WO2002103642A3 - Method and system for secure credit card transactions - Google Patents

Method and system for secure credit card transactions Download PDF

Info

Publication number
WO2002103642A3
WO2002103642A3 PCT/US2001/019513 US0119513W WO02103642A3 WO 2002103642 A3 WO2002103642 A3 WO 2002103642A3 US 0119513 W US0119513 W US 0119513W WO 02103642 A3 WO02103642 A3 WO 02103642A3
Authority
WO
Grant status
Application
Patent type
Prior art keywords
merchant
customer
information
credit card
billing digest
Prior art date
Application number
PCT/US2001/019513
Other languages
French (fr)
Other versions
WO2002103642A2 (en )
Inventor
James P Hughes
Michael L Leonhardt
Steven H Mccown
Charles A Milligan
Original Assignee
Storage Technology Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/045Payment circuits characterized in that the payment protocol involves at least one ticket
    • G06Q20/0453Payment circuits characterized in that the payment protocol involves at least one ticket the ticket being an electronic receipt
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/14Payment architectures specially adapted for billing systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/24Credit schemes, i.e. "pay after"
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices using electronic wallets or electronic money safes with the personal data files for a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Card specific authentication in transaction processing
    • G06Q20/4093Monitoring of card authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Card specific authentication in transaction processing
    • G06Q20/4097Mutual authentication between card and transaction partners
    • G06Q20/40975Use of encryption for mutual authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • G07F7/122Online card verification

Abstract

A customer making a credit card transaction inserts their smart card into a card reader attached to the merchant's system. The card reader activates the customer's card and passes certain merchant information. The merchant's system then requests a 'billing digest' from the customer's card. The billing digest is returned to the merchant's card reader that forwards it (and the transaction information which includes customer information and merchant information) to the corresponding credit card issuer, which maintains the customer's credit card account. In one embodiment, the customer information and the merchant information are encrypted. Upon receiving the billing digest, transaction information is decrypted if necessary and the credit card issuer looks up the customer's master key using the customer's account number. The credit card issuer then uses the transaction information to re-compute the billing digest (an authentication billing digest) and compares this new value with the billing digest submitted by the merchant. If authentic, the billing digest and authentication billing digest values are equivalent, then funds are transferred and an acceptance notification is returned to the merchant. If not authentic, a denial notification is returned to the merchant. Security is further enhanced by utilizing a unique reference for each transaction in the unique customer information used for creating the billing digest.
PCT/US2001/019513 2001-06-19 2001-06-19 Method and system for secure credit card transactions WO2002103642A3 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2001/019513 WO2002103642A3 (en) 2001-06-19 2001-06-19 Method and system for secure credit card transactions

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2001268548A AU2001268548A1 (en) 2001-06-19 2001-06-19 Method and system for secure credit card transactions
PCT/US2001/019513 WO2002103642A3 (en) 2001-06-19 2001-06-19 Method and system for secure credit card transactions

Publications (2)

Publication Number Publication Date
WO2002103642A2 true WO2002103642A2 (en) 2002-12-27
WO2002103642A3 true true WO2002103642A3 (en) 2003-03-13

Family

ID=21742654

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/019513 WO2002103642A3 (en) 2001-06-19 2001-06-19 Method and system for secure credit card transactions

Country Status (1)

Country Link
WO (1) WO2002103642A3 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999057835A1 (en) * 1998-05-05 1999-11-11 Chen Jay C A cryptographic system and method for electronic transactions
US6199052B1 (en) * 1998-03-06 2001-03-06 Deloitte & Touche Usa Llp Secure electronic transactions using a trusted intermediary with archive and verification request services
US6205437B1 (en) * 1993-12-16 2001-03-20 Open Market, Inc. Open network payment system for providing for real-time authorization of payment and purchase transactions

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6205437B1 (en) * 1993-12-16 2001-03-20 Open Market, Inc. Open network payment system for providing for real-time authorization of payment and purchase transactions
US6199052B1 (en) * 1998-03-06 2001-03-06 Deloitte & Touche Usa Llp Secure electronic transactions using a trusted intermediary with archive and verification request services
WO1999057835A1 (en) * 1998-05-05 1999-11-11 Chen Jay C A cryptographic system and method for electronic transactions

Also Published As

Publication number Publication date Type
WO2002103642A2 (en) 2002-12-27 application

Similar Documents

Publication Publication Date Title
US7103575B1 (en) Enabling use of smart cards by consumer devices for internet commerce
US6286099B1 (en) Determining point of interaction device security properties and ensuring secure transactions in an open networking environment
US6202933B1 (en) Transaction card and methods and apparatus therefor
US7024395B1 (en) Method and system for secure credit card transactions
US6125349A (en) Method and apparatus using digital credentials and other electronic certificates for electronic transactions
US7379919B2 (en) Method and system for conducting secure payments over a computer network
US7818264B2 (en) Track data encryption
US6539364B2 (en) Electronic cash implementing method and equipment using user signature and recording medium recorded thereon a program for the method
US8762263B2 (en) System and method for secured account numbers in proximity devices
Sumanjeet Emergence of payment systems in the age of electronic commerce: The state of art
US7761374B2 (en) Method and system for generating a dynamic verification value
US20040199474A1 (en) Transaction method with a mobile apparatus
US5585787A (en) Programmable credit card
US20040030901A1 (en) Linking public key of device to information during manufacture
US8001054B1 (en) System and method for generating an unpredictable number using a seeded algorithm
US20090319430A1 (en) Mobile phone including dynamic verification value
US20090030843A1 (en) Smart card load and purchase transactions using wireless telecommunications network
US20070276765A1 (en) Method and system for secured transactions
US4357529A (en) Multilevel security apparatus and method
US4328414A (en) Multilevel security apparatus and method
US20100223186A1 (en) Method and System for Conducting Secure Payments
US20030130955A1 (en) Secure transaction systems
US20080040285A1 (en) Method And System For Authorizing A Transaction Using A Dynamic Authorization Code
US20080208759A1 (en) Processing of financial transactions using debit networks
US20020023217A1 (en) Manufacturing unique devices that generate digital signatures

Legal Events

Date Code Title Description
AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

121 Ep: the epo has been informed by wipo that ep was designated in this application
AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP