WO2003015043A1 - Systeme de securite de carte de credit - Google Patents

Systeme de securite de carte de credit Download PDF

Info

Publication number
WO2003015043A1
WO2003015043A1 PCT/GB2002/003485 GB0203485W WO03015043A1 WO 2003015043 A1 WO2003015043 A1 WO 2003015043A1 GB 0203485 W GB0203485 W GB 0203485W WO 03015043 A1 WO03015043 A1 WO 03015043A1
Authority
WO
WIPO (PCT)
Prior art keywords
credit card
account
server
data
mobile phone
Prior art date
Application number
PCT/GB2002/003485
Other languages
English (en)
Inventor
Izidore Codron
Original Assignee
Haltfern Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GB0119040A external-priority patent/GB2378294A/en
Application filed by Haltfern Limited filed Critical Haltfern Limited
Publication of WO2003015043A1 publication Critical patent/WO2003015043A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/24Credit schemes, i.e. "pay after"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/325Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
    • G06Q20/3255Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks using mobile network messaging services for payment, e.g. SMS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/407Cancellation of a transaction

Definitions

  • the present invention is concerned with a credit card security system which is able to reduce the fraudulent use of a card.
  • the problem of fraudulent use of a credit card will be familiar to most and is becoming more serious as credit card and like transactions become more commonplace.
  • a frequent problem results from a credit card or card data being stolen and used fraudulently for hours or even days, while the card holder is unaware of the abuse and so unable to alert the card issuer.
  • the present invention seeks to take advantage of the existing system of processing credit card transactions and so improve credit card security at minimal cost Accordingly the present invention provides a credit card security system having: a credit card bearing data corresponding to a card holder account a security server arranged to receive said card holder account data when a credit card account transaction is initiated and responsive to receipt of said data to transmit a message immediately to at least one of a mobile phone account in the name of said card holder or an email account in the name of said cardholder.
  • a method of improved credit card security comprising the steps of: initiating a transaction by communicating data corresponding to a card holder account to a vendor, said vendor communicating said card holder account data to a security server, said security server responding to said credit card holder account data by addressing at least one of mobile phone account data or email account data previously provided by the credit card holder, and sending at least one of an SMS message or email to said mobile phone or email account.
  • the credit card user may be unaware of the abuse of his card until he receives the monthly card balance probably days or weeks later, even then the abuse may not be instantly obvious.
  • the present invention gives a clear and immediate warning if the credit card account is being used fraudulently and this will give the legitimate card holder a very early opportunity to alert the credit card provider to the fraudulent use so that steps can be taken to prevent further abuse.
  • the mobile phone account data and/or email account data may be presented on the card in which case it is preferable that the data is encrypted and in machine readable form, such as the conventional magnetic strip or electronic memory. However, it is preferred that the credit card provider pre-loads the mobile phone and/or email account data onto the security server.
  • the credit checking server or a server in close communication with the credit checking server may conveniently serve as the credit checking server.
  • the mobile phone data and email account data is not available to a thief and the mobile phone and email data can be readily managed by the credit card provider in cooperation with the credit checking service provider.
  • the security server has means to receive said card holder account data when a credit card account transaction is initiated, memory means which holds card holder account data, and memory means holding at least one of mobile phone account data or email account data.
  • the security server is responsive to receipt of said card holder account data to recover at least one of the mobile phone account data or email account data corresponding to said card holder account data received from memory and has transmission means to transmit a message immediately to at least one of the mobile phone account or email account corresponding to said card holder. It is preferred that the message is a text message.
  • the security system and method may be further enhanced by enabling the card holder's mobile phone to respond to the message with a default stop or proceed message to stop or expedite the transaction.
  • a stop message might then be retransmitted from the security server to the vendor so that if the transaction is fraudulent the transaction can be stopped by the vendor.
  • the mobile phone would be adapted to present the message in a way which allows the credit card holder to respond to the message from a soft key, selecting proceed or stop, alternatively one or two of the phone keys may be used to transmit a default, proceed or stop message to the security server.
  • the security system may be set to allow a transaction to proceed if no response is received from the mobile phone within a predetermined period, for example, ninety seconds. This will allow transactions to proceed where the mobile phone is out of service for any reason.
  • Figure 1 is a first embodiment of the system
  • Figure 2 is a second embodiment of the invention.
  • Figure 1 shows a credit card transaction being implemented using the security system.
  • data indicative of the credit card account is input to a vendor's transaction computer/server 2.
  • the data input may be via a card reader, by manual input, direct input via internet access or by any other conventional means.
  • This data is processed in the usual way and communicated via normal telecommunication 3 to security server provided in this example by a card credit checking server 4 in two way communication with the vendors server 2.
  • the card credit checking server 4 includes a register of email addresses and cellular mobile phone numbers which correspond to each credit card account. Upon receipt of the credit card account data the card credit checking server addresses the corresponding mobile phone account number and/or email address and forwards a predetermined message to an internet server 5 and/or a cellular network server 6 and hence to the credit card holder's mobile phone 7 or computer 8.
  • the message will preferably be a text message and may in addition to an indication that a transaction has been implemented include further information data such as the location, time and value of the transaction. Particularly if this further information is delivered to a PC or other handheld type device this will allow credit card holders to maintain nearly instant monitoring of their credit card account balance in addition to enhancing the security of the account.
  • credit card may also include debit cards and other forms of payment card, including; smart cards, stored value cards and any other microprocessor payment system embedded in hand held devices like mobile phones or personal digital assistants (PDA's).
  • PDA's personal digital assistants
  • These chip cards will have a processor, ROM and RAM, an operating system and even co-processor power for handling Crypto Algorithms in real time allowing the card or handheld device to trust or distrust a terminal on or off-line.
  • Such a terminal will have the ability to intelligently interrogate a payment card or hand held device micro-processor payment system and locally satisfy itself that the card is trustworthy.
  • card like devices are used in smart security systems as a key to provide access to restricted areas, in such instances the unauthorised use of an authorised key would be alerted to the authorised user.
  • FIG. 2 diagrammatically illustrates a second embodiment of the invention.
  • the components of the system common to the first embodiment are similarly numbered and only the differences between the two embodiments will be described.
  • the security server 6 When the security server 6 generates a message to the mobile phone 7a the message includes code to generate one of two response messages from the phone.
  • a message such as that illustrated on the phone display is received it includes that the message is a "credit card transaction alert" here abbreviated to "CC TRNS ALT" the date and time and the location "@XXXXXX" there is additionally a question "PROCEED?" 9.
  • the message establishes a softkey 9 option "YES" to respond with a proceed message and option "NO" to respond with a stop message.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

La présente invention concerne un système de sécurité de carte de crédit dans lequel un serveur de sécurité (4) est conçu pour répondre au lancement d'une transaction (1) par transmission instantanée d'un message textuel SMS au téléphone mobile cellulaire (7) du détenteur de la carte de crédit.
PCT/GB2002/003485 2001-08-03 2002-07-29 Systeme de securite de carte de credit WO2003015043A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
GB0119040A GB2378294A (en) 2001-08-03 2001-08-03 Credit card security system
GB0119040.4 2001-08-03
GB0104072 2001-09-11
GBPCT/GB01/04072 2001-09-11

Publications (1)

Publication Number Publication Date
WO2003015043A1 true WO2003015043A1 (fr) 2003-02-20

Family

ID=26245732

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2002/003485 WO2003015043A1 (fr) 2001-08-03 2002-07-29 Systeme de securite de carte de credit

Country Status (1)

Country Link
WO (1) WO2003015043A1 (fr)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004111892A1 (fr) * 2003-06-19 2004-12-23 Markets-Alert Pty Ltd. Systeme de controle
WO2006018709A1 (fr) * 2004-08-20 2006-02-23 Gary John Kamp Ameliorations apportees a la securite des paiements effectues par carte bancaire
EP1665154A1 (fr) * 2003-08-18 2006-06-07 Prime King Investments LTD Systeme et procede de paiement
WO2007092366A2 (fr) * 2006-02-02 2007-08-16 Lucent Technologies Inc. Services d'authentification et de vérification pour fournisseurs indépendants utilisant des dispositifs mobiles
WO2008050132A2 (fr) * 2006-10-25 2008-05-02 Payfont Limited Système d'authentification et de paiement sécurisé
WO2010010062A2 (fr) * 2008-07-21 2010-01-28 Andreas Traint Système de paiement anonyme inviolable
US8423466B2 (en) 2006-10-25 2013-04-16 Payfont Limited Secure authentication and payment system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0793206A2 (fr) * 1996-02-29 1997-09-03 Hitachi, Ltd. Lecteur/enregistreur de cartes à circuit intégré et sa méthode d'opération
EP1065634A1 (fr) * 1999-07-02 2001-01-03 Mic Systems Système et méthode pour effectuer des transactions électroniques sécurisées à travers un réseau de communication ouvert
WO2001001300A1 (fr) * 1999-06-28 2001-01-04 Industry Wide Networks Pty Ltd Systeme de commerce electronique par l'internet
FR2801995A1 (fr) * 1999-12-07 2001-06-08 Bruno Duval Procede et systeme de gestion d'une transaction securisee a travers un reseau de communication
WO2001052205A1 (fr) * 2000-01-12 2001-07-19 Seaglade Developments Limited Procede et dispositif de traitement
WO2001055984A1 (fr) * 2000-01-28 2001-08-02 Fundamo (Proprietary) Limited Systeme electronique souple utile pour realiser des transactions commerciales

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0793206A2 (fr) * 1996-02-29 1997-09-03 Hitachi, Ltd. Lecteur/enregistreur de cartes à circuit intégré et sa méthode d'opération
WO2001001300A1 (fr) * 1999-06-28 2001-01-04 Industry Wide Networks Pty Ltd Systeme de commerce electronique par l'internet
EP1065634A1 (fr) * 1999-07-02 2001-01-03 Mic Systems Système et méthode pour effectuer des transactions électroniques sécurisées à travers un réseau de communication ouvert
FR2801995A1 (fr) * 1999-12-07 2001-06-08 Bruno Duval Procede et systeme de gestion d'une transaction securisee a travers un reseau de communication
WO2001052205A1 (fr) * 2000-01-12 2001-07-19 Seaglade Developments Limited Procede et dispositif de traitement
WO2001055984A1 (fr) * 2000-01-28 2001-08-02 Fundamo (Proprietary) Limited Systeme electronique souple utile pour realiser des transactions commerciales

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2004248209B2 (en) * 2003-06-19 2007-02-08 Markets-Alert Pty Ltd A monitoring system
WO2004111892A1 (fr) * 2003-06-19 2004-12-23 Markets-Alert Pty Ltd. Systeme de controle
EP1665154A4 (fr) * 2003-08-18 2012-05-02 Marketing Intellectual Properties Pte Ltd U Systeme et procede de paiement
EP1665154A1 (fr) * 2003-08-18 2006-06-07 Prime King Investments LTD Systeme et procede de paiement
WO2006018709A1 (fr) * 2004-08-20 2006-02-23 Gary John Kamp Ameliorations apportees a la securite des paiements effectues par carte bancaire
US8934865B2 (en) 2006-02-02 2015-01-13 Alcatel Lucent Authentication and verification services for third party vendors using mobile devices
WO2007092366A3 (fr) * 2006-02-02 2007-10-04 Lucent Technologies Inc Services d'authentification et de vérification pour fournisseurs indépendants utilisant des dispositifs mobiles
WO2007092366A2 (fr) * 2006-02-02 2007-08-16 Lucent Technologies Inc. Services d'authentification et de vérification pour fournisseurs indépendants utilisant des dispositifs mobiles
US9256869B2 (en) 2006-02-02 2016-02-09 Alcatel Lucent Authentication and verification services for third party vendors using mobile devices
US11087317B2 (en) 2006-02-02 2021-08-10 Alcatel Lucent Authentication and verification services for third party vendors using mobile devices
WO2008050132A2 (fr) * 2006-10-25 2008-05-02 Payfont Limited Système d'authentification et de paiement sécurisé
WO2008050132A3 (fr) * 2006-10-25 2008-06-26 Payfont Ltd Système d'authentification et de paiement sécurisé
US8423466B2 (en) 2006-10-25 2013-04-16 Payfont Limited Secure authentication and payment system
US9530129B2 (en) 2006-10-25 2016-12-27 Payfont Limited Secure authentication and payment system
WO2010010062A2 (fr) * 2008-07-21 2010-01-28 Andreas Traint Système de paiement anonyme inviolable
WO2010010062A3 (fr) * 2008-07-21 2010-03-18 Andreas Traint Système de paiement anonyme inviolable

Similar Documents

Publication Publication Date Title
US10121134B2 (en) Payment terminal messaging
US6829711B1 (en) Personal website for electronic commerce on a smart java card with multiple security check points
RU2645593C2 (ru) Верификация портативных потребительских устройств
EP0981804B1 (fr) Transaction electronique et carte a puce pour une transaction electronique
US7231372B1 (en) Method and system for paying for goods or services
US20030191945A1 (en) System and method for secure credit and debit card transactions
US20040177046A1 (en) Credit card protection system
US20060253389A1 (en) Method and system for securing card payment transactions using a mobile communication device
WO2003083793A2 (fr) Systeme et procede permettant de realiser des transactions securisees de cartes de credit et de debit
CN101048794A (zh) 使用动态授权码授权交易的方法和系统
WO2002082393A2 (fr) Systemes et procedes d'approbation de transactions de comptes de credit/debit au moyen d'un appareil sans fil
US20090094458A1 (en) Process and system for confirming transactions by means of mobile units
GB2328310A (en) Electronic transaction authorisation system
US20210406909A1 (en) Authorizing transactions using negative pin messages
EP2787474A2 (fr) Système de code de sécurité allouée dynamiquement pour les cartes à puce, de crédit et de débit
JP2004310257A (ja) 非接触ic搭載携帯情報端末、取引情報転送方法、およびプログラム
WO2003015043A1 (fr) Systeme de securite de carte de credit
EP1705605A1 (fr) Dispositif de stockage d'informations personnelles et terminal mobile
EP1147497A2 (fr) Systeme de transaction electronique universel et procede d'utilisation de ce systeme
GB2378294A (en) Credit card security system
AU2004312730B2 (en) Transaction processing system and method
WO2000042794A1 (fr) Appareil et procede de commande d'autorisation
US20050010813A1 (en) Security in data communication networks
KR100574044B1 (ko) 결제 단말장치 및 현금 거래 처리 방법
US20150339657A1 (en) Anti-fraud computer implemented method for financial card transaction

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BY BZ CA CH CN CO CR CU CZ DE DM DZ EC EE ES FI GB GD GE GH HR HU ID IL IN IS JP KE KG KP KR LC LK LR LS LT LU LV MA MD MG MN MW MX MZ NO NZ OM PH PL PT RU SD SE SG SI SK SL TJ TM TN TR TZ UA UG US UZ VN YU ZA ZM

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ UG ZM ZW AM AZ BY KG KZ RU TJ TM AT BE BG CH CY CZ DK EE ES FI FR GB GR IE IT LU MC PT SE SK TR BF BJ CF CG CI GA GN GQ GW ML MR NE SN TD TG

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP