WO2006056826A1 - A method and system for securely distributing a personal identification number and associating the number with a financial instrument - Google Patents
A method and system for securely distributing a personal identification number and associating the number with a financial instrument Download PDFInfo
- Publication number
- WO2006056826A1 WO2006056826A1 PCT/IB2005/002188 IB2005002188W WO2006056826A1 WO 2006056826 A1 WO2006056826 A1 WO 2006056826A1 IB 2005002188 W IB2005002188 W IB 2005002188W WO 2006056826 A1 WO2006056826 A1 WO 2006056826A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- financial instrument
- pin
- data
- communications network
- identification number
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
- G06Q20/3552—Downloading or loading of personalisation data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
- G06Q20/3558—Preliminary personalisation for transfer to user
Definitions
- This invention relates to a method of securely distributing a financial instrument and an associated personal identification number.
- the present invention attempts to improve the delivery of a financial instrument, typically a credit or debit card, to a customer of a financial institution.
- a financial instrument typically a credit or debit card
- the cards referred to are magnetic stripe cards or smart cards for conventional use at automatic teller machines (ATM) or point of sale devices. These cards have a personal identification number (PIN) associated with them which is used to authenticate the card at an ATM or point of sale.
- ATM automatic teller machines
- PIN personal identification number
- these kinds of cards are delivered to the customer together with a PIN mailer which is an A5 tamper resistant paper on which the PIN is securely printed.
- a typical requirement is that the customer needs to go into a branch of the financial institution to obtain the PIN and card. This is obviously time consuming for the customer and not very customer-friendly.
- the present invention seeks to implement an improved method.
- a financial instrument and an associated personal identification number comprising:
- PIN personal identification number
- the financial instrument is a debit or a credit card.
- the PIN data may also be transferred to the financial instrument producer.
- the application data and PIN data are preferably received via a secure communications network such as a secure socket layer (SSL) secured.
- SSL secure socket layer
- a method of issuing a personal identification number (PIN) to a financial instrument holder comprising: receiving, via a communications network, personal data and financial instrument data identifying a financial instrument and a holder of the financial instrument;
- PIN personal identification number
- a method of issuing a personal identification number (PIN) to a financial instrument holder comprising:
- PIN personal identification number
- the present invention extends to an electronic system for securely distributing a financial instrument and an associated personal identification number (PIN), the system including:
- a memory for storing: application data including personal information about an applicant for a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for a financial instrument; and
- processor disposed in communication with the memory, the processor being adapted to: receive application data and PIN data and store it in the memory; and transfer at least the application data to a financial instrument producer, which data is to be used to produce a financial instrument with which the PIN will be associated.
- the present invention further extends to an electronic system for issuing a personal identification number (PIN) to a financial instrument holder, the system including:
- a memory for storing: personal data including personal information about an applicant for a financial instrument; financial instrument data identifying a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; and a processor disposed in communication with the memory, the processor being adapted to: receive, via a communications network, personal data and financial instrument data; verify the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument; receive, via the same or a different communications network, personal identification number (PIN) data; store in the memory the PIN data; and associate the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN.
- PIN personal identification number
- the present invention further extends to an electronic system for issuing a personal identification number (PIN) to a financial instrument holder, the system including:
- a memory for storing: personal data including personal information about an applicant for a financial instrument; financial instrument data identifying a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; and
- PIN personal identification number
- a processor disposed in communication with the memory, the processor being adapted to: receive, via a communications network, personal data and financial instrument data; verify the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument; transmit, via the same or a different communications network, personal identification number (PIN) data; store in the memory the PIN data; and associate the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN.
- PIN personal identification number
- Figure 1 is a schematic system diagram of the system in which the present invention will operate
- Figure 2 is a flow chart illustration a method according to the present invention.
- Figure 3 is a flow chart illustration a method of a second embodiment according to the present invention.
- the present invention allows a customer of a financial institution to apply for a financial instrument such as a credit or debit card and to select their PIN or to be issued with a PIN without any branch/call centre interface.
- the present invention also allows a user to change the PIN number on their card without visiting their financial institution branch.
- a customer applying for a credit card uses an electronic device such as a computer 10 to access a processor typically in the form of a server 12 of the financial institution via a communications network 14.
- the communications network 14 is typically the Internet.
- the user inputs into the computer 10 application data including personal information about themselves to apply for the credit card.
- the personal information is received by the server 12.
- the user is prompted by the communications network 14 to enter a selected PIN.
- the PIN needs to be keyed in via a secure medium and the customer will typically be presented with a scrambled PIN pad to prevent spy ware key loggers from obtaining the PIN.
- the scrambled PIN pad allows the customer to select the PIN using the mouse rather than the keyboard rendering the spy ware key logging software ineffective.
- the application form session is preferably Secure Socket Layer (SSL) secured.
- SSL Secure Socket Layer
- the application data and the PIN data are stored in a memory in the form of a database 16 associated with the server 12 and in communication with the server 12.
- the PlN data may or may not be transferred with the application dated depending on whether or not the PIN data needs to be stored on the credit card or not.
- the credit card is produced it is securely mailed or delivered to the customer.
- the Pin does not need to mailed or delivered to the customer together with the credit card. This prevents the customer from having to go into the branch to collect the PIN for the card or prevents the financial institution from having to securely print the PIN on tamper evident paper and delivering this to the customer.
- the customer is able to apply for the credit card manually at a branch, for example.
- the custom is guided to the financial institution's website and is able to select an option "Online PIN issue".
- the session will also be SSL secured.
- the customer will firstly be presented with a screen requesting their personal information such as their identification number and data identifying the financial instrument which is typically the Card Verification Check (CVC2) value.
- CVC2 Card Verification Check
- the CVC2 value is obtained from the back of the credit card and is the last three digits of the number printed on the signature panel of all Master and Visa credit cards. This value is used to validate that the customer is in possession of the physical card and for validation of transactions in which the card is not present.
- the server 12 receives personal data and the financial instrument data containing the above information and the server verifies the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument. This is done by comparing the entered data with data stored in the database 16 or in another database.
- the PIN could be automatically generated by the server 12 and transmitted via the same or a different communications network back to the customer. Transmitting the PIN back to the customer via the internet 14 is typically known as in band communication while transmitting the PIN back to the customer via another communication channels such as via an SMS to the customer's cellular telephone is known as out of band communication. The transmission of the PIN to the customer can be done either in band or out of band.
- the customer is again presented with a scrambled PIN pad for purposes of selecting their own PIN and the entered PIN is transmitted to and then received by the server 12.
- the PIN is stored in the database 16 and associated with the financial instrument so that use of the financial instrument can be verified later with the input of the PIN.
- the storage of the PIN in the database is obviously a secure storage using dynamic keys and other security devices.
- the present invention allows a financial institution to securely issue a PIN to a customer who will use the PIN to validate the use of a financial instrument.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AP2007004002A AP2207A (en) | 2004-11-23 | 2005-07-26 | A method and system for securely distributing a personal identification number and associating the number with a financial intrument. |
EP05768956A EP1828999A1 (en) | 2004-11-23 | 2005-07-26 | A method and system for securely distributing a personal identification number and associating the number with a financial instrument |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
ZA2004/9428 | 2004-11-23 | ||
ZA200409428 | 2004-11-23 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006056826A1 true WO2006056826A1 (en) | 2006-06-01 |
Family
ID=34981947
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2005/002188 WO2006056826A1 (en) | 2004-11-23 | 2005-07-26 | A method and system for securely distributing a personal identification number and associating the number with a financial instrument |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1828999A1 (en) |
AP (1) | AP2207A (en) |
WO (1) | WO2006056826A1 (en) |
ZA (1) | ZA200601849B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2048632A1 (en) * | 2007-10-12 | 2009-04-15 | Compagnie Industrielle et Financiere d'Ingenierie "Ingenico" | Method of transmitting a confidential code, corresponding card reading terminal, management server and computer program products |
EP2187363A1 (en) | 2008-11-12 | 2010-05-19 | Oberthur Technologies Denmark A/S | Personal identification number distribution device and method |
WO2010059040A1 (en) * | 2008-11-24 | 2010-05-27 | Bell Identification B.V. | Method of and computer programme for changing an identification code of a transaction authorisation medium |
GR1006978B (en) * | 2009-10-02 | 2010-09-17 | Ιντεαλ Ηλεκτρονικη Αβεε, | Disclosure of a pin number through a combining sending and use of a card carrier and a text message (sms) |
CN103003832A (en) * | 2010-07-19 | 2013-03-27 | Eft资源公司 | System and method for instant issue of personalized financial transaction cards |
EP2704071A1 (en) * | 2012-08-31 | 2014-03-05 | Gemalto SA | System and method for secure customization of a personal token during a personalization step |
DE102015006751A1 (en) * | 2015-05-26 | 2016-12-01 | Giesecke & Devrient Gmbh | Method for providing a personal identification code of a security module |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5969318A (en) * | 1997-11-24 | 1999-10-19 | Mackenthun; Holger | Gateway apparatus for designing and issuing multiple application cards |
WO2001067402A2 (en) * | 2000-03-07 | 2001-09-13 | Infinia Ip Ltd | Issuing and distribution of tokens |
EP1321907A2 (en) * | 2001-12-19 | 2003-06-25 | Hitachi, Ltd. | Smart card managing system |
-
2005
- 2005-07-26 AP AP2007004002A patent/AP2207A/en active
- 2005-07-26 ZA ZA200601849A patent/ZA200601849B/en unknown
- 2005-07-26 WO PCT/IB2005/002188 patent/WO2006056826A1/en active Application Filing
- 2005-07-26 EP EP05768956A patent/EP1828999A1/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5969318A (en) * | 1997-11-24 | 1999-10-19 | Mackenthun; Holger | Gateway apparatus for designing and issuing multiple application cards |
WO2001067402A2 (en) * | 2000-03-07 | 2001-09-13 | Infinia Ip Ltd | Issuing and distribution of tokens |
EP1321907A2 (en) * | 2001-12-19 | 2003-06-25 | Hitachi, Ltd. | Smart card managing system |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2922395A1 (en) * | 2007-10-12 | 2009-04-17 | Ingenico Sa | METHOD OF TRANSMITTING A CONFIDENTIAL CODE, CARD READER TERMINAL, MANAGEMENT SERVER AND CORRESPONDING COMPUTER PROGRAM PRODUCTS |
EP2048632A1 (en) * | 2007-10-12 | 2009-04-15 | Compagnie Industrielle et Financiere d'Ingenierie "Ingenico" | Method of transmitting a confidential code, corresponding card reading terminal, management server and computer program products |
US20160300077A1 (en) * | 2008-11-12 | 2016-10-13 | Oberthur Technologies Denmark A/S | Personal identification number distribution device and method |
EP2187363A1 (en) | 2008-11-12 | 2010-05-19 | Oberthur Technologies Denmark A/S | Personal identification number distribution device and method |
EP2461297A1 (en) | 2008-11-12 | 2012-06-06 | Oberthur Technologies Denmark A/S | Personal identification number distribution device and method |
WO2010059040A1 (en) * | 2008-11-24 | 2010-05-27 | Bell Identification B.V. | Method of and computer programme for changing an identification code of a transaction authorisation medium |
NL1036231C2 (en) * | 2008-11-24 | 2010-05-28 | Bell Identification B V | METHOD AND COMPUTER PROGRAM FOR MODIFYING AN IDENTIFICATION CODE OF A TRANSACTION AUTHORIZATION MEDIUM. |
GR1006978B (en) * | 2009-10-02 | 2010-09-17 | Ιντεαλ Ηλεκτρονικη Αβεε, | Disclosure of a pin number through a combining sending and use of a card carrier and a text message (sms) |
US10275747B2 (en) | 2010-07-19 | 2019-04-30 | Cpi Card Group—Tennessee, Inc. | System and method for instant issue of personalized financial transaction cards |
EP2596466A4 (en) * | 2010-07-19 | 2014-10-29 | Eft Source Inc | System and method for instant issue of personalized financial transaction cards |
CN103003832B (en) * | 2010-07-19 | 2015-11-25 | Eft资源公司 | For the system and method immediately distributed of personalized financial transaction card |
EP2596466A2 (en) * | 2010-07-19 | 2013-05-29 | EFT Source Inc. | System and method for instant issue of personalized financial transaction cards |
CN103003832A (en) * | 2010-07-19 | 2013-03-27 | Eft资源公司 | System and method for instant issue of personalized financial transaction cards |
US10846666B2 (en) | 2010-07-19 | 2020-11-24 | Cpi Card Group—Tennessee, Inc. | System and method for instant issue of personalized financial transaction cards |
US11687894B2 (en) | 2010-07-19 | 2023-06-27 | Cpi Card Group—Tennessee, Inc. | System and method for instant issue of personalized financial transaction cards |
US12079788B2 (en) | 2010-07-19 | 2024-09-03 | Cpi Card Group—Tennessee, Inc. | System and method for instant issue of personalized financial transaction cards |
EP2704071A1 (en) * | 2012-08-31 | 2014-03-05 | Gemalto SA | System and method for secure customization of a personal token during a personalization step |
WO2014033269A1 (en) * | 2012-08-31 | 2014-03-06 | Gemalto Sa | System and method for secure customization of a personal token during a personalization step |
DE102015006751A1 (en) * | 2015-05-26 | 2016-12-01 | Giesecke & Devrient Gmbh | Method for providing a personal identification code of a security module |
US10873575B2 (en) | 2015-05-26 | 2020-12-22 | Giesecke+Devrient Mobile Security Gmbh | Method for providing a personal identification code of a security module |
Also Published As
Publication number | Publication date |
---|---|
AP2207A (en) | 2011-02-21 |
EP1828999A1 (en) | 2007-09-05 |
AP2007004002A0 (en) | 2007-06-30 |
ZA200601849B (en) | 2007-11-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107230079B (en) | Method and system for off-line payment by using digital currency chip card | |
AU658233B2 (en) | Electronic-monetary system | |
CN107230070B (en) | Digital currency system | |
CN107230050B (en) | Method and system for paying digital currency based on visible digital currency chip card | |
CN107230068B (en) | Method and system for paying digital currency using a visual digital currency chip card | |
CN107230049B (en) | Method and system for providing digital currency | |
US8275714B2 (en) | Method for performing a digital cash transaction | |
CN107230053B (en) | Method and system for exchanging digital currency by cash | |
US8336763B2 (en) | System and method for processing transactions | |
CN113924588A (en) | Device and payment system for sending electronic money data records directly to another device | |
CN107240010B (en) | Method and system for transferring digital currency to digital currency chip card | |
US20190325434A1 (en) | System and Method for Determining a Secured Resource Account Number | |
EP1828999A1 (en) | A method and system for securely distributing a personal identification number and associating the number with a financial instrument | |
US6954740B2 (en) | Action verification system using central verification authority | |
CN107230052B (en) | Method and system for paying digital currency using digital currency chip card | |
US20130173476A1 (en) | Computer system and method for initiating payments based on cheques | |
CN107230078B (en) | Method and system for paying digital currency using a visual digital currency chip card | |
CN107230072B (en) | Method and system for online payment using digital currency chip card | |
CN107230074B (en) | Method and system for depositing digital currency into digital currency chip card | |
CN107230299B (en) | Bank storage method and system for digital currency | |
CN107230067B (en) | Conversion and payment method based on digital currency chip card and digital currency system | |
CN107230073B (en) | Method and system for paying digital currency between visible digital currency chip cards | |
CN107230300B (en) | Method and system for exchanging physical cash by using digital currency chip card | |
US20060186191A1 (en) | Methods and apparatus for providing a security value for a payment device | |
WO2007029123A2 (en) | System and method for processing transactions |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 2006/01849 Country of ref document: ZA Ref document number: 200601849 Country of ref document: ZA |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2005768956 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: AP/P/2007/004002 Country of ref document: AP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWP | Wipo information: published in national office |
Ref document number: 2005768956 Country of ref document: EP |