WO2006128215A1 - Procede et systeme d'autorisation de transactions securisees - Google Patents

Procede et systeme d'autorisation de transactions securisees Download PDF

Info

Publication number
WO2006128215A1
WO2006128215A1 PCT/AU2006/000701 AU2006000701W WO2006128215A1 WO 2006128215 A1 WO2006128215 A1 WO 2006128215A1 AU 2006000701 W AU2006000701 W AU 2006000701W WO 2006128215 A1 WO2006128215 A1 WO 2006128215A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
key
data
sedd
ptm
Prior art date
Application number
PCT/AU2006/000701
Other languages
English (en)
Inventor
Chris Baharis
Ross Oakley
Original Assignee
Salt Group Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2005902808A external-priority patent/AU2005902808A0/en
Application filed by Salt Group Pty Ltd filed Critical Salt Group Pty Ltd
Publication of WO2006128215A1 publication Critical patent/WO2006128215A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to a method and system for secure authorisation of transactions.
  • the invention also extends to a technique for providing a security application to a user of the secure authorisation system.
  • an alternative authorisation technique which has general application to authorisation of transactions but is particularly suited to authorisation of debit payments on the Internet, or other remote channel, so that debit payments can proceed in real time.
  • a system for secure authorisation of transactions comprising: a secure encryption/decryption device (SEDD) for processing a PIN transport message (PTM) received from a user mobile terminal, the PTM including a user entered personal identification number (PIN) and payment data both encrypted with a user public key the SEDD processing the PTM.
  • SEDD secure encryption/decryption device
  • PTM to decrypt the PTM with the user's private key and re- encrypt with a merchant key as at least part of forming a payment request message (PRM) .
  • PRM payment request message
  • a PRM can be generated to be sent to an existing payment network (EPN) (e.g. a bank) either directly or via the merchant system.
  • EPN existing payment network
  • the SEDD also processes user data to incorporate user data that identifies the user into the PRM.
  • the system comprises a transaction processor for receiving the PTM from the user mobile terminal, sending the PTM to the SEDD and subsequently forwarding the PRM.
  • the transaction processor provides the user data to the SEDD.
  • the user data may include an account number or a debit card number.
  • the SEDD stores a secure encryption key and the system further comprises a data store in data communication with the transaction processor, the user's private key being stored in the data store encrypted by the secure encryption key, and the transaction processor sends the user's encrypted private key to the SEDD with the PTM whereafter the user's private key can be decrypted by the SEDD before being used to decrypt the PTM.
  • the user's private key is not exposed outside the SEDD.
  • the SEDD is configured such that there is no externally accessible function to decrypt data with the user's private key. This prevents a 'rogue' transaction processor requesting the SEDD to provide the PIN in the clear.
  • the SEDD is configured so that there is no externally accessible function to encrypt data with the user's public key as would typically be available in such a system. This prevents a 'rogue' transaction processor completing a brute force attack on the PTM (i.e. try all combination of PINs and data until a match with the PTM is found) .
  • the merchant key is stored in the data store encrypted by the secure key and the transaction processor sends the merchant key to the SEDD with the PTM and the SEDD decrypts the merchant key with the secure key to obtain the merchant key.
  • the merchant key is kept encrypted outside the SEDD.
  • the transaction processor is configured to receive transaction data from a merchant system, the transaction data including user data that identifies the user, merchant data that identifies the merchant and payment data related to a transaction between the user and the merchant, the transaction processor being configured to send payment data to the SEDD together with the encrypted user private key retrieved from the data store on the basis of the user data, the SEDD decrypting the user's private key and encrypting the payment data with the user's private key whereafter the payment data can be sent to a user's mobile terminal as a PIN request message (PRS) .
  • PRS PIN request message
  • the user data is used to retrieve other data relating to the user, for example a mobile terminal number or Track-2 data, that is required by the system to carry out various functions.
  • the payment data may vary at different times and may include differing amounts of data, however at all times the payment data includes at least the payment amount.
  • the payment data can be decrypted from the PRS and displayed to the user.
  • the user mobile terminal is configured to automatically decrypt and display the payment data in response to receipt of the PRS .
  • the user mobile terminal is configured to prompt the user to enter a PIN to approve the transaction following display of the payment data.
  • the user mobile terminal is configured to generate the PTM in response to the user entering a user entered PIN.
  • the user entered PIN may not be the user's actual PIN in which case the PRM will be invalid and payment will be refused by the payment network.
  • the PIN is not stored outside the existing payment network.
  • the SEDD includes a key generation mechanism for generating user private and public keys.
  • the transaction processor comprises a computer or computers running a program that causes the transaction processor to carry out the above functions .
  • the user mobile terminal runs an authorisation program to be configured as described above.
  • the authorisation program may employ J2ME whereby the program can be executed automatically in response to receipt of the PRS.
  • private and public keys are in some ways contrary to the convention where the private key is held by the user.
  • public key operations are generally faster than private key operations of asymmetric key pairs and further that the techniques employed above result in the private key being safer when stored in the data store.
  • the system comprises a provisioning mechanism for providing the user public key and the authorisation program to the user mobile terminal.
  • the authorisation program is individualised for the user by embedding at least the user public key in the code before being provided to the user.
  • the authorisation program requires entry of an activation code and the activation code is provided to the user independently of the authorisation program, for example by display in a web browser during activation.
  • the invention also extends to a method for secure authorisation of transactions comprising: providing a secure encryption/decryption device (SEDD) ; receiving a PIN transport message (PTM) from a user mobile terminal, the PTM including a user entered PIN and payment data both encrypted with a user public key; processing at least an encrypted portion of the PTM within the SEDD to decrypt it with the user's private key and re-encrypt it with a merchant key as at least part of forming a payment request message (PRM) for the merchant system that can be passed to an existing payment network.
  • SEDD secure encryption/decryption device
  • PTM PIN transport message
  • PRM payment request message
  • the user's private key and merchant key are stored outside the SEDD encrypted with a secure key stored within the SEDD.
  • the secure key is also generated within the SEDD.
  • the user's private key and merchant key are each provided to the SEDD with the PTM and encrypted within the SEDD to enable processing of the PTM.
  • the method comprises receiving transaction data from a merchant system including user data, payment data and merchant data and encrypting at least the payment data within the SEDD as at least part of forming a PIN request message (PRS) to be sent to a mobile terminal.
  • a merchant system including user data, payment data and merchant data
  • PRS PIN request message
  • the method comprises decrypting the PRS at the mobile terminal with the user public key, and presenting payment data to the user for approval .
  • the user enters a PIN and the payment data and user entered PIN are encrypted with the user public key and sent as the PTM for processing by the SEDD.
  • the invention extends to a method of providing a security application to a user of a secure authorisation system, comprising: providing base code for carrying out at least one secure authorisation function; providing a public/private key pair; compiling the base code with at least the public key to form a user specific security application in which at least the public key is embedded; and providing the user specific security application to a mobile terminal of the user.
  • the base code is also compiled with at least one of a serial number and one of an issuer number.
  • the method further comprises generating a provisioning key, encrypting it with an activation code and the encrypted provisioning key is embedded in the user specific security application in the compiling step.
  • the method comprises encrypting the user public key under the provisioning key.
  • the method comprises activating the user specific application by providing the activation code to a user via a different channel by which the user specific security application was provided, the user entering the activation code, the security application decrypting the provisioning key on the basis of the activation code, decrypting the user public key with the provisioning key and generating a confirmation code in response to entry of the activation code using the provisioning key.
  • the user then provides the confirmation code to a validation means which activates the user if the confirmation code is correct .
  • Figure 1 shows a system for secure authorisation of transactions of a preferred embodiment .
  • the preferred embodiment provides a system for secure authorisation of transactions.
  • the system is particularly suited to be fitted within existing payment networks, for example electronic funds transfer systems such as the Australian system "EFTPOS" (Electronic Funds Transfer Point Of Sale) .
  • EFTPOS Electronic Funds Transfer Point Of Sale
  • a secure electronic funds transfer system typically known as a PIN PAD
  • PIN PAD a secure cryptographic device
  • details of the transaction are displayed within the secure cryptographic device such that the card holder can reasonably be assumed to have viewed the transaction and approved it if they enter their PIN and the PINs are encrypted by the PIN PAD and transferred in an encrypted form to the issuing bank for verification.
  • PIN PAD secure cryptographic device
  • Such a system addresses a number of security threats including: the threat that a merchant/third party will access the secret cryptographic key material held within the PIN pad and used to encrypt customer PINs for relay to a bank verification.
  • This system requires a user to be have access to the secure cryptographic device when the transaction is confirmed - this usually requires the user to be present when the transaction is carried out, and accordingly it is not suited to transactions initiated online or via interactive telephone systems.
  • the preferred embodiment attempts to provide a system having an equivalent level of security that allows a user to authorise transactions when they are not present without having to provide the user with any customised hardware or interfering with the existing transaction flow from the customer or merchant perspective.
  • this is achieved by having a transaction authorised by a user entering their PIN into a mobile terminal e.g. a mobile phone or (cellphone) .
  • a mobile terminal e.g. a mobile phone or (cellphone) .
  • the user is provided with an individualised security application that is executed on their mobile terminal.
  • a virtual PIN PAD service handles a number of encryption/decryption processes using a secure encryption device in the form of a hardware security module in order to keep those transactions secure. This technique will be described in further detail in relation to Figure 1.
  • the central component of the system is the virtual PIN PAD service (VPS) 100.
  • the virtual PIN PAD service 100 comprises means for processing a transaction in the form of virtual PIN PAD software (VPSW) 101 and data communication with a hardware security module (HSM) 108.
  • the hardware security module 108 is a secure encryption/decryption device.
  • Such devices have a number of characteristic features that are known to persons skilled in the art and are provided in hardware as a board or a box. Such devices include internal storage for storing a limited number of keys; cryptographic processors for creating both a local master key (LMK) and, in the preferred embodiment user private and public key pairs.
  • LLMK local master key
  • the user private and public key pairs and all other keys generated by the cryptographic processor that are to be exported from the HSM 108 are typically exported encrypted under the LMK 109 so they are not available in the clear.
  • the device 108 is designed so that if anyone tries to tamper with it the keys are deleted automatically.
  • the HSM 108 is configured with additional functions not found in existing HSMs such that: there is no externally accessible function to decrypt data with the user's private key. This prevents a ⁇ rogue' transaction processor requesting the SEDD to provide the PIN in the clear; and there is no externally accessible function to encrypt data with the user's public key as would typically be available in such a system. This prevents a *rogue' transaction processor completing a brute force attack on the PTM (i.e. try all combination of PINs and data until a match with the PTM is found) .
  • the apparatus has a data store having a number of logically different storage areas 103,104.
  • a message gateway 107 enables the virtual PIN PAD service 100 to communicate over the air (OTA) 150 with a mobile terminal 140.
  • the provisioning web server 106 communicates over the Internet with a user's web browser 110 as well as with a mobile terminal 140 via an Internet to over the air gateway and hence via WAP protocol over the air 150 to the mobile terminal 140.
  • the virtual PIN PAD service also communicates via the Internet 130 with the merchant system 120. In the illustrated embodiment, the user initiates transactions with a merchant system 120 via Internet 130.
  • the merchant system includes a virtual PIN PAD service API that makes calls to the virtual PIN PAD service in response to the transaction being initiated.
  • the virtual PIN PAD service then takes the necessary steps to authorise the transaction. If the transaction is authorised by the user entering a PIN into their handset 140 a payment request message that conforms to the existing payment network 160 is returned to the merchant system so that it can be forwarded to the existing payment network for approval and settlement. If the transaction is approved by the existing payment network (i.e. funds are available in the user's account) a payment network response message is returned to the merchant system and the merchant system can advise the user of web browser 110 that the transaction has been completed satisfactorily. In this way, the transaction can be completed within real time and within the normal transaction flow of the web browser. Further details of the system will become apparent from the description below.
  • the virtual PIN PAD service 100 is initiated by a number of functions.
  • a local master key 109 is generated securely in the hardware security module 108.
  • a range of serial numbers are then allocated for an issuer (e.g. a bank) in order to produce a batch of individualised security applications.
  • these security applications are known as application load units (ALU) .
  • ALU application load units
  • tens of thousands of application load units will be produced in a single batch run. In this way, the application load units can be produced at a time when the hardware security module 108 is not being used for other functions and most typically, before the system is processing transactions.
  • ALU application load units
  • asymmetric key pairs one public key and one private key
  • the generated key pair is stored in the ALU list 104c part of the data store and indexed by the issuer number and a serial number.
  • the private keys are always encrypted by the LMK when outside the HSM.
  • a provisioning key and an activation code are generated. These are also both exported and encrypted under the LMK and stored in the ALU list 104c until needed.
  • the provisioning key and activation code are also indexed by the issuer number and serial number. Further, the provisioning key is exported encrypted under the activation code for embedding in the ALU.
  • An ALU is then generated for each serial number and the provisioning key (which is encrypted under the activation code) and the public key (which is encrypted under the provisioning key) are embedded in this ALU by compiling base code of an application with the encrypted provisioning key and public key.
  • the base code is code designed to carry out the functions required to be performed by the application once it is running on a mobile terminal.
  • the base code is code designed to carry out the functions required to be performed by the application once it is running on a mobile terminal.
  • This data is stored encrypted under a data encryption key the encrypted data encryption key is stored with the data (i.e. encrypted under the LMK) and is indexed by a VPS Number that is allocated to the user.
  • the VPS Number will typically comprise the user's mobile phone number plus a supplementary code generated by the issuer.
  • Data is also acquired for each merchant. This includes data from their issuer (e.g. a bank) including one or more PIN PAD keys.
  • the number of PIN PAD keys provided will depend on the expected transaction load for the merchant - i.e. how many online transactions are likely to be completed at any one time. These keys are imported in accordance with processes compatible with existing PIN PAD initialisation methods.
  • this data is stored encrypted under a data encryption key, this time in the merchant list 104a portion of the data store and is indexed by the merchant number and the PIN PAD key number.
  • the PIN PAD keys are always encrypted by the LMK when outside of the HSM 108 environment and not available in the clear.
  • the user typically registers for the service with their issuer. Registration includes providing their issuer with a mobile phone number.
  • the issuer then allocates an account number known as a VPS Number to the user and one of the ALUs created for that issuer. These details are then provided to the VPS 100 and added to the user list 104b.
  • the user In order to be provisioned with an ALU and enabled on the system, the user initially uses an Internet connected web browser 110 to navigate to the provisioning web server 106. An appropriate screen is provided in order to allow the user to enter their VPS Number.
  • the ALU allocated for the VPS Number is selected from the ALU storage 105 and moved to the provisioning web server 105. At this point, the ALU issuer number and a serial number are recorded against the user in the user list 104b.
  • a web link to the ALU is sent to the user's mobile terminal via a provisioning message 171 which is typically a WAP push SMS message.
  • the activation code from the ALU is retrieved from the ALU database, sent by the virtual PIN PAD software 101 to the HSM 108 and decrypted before being sent to the browser 110 for display by the provisioning web server 106.
  • the user downloads the application load unit onto their mobile terminal 140 where it is stored as indicated by item 141.
  • the ALU 141 After the ALU 141 is downloaded, the ALU 141 is launched and the user is prompted to enter the activation code.
  • the user reads the activation code from their web browser 110.
  • the ALU 141 uses the activation code to decrypt the provisioning key, the provisioning key to decrypt the public key and cryptographically generates a confirmation code in response to entry of the activation code using the provisioning key.
  • the user then is requested to enter the confirmation code into the web browser.
  • the confirmation code is passed to the virtual PIN PAD software and validated (assuming it is correct) by the virtual PIN PAD software 101 which sets the user's status in the user list 104b to enabled.
  • the provisioning key is not used subsequently.
  • the user uses a browser 100 to navigate to a merchant website over the Internet 130. It is assumed that the merchant system 120 offers the transaction authentication method of the present invention.
  • the merchant system runs a virtual PIN PAD service API 121 that makes requests to the virtual PIN PAD software 101 of the VPS 100 as required. Having selected the product or service they wish to purchase from the merchant, the user chooses their account type, for example, cheque or savings and enters their VPS Number. The merchant system sends this information along with the amount, payment summary and a merchant number to the VPS 100. The VPS looks up the user's private key via the user list and the ALUL 104c.
  • the user list 104b contains the allocated ALU issuer and serial number which is then used to look up the ALU details (e.g. private and public keys in the ALUL 104c) .
  • the VPS 100 then encrypts a PIN request before sending it as a PIN request message (PRS) 172 to the user's mobile terminal 140.
  • PRS PIN request message
  • other security enhancing data may also be included in the data that is encrypted. Receipt of the PRS launches the ALU 141 as the messages employ J2ME push technology which can automatically launch an application on the mobile phone 140.
  • An exemplary personal mobile terminal 140 that will allow the system to operate is a mobile phone that supports a mobile information device profile (MIDP-2.0) as specified in the Java community process standard JSR118, connected limited device configuration (CLDC-I.0) as specified in Java community process standard JSR30 and wireless messaging API (WMA 1.1), as specified in Java community process standards JSR 120.
  • An exemplary phone that complies with these standards is a Nokia 6230.
  • the application is written in J2ME-JSR68 and the PRS can be a GSM SMS message as described by the ETSI organisation in GSM 03.40 and GSM 03.38.
  • the SMS message is encoded in Protocol Description Unit (PDU) mode, in which a destination port number can be assigned in addition to the destination mobile phone number so that the application can be registered on a specific port number.
  • PDU Protocol Description Unit
  • the program decrypts the PRS 172 with the user's public key which is stored in part of the program and displays a payment summary including at least the amount of the payment to the user.
  • a PIN transport message (PTM) 173 including the encrypted PIN and payment summary is sent to the VPS 100.
  • the VPS 100 now needs to translate the PIN from the user private key to the merchant key and to generate a payment request message (PRM) .
  • PRM payment request message
  • the encrypted user data is retrieved from user list 104b.
  • the encrypted merchant key is retrieved from the merchant list 104a and the encrypted user private key is retrieved from the ALU list 104c.
  • These two keys along with the relevant portions of the PIN transport message, the encrypted user data and the encrypted key used to encrypt the user data are sent to the HSM 108 which decrypts the keys that are encrypted with the LMK 109.
  • the HSM 108 uses these keys to process the encrypted portions of the PTM the encrypted user data including the account number or debit card number and card Track-2 data if this is required.
  • the HSM then re-encrypts the PIN, the payment amount and the user data (typically the account number or debit card number and optionally the Track-2 data) with the merchant key to thereby form part of a payment request message that will subsequently be constructed by the virtual PIN PAD software 101 and sent to the merchant system 120 for forwarding to the existing payment network 160.
  • the two keys, the encrypted portions of the PIN transport message and the encrypted user data are not exposed outside of the secure environment of the
  • the payment request message is securely generated and compatible to one generated in a conventional PIN PAD system.
  • the merchant system 120 it can forward it to an existing payment network 160 as if it were a conventionally generated payment request message.
  • the payment network response message from the existing payment network is returned to the VPS via the merchant system 120 which validates any cryptographic components thus, the transaction is authorised during the normal transaction flow of an online process.
  • the application could be a .Net security application running in the windows mobile 2003 second edition for smart phones environment .
  • the provisioning web server 105 and the message gateway 107 are shown as being part of the virtual PIN PAD service 100. However, as indicated by dotted line 102, they could be provided independently of the virtual PIN PAD service 100 provided they are in data communication with the VPSW 101.
  • the user keys may be provided in an alternative manner, for example by using a key that was issued with the SIM by the telecommunications company or Bank (with the corresponding private key imported into the HSM 108) . Further, it may be possible to write the key into a secure area of the phone or the SIM. However, even in these embodiments, the authentication of the PIN will not occur on the SIM but will be performed by the existing payment network.

Abstract

L'invention concerne un système d'autorisation de transactions sécurisées comportant un dispositif de cryptage/décryptage sûr (SEDD) (108) destiné à traiter un message de transport NIP (PTM) reçu d'un terminal mobile d'utilisateur (140), le PTM comprenant un numéro d'identification personnel (NIP) entré par l'utilisateur et des données de paiement à la fois cryptées avec une clé publique d'utilisateur, le SEDD (108) traitant le PTM afin de décrypter le PTM avec la clé privée de l'utilisateur et de recrypter avec une clé commerciale qui consiste en au moins une partie de formation d'un message de demande de paiement (PRM).
PCT/AU2006/000701 2005-05-31 2006-05-25 Procede et systeme d'autorisation de transactions securisees WO2006128215A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2005902808A AU2005902808A0 (en) 2005-05-31 Method and system for secure authorisation of transactions
AU2005902808 2005-05-31

Publications (1)

Publication Number Publication Date
WO2006128215A1 true WO2006128215A1 (fr) 2006-12-07

Family

ID=37481122

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2006/000701 WO2006128215A1 (fr) 2005-05-31 2006-05-25 Procede et systeme d'autorisation de transactions securisees

Country Status (1)

Country Link
WO (1) WO2006128215A1 (fr)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008070951A1 (fr) * 2006-12-13 2008-06-19 E.E. System Corporation Procédé et système pour des transactions de débit en ligne en temps réel
WO2009037335A2 (fr) * 2007-09-20 2009-03-26 Tds Todos Data System Ab Système, procédé et dispositif permettant des interactions avec sécurité dynamique
US8041646B2 (en) 2005-06-15 2011-10-18 E. E. System Corporation Method and system for real time online debit transactions
WO2012070923A1 (fr) * 2010-11-26 2012-05-31 Mimos Berhad Procédé et système destinés à garantir une transaction en ligne sécurisée avec une carte de débit
GB2498326A (en) * 2011-10-12 2013-07-17 Technology Business Man Ltd Secure identity authentication method
EP3022700A1 (fr) * 2013-07-15 2016-05-25 Visa International Service Association Traitement de transaction de paiement à distance sécurisé
US9832649B1 (en) 2011-10-12 2017-11-28 Technology Business Management, Limted Secure ID authentication
US10817875B2 (en) 2013-09-20 2020-10-27 Visa International Service Association Secure remote payment transaction processing including consumer authentication
US10929832B2 (en) 2011-09-06 2021-02-23 Barclays Execution Services Limited Method and system for electronic wallet access
US11062306B2 (en) 2013-08-15 2021-07-13 Visa International Service Association Secure remote payment transaction processing using a secure element
CN116846689A (zh) * 2023-09-01 2023-10-03 建信金融科技有限责任公司 金融业务数据传输方法、装置、计算机设备和存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002063580A2 (fr) * 2001-02-02 2002-08-15 Hodgson Robert B Dispositif et procede permettant des transactions securisees par carte de debit et carte de credit atm via internet
US6529884B1 (en) * 1999-07-14 2003-03-04 Lucent Technologies, Inc. Minimalistic electronic commerce system
US6742125B1 (en) * 1996-11-13 2004-05-25 Lucent Technologies Inc. Distributed protocol for secure communication of commercial transactions and decentralized network employing the protocol

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6742125B1 (en) * 1996-11-13 2004-05-25 Lucent Technologies Inc. Distributed protocol for secure communication of commercial transactions and decentralized network employing the protocol
US6529884B1 (en) * 1999-07-14 2003-03-04 Lucent Technologies, Inc. Minimalistic electronic commerce system
WO2002063580A2 (fr) * 2001-02-02 2002-08-15 Hodgson Robert B Dispositif et procede permettant des transactions securisees par carte de debit et carte de credit atm via internet

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8041646B2 (en) 2005-06-15 2011-10-18 E. E. System Corporation Method and system for real time online debit transactions
WO2008070951A1 (fr) * 2006-12-13 2008-06-19 E.E. System Corporation Procédé et système pour des transactions de débit en ligne en temps réel
NO341998B1 (no) * 2007-09-20 2018-03-12 Tds Todos Data System Ab System, fremgangsmåte og anordning for muliggjøring av vekselvirkning med dynamisk sikkerhet
WO2009037335A2 (fr) * 2007-09-20 2009-03-26 Tds Todos Data System Ab Système, procédé et dispositif permettant des interactions avec sécurité dynamique
EP2043036A1 (fr) * 2007-09-20 2009-04-01 Tds Todos Data System Ab Système, procédé et dispositif pour autoriser une interaction avec une sécurité dynamique
WO2009037335A3 (fr) * 2007-09-20 2009-06-04 Tds Todos Data System Ab Système, procédé et dispositif permettant des interactions avec sécurité dynamique
WO2012070923A1 (fr) * 2010-11-26 2012-05-31 Mimos Berhad Procédé et système destinés à garantir une transaction en ligne sécurisée avec une carte de débit
US10929832B2 (en) 2011-09-06 2021-02-23 Barclays Execution Services Limited Method and system for electronic wallet access
US9832649B1 (en) 2011-10-12 2017-11-28 Technology Business Management, Limted Secure ID authentication
GB2498326B (en) * 2011-10-12 2016-04-20 Technology Business Man Ltd ID Authentication
GB2498326A (en) * 2011-10-12 2013-07-17 Technology Business Man Ltd Secure identity authentication method
US11055694B2 (en) 2013-07-15 2021-07-06 Visa International Service Association Secure remote payment transaction processing
JP2016525254A (ja) * 2013-07-15 2016-08-22 ビザ インターナショナル サービス アソシエーション セキュアな遠隔決済取引処理
EP3022700A4 (fr) * 2013-07-15 2017-03-29 Visa International Service Association Traitement de transaction de paiement à distance sécurisé
US10607212B2 (en) 2013-07-15 2020-03-31 Visa International Services Association Secure remote payment transaction processing
EP3022700A1 (fr) * 2013-07-15 2016-05-25 Visa International Service Association Traitement de transaction de paiement à distance sécurisé
US11062306B2 (en) 2013-08-15 2021-07-13 Visa International Service Association Secure remote payment transaction processing using a secure element
US11188901B2 (en) 2013-08-15 2021-11-30 Visa International Service Association Secure remote payment transaction processing using a secure element
US11847643B2 (en) 2013-08-15 2023-12-19 Visa International Service Association Secure remote payment transaction processing using a secure element
US10817875B2 (en) 2013-09-20 2020-10-27 Visa International Service Association Secure remote payment transaction processing including consumer authentication
US11710120B2 (en) 2013-09-20 2023-07-25 Visa International Service Association Secure remote payment transaction processing including consumer authentication
CN116846689A (zh) * 2023-09-01 2023-10-03 建信金融科技有限责任公司 金融业务数据传输方法、装置、计算机设备和存储介质
CN116846689B (zh) * 2023-09-01 2023-12-26 建信金融科技有限责任公司 金融业务数据传输方法、装置、计算机设备和存储介质

Similar Documents

Publication Publication Date Title
US11615414B2 (en) Virtualization and secure processing of data
CA2961916C (fr) Traitement securise de donnees
US10424171B2 (en) Systems and methods for transferring resource access
US20160019536A1 (en) Secure processing of data
US20180285875A1 (en) Static token systems and methods for representing dynamic real credentials
US10515362B2 (en) Methods and apparatus for card transactions
WO2006128215A1 (fr) Procede et systeme d'autorisation de transactions securisees
JP2004527861A (ja) 安全な現金を使用しない支払取引を行うための方法および現金を使用しない支払システム
WO2009136404A2 (fr) Système et procédé pour mettre en œuvre une transaction sécurisée par un dispositif de communication mobile
KR102574524B1 (ko) 원격 거래 시스템, 방법 및 포스단말기
Kadambi et al. Near-field communication-based secure mobile payment service
US20120284196A1 (en) Method for initiating and performing a cnp business transaction, software for the same and a communication device comprising such software
KR20080064789A (ko) 이동통신단말 기반의 개방형 전자지불결제(u-PG) 서비스
M'Raı̈hi et al. E-commerce applications of smart cards
EP1197928A2 (fr) Paiement itinérant - Paiement à travers des réseaux de plusieurs institutions indépendemment de l'heure et de la localisation des terminals de paiement
KR100928412B1 (ko) 가상 가맹점 망을 이용한 결제처리 시스템
Zhao et al. Multi-Applications Secure Mobile Platform
KR20090016618A (ko) 가상 가맹점 망을 이용한 결제처리 방법 및 기록매체
WO2006044213A2 (fr) Procede de paiement electronique

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

NENP Non-entry into the national phase

Ref country code: RU

WWW Wipo information: withdrawn in national office

Country of ref document: RU

122 Ep: pct application non-entry in european phase

Ref document number: 06721533

Country of ref document: EP

Kind code of ref document: A1