WO2013063166A1 - System for offline processing of purchases - Google Patents

System for offline processing of purchases Download PDF

Info

Publication number
WO2013063166A1
WO2013063166A1 PCT/US2012/061756 US2012061756W WO2013063166A1 WO 2013063166 A1 WO2013063166 A1 WO 2013063166A1 US 2012061756 W US2012061756 W US 2012061756W WO 2013063166 A1 WO2013063166 A1 WO 2013063166A1
Authority
WO
WIPO (PCT)
Prior art keywords
smart card
computer
transaction
mobile communication
communication device
Prior art date
Application number
PCT/US2012/061756
Other languages
English (en)
French (fr)
Inventor
Michael William SPRINGER
Fan Jiang
Aneto Pablo OKONKWO
Malgorzata Monika LISOWIEC
Patrick Pui Wah LEUNG
Original Assignee
Google Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/280,209 external-priority patent/US20130103523A1/en
Priority claimed from US13/280,231 external-priority patent/US20130103524A1/en
Application filed by Google Inc. filed Critical Google Inc.
Priority to BR112014009765A priority Critical patent/BR112014009765A2/pt
Priority to AU2012244201A priority patent/AU2012244201B2/en
Priority to IN3582CHN2014 priority patent/IN2014CN03582A/en
Publication of WO2013063166A1 publication Critical patent/WO2013063166A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/105Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • G06Q20/3415Cards acting autonomously as pay-media
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3676Balancing accounts

Definitions

  • the present disclosure relates generally to near field communication (NFC) enabled smart cards and, more particularly, to methods and systems for offline processing of purchases using NFC smart cards.
  • NFC near field communication
  • NFC Near Field Communication
  • GSM Global System for Mobile Communications
  • RFID Radio frequency identification
  • NFC communication generally is conducted in a range from about 3 to about 4 inches. Such short communication distances enable secure communication between close field proximity enabled devices.
  • a user "taps" a device, such as an NFC-enabled mobile phone or NFC-enable smart card, to a reader.
  • the reader recognizes the NFC-enabled device when the device is moved within range of the reader, establishes a secure communication channel with the device, and initiates a payment transaction between the reader and the device.
  • Smart cards are devices with an embedded integrated circuit (for example, a microprocessor and/or memory) for use as storage of data.
  • Smart cards typically are credit card sized electronic devices that have a variety of uses and can be utilized in any transaction that involves the exchange of data or information.
  • Smart card technology has been particularly useful in financial transaction systems.
  • Smart cards generally do not include a data entry device for direct entry of data. Instead, a smart card is used in conjunction with a card reader and/or an input device.
  • a smart card is linked to a financial account or contains financial account information. Consequently, when the smart card is used, the reader receives the financial account information and conducts a debit transaction from the financial account, requiring network access to process the on-line transaction.
  • Such conventional smart cards are inoperable when access to a network or to specific computers on the network is not available.
  • a method of allowing offline processing of purchases can include a contactless device that facilitates automatic, convenient, and secure communications with a smart card.
  • the user taps the smart card in the contactless device's radio frequency field.
  • the contactless device and the smart card establish a secure communication channel. Once a secure communication channel is established, the smart card transmits its transaction history to the contactless device.
  • the contactless device transmits this transaction history to a remote system that analyzes the transactions. If the smart card is new, the contactless device may create a remote system account and/or register the card.
  • the user may deposit funds onto the smart card using the contactless device, wherein a merchant operating the contactless device enters the deposit information onto the contactless device and transmits a request to the remote system.
  • the remote system processes the request and transmits a deposit record to the contactless device, which in turn transmits the deposit record to the smart card.
  • the user also may withdrawal funds from the smart card using a contactless device, wherein the merchant device determines whether the smart card has a sufficient balance available.
  • the contactless device reads the current sum of deposits and the current sum of withdrawals from the smart card and calculates the balance by subtracting the sum of withdrawals from the sum of deposits. If the balance is a number greater than or equal to the current transaction cost, the transaction is authorized. If sufficient balance is available, the contactless device transmits a withdrawal record to the smart card.
  • the contactless device stores the smart card transaction history until it has network access. At that time, it transmits the transaction history to the remote system.
  • Figure 1 is a block diagram depicting a system for processing an offline purchase initiated by a tap of a smart card with a contactless device and/or card reader according to an exemplary embodiment.
  • Figure 2 is a block flow diagram depicting a method for processing a deposit of funds to a smart card via a contactless device according to an exemplary embodiment.
  • Figure 3 is a block flow diagram depicting a method for depositing funds to a smart card via a contactless device according to an exemplary embodiment.
  • Figure 4a is a block flow diagram depicting a method for creating a remote system user account for association with a smart card account according to an exemplary embodiment.
  • Figure 4b is a block flow diagram depicting a method for activating a new smart card without associating the smart card with a remote system user account according to an exemplary embodiment.
  • Figure 5 is a block flow diagram depicting a method for processing a withdrawal of funds from a smart card via a contactless device according to an exemplary embodiment.
  • Figure 6 is a block flow diagram depicting a method for determining a balance of funds on a smart card according to an exemplary embodiment.
  • Figure 7 is a block flow diagram depicting a method for synchronizing smart card transactions on a remote system according to an exemplary embodiment.
  • the exemplary embodiments provide methods and systems that enable users to utilize offline processing of purchases with a smart card and a card reader.
  • the user taps the smart card in the radio frequency field of the contactless device, such as a card reader.
  • the contactless device and the smart card establish a secure communication channel. Once a secure communication channel is established, the smart card transmits its transaction history to the contactless device. If network access is available, the contactless device transmits this transaction history to a remote system that analyzes the transactions. If the smart card is new, the contactless device may create an account and/or register the card.
  • the user may deposit funds onto the smart card using the contactless device.
  • a merchant operating the contactless device enters deposit information onto the contactless device, based on funds provided by a user of the smart card to the merchant.
  • the contactless device transmits a request to the remote system.
  • the remote system processes the request and calculates a new sum of deposits.
  • the remote system then transmits a deposit record to the contactless device.
  • the contactless device transmits the deposit record to the smart card, and the secure communication channel is then terminated.
  • the user also may withdraw funds from the smart card using the contactless device.
  • the merchant determines whether the smart card has a sufficient balance available for a purchase transaction by using the contactless device to read the current sum of deposits and the current sum of withdrawals from the smart card.
  • the contactless device then calculates the balance by subtracting the sum of withdrawals from the sum of deposits. If the balance is a number greater than or equal to the current transaction cost, the transaction is authorized. If sufficient balance is available, the contactless device processes a debit transaction to debit the current transaction cost from the current sum of withdrawals.
  • the contactless device transmits a withdrawal record to the smart card indicating the transaction cost debited from the smart card and the new sum of withdrawals.
  • a withdrawal transaction may be performed without network access. In this instance, the contactless device stores the smart card transaction history until it has network access. At that time, the contactless device transmits the transaction history to the remote system.
  • One or more aspects of the invention may comprise a computer program that embodies the functions described and illustrated herein, wherein the computer program is implemented in a computer system that comprises instructions stored in a machine-readable medium and a processor that executes the instructions.
  • the invention should not be construed as limited to any one set of computer program instructions.
  • a skilled programmer would be able to write such a computer program to implement an embodiment of the disclosed invention based on the appended flow charts and associated description in the application text. Therefore, disclosure of a particular set of program code instructions is not considered necessary for an adequate understanding of how to make and use the invention.
  • FIG. 1 is a block diagram depicting a system 100 for processing an offline purchase initiated by a tap of a smart card 110 with a contactless device 120, comprising a card reader 150, according to an exemplary embodiment.
  • the exemplary operating environment 100 includes a merchant contactless device system 120 and a user smart card system 110 that are configured to communicate with one another via one or more secure communication channels 130.
  • the exemplary operating environment 100 also includes a remote computer system 160 that is configured to communicate with the merchant contactless device system 120 via one or more networks 140.
  • the secure communication channel 130 can comprise communication via a close proximity communication protocol, such as near field communication (NFC), Bluetooth, or Wi-Fi, using appropriate protocols corresponding to those communication methods.
  • a close proximity communication protocol such as near field communication (NFC), Bluetooth, or Wi-Fi
  • the secure communication channel 130 can comprise a cellular network.
  • NFC communication protocols include, but are not limited to ISO/IEC 14443 type A and/or B technology (hereafter “ISO 14443”), MIFARE technology (hereafter “MIFARE”), and/or ISO/IEC 18092 technology (hereafter “ISO 18092”).
  • ISO 14443 is a communication protocol for contactless devices operating in close proximity with a reader.
  • An ISO 14443 communication protocol is utilized for secure card payments, including but not limited to credit card payments, debit card payments, and other forms of financial card payments.
  • MIFARE is a communication protocol for contactless devices that comply with proprietary device standards that are based on ISO 14443.
  • a MIFARE protocol is utilized for stored function transactions, including but not limited to gift cards, transit cards, tickets, access cards, loyalty cards, and other forms of stored value card transactions.
  • a MIFARE protocol may also be used for limited value-added services.
  • ISO 18092 is a communication protocol for contactless devices operating at higher bit rates, allowing for richer communication between the devices.
  • An ISO 18092 communication protocol is utilized for peer-to-peer communication, value-added services (including, but not limited to, coupons, loyalty cards, check-ins, membership cards, gift cards, and other forms of value-added services), and other forms of richer communication.
  • Any suitable NFC communication protocol can be used for NFC communication between the smart card 110 and the contactless device 120 to implement the methods and functionality described herein.
  • the contactless device system 120 can refer to a smart device that can communicate via an electronic, magnetic, or radio frequency field between the device 120 and another device, such as a smart card 110.
  • the contactless device 120 has processing capabilities, such as storage capacity/memory and one or more applications 122 that can perform a particular function.
  • the contactless device 120 contains an operating system (not illustrated) and user interface 121.
  • Exemplary contactless devices 120 include smart phones; mobile phones; personal digital assistants (PDAs); mobile computing devices, such as netbooks, tablets, and iPads; laptops; and other devices, in each case having processing and user interface functionality.
  • the contactless device 120 also comprises a secure element, which can exist within a removable smart chip or a secure digital (SD) card or which can be embedded within a fixed chip on the device 120.
  • SIM Subscribed Identity Module
  • the secure element 126 allows a software application 122 resident on the device 120 and accessible by the device user to interact securely with certain functions within the secure element 126, while protecting information stored within the secure element.
  • the secure element 126 comprises applications 127 running thereon that perform the functionality described herein.
  • the secure element 126 includes components typical of a smart card, such as crypto processors and random generators.
  • the secure element 126 comprises a Smart MX type NFC controller 124 in a highly secure system on a chip controlled by a smart card operating system, such as a JavaCard Open Platform (JCOP) operating system.
  • the secure element 126 is configured to include a non-EMV type contactless smart card, as an optional implementation.
  • the secure element 126 communicates with the controller 124 and the application 122 in the contactless device 120.
  • the secure element 126 is capable of storing encrypted user information and only allowing trusted applications to access the stored information.
  • the controller 124 interacts with a secure key encrypted application 122 for decryption and installation in the secure element 126.
  • the controller 124 is a Bluetooth link controller.
  • the Bluetooth link controller may be capable of sending and receiving data, identifying the smart card 110, performing authentication and ciphering functions, and directing how the contactless device 120 will listen for transmissions from the smart card 110 or configure the contactless device 120 into various power-save modes according to the Bluetooth-specified procedures.
  • the controller 124 is a Wi-Fi controller or an NFC controller capable of performing similar functions.
  • the application 122 is a program, function, routine, applet or similar entity that exists on and performs its operations on a contactless device 120.
  • the application 122 may be one or more of an offline payment application, a digital wallet application, a coupon application, a loyalty card application, another value-added application, a user interface application, or other suitable application operating on the contactless device 120.
  • the secure element 126 also may comprise secure contactless software applications, such as an offline payment or other payment applications, secure forms of the applications 122, authentication applications, payment provisioning applications, or other suitable application using the secure functionality of the secure element.
  • the contactless device 120 communicates with the smart card 110 via an antenna 128.
  • the controller 124 is notified of the state of readiness of the contactless device 120 for a transaction.
  • the controller 124 outputs through the antenna 128 a radio signal, or listens for radio signals from the smart card 110.
  • the contactless device 120 may request a list of applications 115 available from the smart card 110. A directory is first displayed, after which, based on the set priority or the type of smart card 110, an application 115 and 122 are chosen and initiated for the transaction.
  • An exemplary smart card 110 can refer to a smart device that can communicate via an electronic, magnetic or radio frequency field between the card 110 and another device, such as a contactless device 120 or a card reader 150.
  • the smart card 110 has processing capabilities, such as storage capacity/memory 113 and one or more applications 115 that can perform a particular function.
  • the smart card also has an NFC enabled chip (not illustrated) implemented, either independently or on existing components, within the smart card 110.
  • Exemplary smart cards 110 may include MIFARE cards, stored value memory cards, and other types of memory cards.
  • the memory 113 and application 115 may be implemented in a secure element, as described previously, on the smart card 110.
  • the smart card 110 also may contain one or more secrete keys that control access to the information contained in the memory 113.
  • security measures can include password keys and logic that are hard-coded into the smart card 110 by the manufacturer.
  • the card reader 150 may be a component of the contactless device 120.
  • the card reader 150 is a contactless device application 122, wherein information exchanged with the smart card 110 via the secure communication channel 130 and antenna 128 is processed via the application 122.
  • the card reader 150 may be a separate standalone device that communicates with the smart card 110 via one or more secure communication channels 130 and with the contactless device 120.
  • the card reader 150 can refer to a device that can communicate via an electronic, magnetic, or radio frequency field between the card reader 150 and another device, such as the smart card 110 and/or the contactless device 120.
  • the card reader 150 passes information between the smart card 110 and the contactless device 120.
  • the contactless device 120 may be a computer that does not have contactless NFC functionality, such as a desktop computer, server computer, laptop computer, mobile computing device (such as a mobile telephone, tablet computer, or smart phone), or other non-NFC enabled device.
  • the card reader 150 has processing capabilities, such as storage capacity/memory and one or more applications 155 that can perform a particular function.
  • the card reader 150 contains an operating system (not illustrated) and user interface (not illustrated).
  • the card reader 150 is communicatively coupled to the contactless device 120 via a direct connection, via one or more secure communication channels 130, or via a network 140 (connection not illustrated).
  • the contactless device 120 may be communicatively coupled to the remote system 160 via a network 140.
  • the card reader 150 is also communicatively coupled to the remote system 160 via a network 140.
  • the network 140 comprises a telecommunication means by which network devices (including devices 120, 150, and 160) can exchange data.
  • the network 140 can be implemented as, or may be a part of, a storage area network (SAN), personal area network (PAN), local area network (LAN), a metropolitan area network (MAN), a wide area network (WAN), a wireless local area network (WLAN), a virtual private network (VPN), an intranet, the Internet, Bluetooth, NFC or any other appropriate architecture or system that facilitates the communication of signals, data and/or messages (generally referred to as data).
  • SAN storage area network
  • PAN personal area network
  • LAN local area network
  • MAN metropolitan area network
  • WAN wide area network
  • WLAN wireless local area network
  • VPN virtual private network
  • intranet the Internet
  • Bluetooth Bluetooth
  • NFC any other appropriate architecture or system that facilitates the communication of signals, data and/or messages
  • the contactless device 120 may connect to network 140 via a wired connection.
  • the connection may be a wired universal serial bus (USB) or Ethernet connection.
  • the contactless device 120 may connect to the network via a wireless connection.
  • the connection may be a Wi-Fi or Bluetooth connection to a hotspot that has a wired/wireless Internet connection (for example, MiFi), or any other wired or wireless connection suitable for communicating signals with network 140.
  • the connection may be a cellular network connection.
  • the exemplary remote system 160 enables storage of smart card 110 account information.
  • the user (not illustrated) creates a user account with the remote system 160 and registers a smart card 110.
  • the remote system stores the smart card 110 data, including a history of all the card transactions, for example, each deposit of funds and each withdrawal of funds.
  • the remote system 160 analyzes the transaction history to identify missing data or possible errors.
  • Figure 2 is a block flow diagram depicting a method for processing a deposit of funds to a smart card 110 via a contactless device 120 according to an exemplary embodiment. The method 200 is described with reference to the components illustrated in Figure 1.
  • a deposit transaction must be authorized by the remote system 160.
  • the contactless device 120 has network 140 access, to provide such authorization.
  • the user "taps" the smart card 110 in the proximity of the contactless device 120.
  • the contactless device 120 generates a radio frequency (RF) or other field polling for the presence of a smart card 110, and the user "taps" the smart card 110 by placing the card 110 within the field of the contactless device 120.
  • the merchant activates the RF field or other field to poll for the presence of a smart card 110 using an application 122 on the contactless device 120.
  • the systems and methods described in Figures 2-3 herein are performed while the smart card 110 is tapped.
  • the contactless device 120 detects the smart card 110 and establishes a secure communication channel 130 in block 220.
  • the secure communication channel 130 is an NFC communication channel.
  • the contactless device 120 identifies the smart card 110.
  • the contactless device 120 requests protocols and characteristics from the smart card.
  • the contactless device may request the identification of communication protocols (for instance ISO/IEC 14443, MIFARE, and/or ISO/IEC 18092), a list of applications 115 available, card identification information (for instance card number), and security protocols from the smart card 110.
  • the contactless device reads the information from the smart card 110 or the smart card 110 otherwise responds with the requested information.
  • the contactless device 120 determines whether the smart card 110 is a new or existing card, in block 240. For example, the contactless device 120 may communicate information from the smart card 110 to the remote system 160, which maintains a database of all smart cards. The remote system 160 may respond with information regarding the smart card 110, such as whether the smart card 110 is an existing card registered with the remote system 160 or the smart card 110 is a new card that has not been registered to a user. If the smart card 110 is new, the new card is activated and/or a new account is created at block 245. The method for creating a new smart card account is described in more detail hereinafter with reference to the methods described in Figures 4a and 4b.
  • the smart card 110 transmits the entire saved transaction history from its memory 113 to the contactless device 120, in block 250. In an exemplary embodiment, the smart card 110 transmits all deposit and withdrawal transactions to the contactless device 120. If the amount of the transactions exceeds the storage/memory 113 capabilities of the smart card 110, the oldest transactions are dropped from the smart card memory 113. In an exemplary embodiment, the smart card 110 alternatively or additionally transmits the sum of deposits and the sum of withdrawals for all previous transactions to the contactless device 120.
  • the contactless device 120 transmits the smart card 110 transaction history to the remote system 160.
  • the deposit transaction occurs when the contactless device 120 has network 140 access, allowing for simultaneous transmission of the smart card 110 transaction history to the remote system 160.
  • the smart card 110 transaction history is stored on the contactless device 120 and transmitted to the remote system 160 at a later time after the completion of the deposit of funds via a wireless or wired network connection 140.
  • block 270 occurs immediately after the transmission of the transactions to the remote system 160.
  • block 270 occurs at a later time or at a set durational time period (for example, every 24 hours). The method 270 of synchronizing smart card 110 transactions on the remote system 160 is described in more detail hereinafter with reference to the methods described in Figure 7.
  • the contactless device 120 deposits funds onto the smart card
  • the method 200 then proceeds to block 290 in which the secure communication channel 130 between the smart card 110 and the contactless device 120 is terminated.
  • Figure 3 is a block flow diagram depicting a method for depositing funds to a smart card 110 via a contactless device 120 according to an exemplary embodiment, as referenced in block 280 of Figure 2.
  • the method 280 is described with reference to the components illustrated in Figure 1.
  • the user pays the merchant for the deposit of funds.
  • the payment is a cash payment.
  • the payment is a credit card payment or other electronic payment.
  • payment may be made using a contactless tap of the credit card to the contactless device or by swiping the credit card or other card with a credit card reader.
  • the merchant enters the deposit information into the contactless device 120, in block 320.
  • the merchant enters the deposit information with the user interface 121 of the contactless device.
  • a pop-up window appears after the smart card 110 transaction history is transmitted to the remote system 160.
  • the merchant accesses an application 122 to enter the deposit information.
  • the contactless device transmits a deposit request to the remote system 160 via a network 140.
  • the deposit request includes the deposit amount, smart card 110 identification information, a timestamp, and the merchant identification.
  • the remote system 160 updates an account associated with the smart card 110 to include the deposit of funds and calculates a new sum of deposits for the smart card 110, in block 340.
  • the remote system 160 can maintain an account for each smart card 110.
  • Each account for a particular smart card 110 can comprise one or more of information maintained on the smart card 110, user registration information, transaction history, and other information for maintaining the smart card 110.
  • the remote system 160 can store each account record in the database 161.
  • the remote system 160 transmits a deposit record to the contactless device 120.
  • the contactless device 120 then transmits the deposit record to the smart card 110, in block 360.
  • the deposit record includes the new sum of deposits, the card identification, a time stamp and a merchant identification.
  • the user may deposit funds to the remote system
  • the user makes a payment of funds to the remote system 160, and the remote system 160 associates the funds with the account corresponding to the particular smart card 110 in the possession of the user, based on identification information of the smart card 110.
  • the user can deposit funds to the remote system 160 using any electronic payment method accepted by the remote system 160 and available to the user via the computer operated by the user.
  • the funds are not stored on the smart card 110 until the user taps the smart card 110 with a contactless device 120, where the contactless device 120 has communication access with the remote system 160 via the network 140.
  • Blocks 310-340 may be omitted from the method 280, and the funds may be deposited on the smart card 110 by following blocks 350-360 upon identification of the smart card 110 to the remote system 160 by the contactless device 120. For example, after the transaction history is communicated to the remote system 160 at block 260, the remote system 160 transmits a deposit record to the contactless device 120 at block 350.
  • Figure 4a is a block flow diagram depicting a method 245a for creating a remote system 160 user account for association with a smart card 110 according to an exemplary embodiment, as referenced in block 245 of Figure 2. The method 245a is described with reference to the components illustrated in Figure 1.
  • the contactless device 120 detects the smart card
  • the contactless device 120 identifies the smart card 110, in block 230.
  • the contactless device 120 determines whether the smart card 110 is a new or existing card, in block 240.
  • a new account is created at block 245.
  • the user creates a new user account or logs into an existing account via the remote system 160, with which the smart card 110 will be associated.
  • the method 245a depicted in Figure 4a describes associating a new smart card with a new or existing user account at the remote system 160.
  • the user activates a new smart card
  • the contactless device 120 determines whether the user has a remote system 160 account.
  • the user signs into the account via the contactless device 120, in block 420.
  • the user utilizes the user interface 121 of the contactless device 120 to communicate with the remote system 160 to access the user's account.
  • the user may input a personal identification number or other identifying and/or authentication information to identify and access the user's account at the remote system 160.
  • the user may create a new account via the contactless device 120, in block 430.
  • the user utilizes the user interface 121 of the contactless device 120 to communicate with the remote system 160 to create an account.
  • the user may be prompted to enter identifying information, for example, user name, phone number, e-mail address, personal identification number or other password, or other suitable information to create the user account.
  • the contactless device 120 transmits the user account information to the remote system 160. Portions or all of block 440 may occur simultaneously with performance of blocks 420 or 430.
  • the contactless device 120 has network 140 access and transmits the user account information using a wireless connection.
  • the contactless device 120 is connectively coupled via a wired connection to a computer that accesses the remote system 160.
  • the contactless device 120 transmits a request to the remote system 160 to register a new smart card 110 with the user's account.
  • the request includes information to identify the card, such as a card number or other identifying information stored on the smart card 110.
  • the request also may include the date the card was registered (for example, a time stamp), where the card was registered (for example, information identifying the merchant that registered the card), user information, or other suitable information.
  • the remote system 160 associates the smart card 110 with the user's account and activates the smart card 110, in block 460.
  • the remote system 160 notes the information included in the request in the user account to allow the user to view the smart card 110 transaction history, sum of withdrawals, and sum of deposits by logging onto the user's remote system 160 account.
  • the remote system 160 transmits the initial smart card 110 data to the contactless device 120.
  • the initial data comprises activation data for the smart card 110, which allows the smart card 110 to be used for purchase and/or deposit transactions.
  • the contactless device 120 transmits the activation data to the smart card 110, in block 480, and the activation data is stored in the memory 113 of the smart card 110.
  • Figure 4b is a block flow diagram depicting a method 245b for activating a new smart card 110 without associating the smart card 110 with a remote system 160 user account according to an exemplary embodiment, as referenced in block 245 of Figure 2.
  • the method 245b is described with reference to the components illustrated in Figure 1.
  • Blocks 450, 470, and 480 depicted in Figure 4b are similar to blocks 450, 470, and 480 depicted in Figure 4a.
  • the contactless device 120 detects the smart card
  • the contactless device 120 identifies the smart card 110, in block 230.
  • the contactless device 120 determines whether the smart card 110 is a new or existing card, in block 240.
  • the user activates a new smart card 110 without creating or logging into a remote system 160 account.
  • the contactless device 120 transmits a request to the remote system 160 to register a new smart card 110.
  • the remote system 160 activates the smart card 110, in block 460.
  • the remote system 160 assigns a personal identification number (PIN) or other authentication code to the smart card 110.
  • PIN personal identification number
  • the remote system 160 transmits the initial smart card 110 data to the contactless device 120.
  • the initial data includes the activation data for the smart card 110 and may include the assigned PIN.
  • the contactless device 120 transmits the activation data to the smart card, in block 480, which stores the activation data in the memory 113.
  • Figure 5 is a block flow diagram depicting a method 500 for processing a withdrawal of funds from a smart card 110 via a contactless device 120 according to an exemplary embodiment. The method 500 is described with reference to the components illustrated in Figure 1.
  • a withdrawal transaction does not require remote system 160 authorization.
  • the contactless device 120 may or may not have network 140 access at the time of the transaction.
  • the user "taps" the smart card 110 in the proximity of the contactless device 120.
  • the card reader 150 that reads information from the smart card 110 is a part of the contactless device 120.
  • the card reader 150 is a separate stand-alone device in communication with a computer, such as the contactless device 120.
  • the contactless device 120 generates a radio frequency (RF) or other field polling for the presence of a smart card 110, and the user "taps" the smart card 110 by placing the card 110 within the field of the contactless device 120.
  • the merchant activates the RF field or other field to poll for the presence of a smart card 110 using an application 150 on the card reader 150.
  • the systems and methods described in Figures 5-6 herein are performed while the smart card 110 is tapped.
  • the contactless device 120 detects the smart card 110 and establishes a secure communication channel 130 in block 515.
  • the secure communication channel 130 is an NFC communication channel.
  • the contactless device 120 identifies the smart card 110.
  • the contactless device 120 requests protocols and characteristics from the smart card.
  • the contactless device may request the identification of communication protocols (for instance, ISO 14443, MIFARE, and/or ISO 18092), a list of available applications 115, card identification information (for instance, card number), and security protocols from the smart card 110.
  • the smart card 110 responds with the information requested.
  • the smart card 110 transmits the entire saved transaction history from its memory 113 to the contactless device 120, in block 525.
  • the smart card 110 transmits all deposit and withdrawal transactions to the contactless device 120. If the amount of the transactions exceeds the storage/memory 113 capabilities of the smart card 110, the oldest transactions are dropped from the smart card memory 113.
  • the smart card 110 alternatively or additionally transmits the sum of deposits and the sum of withdrawals for all previous transactions to the contactless device 120.
  • the smart card 110 transmits the last deposit transaction and the entire saved withdrawal transaction history from its memory 113 to the contactless device 120.
  • the transmission of the withdrawal history includes the last several withdrawal transactions to ensure if a particular contactless device 120 doesn't come back online its transactions still get transmitted to the remote system 160.
  • the contactless device 120 determines whether the smart card
  • Figure 6 is a block flow diagram depicting a method 530 for determining a balance of funds on a smart card 110 according to an exemplary embodiment. The method
  • the 110 balance using the remote system 160 records, since a withdrawal may or may not occur when the contactless device 120 has network access to the remote system 160. Therefore, the sum of deposits and sum of withdrawals will be calculated and saved on the smart card 110 as at least a part of the transaction history stored on the smart card 110.
  • the contactless device 120 reads the current sum of deposits from the transaction history of the smart card 110.
  • the contactless device 120 contains the entire transaction history transmitted from the smart card 110, at block 525, including the current sum of deposits.
  • the contactless device 120 reviews the current sum of deposits entry.
  • the contactless device 120 uses the transaction history showing all deposits on the smart card 110 to calculate the sum of deposits.
  • the contactless device 120 reads the current sum of withdrawals from the transaction history of the smart card 110.
  • the contactless device 120 contains the entire transaction history transmitted from the smart card 110, at block 525, including the current sum of withdrawals.
  • the contactless device 120 reviews the current sum of withdrawals entry.
  • the contactless device 120 uses the transaction history showing all deposits on the smart card 110 to calculate the sum of withdrawals.
  • the remote system 160 will have the current sum of deposits, since these transactions are completed while the contactless device 120 has network 140 access to the remote system 160.
  • the remote system 160 may not have the current sum of withdrawals, since the contactless device 120 may or may not have network 140 access to the remote system 160 at the time of the transaction, but the remote system 160 will have the sum of withdrawals at the time of the last synchronization.
  • the contactless device 120 reads the current sum of withdrawals by reading the last withdrawal transaction from the smart card 110 and the current sum of deposits by reading the last deposit transaction from the smart card 110.
  • a deposit transaction is recorded as:
  • a withdrawal transaction is recorded as:
  • the contactless device 120 calculates the current smart card 110 balance, in block 630.
  • the balance is calculated by subtracting the sum of withdrawals from the sum of deposits.
  • the contactless device 120 can calculate the lower boundary of the card balance. For example:
  • the current card balance can be calculated using the last deposit and withdrawal transactions:
  • the contactless device 120 determines whether the smart card
  • the smart card 110 balance is a number greater than or equal to the current transaction cost.
  • the smart card 110 balance may not be a negative number (in other words, the smart card 110 may not become overdrawn).
  • Method 230b begins at block 905.
  • Blocks 905 to 910 proceed substantially as described above regarding blocks 805 to 810 of Figure 8 and blocks 920, 930 and 940 proceed substantially as described above regarding blocks 820, 830, 840, and 850 of Figure 8.
  • the smart card 110 calculates and stores a balance in the memory 113 after each transaction.
  • the smart card 110 stores a running list of all transactions and the balance is calculated by adding/subtracting each transaction as appropriate.
  • the method 530 proceeds to block 540 or block 535 ( Figure 5).
  • the contactless device 120 determines in block 530 that the smart card 110 does not have a sufficient balance for the transaction, the transaction is rejected in block 535, and the secure communication channel 130 is terminated.
  • the contactless device 120 determines in block 530 that the smart card 110 has a sufficient balance for the transaction, the contactless device 120 transmits a withdrawal record and new sum of withdrawals to the smart card 110.
  • the contactless device 120 writes a new transaction record to the smart card 110 illustrating the recent withdrawal transaction.
  • the withdrawal transaction record comprises the transaction amount and a new sum of withdrawals as calculated by the contactless device 120.
  • the contactless device 120 creates a new withdrawal record and adds the record to the transaction history previously transmitted from the smart card 110 at block 525.
  • the withdrawal record also can comprise the smart card 110 identification, a time stamp, the merchant identification, the amount of the withdrawal, and other suitable information.
  • the method 500 proceeds to block 545.
  • the contactless device 120 indicates that the transaction was successful, and the secure communication channel 130 is terminated, in block 550.
  • the contactless device 120 determines whether it has network 140 access to the remote system 160. If the contactless device 120 does not have network 140 access, the contactless device 120 stores the smart card 110 transaction history (including the newly-added record) until network 140 access is available.
  • the contactless device 120 If the contactless device 120 has network 140 access, the contactless device 120 establishes a communication channel with the remote system 160, in block 565.
  • the contactless device 120 transmits the smart card 110 transaction history to the remote system 160.
  • the withdrawal transaction occurs when the contactless device 120 has network 140 access, allowing for simultaneous transmission of the smart card 110 transaction history to the remote system 160.
  • the smart card 110 transaction history is stored on the contactless device 120 and transmitted to the remote system 160 at a later time.
  • the remote system 160 analyzes and synchronizes the transactions, in block 270, which is similar to the block 270 referenced in Figure 2.
  • this action occurs in real-time with (in other words, immediately after) the transmission of the transactions to the remote system 160. In an alternative exemplary embodiment, this action occurs at a later time or at a set durational time period (for example, once every 24 hours).
  • the method 270 of synchronizing smart card 110 transactions on the remote system 160 is described in more detail hereinafter with reference to the methods described in Figure 7.
  • a transaction made by mistake may be reverted by a merchant.
  • the merchant sends the original transaction identification to the remote system 160 and requests reversion of the transaction.
  • the remote system 160 creates a new transaction for the same amount, but as an opposite type of transaction (for example, to revert a withdrawal, the transaction type would be a deposit).
  • the original transaction is still maintained in the transaction history, but the smart card 110 balance is corrected the next time the smart card is connected to a contactless device 120 with network 140 access to the remote system 160.
  • Figure 7 is a block flow diagram depicting a method for synchronizing smart card 110 transactions on a remote system 160 according to an exemplary embodiment, as referenced in block 270 of Figures 2 and 5. The method 270 is described with reference to the components illustrated in Figure 1.
  • the remote system 160 performs an analysis and synchronization of the smart card 110 transaction history received from the contactless device 120.
  • the remote system 160 performs the analysis when the transaction history is transmitted.
  • the analysis is performed at set time intervals (for example, once every 24 hours). Because the deposit transactions are completed with network 140 access, an analysis of the deposit transactions is not required, as those deposit transactions are updated in the remote system 160 in real-time. In an alternative exemplary embodiment, an analysis of the withdrawal and deposit transactions is performed.
  • the remote system 160 reads the withdrawal transactions, sorted by the sum of withdrawals. For example, in an exemplary embodiment:
  • the remote system 160 determines whether a gap exists between adjacent withdrawal transactions.
  • the remote system 160 determines whether transaction records are missing and a synchronization is needed, in block 730. For example, the following sum of withdrawal records indicate a missing transaction:
  • the remote system 160 has information indicating the current sum of withdrawals for the smart cart 110 (which sum is 21), even though the remote system 160 does not have a transaction record (-,12- 19) corresponding to the withdrawal of 7 from the smart card 110.
  • This missing record scenario is indicative of an offline transaction (-,12- 19) occurring between two online transactions (-,4- 12 and -,19- ⁇ 21).
  • one or both of the transactions bounding the missing transaction could have occurred offline and have since been communicated to the remote system 160 when the corresponding contactless device 120 obtained network 140 access to the remote system 160.
  • the sum of withdrawals maintained on the card is current, even after an offline transaction, the balance of the card can be determined at the point of sale for the next merchant.
  • Synchronization will occur when the transaction record for the missing transaction is communicated to the remote system 160, which occurs when the corresponding contactless device 120 obtains network 140 access to the remote system 160. Then, the remote system 160 can analyze the transaction history to determine that all transaction records are included.
  • the remote system 160 determines all records are present in block 740. From block 740, the method 270 proceeds to block 750. [0122] In block 750, the remote system 160 determines whether overlapping transactions exist in the transaction history for the smart card 110.
  • the remote system 160 determines an error has occurred (for example, a withdrawal occurred without writing a record to the smart card 110), in block 760.
  • an error for example, a withdrawal occurred without writing a record to the smart card 110
  • the method 270 proceeds to block 760 in which the remote system 160 reports an error in the transaction history for the smart card 110 and deactivates the smart card 110 from further use.
  • the remote system 160 maintains a list of blocked (deactivated) smart cards 110.
  • the device reader 150 and contactless device 120 receive a list of blocked smart cards 110 when connected to the remote system 160. Transaction requests from a blocked smart card 110 are rejected.
  • a server key is utilized to authenticate data generated by the remote system 150.
  • the server key may be an asymmetric key, wherein a private key is known by the remote system 160 and a public key is known by the contactless device 120.
  • a separate private key is assigned to each merchant's contactless device 120. The key may be stored on a separate NFC-enabled card or stored on the remote system 160 and downloaded by the contactless device 120 upon merchant log-in.
  • each deposit transaction is signed by the server key and each withdrawal transaction is signed by a contactless device 120 key.
  • a merchant reads a smart card 110, it may verify that the transaction records stored on the card are signed by a valid server/contactless device 120 key.
  • a symmetric key may be utilized to encrypt the data on the smart card 110, so that an NFC-enabled device without such a key cannot comprehend the data on the smart card 110. The key is shared with the remote system 160, the contactless device 120, and the card reader 150.
  • the invention can be used with computer hardware and software that perform the methods and processing functions described above.
  • the systems, methods, and procedures described herein can be embodied in a programmable computer, computer executable software, or digital circuitry.
  • the software can be stored on computer readable media.
  • computer readable media can include a floppy disk, RAM, ROM, hard disk, removable media, flash memory, memory stick, optical media, magneto-optical media, CD-ROM, etc.
  • Digital circuitry can include integrated circuits, gate arrays, building block logic, field programmable gate arrays ("FPGA”), etc.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Telephonic Communication Services (AREA)
PCT/US2012/061756 2011-10-24 2012-10-24 System for offline processing of purchases WO2013063166A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
BR112014009765A BR112014009765A2 (pt) 2011-10-24 2012-10-24 sistema para processamento offline de compras
AU2012244201A AU2012244201B2 (en) 2011-10-24 2012-10-24 System for offline processing of purchases
IN3582CHN2014 IN2014CN03582A (ko) 2011-10-24 2012-10-24

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US13/280,209 US20130103523A1 (en) 2011-10-24 2011-10-24 Transaction storage scheme for offline payment system
US13/280,231 2011-10-24
US13/280,209 2011-10-24
US13/280,231 US20130103524A1 (en) 2011-10-24 2011-10-24 System for offline processing of purchases

Publications (1)

Publication Number Publication Date
WO2013063166A1 true WO2013063166A1 (en) 2013-05-02

Family

ID=48168452

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2012/061756 WO2013063166A1 (en) 2011-10-24 2012-10-24 System for offline processing of purchases

Country Status (4)

Country Link
AU (1) AU2012244201B2 (ko)
BR (1) BR112014009765A2 (ko)
IN (1) IN2014CN03582A (ko)
WO (1) WO2013063166A1 (ko)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107466408A (zh) * 2015-06-19 2017-12-12 谷歌公司 离线支付系统中的积分奖励
US10192214B2 (en) 2013-03-11 2019-01-29 Google Llc Pending deposit for payment processing system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1565016A2 (en) * 2004-02-12 2005-08-17 Samsung Electronics Co., Ltd. Mobile communication terminal and method for managing use history information
US20100325269A1 (en) * 2008-07-10 2010-12-23 Sk Telecom. Co., Ltd Personalized service system based on smart card and method thereof, and smart card applied to the same
KR20100138659A (ko) * 2009-06-25 2010-12-31 에스케이 텔레콤주식회사 사용자 편의적인 전자화폐 시스템 및 그 제어방법
KR20110004043A (ko) * 2009-07-07 2011-01-13 에스케이 텔레콤주식회사 오프라인 거래가 가능한 전자화폐 서비스 방법 및 이를 이용한 시스템

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009132112A2 (en) * 2008-04-22 2009-10-29 Visa International Service Association Prepaid portable consumer device including accumulator

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1565016A2 (en) * 2004-02-12 2005-08-17 Samsung Electronics Co., Ltd. Mobile communication terminal and method for managing use history information
US20100325269A1 (en) * 2008-07-10 2010-12-23 Sk Telecom. Co., Ltd Personalized service system based on smart card and method thereof, and smart card applied to the same
KR20100138659A (ko) * 2009-06-25 2010-12-31 에스케이 텔레콤주식회사 사용자 편의적인 전자화폐 시스템 및 그 제어방법
KR20110004043A (ko) * 2009-07-07 2011-01-13 에스케이 텔레콤주식회사 오프라인 거래가 가능한 전자화폐 서비스 방법 및 이를 이용한 시스템

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10192214B2 (en) 2013-03-11 2019-01-29 Google Llc Pending deposit for payment processing system
CN107466408A (zh) * 2015-06-19 2017-12-12 谷歌公司 离线支付系统中的积分奖励

Also Published As

Publication number Publication date
AU2012244201A1 (en) 2013-05-09
IN2014CN03582A (ko) 2015-10-09
AU2012244201B2 (en) 2014-09-25
BR112014009765A2 (pt) 2017-04-25

Similar Documents

Publication Publication Date Title
US20200356975A1 (en) Over the air update of payment transaction data stored in secure memory
US9020858B2 (en) Presence-of-card code for offline payment processing system
US8898088B2 (en) In-card access control and monotonic counters for offline payment processing system
US8959034B2 (en) Transaction signature for offline payment processing system
US11087297B1 (en) Systems and methods for financial operations performed at a contactless ATM
US10192214B2 (en) Pending deposit for payment processing system
CN108780546B (zh) 在动态数据交易中的位置验证
US9672508B2 (en) Over the air update of payment transaction data stored in secure memory
US20130103523A1 (en) Transaction storage scheme for offline payment system
EP2997531B1 (en) Methods and systems for provisioning payment credentials
US10706400B1 (en) Systems and methods for financial operations performed at a contactless ATM
US20130103524A1 (en) System for offline processing of purchases
US10262505B1 (en) Anti-skimming solution
WO2013130912A2 (en) In-card access control and monotonic counters for offline payment processing system
AU2012244201B2 (en) System for offline processing of purchases
AU2013205181B9 (en) In-card access control and monotonic counters for offline payment processing system
AU2013202684B9 (en) In-card access control and monotonic counters for offline payment processing system

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2012244201

Country of ref document: AU

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12843899

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112014009765

Country of ref document: BR

122 Ep: pct application non-entry in european phase

Ref document number: 12843899

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 112014009765

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20140424