WO2011004339A1 - Method and system of contactless authentication, and carrier of pin code - Google Patents

Method and system of contactless authentication, and carrier of pin code Download PDF

Info

Publication number
WO2011004339A1
WO2011004339A1 PCT/IB2010/053130 IB2010053130W WO2011004339A1 WO 2011004339 A1 WO2011004339 A1 WO 2011004339A1 IB 2010053130 W IB2010053130 W IB 2010053130W WO 2011004339 A1 WO2011004339 A1 WO 2011004339A1
Authority
WO
WIPO (PCT)
Prior art keywords
identifier
payment terminal
payment
pin code
fact
Prior art date
Application number
PCT/IB2010/053130
Other languages
French (fr)
Other versions
WO2011004339A4 (en
Inventor
Emil HUBINÁK
Miroslav Florek
Michal Masaryk
Original Assignee
Logomotion, S.R.O.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Logomotion, S.R.O. filed Critical Logomotion, S.R.O.
Priority to EP10742584.5A priority Critical patent/EP2452300B1/en
Publication of WO2011004339A1 publication Critical patent/WO2011004339A1/en
Publication of WO2011004339A4 publication Critical patent/WO2011004339A4/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/352Contactless payments by cards
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1091Use of an encrypted form of the PIN

Definitions

  • the invention refers to a method and system of the authorized person authentication and approval of the operation, especially during contactless payment through a separate carrier of the PIN (personal identification number) code.
  • the invention also refers to the identifier, which serve as a secured carrier of the PIN code to the payment process.
  • Payment cards are used widely during contactless payments, in which the approval with the payment is realized by presenting and entering of the correct PIN code.
  • the buyer enters the PIN code into the payment terminal, usually over a small keyboard and by doing this the payment is confirmed.
  • the buyers are authenticated using the PIN code.
  • the RFID technology does not enable active and secure encryption without contactless connection of the RFID identifier to the power source or without the usage of its own source of electrical energy e.g. in the form of battery.
  • NFC Near Field Communication
  • the usage of NFC (Near Field Communication) technology is also known as in the patents and patent applications EP 1 729 253 Al, DE 10 2006 019 628 Al, CN 1835007 A, however there is no solution known, in which a passive identifier would be used, without its own source of electrical energy and where the identifier would realize the encryption tasks on its own.
  • the methods and solutions known until now did not enable to ensure high level of security that would be sufficient enough, since the passive identifiers can be copied easily and are easily imitable.
  • the active identifiers required its own source of powering that would be capable of supplying the identifier's hardware with the energy necessary for the encryption of the approval code, or they required to be connected in a contact way with a communication device in order to be supplied with energy. In both cases it is a solution that is uncomfortable and lengthy. Until now, the configurations of RFID tags and RFID chips were considered to be not sufficiently secure carriers of the sensitive information.
  • the deficiencies mentioned are to a great extent eliminated by the method of authentication over PIN code located in a separate identifier during a cashless payment that is realized over the payment terminal having a contactless communication channel between the payment terminal and the identifier according to this invention.
  • the subject matter of this invention is in the fact that a unique identification file containing the data about the current payment is sent from the payment terminal to the distance of 10 cm into the identifier being put to the payment terminal within the distance that is lower than 10 cm.
  • the usage of the small distance to which the identifier file, which is also a request command, is sent over the radio channel is important in order to prevent interference and to increase the security level. Even though this can be realized directly over a physical tap of the identifier to the payment terminal reader, the tap itself nor the exact location of the tap is required or inevitable since the communication between the payment terminal and the identifier is a radio communication.
  • the important characteristic of the solution presented is the fact that the identifier is supplied with energy in a contactless way over the payment terminal's electromagnetic field, where the identifier used direct energy and/or the energy of the payment terminal's electromagnetic field that was accumulated during the tap.
  • the PIN code is assigned to the received identification file in the identifier's processor.
  • the resulting file is signed electronically over the private key that is stored in the identifier's memory and the electronically signed file created in this way is then encrypted, enciphered and sent to the payment terminal over which is this file sent to the payment processing centre for the PIN code's correctness to be verified.
  • the electronically signed file is encrypted in the identifier's processor before being sent from the identifier.
  • the received file is decrypted in the payment processing centre and then it is read using a public key; the PIN code is extracted from the file received and then it is compared with the correct value
  • the invention enables the usage of the encryption of the authentication, while the energetic passivity of the separate identifier is retained.
  • the main advantage is the high security while retaining the user comfort.
  • the entering of PIN which usually is of 4 digits is supplemented by tapping the identifier to the POS (Point of sale) terminal.
  • An encrypted information with a multibit string is sent from the identifier.
  • the multibit string is not constant, since the file that is sent from the identifier into the payment terminal is changed in accordance with the encryption that is realized in the identifier's processor during each authentication process.
  • the subject matter of this invention also lies in the system for the authentication during cashless payments, which encompasses a payment terminal, a separate identifier communicating with the payment terminal over the contactless communication channel, where the identifier encompasses a processor for the electronic signature of the file.
  • the identifier contains an emitting and receiving signal for the communication with the payment terminal, an electromagnetic field transformation block for the electric energy and a memory with a secured part, in which the PIN code is stored. At least one part of the memory is in the form of a secure element.
  • the identifier's elements are supplied with energy over the payment terminal's electromagnetic field, or partially also by the energy that is accumulated during the tap of the identifier to the payment terminal during the corresponding payment operation.
  • the payment terminal has a NFC communication element and the identifier has the NFC platform communication element.
  • the deficiencies mentioned in current state of the technology are to a great extent eliminated by the identifier which communicates with the payment terminal in contactless way during cashless payments according to this invention.
  • the subject matter of this invention lies in the fact that it contains a processor for electronic signatures and processing of the file received, an emitting and receiving element for the communication with the payment terminal.
  • the identifier contains a memory and electromagnetic field transformation block for the electric energy.
  • the emitting and receiving element and the electromagnetic field transformation block for the electric energy are connected with the processor.
  • the processor is also connected with the memory. It is suitable if at least one part of the memory is in the form of a secure element.
  • the user's PIN code and the private key for electronic signature are stored in the secure part of the memory.
  • the identity and/or approval identifier encompasses a NFC chip.
  • the utility characteristics of the identifier are increased by a configuration, where one part of the memory is reserved for the user's personal data. This part of the memory is adjusted for a separate storage of personal data from the private key. That being the case, the identifier can also serve as a health card, identity card and similar. The legitimacy of requesting these data is evaluated in the identifier's processor.
  • the identifier can be placed into a pendant and/or key case and/or a sticker and/or applique.
  • the invention enables to increase security and comfort of the authentication and approval of the cashless payment and the user does not have to remember the PIN code. In the same time, the invention accelerates the course of the cashless payment operation, since the delay created by entering the PIN code is smaller.
  • the invention is described in more detail on the figure 1, where there is a scheme of the connection between the payment terminal and the identifier during the cashless payment process.
  • the system contains a payment terminal 1 at the shop's cash desk, an identifier 3 in a key case and remote payment processing centre 2.
  • the payment terminal 1 is equipped with a NFC communication technology, which enables the creation of a contactless communication channel 4 with the identifier 3. Otherwise it is a standard payment terminal 1 with common functionalities and a communication with the payment processor centre's 2 server in a bank institution or in a similar authorization centre.
  • the identification file starts to be emitted from the payment terminal 1 to the distance lower than 10 cm.
  • This identification file contains the data on the current payment including the generated PAN (primary account number).
  • the identifier 3 After tapping, the identifier 3 is supplied with the energy in a contactless way by the electromagnetic field of the payment terminal L
  • the identifier 3 does not have its own source of energy (e.g. a battery) and uses the payment terminal's 1 electromagnetic field as a source of energy.
  • the payment terminal's 1 electromagnetic field is processed in the transformation block 9.
  • the identifier 3_ receives the emitted file with the PAN code and in the configuration according to this invention realizes pairing of the payment device - identifier pair.
  • the PIN code is assigned to the received identification file in the identifier's 3 processor 5 and the resulting file is electronically signed using the private key that is stored in the identifier's 3 memory 6.
  • the electronically signed file thus created is encrypted and subsequently is sent to the payment terminal J_, over which is this file transferred into the payment processing centre 2 for the verification of the PIN code and realization of the payment.
  • the payment application By receiving the correct, electronically signed file with a correct PIN code from the identifier 3, the payment application assumes that the user approved the payment and that the user is authorized to do that.
  • the verification of the correctness lies basically in the fact that the electronically signed file with the PIN code was read using a corresponding public key.
  • the identifier 3 containing a processor 5 . and recordable memory 6 with exempt secure element for the storage of the PIN code, is capable of realizing computing operations enabling encryption, decryption and other tasks necessary for the realization of the electronic signature.
  • the identifier 3 is capable of communication with external devices, especially with the payment terminal 1 and that exclusively over radio transmission.
  • one part 8 of the memory 6 is reserved for the storage of the user's personal data and the identifier 3 can operate, in connection with a suitable reader of NFC chips, as an electronic identity card, health card and similar.
  • Various types of these personal data are accessible over various levels of access rights, which are evaluated by the processor 5_.
  • the industrial usability is obvious. According to this invention it is possible to industrially and repeatedly authenticate and approve cashless payment processes using a separate passive identifier with the PIN code.

Abstract

The method and system of authentication over a PIN code within a separate identifier (3) during a cashless payment realized over the payment terminal (1) is based on the fact that a unique identification file containing the data on a current payment is sent from the payment terminal (1) to a distance lower than 10 cm into the identifier (3) put to the payment terminal (1). The identifier (3) is supplied with energy (received and/or received and accumulated energy) in a contactless way over the payment terminal's (1) electromagnetic field. The PIN code is assigned to the received identification file in the identifier's (3) processor, the resulting file is signed electronically using the private key stored in the identifier's memory (6) and the electronically signed file thus created is sent to the payment processing centre (2) for the verification of the PIN code's correctness.

Description

METHOD AND SYSTEM OF CONTACTLESS AUTHENTICATION
AND CARRIER OF PIN CODE
Technology
The invention refers to a method and system of the authorized person authentication and approval of the operation, especially during contactless payment through a separate carrier of the PIN (personal identification number) code. The invention also refers to the identifier, which serve as a secured carrier of the PIN code to the payment process.
Present technology
Payment cards are used widely during contactless payments, in which the approval with the payment is realized by presenting and entering of the correct PIN code. The buyer enters the PIN code into the payment terminal, usually over a small keyboard and by doing this the payment is confirmed. In case of using magnetic, chip or contactless cards during payment and also in case of payments over mobile phones the buyers are authenticated using the PIN code.
There are known several methods and technical devices by which the manual entering of PIN in the mobile phones is supplemented with and by which the approval of the contactless payments is expressed. For example, according to the published patent application WO 2005/086456 Al the RFID (Radio-frequency identification) chip in a small separate mobile card is used. The RFID technology is described also by the patents and patent applications EP 1 536 573 A2, CN 1627321 25 A, KR20040060249, WO 2007/136939 A2, WO 2006/009460 Al . However, the RFID chip developed above all for the applications with lower level of securities such as for example those for monitoring the movement of pallets in the warehouse, processing of releases and reception of goods etc. The RFID system operate even on long distances e.g. hundred feet to 100 meters, which is dangerous in case of sensitive data. The RFID technology does not enable active and secure encryption without contactless connection of the RFID identifier to the power source or without the usage of its own source of electrical energy e.g. in the form of battery. The usage of NFC (Near Field Communication) technology is also known as in the patents and patent applications EP 1 729 253 Al, DE 10 2006 019 628 Al, CN 1835007 A, however there is no solution known, in which a passive identifier would be used, without its own source of electrical energy and where the identifier would realize the encryption tasks on its own.
In case of passive identifiers being used, the methods and solutions known until now did not enable to ensure high level of security that would be sufficient enough, since the passive identifiers can be copied easily and are easily imitable. On the other hand the active identifiers required its own source of powering that would be capable of supplying the identifier's hardware with the energy necessary for the encryption of the approval code, or they required to be connected in a contact way with a communication device in order to be supplied with energy. In both cases it is a solution that is uncomfortable and lengthy. Until now, the configurations of RFID tags and RFID chips were considered to be not sufficiently secure carriers of the sensitive information.
The subject matter of the invention
The deficiencies mentioned are to a great extent eliminated by the method of authentication over PIN code located in a separate identifier during a cashless payment that is realized over the payment terminal having a contactless communication channel between the payment terminal and the identifier according to this invention. The subject matter of this invention is in the fact that a unique identification file containing the data about the current payment is sent from the payment terminal to the distance of 10 cm into the identifier being put to the payment terminal within the distance that is lower than 10 cm. The usage of the small distance to which the identifier file, which is also a request command, is sent over the radio channel, is important in order to prevent interference and to increase the security level. Even though this can be realized directly over a physical tap of the identifier to the payment terminal reader, the tap itself nor the exact location of the tap is required or inevitable since the communication between the payment terminal and the identifier is a radio communication.
The important characteristic of the solution presented is the fact that the identifier is supplied with energy in a contactless way over the payment terminal's electromagnetic field, where the identifier used direct energy and/or the energy of the payment terminal's electromagnetic field that was accumulated during the tap. The PIN code is assigned to the received identification file in the identifier's processor. The resulting file is signed electronically over the private key that is stored in the identifier's memory and the electronically signed file created in this way is then encrypted, enciphered and sent to the payment terminal over which is this file sent to the payment processing centre for the PIN code's correctness to be verified. The electronically signed file is encrypted in the identifier's processor before being sent from the identifier.
The received file is decrypted in the payment processing centre and then it is read using a public key; the PIN code is extracted from the file received and then it is compared with the correct value
The invention enables the usage of the encryption of the authentication, while the energetic passivity of the separate identifier is retained. The main advantage is the high security while retaining the user comfort. According to this invention, the entering of PIN, which usually is of 4 digits is supplemented by tapping the identifier to the POS (Point of sale) terminal. An encrypted information with a multibit string is sent from the identifier. The multibit string is not constant, since the file that is sent from the identifier into the payment terminal is changed in accordance with the encryption that is realized in the identifier's processor during each authentication process.
By this a higher level of security is reached in comparison to the one in case of current identifiers and in the same time the advantage of their passivity is retained. It is exactly the energetic passivity that enables to decrease the size of the identifier, since the necessity to use its own source of energy falls off. Also, the user comfort is increased, the user does not have to take care of charging the identifier or its capacity.
The subject matter of this invention also lies in the system for the authentication during cashless payments, which encompasses a payment terminal, a separate identifier communicating with the payment terminal over the contactless communication channel, where the identifier encompasses a processor for the electronic signature of the file. Further on, the identifier contains an emitting and receiving signal for the communication with the payment terminal, an electromagnetic field transformation block for the electric energy and a memory with a secured part, in which the PIN code is stored. At least one part of the memory is in the form of a secure element. The identifier's elements are supplied with energy over the payment terminal's electromagnetic field, or partially also by the energy that is accumulated during the tap of the identifier to the payment terminal during the corresponding payment operation.
From the compatibility with existing, mass-spread devices and standards point of view, it is suitable if the payment terminal has a NFC communication element and the identifier has the NFC platform communication element.
The deficiencies mentioned in current state of the technology are to a great extent eliminated by the identifier which communicates with the payment terminal in contactless way during cashless payments according to this invention. The subject matter of this invention lies in the fact that it contains a processor for electronic signatures and processing of the file received, an emitting and receiving element for the communication with the payment terminal. Further, the identifier contains a memory and electromagnetic field transformation block for the electric energy. The emitting and receiving element and the electromagnetic field transformation block for the electric energy are connected with the processor. The processor is also connected with the memory. It is suitable if at least one part of the memory is in the form of a secure element. The user's PIN code and the private key for electronic signature are stored in the secure part of the memory. Basically, all the elements of the identifier are powered with energy by the payment terminal's electromagnetic field. In optimal configuration the identity and/or approval identifier encompasses a NFC chip. The utility characteristics of the identifier are increased by a configuration, where one part of the memory is reserved for the user's personal data. This part of the memory is adjusted for a separate storage of personal data from the private key. That being the case, the identifier can also serve as a health card, identity card and similar. The legitimacy of requesting these data is evaluated in the identifier's processor.
In order to increase the user comfort, the identifier can be placed into a pendant and/or key case and/or a sticker and/or applique.
The invention enables to increase security and comfort of the authentication and approval of the cashless payment and the user does not have to remember the PIN code. In the same time, the invention accelerates the course of the cashless payment operation, since the delay created by entering the PIN code is smaller.
Pictures overview
The invention is described in more detail on the figure 1, where there is a scheme of the connection between the payment terminal and the identifier during the cashless payment process.
Realization examples
In this example the system contains a payment terminal 1 at the shop's cash desk, an identifier 3 in a key case and remote payment processing centre 2. The payment terminal 1 is equipped with a NFC communication technology, which enables the creation of a contactless communication channel 4 with the identifier 3. Otherwise it is a standard payment terminal 1 with common functionalities and a communication with the payment processor centre's 2 server in a bank institution or in a similar authorization centre.
In case of cashless payment realized over the payment terminal J_, in the phase when the authorization of the payment is requested, the identification file starts to be emitted from the payment terminal 1 to the distance lower than 10 cm. This identification file contains the data on the current payment including the generated PAN (primary account number). After the payment customer receives instructions from the payment terminal 1 attendee, the paying customer taps the identifier 3 to the payment terminal 1 and he does it in such a way that he taps the identifier to the marked field of the payment terminal J_, to the place, where the NFC reader is located.
After tapping, the identifier 3 is supplied with the energy in a contactless way by the electromagnetic field of the payment terminal L The identifier 3 does not have its own source of energy (e.g. a battery) and uses the payment terminal's 1 electromagnetic field as a source of energy. The payment terminal's 1 electromagnetic field is processed in the transformation block 9. The identifier 3_ receives the emitted file with the PAN code and in the configuration according to this invention realizes pairing of the payment device - identifier pair. In case of affirmative result, the PIN code is assigned to the received identification file in the identifier's 3 processor 5 and the resulting file is electronically signed using the private key that is stored in the identifier's 3 memory 6. The electronically signed file thus created is encrypted and subsequently is sent to the payment terminal J_, over which is this file transferred into the payment processing centre 2 for the verification of the PIN code and realization of the payment.
By receiving the correct, electronically signed file with a correct PIN code from the identifier 3, the payment application assumes that the user approved the payment and that the user is authorized to do that. The verification of the correctness lies basically in the fact that the electronically signed file with the PIN code was read using a corresponding public key.
The identifier 3 containing a processor 5. and recordable memory 6 with exempt secure element for the storage of the PIN code, is capable of realizing computing operations enabling encryption, decryption and other tasks necessary for the realization of the electronic signature. The identifier 3 is capable of communication with external devices, especially with the payment terminal 1 and that exclusively over radio transmission. In this example, one part 8 of the memory 6 is reserved for the storage of the user's personal data and the identifier 3 can operate, in connection with a suitable reader of NFC chips, as an electronic identity card, health card and similar. Various types of these personal data are accessible over various levels of access rights, which are evaluated by the processor 5_.
Industrial usability
The industrial usability is obvious. According to this invention it is possible to industrially and repeatedly authenticate and approve cashless payment processes using a separate passive identifier with the PIN code.
According to this invention it is also possible to produce and use passive identifier's, especially using the NFC chip standard, the powering of which it is possible to ensure by the mobile communication device's electromagnetic field according to this invention.
LIST OF RELATED SYMBOLS:
1 - a payment terminal
2- a payment processing centre
3- an identifier
4- a contactless communication channel
5- a processor
6- a memory
7- an emitting and receiving element
8- a part of the memory for personal data
9- a transformation block
PIN - personal identification number RFID - Radio-frequency identification NFC - Near Field Communication POS - Point of sale PAN - primary account number

Claims

PATENT CLAIMS
1. The method of authentication over a PIN code in a separate identifier (3) during a cashless payment realized over the payment terminal with a contactless communication channel between the payment terminal and the identifier (3) i s characterized by the fact that the identification file containing the data on the current payment is sent from the payment terminal (1) to the distance lower than 10 cm into the identifier (3) that is put to the payment terminal (1) within a distance that is lower than 10 cm; the identifier (3) is supplied with energy in a contactless way over the payment terminal's (1) electromagnetic field, when the direct energy and/or the energy accumulated during the is used in the identifier (3); the PIN code is assigned to the received identification file in the identifier's (3) processor (5), the resulting file is electronically signed using the private key that is stored in the identifier's (3) memory (6) and the electronically signed field thus created is encrypted and subsequently sent into the payment terminal (1), over which it is transferred into the payment processing centre (2) for the PIN code verification.
2. The method of authentication as in claim l is characterized by the fact that the received file is decrypted, read by the corresponding public key in the payment processing centre (2); the PIN code is detached from the received file and subsequently the PIN code is compared to the correct value.
3. The method of authentication as in claims I or2 is characterized by the fact that the PIN code and/or private key are loaded from the identifier's (3) secure element.
4. The system for authentication during cashless payment encompassing a payment terminal and a separate identifier (3) communicating with the payment terminal over the contactless communication channel (4) i s characterized by the fact that the payment terminal (1) is equipped by the emitting and receiving element (7) for the contactless communication with the identifier (3); the identifier (3) encompasses a processor (5), an emitting and receiving element (7) for the communication with the payment terminal (1), an electromagnetic field transformation block (9) for the electric energy, a memory (6) with a secured part, in which the PIN code is stored; these identifier's (3) elements are supplied with energy from the payment terminal's (1) electromagnetic field.
5. The system for authentication during cashless payment as in claim 4 i s characterized by the fact that the identifier (3) contains a NFC communication element.
6. The identifier (3) in cashless payments that communicates with the payment terminal in a contactless way is characterized by the fact that it contains a processor (5) for electronic processing of the received file, an emitting and receiving element (7) for the communication with the payment terminal (1), a memory (6) with the secure element, an electromagnetic field transformation block (9) for electric energy; where the emitting and receiving element (7) and electromagnetic field transformation block (9) for electric energy are connected with the processor (5), which is also connected to the memory (6); the identifier's (3) elements are supplied with energy from the payment terminal's (1) electromagnetic field and the user's PIN code and the private key for electronic signature are stored in the secured part of the memory (6).
7. The identifier (3) as in claim 6is characterized by the fact that the emitting and receiving element (7) has a NFC platform.
8. The identifier (3) as in any of the claims 6or7is characterized by the fact that at least one part (8) of the memory (6) is adjusted in such a way that the user's personal data can be stored separately; this part is accessible from the outside over the emitting and receiving element (7) through processing in the processor (5).
9. The identifier (3) as in any of the claims 6to 8 is characterized by the fact that it is located in an pendant and/or a key case and/or a sticker and/or applique.
PCT/IB2010/053130 2009-07-08 2010-07-08 Method and system of contactless authentication, and carrier of pin code WO2011004339A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP10742584.5A EP2452300B1 (en) 2009-07-08 2010-07-08 Method and system of contactless authentication, and carrier of pin code

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SKPP50035-2009 2009-07-08
SK50035-2009A SK288521B6 (en) 2009-07-08 2009-07-08 Method and system for entering the PIN code at non-cash payments, carrier PIN code

Publications (2)

Publication Number Publication Date
WO2011004339A1 true WO2011004339A1 (en) 2011-01-13
WO2011004339A4 WO2011004339A4 (en) 2011-03-24

Family

ID=43063880

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2010/053130 WO2011004339A1 (en) 2009-07-08 2010-07-08 Method and system of contactless authentication, and carrier of pin code

Country Status (3)

Country Link
EP (1) EP2452300B1 (en)
SK (1) SK288521B6 (en)
WO (1) WO2011004339A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013127520A1 (en) * 2012-02-28 2013-09-06 Giesecke & Devrient Gmbh Authenticated transaction approval
US10504101B2 (en) 2012-02-29 2019-12-10 Mobeewave, Inc. Method, device and secure element for conducting a secured financial transaction on a device
US10565569B2 (en) 2015-07-30 2020-02-18 NXT-ID, Inc. Methods and systems related to multi-factor, multidimensional, mathematical, hidden and motion security pins

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040060249A (en) 2002-12-30 2004-07-06 엘지전자 주식회사 Synthesis System and Method of Credit Card Using Smart card and Mobile Phone
EP1536573A2 (en) 2003-11-27 2005-06-01 Samsung Electronics Co., Ltd. Mobile terminal having smart card coupled with RFID tag and method for performing RFID function in such mobile terminal
WO2005086456A1 (en) 2004-02-25 2005-09-15 Nokia Corporation Electronic payment schemes in a mobile environment for short-range transactions
WO2006009460A1 (en) 2004-07-16 2006-01-26 Telenor Asa A system and method for authenticating users in a payment system
CN1835007A (en) 2006-04-07 2006-09-20 浙江通普通信技术有限公司 Mobile payment method based on mobile communication network
EP1729253A1 (en) 2005-05-12 2006-12-06 Swisscom AG Method and system for secure data transfer over an NFC-connection
EP1798867A2 (en) * 2005-12-16 2007-06-20 Innovision Research & Technology PLC Communications devices and method comprising near field RF communicators
DE102006019628A1 (en) 2006-04-25 2007-10-31 Eberhard Back Method and device for providing at least one piece of information to a mobile communication device of a user
WO2007136939A2 (en) 2006-05-18 2007-11-29 E2Interactive, Inc. D/B/A E2Interactive, Inc. Radio frequency indentification purchase transactions
US20080155258A1 (en) * 2006-12-21 2008-06-26 Spansion Llc Non-volatile memory sub-system integrated with security for storing near field transactions
US20090108063A1 (en) * 2007-09-12 2009-04-30 Deepak Jain Wirelessly Communicating Radio Frequency Signals
WO2009087539A1 (en) * 2008-01-04 2009-07-16 Logomotion, S.R.O. Method and system of authenticity particularly at the payments, identifier of identity and/or approval

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040060249A (en) 2002-12-30 2004-07-06 엘지전자 주식회사 Synthesis System and Method of Credit Card Using Smart card and Mobile Phone
EP1536573A2 (en) 2003-11-27 2005-06-01 Samsung Electronics Co., Ltd. Mobile terminal having smart card coupled with RFID tag and method for performing RFID function in such mobile terminal
CN1627321A (en) 2003-11-27 2005-06-15 三星电子株式会社 Mobile terminal having smart card coupled with RFID tag and method for performing RFID function in such mobile terminal
WO2005086456A1 (en) 2004-02-25 2005-09-15 Nokia Corporation Electronic payment schemes in a mobile environment for short-range transactions
WO2006009460A1 (en) 2004-07-16 2006-01-26 Telenor Asa A system and method for authenticating users in a payment system
EP1729253A1 (en) 2005-05-12 2006-12-06 Swisscom AG Method and system for secure data transfer over an NFC-connection
EP1798867A2 (en) * 2005-12-16 2007-06-20 Innovision Research & Technology PLC Communications devices and method comprising near field RF communicators
CN1835007A (en) 2006-04-07 2006-09-20 浙江通普通信技术有限公司 Mobile payment method based on mobile communication network
DE102006019628A1 (en) 2006-04-25 2007-10-31 Eberhard Back Method and device for providing at least one piece of information to a mobile communication device of a user
WO2007136939A2 (en) 2006-05-18 2007-11-29 E2Interactive, Inc. D/B/A E2Interactive, Inc. Radio frequency indentification purchase transactions
US20080155258A1 (en) * 2006-12-21 2008-06-26 Spansion Llc Non-volatile memory sub-system integrated with security for storing near field transactions
US20090108063A1 (en) * 2007-09-12 2009-04-30 Deepak Jain Wirelessly Communicating Radio Frequency Signals
WO2009087539A1 (en) * 2008-01-04 2009-07-16 Logomotion, S.R.O. Method and system of authenticity particularly at the payments, identifier of identity and/or approval

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"EMV Mobile Contactless Payment: Technical Issues and Position Paper", INTERNET CITATION, 1 October 2007 (2007-10-01), pages 1 - 37, XP007908266, Retrieved from the Internet <URL:http://www.emvco.com/mobile.aspx> [retrieved on 20090420] *
"NFC Forum: Frequently asked questions", INTERNET CITATION, 1 January 2007 (2007-01-01), pages 1 - 5, XP007906261, Retrieved from the Internet <URL:http://www.nfc-forum.org/home> [retrieved on 20081107] *
SMART CARD ALLIANCE IDENTITY COUNCIL: "RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards", INTERNET CITATION, 1 January 2007 (2007-01-01), pages 1 - 7, XP007906278, Retrieved from the Internet <URL:http://www.smartcardalliance.org/resources/pdf/RFID_vs_RF-Enabled_Sma rt_Cards.pdf> [retrieved on 20081107] *
SMART CARD ALLIANCE: "Proximity Mobile Payments: Leveraging NFC and the Contactless Financial Payments Infrastructure A Smart Card Alliance Contactless Payments Council White Paper", INTERNET CITATION, 1 September 2007 (2007-09-01), pages COMPLETE, XP007906262, Retrieved from the Internet <URL:http://www.smartcardalliance.org> [retrieved on 20081107] *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013127520A1 (en) * 2012-02-28 2013-09-06 Giesecke & Devrient Gmbh Authenticated transaction approval
US10504101B2 (en) 2012-02-29 2019-12-10 Mobeewave, Inc. Method, device and secure element for conducting a secured financial transaction on a device
US10504102B2 (en) 2012-02-29 2019-12-10 Mobeewave, Inc. Method, device and secure element for conducting a secured financial transaction on a device
US10558971B2 (en) 2012-02-29 2020-02-11 Mobeewave, Inc. Method, device and secure element for conducting a secured financial transaction on a device
US11132665B2 (en) 2012-02-29 2021-09-28 Apple Inc. Method and device for conducting a secured financial transaction on a device
US11301835B2 (en) 2012-02-29 2022-04-12 Apple Inc. Method, device and secure element for conducting a secured financial transaction on a device
US11397936B2 (en) 2012-02-29 2022-07-26 Apple Inc. Method, device and secure element for conducting a secured financial transaction on a device
US11756021B2 (en) 2012-02-29 2023-09-12 Apple Inc. Method, device and secure element for conducting a secured financial transaction on a device
US10565569B2 (en) 2015-07-30 2020-02-18 NXT-ID, Inc. Methods and systems related to multi-factor, multidimensional, mathematical, hidden and motion security pins

Also Published As

Publication number Publication date
EP2452300B1 (en) 2015-03-25
WO2011004339A4 (en) 2011-03-24
SK288521B6 (en) 2017-12-04
EP2452300A1 (en) 2012-05-16
SK500352009A3 (en) 2011-03-04

Similar Documents

Publication Publication Date Title
US8275364B2 (en) Systems and methods for contactless payment authorization
US10783514B2 (en) Method and apparatus for use in personalizing identification token
KR101316466B1 (en) Mobile transaction system using dynamic track 2 data and method using the same
US9547861B2 (en) System and method for wireless communication with an IC chip for submission of pin data
AU2010230088B2 (en) Authentication system and method in a contactless environment
CN201732388U (en) Credible intelligent card
KR101330867B1 (en) Authentication method for payment device
CN102393938B (en) On-site payment method for processing business and smart card
EP2807600A1 (en) Portable e-wallet and universal card
US20150242844A1 (en) System and method for secure remote access and remote payment using a mobile device and a powered display card
CN102034321A (en) Authentication method and system used for wireless payment
CN102314731A (en) Mobile payment method and equipment for implementing same
CN201622584U (en) Electronic identification and information read-write device
EP2071530A1 (en) Authentication device and payment system
TWI416422B (en)
CN109478284A (en) Utilize the method for payment and equipment of beacon
JP2023539633A (en) Use of NFC field from phone to power card to phone Bluetooth communication
US20200210994A1 (en) Intelligent payment card carrying systems and methods
WO2013001133A1 (en) Bank-card fraud detection and prevention for bank automats
EP2452300B1 (en) Method and system of contactless authentication, and carrier of pin code
KR20150144366A (en) Method for Processing Payment at Affiliate Coupled End-To-End Medium Ownership Authentication and One Time Code Authentication
CN111522403A (en) Function expanding device for mobile terminal
KR20190007196A (en) Apparatus and methods for providing card activation control and digital wallet exchange using card owner&#39;s identity verification
Ion et al. Don’t trust POS terminals! Verify in-shop payments with your phone
CN108885581B (en) Information processing apparatus and information processing method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10742584

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2010742584

Country of ref document: EP