 in the network. The interface means 44 can as well be realized through software residing in the authorization means 38 and, for example, being activated to signal through an ePOS terminals 38 appropriate key, push button or the like.
The system also comprises a standardized protocol signaling between the issuer used host 32 and the provider authorization means 38 in order to accomplish a transaction that authorizes a consumption of the services and goods 14. It further comprises an issuer consumer identification code 46, provided to a consumer 10 and also electronically stored at the issuer used host 32. The consumer 10 has access to a communication means 31 free and separated from the authorization means 38 enabling communication from the consumer 10 to the issuer used authorization host 32.
At the time for a consumption of the services and goods 14 by the consumer 10, the provider authorization means 38 signals, by signal authREQ, the authorization means unique identification code 40 together with the global issuer identification code 42 through the network 34 to the issuer host 32. Thus, the standardized protocol signaling recognizes the issuer used host 32 as the receiving party through the global issuer identification code 42. The consumer, at or close to the time for consumption, transmits an authorization means 38 unique identification code 46, 40, together with an issuer consumer identification code 46, consumerLD, to the issuer host 32 through the communication means 31. Further, the issuer used host 32 is receiving the issuer consumer identification code 46 and the authorization means 38 unique identification code 40 identifying the consumer 10 as being a registered consumer. The issuer used authorization host 32 is verifying that the authorization
means unique identification codes 42 transmitted from the authorization means 38 and the communication means 31 are corresponding to each other. Hence, authorizing the consumption by acknowledge signaling, by the signal authRES, the authorization to the provider authorization means 38, without and free from demanding the consumer 10 identification and authorization input through the provider authorization means 38. Hence, minimizing the risk for possible eavesdropping or fraud at the provider site or premises 30, and thus increasing consumer integrity in omitting to expose the consumer identity at the provider.
As mentioned in one embodiment of the present invention the providers 14, 30 authorization means 38 is a point of sales terminal. Another embodiment provides that the issuer identification code 42 is stored on a retailer card. In this embodiment interacting with the interface means 44 at the point of sales terminal 38, and that at the time for a consumption of services and goods 14 by the consumer 10, the retailer card is used to provide the issuer identification code 42 to the provider authorization means 38 through the connected interface means.
One embodiment of the present invention comprises that a consumer 10 enters the issuer identification code 42 at a web-page, e.g. in the form of a standard card number.
The issuer consumer identification code 46 in one embodiment of the invention is the CLI number (Calling Line Identity number) of a mobile communication device 31. In another embodiment the authorization means 38 unique identification code
40, communicated to the issuer host 32 through the communication means 31, consists of a telephone number that is terminated at the issuer used authorization host 32, whereby the consumer can communicate the telephone number to the issuer host by dialing it.
Another embodiment comprises that the issuer identification code 42 has the format of a standard transaction card number.
The present invention is not intended to be limited to given examples and embodiments. It is the attached set of claims that defines other possible embodiments to a person skilled in the art.