WO2012048373A1 - Systèmes et procédés de réalisation sécurisée de transactions - Google Patents

Systèmes et procédés de réalisation sécurisée de transactions Download PDF

Info

Publication number
WO2012048373A1
WO2012048373A1 PCT/AU2011/001302 AU2011001302W WO2012048373A1 WO 2012048373 A1 WO2012048373 A1 WO 2012048373A1 AU 2011001302 W AU2011001302 W AU 2011001302W WO 2012048373 A1 WO2012048373 A1 WO 2012048373A1
Authority
WO
WIPO (PCT)
Prior art keywords
account
authentication unit
information
authentication
transaction
Prior art date
Application number
PCT/AU2011/001302
Other languages
English (en)
Inventor
Hans Klieber
Frank Klieber
Original Assignee
Nokuta Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2010904591A external-priority patent/AU2010904591A0/en
Application filed by Nokuta Pty Ltd filed Critical Nokuta Pty Ltd
Publication of WO2012048373A1 publication Critical patent/WO2012048373A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/206Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices

Definitions

  • the present invention relates to systems and methods for linking two or more devices for transferring encoded information.
  • Embodiments of the invention have been particularly developed for linking a personal device such as a mobile phone to a payment processing system to effect secure payment for a transaction. While some embodiments will be described herein with particular reference to that application, it will be appreciated that the invention is not limited to such a field of use, and is applicable in broader contexts.
  • EMV Europay, MasterCard and VISA
  • IC cards or chips integrated circuit cards
  • POS point of sale terminals
  • ATMs automated teller machines
  • PayPassTM and Visa payWaveTM allow transactions to be carried out wirelessly without user authentication during the transaction.
  • a method for securely carrying out a transaction including the steps of:
  • the target device is preferably one of a mobile phone, personal digital assistant (PDA), a personal computer, an under-skin chip-unit or a wristwatch. More preferably the target device is a mobile phone. In one embodiment the authentication unit is preferably selectively removable from the target device.
  • the method of the first aspect of the invention preferably further includes the step of initially uploading the account and authentication information to the authentication unit by inserting a special and unique data storage card into the target device that communicates securely with the authentication unit.
  • the data storage card can preferably only be used to transfer data once. The insertion can also be substituted by waving the card in front of the authentication unit or by decoding a photo of a 2 D code.
  • the method preferably further includes the step of initially uploading the account and authentication information to the authentication unit by wireless communication.
  • the account and authentication information preferably includes information indicative of one or more financial institution accounts or credit card accounts. [0013] The account and authentication information preferably includes information indicative of one or more of the following:
  • the step of accessing the authentication unit preferably includes the sub-steps of:
  • the password is preferably unique to a specific account linked to the authentication unit. In another embodiment, the password is preferably common to each account linked to the authentication unit.
  • the step of accessing the authentication unit preferably includes the sub-steps of:
  • the encrypted communication link is preferably established through a wireless communication protocol selected from Near Field Communication, Bluetooth, 2D codes, Cyber codes, Wi-Fi or Radio-Frequency Identification (RFID).
  • a wireless communication protocol selected from Near Field Communication, Bluetooth, 2D codes, Cyber codes, Wi-Fi or Radio-Frequency Identification (RFID).
  • an authentication unit integrated into said target device for securely storing account and authentication information, and providing access to said information in response to a request from said transaction terminal thereby to securely transfer said account and authentication information between said target device and said transaction terminal to carry out a secure transaction.
  • the system according to the second aspect preferably further includes a unique data storage card releasably insertable into the target device to securely transfer the account and authentication information to the authentication unit.
  • the data storage card can preferably only be used to transfer data once.
  • the target device is preferably capable of receiving uploaded account and authentication information for the authentication unit by wireless communication.
  • the authentication unit is preferably configured to store account and authentication information indicative of one or more financial institution accounts or credit card accounts.
  • the target device In response to a request from the transaction terminal, the target device preferably prompts a user to enter a password to access the information from the authentication unit, and based on the user entering a correct password, the authentication unit provides access to the information for transfer to the transaction terminal through the encrypted wireless communication link.
  • a device for securely carrying out a transaction including
  • a display to output information visually
  • a wireless communication device for establishing an encrypted wireless communication link with a transaction terminal when said device is within a predetermined range of said transaction terminal
  • an authentication unit for securely storing account and authentication information, and providing access to said information in response to a request from said transaction terminal thereby to securely transfer said information between said device and said transaction terminal to carry out a secure transaction.
  • the device is preferably one of a mobile phone, personal digital assistant (PDA), a personal computer, under-skin chip-unit or a wristwatch. More preferably the device is a mobile phone.
  • PDA personal digital assistant
  • a personal computer More preferably the device is a mobile phone.
  • the device preferably further includes a port configured to receive a unique data storage card to securely transfer the account and authentication information to the authentication unit.
  • the data storage card can preferably only be used to transfer data once.
  • the wireless communication device is preferably capable of wirelessly receiving uploaded account and authentication information for storage on the authentication unit.
  • the authentication unit is preferably configured to store account and authentication information indicative of one or more financial institution accounts or credit card accounts.
  • the device In response to a request from the transaction terminal, the device preferably prompts a user to enter a password through the interface to access the information from the authentication unit, and, based on the user entering a correct password, the authentication unit preferably provides access to the information for transfer to the transaction terminal through the encrypted wireless communication link.
  • any one of the terms comprising, comprised of or which comprises is an open term that means including at least the elements/features that follow, but not excluding others.
  • the term comprising, when used in the claims should not be interpreted as being limitative to the means or elements or steps listed thereafter.
  • the scope of the expression a device comprising A and B should not be limited to devices consisting only of elements A and B.
  • Any one of the terms including or which includes or that includes as used herein is also an open term that also means including at least the elements/features that follow the term, but not excluding others. Thus, including is synonymous with and means comprising.
  • FIG. 1 is a flow chart outlining a method of securely carrying out a transaction according to one embodiment of the invention
  • FIG. 2 is a schematic diagram of a mobile phone communicating wirelessly with a transaction terminal
  • FIG. 3 is a perspective drawing of a mobile phone according to one embodiment of the invention.
  • FIG. 4 is a perspective drawing of a personal digital assistant (PDA) according to another embodiment of the invention
  • FIG. 5 is a system level block diagram of one embodiment of the invention
  • FIG. 6 is a schematic system level block diagram of another embodiment of the invention.
  • FIG. 7 is a schematic system level block diagram of a further alternative embodiment of the invention.
  • FIG. 8 is a schematic diagram of a data storage card according to one embodiment of the invention.
  • FIG. 9 is a schematic system level block diagram of another alternative embodiment of the invention, wherein the phone does not require an external port for receiving an authentication card;
  • FIG. 10A is an illustration of a set of user instructions for initially uploading account ant authentication information to the authentication unit from a data card.
  • FIG. 10B is an illustration of a set of instructions for using the invention to carry out a secure transaction.
  • one aspect of the present invention provides a method for securely carrying out a transaction.
  • a target device such as a mobile phone
  • a transaction terminal wherein the target device is within a predetermined range of the transaction terminal.
  • an authentication unit within the mobile phone is accessed to retrieve account and authentication information in response to a request from the transaction terminal.
  • the account and authentication information is securely transferred between the mobile phone and the transaction terminal to carry out a secure transaction.
  • a unique data storage card is inserted into the mobile phone at step 100A. This card communicates securely with the authentication unit and uploads the account and authentication information to the authentication unit at step 100B.
  • FIGs 2 to 6 another aspect of the invention provides a system for securely carrying out a transaction between a transaction terminal 200 and a target device 202.
  • the target device 202 is a mobile phone.
  • target device 202 is a personal digital assistant (PDA).
  • PDA personal digital assistant
  • target device 202 is any one of a range of devices capable of incorporating a wireless communication device for communicating with a transaction terminal 200, including personal computers, an under-skin chip-unit, security access card or smart wristwatches.
  • target device 202 will be hereinafter described as a mobile phone.
  • mobile phone 202 is configured for establishing an encrypted wireless communication link 204 with the transaction terminal 200 when the target device is within a predetermined range of the transaction terminal.
  • the mobile phone 202 and transaction terminal 200 need to be within several metres of each other to communicate wirelessly.
  • phone 202 and terminal 200 need to be within a distance of about 10cm from each other.
  • mobile phone 202 includes an authentication unit 206 integrated for securely storing account and authentication information, and providing access to the information in response to a request from the transaction terminal 200.
  • Unit 206 is any processor or chip with embedded integrated circuits.
  • unit 206 includes memory, micro-processor components and dedicated security logic. Secure transfer of the account and authentication information between mobile phone 202 and transaction terminal 200 facilitates a secure transaction, which may be carried out in a known manner using existing systems of financial institutions.
  • Authentication unit 206 may be a self- powered device or may source power from the battery (not shown) of mobile phone 202.
  • Authentication unit 206 is configured to store account and authentication information indicative of one or more bank accounts, credit card accounts or other accounting systems that utilise personal or confidential data.
  • this information includes the same or similar information to that contained on plastic cards to facilitate the sharing of a common numbering scheme.
  • authentication information may include one or more numbers identifying a specific financial institution and user account, and validity check information.
  • authentication information includes a unique number having a prefix, called the Bank Identification Number, which is a sequence of digits at the beginning of the number that determine the bank to which a number belongs. These are, at the time, the first six digits. Continuing the above example, the next nine digits of the unique number are the individual account number, and the final digit is a validity check code.
  • the authentication information may also include issue and expiration dates, as well as extra codes such as issue numbers and security codes.
  • Authentication unit 206 may also be configured to store information indicative of non-monetary accounts that require authentication or validation from time to time. Examples of such non-monetary accounts include Medicare accounts, private health insurance accounts, club memberships, frequent flyer accounts, awards programmes and other benefit and membership accounts. Further, in some embodiments, authentication unit 206 is configured to store personal information such as drivers' license and passport information. Authentication unit 206 may also be configured to store information relating to everyday-use type passes such as bus, train, ferry and other transport passes, airline check-in accounts and Cabcharge accounts.
  • FIGS 5 to 7 depict three alternative embodiments of how authentication unit 206 is implemented into mobile phone 202.
  • authentication unit 206 is a permanently connected independent hardware unit within mobile phone 202 such as a stand-alone IC chip or microprocessor chip.
  • authentication unit 206 is configured to communicate with a central processing unit 208 of mobile phone 202 to facilitate the transaction.
  • a central processing unit 208 of mobile phone 202 For example, in an embodiment using a smart phone, an application is available for receiving user input and displaying information regarding the transaction in process.
  • phone 202 is configured to display the account balance when the transaction is completed. In one embodiment the balance is automatically erased after a short period of time, e.g. 10 seconds, so that thieves cannot look up a user's balances on a stolen phone.
  • authentication unit 206 is implemented as software integrated into the central processing unit 208 of mobile phone 202 and the transaction procedure is fully software implemented through the existing hardware of mobile phone 202.
  • the account and authentication information is securely stored in a database 216 and selectively accessed through an application or App available on the phone.
  • authentication unit 206 is itself a removable card that is inserted and removed from mobile phone 202 through port 212. Once inserted, authentication unit 206 communicates with the central processing unit 208 of mobile phone 202. In future it is envisaged that new Nanoscale devices/Microchip Processors or Quantum Devices using quantum mechanical phenomena will come onto the market. In the embodiment of Figure 7, these devices can be easily incorporated into an authentication unit 206 that can be implemented into a mobile phone 202.
  • Authentication unit 206 includes non-volatile memory, such as a hard disk (optical disc, magnetic tape holographic memory, motherboard and such) or a solid state device, for storing the account and authentication information.
  • non volatile memory such as EEPROM, NVM or flash memory can be used, each having its own benefits and draw backs.
  • NVB is a solid-state chip that maintains stored data without any external power source. Its capacity is substantially larger than that of an EEPROM.
  • Mobile phone 202 is any conventional mobile phone, cell phone or smart phone having a wireless communication device 210.
  • wireless device 210 is a Bluetooth antenna.
  • wireless device 210 is a Wi-Fi antenna, passive or active radio frequency identification (RFID) device, Near Field Communication device or other wireless transmitting/receiving device.
  • RFID radio frequency identification
  • Mobile phone 202 also includes conventional features such as an interface 214 in the form of a keypad or a touch screen to receive user input, a display 216 to output information visually, a database 216 in the form of a memory device, and a SIM card reader 218 to receive conventional SIM cards.
  • mobile phone 202 in response to a request from transaction terminal 200, prompts a user to enter a password, through user input 216 and display 216, to access the information from authentication unit 206. If the entered password is correct, authentication unit 206 provides access to the information for transferral to transaction terminal 200 through the encrypted wireless communication link 204. Preferably, mobile phone 202 displays notifications throughout the authorization and transaction procedure on display 216 to keep the user updated on progress.
  • mobile phone 202 includes a port 212 adapted to receive a unique data storage card 218 or, in the case of the embodiment of Figure 7, to receive removable authentication unit 206.
  • Port 212 is preferably located on one outer face of phone 202. However, in alternative embodiments, port 212 is located beneath a removable protective panel, such as adjacent the battery of phone 202.
  • card 218 is in the form of a subscriber identity module (SIM) card having an integrated circuit 220 mounted therein.
  • SIM subscriber identity module
  • card 218 is a portable USB memory device or other type of data card or unit.
  • Card 218 is releasably insertable into mobile phone 202 to securely transfer account and authentication information to authentication unit 206.
  • Card 218 may be a self -powered active device or may be a passive device sourcing power from mobile phone 202.
  • each data storage card 218 preferably holds a unique serial number 222 assigned to it by the issuing institution. In one embodiment this number is a 128-bit security code used to authenticate unit 206 on a network. Serial number 222 is preferably also stored on a database on the issuers' network and is preferably initially concealed behind a scratch panel 224 for security purposes. Panel 224 can be removed by the user prior to use.
  • card 218 contains its unique serial number 220, internationally unique number of the mobile user, security authentication and ciphering information, temporary information related to the local network, a list of the services the user has access to and two passwords (PIN for usual use and PUK for unlocking).
  • card 218 has a length of about 25 mm and a width of about 15 mm, and has a truncated or chamfered corner 226 to prevent mis-insertion.
  • card 218 has a size known as the 3FF or micro-SIM, which has dimensions of 15 mm by 12 mm.
  • card 218 is approximately the same size but a different shape to conventional phone SIM cards to prevent mix-up of the slots.
  • Cards 218 are preferably supplied as a full- sized card with the smaller card held in place by a few plastic links; it can easily be broken off to be used in a device that uses the smaller SIM.
  • data storage card 218 incorporates volatile memory ensuring it can only be used to transfer data once.
  • data storage card 218 includes non- volatile memory and can be used multiple times.
  • card 218 includes an access password that must be entered before the account and authentication information can be transferred to the authentication unit 206 in the mobile phone 202.
  • each data storage card 218 contains account information relating to a single account, which is issued by a bank, Credit Card Company or other financial institution and initially uploaded to authentication unit 206 by inserting card 218 into port 212.
  • Authentication unit 206 is configured to store account and authentication information for multiple accounts, each of which is uploaded by individual storage cards 218. In this manner, to store account and authentication information relating to two separate accounts, two data storage cards are inserted into port 212 in succession.
  • This embodiment of the invention allows, for example, information relating to many credit cards, debit cards, healthcare cards, membership cards etc. to be maintained on authentication unit 206 of phone 202.
  • the phone manufacturer is required to manufacture phones having port 212 for receiving data storage cards 218.
  • the ports are preferably prepared to allow the insertion from the outside without removing the battery.
  • the phone manufacturer may also provide the internal software which allows pairing (linking) of the central processing unit 208 with the authentication unit 206, security of the chip and destruction of the chip's information if illegally removed.
  • authentication unit 206 is implemented as software integrated into the central processing unit 208 of mobile phone 202 (as in Figure 6) and the account and authentication information is uploaded directly to authentication unit 206 by wireless communication to phone 202.
  • a financial institution might offer a secure wireless link to phone 202 in order to upload the account and authentication information to authentication unit 206 for future secure wireless transactions.
  • uploading of the account and authentication information may occur via wireless communication between phone 202 and another device such as a personal computer or another phone, or may be downloaded to phone 202 by the internet (such as through a 3G network).
  • no hardware modifications need to be made to phone 202, such as manufacturing a phone having port 212.
  • a financial institution issues a data storage card 218 to a user, say through the mail. That institution may optionally provide one or more activation number, PIN or telephone PIN which is preferably sent to the user by separate means to card 218 to ensure safety. Further, access to the specific account and authentication information on authentication unit 206 may be made through a call, e- mail or the like to the issuing institution.
  • the account information is transferred to the authentication unit 206 by waving the card in front of the authentication unit or by decoding a photo of a 2 D code.
  • PIN Personal Identification Number
  • the account and authentication information is encrypted for later verification of transactions.
  • the account and authentication information is erased from card 218, which cannot be used again. Card 218 can then be safely discarded. If the mobile phone 202 is lost or stolen, the codes can be blocked by the card issuer, similar to how stolen credit cards are blocked today.
  • the user may also be required to download and install software to access the authentication unit 206 from the phone 202.
  • This software may be available, for example, through a client website or as an application such as an iPhone or Smartphone app. However, in some embodiments, this software is pre-installed on phone 202.
  • the software or application may provide functionality for managing accounts. For example, an interface may be provided for updating authentication information, adding new accounts or removing old accounts.
  • security for each linked account can be set, changed and managed through the software or application. Security may be set to a high level wherein each account linked to phone 202 has individual security codes and settings, or a low level wherein a single access code is used to access all linked accounts.
  • the authentication unit 206 or related software is configured to remember certain patterns of transaction use and adjust security setting accordingly. For example, if a regular transaction of purchasing petrol occurs at a familiar location or at a familiar time, security settings may be reduced to more efficiently facilitate the transaction. Conversely, if a new and unfamiliar transaction occurs, such as at a location far from typical transactions, then security settings may be increased to restrict unauthorised use. Examples of increased security may include the requirement to show photo identification or other identification at the transaction, provide a personal signature, answer a predetermined question or input a second or different password. This feature of dynamic security can be activated or deactivated through software or an application.
  • the need for use of card 218 can be circumvented by initially activating authentication unit 206 wirelessly.
  • a user brings phone 202 into a financial institution having a wireless network.
  • the user can connect to that wireless network to activate or sync the authentication unit 206 with the user's account from that institution.
  • a 2-D input code may be transmitted to phone 202 through the wireless network from the financial institution. Correct inputting of this code syncs the account information with the authentication unit 206.
  • a user may be sent an activation code through e-mail.
  • account and authentication information can be uploaded to authentication unit simply by bringing card 218 into a predetermined proximity with phone 202, which reads the account information wirelessly in the same manner as a card chip reader.
  • authentication unit 206 may be authenticated using a mobile tagging process.
  • a credit card company or financial institution sends a user a two dimensional barcode image which can be captured with a camera implemented into phone 202. Processing or rendering of the barcode image using appropriate software reveals a unique code to be input for activation of a specific account for use with the authentication unit 206.
  • the mobile phone 202 including the authentication unit 206 can then be used in an encrypted wireless network or link at a point of sale transaction terminal 200 without leaving the control of the user.
  • the phone can be used by swiping it past a transaction terminal 200 or placing it within a predetermined proximity to transaction terminal 200, such as a POS terminal or ATM, to pay for goods and or receive money from the ATM.
  • the issuing bank or merchant establishes for terminal 200 a local hotspot or allows ad-hoc mode wireless contact by swiping the phone close to the terminal.
  • the transaction makes use of a secure system such as PayPal for increased security.
  • additional security measures such as a fingerprint scan or eye scan may be implemented for authenticating a transaction.
  • authentication unit 206 communicates wirelessly with a local card chip reader attached to a personal computer, say by USB connection.
  • the user can authenticate online transactions simply by bringing phone 202 into proximity with the card chip reader device. For example, when purchasing a product over the internet, via a seller's online store, the user may be prompted to provide their account or credit card details to effect the purchase. At this point, the user can swipe or bring their phone or other electronic device near the reader device to provide their details to the online seller. This has the advantage of the security of the wireless transaction, as described above, in addition to the online security provided by the seller. Another advantage is the time saved simply by passing the phone near the reader, rather than manually entering account or credit card details.
  • phone 202 prompts the user for a password or similar security measure. Additionally the merchant terminal may request a different code or signature. In these embodiments, the PIN or password is simply typed into phone 202 to verify the transaction.
  • Figure 9 shows an example set of instructions for initially uploading account and authentication information to authentication unit 206 from a data access card 218 and how to use the paired device at a transaction terminal 200 to carry out a secure transaction.
  • the card issuer sends a new one-use-only chip. This way there is only one device at any one time that works with the transactions of one specific account/card.
  • a large number of different accounts/cards can be individually read into the authentication unit 206, just as people carry any number of credit cards in their wallets today.
  • Individual account and authentication information stored on the authentication unit can also be deleted if an account is closed.
  • phone 202 prompts the user to select the desired account for which the transaction is to be carried out.
  • phones are capable of communicating between each other to transmit and receive payments between users. In this manner, two users can bring their phones into close proximity and securely transfer money to one another through linked bank accounts.
  • the invention can provide additional functionality to transfer information via phone 202 using e-mail, SMS, MMS or future similar systems such as quantum, nano or optic devices. Once paired or linked with phone 202, all data are available on the phone without the need to provide additional input.
  • the present invention provides for integrating and pairing a target device, such as a mobile phone or PDA, with a transaction authentication unit to provide easy payments, transactions or access to money through the target device in a secure and convenient way.
  • a target device such as a mobile phone or PDA
  • a transaction authentication unit to provide easy payments, transactions or access to money through the target device in a secure and convenient way.
  • the required information to carry out a secure transaction is sent to a merchant's transaction terminal by phone or computer by using a simple application and/or entering a password number. Since the authorisation number (such as a credit card number) does not need to be typed or remembered, it can be made from a larger number of digits or even mixes of numbers and letters to increase security.
  • the present invention acts as an electronic verification system integratable into a mobile phone or other electronic device (target device) to establish communication between the target device and a transaction terminal.
  • target device electronic device
  • the invention combines the two commonly used items of mobile phones/computers and plastic credit/debit cards to provide ease of carrying both as one. The main benefits to the customer are convenience and increased security.
  • the present invention also adds convenience to the merchant, as they can verify in a few seconds whether the transaction is valid and the user has sufficient credit or debit to cover the purchase.
  • mobile phone is used to refer to portable telecommunication devices including, cellular phones, smart phones, satellite phones, 3G capable devices and other related devices.
  • processor may refer to any device or portion of a device that processes electronic data, e.g., from registers and/or memory to transform that electronic data into other electronic data that, e.g., may be stored in registers and/or memory.
  • a "computer” or a “computing machine” or a “computing platform” may include one or more processors.
  • the methodologies described herein are, in one embodiment, performable by one or more processors that accept computer-readable (also called machine-readable) code containing a set of instructions that when executed by one or more of the processors carry out at least one of the methods described herein.
  • processors capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken are included.
  • processors may include one or more of a CPU, a graphics processing unit, and a programmable DSP unit.
  • the processing system further may include a memory subsystem including main RAM and/or a static RAM, and/or ROM.
  • a bus subsystem may be included for communicating between the components.
  • the processing system further may be a distributed processing system with processors interconnected by a network. If the processing system requires a display, such a display may be included, e.g., a liquid crystal display (LCD) or a cathode ray tube (CRT) display. If manual data entry is required, the processing system also includes an input device such as one or more of an alphanumeric input unit such as a keyboard, a pointing control device such as a mouse, and so forth.
  • LCD liquid crystal display
  • CRT cathode ray tube
  • the term memory unit as used herein also encompasses a storage system such as a disk drive unit.
  • the processing system in some configurations may include a sound output device, and a network interface device.
  • the memory subsystem thus includes a computer-readable carrier medium that carries computer-readable code (e.g., software) including a set of instructions to cause performing, when executed by one or more processors, one of more of the methods described herein. Note that when the method includes several elements, e.g., several steps, no ordering of such elements is implied, unless specifically stated.
  • the software may reside in the hard disk, or may also reside, completely or at least partially, within the RAM and/or within the processor during execution thereof by the computer system.
  • the memory and the processor also constitute computer-readable carrier medium carrying computer-readable code.
  • a computer-readable carrier medium may form, or be included in a computer program product.
  • the one or more processors operate as a standalone device or may be connected, e.g., networked to other processor(s), in a networked deployment, the one or more processors may operate in the capacity of a server or a user machine in server-user network environment, or as a peer machine in a peer-to-peer or distributed network environment.
  • the one or more processors may form a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a network router, switch or bridge, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine.
  • PC personal computer
  • PDA Personal Digital Assistant
  • each of the methods described herein is in the form of a computer-readable carrier medium carrying a set of instructions, e.g., a computer program that is for execution on one or more processors, e.g., one or more processors that are part of web server arrangement.
  • a computer-readable carrier medium carrying computer readable code including a set of instructions that when executed on one or more processors cause the processor or processors to implement a method.
  • aspects of the present invention may take the form of a method, an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects.
  • the present invention may take the form of carrier medium (e.g., a computer program product on a computer-readable storage medium) carrying computer-readable program code embodied in the medium.
  • the software may further be transmitted or received over a network via a network interface device. While the carrier medium is shown in an exemplary embodiment to be a single medium, the term "carrier medium" should be taken to include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) that store the one or more sets of instructions.
  • carrier medium shall also be taken to include any medium that is capable of storing, encoding or carrying a set of instructions for execution by one or more of the processors and that cause the one or more processors to perform any one or more of the methodologies of the present invention.
  • a carrier medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media.
  • Non- volatile media includes, for example, optical, magnetic disks, and magneto-optical disks.
  • Volatile media includes dynamic memory, such as main memory.
  • Transmission media includes coaxial cables, copper wire and fiber optics, including the wires that comprise a bus subsystem. Transmission media may also take the form of acoustic or light waves, such as those generated during radio wave and infrared data communications.
  • carrier medium shall accordingly be taken to included, but not be limited to, solid-state memories, a computer product embodied in optical and magnetic media; a medium bearing a propagated signal detectable by at least one processor of one or more processors and representing a set of instructions that, when executed, implement a method; a carrier wave bearing a propagated signal detectable by at least one processor of the one or more processors and representing the set of instructions a propagated signal and representing the set of instructions; and a transmission medium in a network bearing a propagated signal detectable by at least one processor of the one or more processors and representing the set of instructions.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne des systèmes et des procédés permettant de réaliser une transaction de façon sécurisée. Un aspect de l'invention concerne un système permettant de réaliser une transaction en toute sécurité entre un terminal de transaction (200) et un dispositif cible (202), tel qu'un téléphone portable ou un assistant personnel (PDA). Le dispositif (202) comprend un dispositif de communication sans fil, permettant de communiquer avec le terminal de transaction (200). Le dispositif (202) est configuré pour établir une liaison de communication cryptée sans fil (204) avec le terminal de transaction (200) lorsque le dispositif (202) se trouve dans une plage prédéfinie du terminal de transaction (202). Une fois que le téléphone (202) est relié au terminal de transaction (200) par le biais de la liaison de communication (204), une transaction sécurisée est effectuée.
PCT/AU2011/001302 2010-10-14 2011-10-13 Systèmes et procédés de réalisation sécurisée de transactions WO2012048373A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
AU2010904591A AU2010904591A0 (en) 2010-10-14 Novel method of integrating (linking) one or more special purpose designed devices with a target device - enabling easy and secure financial transactions
AU2010904591 2010-10-14
AU2011200063 2011-01-07
AU2011200063A AU2011200063B1 (en) 2010-10-14 2011-01-07 Systems and methods of securely carrying out transactions

Publications (1)

Publication Number Publication Date
WO2012048373A1 true WO2012048373A1 (fr) 2012-04-19

Family

ID=45398560

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2011/001302 WO2012048373A1 (fr) 2010-10-14 2011-10-13 Systèmes et procédés de réalisation sécurisée de transactions

Country Status (2)

Country Link
AU (1) AU2011200063B1 (fr)
WO (1) WO2012048373A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105074746A (zh) * 2013-03-26 2015-11-18 邵通 一种两次近程连接安全支付的装置、方法和系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5991749A (en) * 1996-09-11 1999-11-23 Morrill, Jr.; Paul H. Wireless telephony for collecting tolls, conducting financial transactions, and authorizing other activities
US20080167017A1 (en) * 2007-01-09 2008-07-10 Dave Wentker Mobile payment management
US20100049615A1 (en) * 2008-01-24 2010-02-25 Qualcomm Incorporated Mobile commerce authentication and authorization system
US20100051685A1 (en) * 2008-09-03 2010-03-04 First Data Corporation Enabling consumer choice on contactless transactions when using a dual-branded payment instrument

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003017128A1 (fr) * 2001-08-13 2003-02-27 Exclaim Enterprises, Inc. Procede et appareil pour le partage de donnees electroniques
US20030055785A1 (en) * 2001-09-20 2003-03-20 International Business Machines Corporation System and method for electronic wallet transactions
US7707113B1 (en) * 2007-09-28 2010-04-27 Sprint Communications Company L.P. Method and system for setting levels of electronic wallet security

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5991749A (en) * 1996-09-11 1999-11-23 Morrill, Jr.; Paul H. Wireless telephony for collecting tolls, conducting financial transactions, and authorizing other activities
US20080167017A1 (en) * 2007-01-09 2008-07-10 Dave Wentker Mobile payment management
US20100049615A1 (en) * 2008-01-24 2010-02-25 Qualcomm Incorporated Mobile commerce authentication and authorization system
US20100051685A1 (en) * 2008-09-03 2010-03-04 First Data Corporation Enabling consumer choice on contactless transactions when using a dual-branded payment instrument

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105074746A (zh) * 2013-03-26 2015-11-18 邵通 一种两次近程连接安全支付的装置、方法和系统

Also Published As

Publication number Publication date
AU2011200063B1 (en) 2011-06-23

Similar Documents

Publication Publication Date Title
US9904800B2 (en) Portable e-wallet and universal card
US20190303945A1 (en) Smartcard Payment System and Method
US10275758B2 (en) System for secure payment over a wireless communication network
US9177241B2 (en) Portable e-wallet and universal card
US9473295B2 (en) Virtual transportation point of sale
US20140164154A1 (en) Payment initiation and acceptance system
US20130024372A1 (en) Portable e-wallet and universal card
CN105493116A (zh) 用于提供支付凭证的方法和系统
CN105593886A (zh) 用于执行本地交易的方法和设备
AU2013289925A1 (en) Virtual transportation point of sale
US20170169424A1 (en) Delegation of transactions
US20190378115A1 (en) Electronic payment apparatus
WO2012048373A1 (fr) Systèmes et procédés de réalisation sécurisée de transactions
EP2873024B1 (fr) Point de vente de transport virtuel
Pourghomi et al. Cloud-based NFC Mobile Payments

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11831847

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11831847

Country of ref document: EP

Kind code of ref document: A1