WO2013179271A2 - Method and system for human assisted secure payment by phone to an insecure third-party service provider - Google Patents

Method and system for human assisted secure payment by phone to an insecure third-party service provider Download PDF

Info

Publication number
WO2013179271A2
WO2013179271A2 PCT/IB2013/054510 IB2013054510W WO2013179271A2 WO 2013179271 A2 WO2013179271 A2 WO 2013179271A2 IB 2013054510 W IB2013054510 W IB 2013054510W WO 2013179271 A2 WO2013179271 A2 WO 2013179271A2
Authority
WO
WIPO (PCT)
Prior art keywords
payment
phone
mechanism
customer
service provider
Prior art date
Application number
PCT/IB2013/054510
Other languages
French (fr)
Other versions
WO2013179271A3 (en
Inventor
Venkatachalam Sthanu Subra MANI
Original Assignee
Mani Venkatachalam Sthanu Subra
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to IN3377/MUM/2011 priority Critical
Priority to IN3377MU2011 priority
Application filed by Mani Venkatachalam Sthanu Subra filed Critical Mani Venkatachalam Sthanu Subra
Publication of WO2013179271A2 publication Critical patent/WO2013179271A2/en
Publication of WO2013179271A3 publication Critical patent/WO2013179271A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/325Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices using wireless networks
    • G06Q20/3255Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices using wireless networks using an SMS for payment

Abstract

A system and method for human assisted secure payment to an insecure third-party service provider, wherein the system comprises: pre-registration mechanism adapted to allow users (or customers) to pre-register in order to avail the use of the system and method of this invention; affiliate registration mechanism adapted to allow payee affiliates to pre-register in order to avail the use of the system and method of this invention; post-registration mechanism adapted to allow a user to register a plurality of identity tags (or nicknames); each identity tag relating to payment information for a particular payment instrument; and phone payment mechanism adapted to allow a user to make payments in a seamlessly secure manner by means of phone.

Description

METHOD AND SYSTEM FOR HUMAN ASSISTED SECURE PAYMENT BY PHONE TO AN INSECURE THIRD-PARTY SERVICE PROVIDER

Field of the invention

The invention relates to the field of information systems, security systems, databases for electronic payments.

More particularly, the invention relates to information systems, security systems, databases for human assisted payments.

Still particularly, the invention relates to information systems, security systems, databases for human assisted secure payments.

Specifically, the invention relates to a method and system for human assisted secure payment to an insecure third-party service provider.

Background of the invention

Modes of payments in the physical world as well as in the virtual world have increased multi-fold in the last couple of decades. From basic paper money such as cash and cheque transactions to incorporation of plastic money such as credit cards and debit cards to internet banking provisions such as virtual payment gateways, Paypal™ or the like have crept into daily lives of human beings. All these resemble the variety of payment instrument.

Payments in both the physical world and the virtual world are a sensitive issue. Thieves, hackers, conmen; are a variety of fraudulent beings from whom security of payments is to be warranted. Hence, combinations of identities and / or passwords are used in order to secure the identity and ownership of payment instrument and the authority to use the payment mechanism. A credit card comes with a credit card number, name, date of expiry, CW number, internet pin number; combinations of which are used to authorise a transaction. Similarly, a net banking payment instrument includes usernames and multiples of passwords or challenge questions in order to securely authorise a transaction.

Use of payment instrument may be in person, through the Internet, or even through a phone / telephone / mobile phone.

Payment through phone call is observed to be one of the most convenient means of making a payment. It also offers a customer the choice of paying through several means without carrying all the instruments.

In some cases, the customer may have additional benefits availed by paying through a specific means. While Internet access limits itself to computers, laptops, or smart phones, accessibility to them may not be possible at all times. In such instances, a secure payment mechanism via a phone would be immensely helpful. For example, the customer intending to procure a limited time sale item from a shop may miss out on the cash-back for using a credit card that he / she has but is not carrying at the moment.

A typical voice based payment service involves a customer calling up the service provider and mentioning the details of payee, payment amount, and the payment instrument he / she intends to use for the purpose. The human operator enters these details on a system interface and submits the payment request to a payment gateway provider. On approval, the transaction details are communicated to both the payee and the customer. Providing such a service as a non-payment-gateway-third-party service provider is fraught with security concerns if it includes a human operator who is privy to the confidential aspects of payment details.

Certain countries do not allow third party service providers to store certain information, viz. credit card related information. Also, communicating instrument information like credit card details on a phone has its own security problems. These points are easily mitigated if the secure phone based payment scheme does not involve explicit communication of the payment instrument details to the service provider; hence the demand for such a service exists.

Objects of the Invention

An object of the invention is to provide a secure system and method for human assisted secure payment to an insecure third-party service provider.

Another object of the invention is to provide a system and method which does not allow a human element during the most sensitive nature of effecting a payment which pertains to payment instrument information.

Summary of the Invention:

The present invention, in a preferred embodiment, provides systems and methods for human assisted secure payment to an insecure third-party service provider, wherein the system comprises:

pre-registration mechanism adapted to allow users (or customers) to pre-register in order to avail the use of the system and method of this invention, said pre-registration mechanism comprising a combination of first and second registration mechanisms; a first registration mechanism selected from a first group consisting of web based registration module of personal details and a phone based registration module of personal details and a second registration mechanism selected from a second group consisting of web based registration module of payment details and a phone based registration module of payment details;

affiliate registration mechanism adapted to allow payee affiliates to pre-register, said affiliate registration mechanism comprising a combination of first and second registration mechanisms; a first registration mechanism selected from a first group consisting of web based registration module of personal details and a phone based registration module of personal details and a second registration mechanism selected from a second group consisting of web based registration module of payment details and a phone based registration module of payment details;

post-registration mechanism adapted to allow a user to register a plurality of identity tags (or nicknames); each identity tag relating to payment information for a particular payment instrument; and

phone payment mechanism adapted to allow a user to make payments in a seamlessly secure manner by means of a phone and its voice channel and a dial-pad.

Typically, said system comprises a SMS (Short Message Service) payment mechanism adapted to allow a user to make payments in a seamlessly secure manner by means of a phone and its text channel and dial-pad.

Typically, said system comprises an additional verification mechanism adapted to provide additional layers of security for enabling a secure payment transaction using the system of this invention.

Typically, said system comprises a payment process and notification mechanism adapted to generate a payment request by a third party service provider to the secure payment gateway service, on behalf of the customer, once the payment mechanism is effectively engaged.

Brief description of the accompanying drawings

The invention will now be described in relation to the accompanying drawings, in which:

Figure 1 illustrates a schematic flow-diagram of the system for human assisted secure payment to an insecure third-party service provider.

Figure 2 illustrates a schematic flow-diagram of the method for pre-registration of a user or a customer using a pre-registration mechanism (PRM)

Figure 3 illustrates a schematic flow-diagram of the method for pre-registration of an affiliate using an affiliate registration mechanism (ARM) Figure 4 illustrates a schematic flow-diagram of the method for human assisted secure payment to an insecure third-party service provider using a phone calling procedure.

Figure 5 illustrates a schematic flow-diagram of the method for human assisted secure payment to an insecure third-party service provider using an SMS.

Detailed description of the preferred embodiments

For the purpose of promoting an understanding of the principles of the invention, reference will now be made to the embodiment illustrated in the drawings and specific language will be used to describe the same. It will nevertheless be understood that no limitation of the scope of the invention is thereby intended, such alterations and further modifications in the illustrated system, and such further applications of the principles of the invention as illustrated therein being contemplated as would normally occur to one skilled in the art to which the invention relates.

It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the invention and are not intended to be restrictive thereof.

The invention relates to payments. More particularly the invention relates to human assisted payments. More particularly the invention relates to human assisted secure payments. More particularly the invention relates to a method and system for human assisted secure payment to a third-party service provider.

For the purposes of this specification, a 'customer ', as used herein, is a human person intending make a payment using telephone or web-based variant of telephone.

For the purposes of this specification, an 'instrument ', as used herein, is the means of payment, like credit card, debit card and more.

For the purposes of this specification, a 'payment-gateway service provider ', as used herein, is a registered service provider authorized by the law to accept and process a payment made through an instrument. Such a provider is authorized by law to store confidential credit card related details and has a process in-place to store the same securely. Hence this entity is qualified as secure. The terms secure payment-gateway service provider and payment-gateway service provider are equivalent for the purpose of this document.

For the purposes of this specification, a 'third-party service provider ', as used herein, is a business entity who runs the invention as a facility. Hence this entity is qualified as insecure. The terms insecure third-party service provider and third-party service provider are equivalent for the purpose of this document.

For the purposes of this specification, a 'computer system ' with the third party service provider, as used herein, is a computer or a network of computers which are enabled and designed to manage the facility.

For the purposes of this specification, an 'operator ' with the third party service provider, as used herein, is a human being who receives a phone call from the customer and enters the information in the system.

For the purposes of this specification, an 'affiliate ', as used herein, is a service provider enrolled with the third-party service provider who authorizes the aforesaid to collect payments on its behalf.

For the purposes of this specification, the term, 'standardized affiliate name ', refers to a unique name used to identify a registered affiliate.

For the purposes of this specification, the 'payment facility ', as used herein, is the service run by the third-party service provider based on this invention. This service comprises the computer system connected to the payment-gateway service provider and the operator. The payment facility is used by the customer to make a payment to the third party service provider or its affiliates.

For the purposes of this specification, the term, 'confidential payment information ', as used herein, is information relating to identifying and making a financial transaction on behalf of a customer. Disclosure of this information will potentially allow a malicious party to misuse this and make a fraudulent payment for the customer. This comprises items like credit card number and associated verification items like expiry date, CW number, PIN, etc.

For the purposes of this specification, the term, 'standard personal information ', as used herein, is information relating to identifying and providing service to an individual or any organization. Disclosure of this information does not allow a malicious party to misuse this and make a fraudulent payment for the customer. This comprises items like name, address, phone number and email. This does not include confidential payment information.

According to this invention, there is provided a system for human assisted secure payment to an insecure third-party service provider.

Figure 1 illustrates a schematic flow-diagram of the system.

The system and method of this invention allows an insecure third party service provider to mediate a secure payment by a phone.

In accordance with an embodiment of this invention, there is provided a pre-registration mechanism

(PRM) adapted to allow users (or customers) to pre-register in order to avail the use of the system and method of this invention.

Preferably, it may be assumed that the third-party service provider has a prior agreement with the Secure Payment gateway Service. Preferably, a customer may pre-register with the payment facility of the third-party service provider. At the time of registration, the customer may be required to provide both standard personal information as well as confidential payment information. There are, preferably, two cases: the registration can be web-based or by phone call.

The pre-registration mechanism comprises a combination of first and second registration mechanisms selected from a first group and a second group, respectively. Typically, a first registration mechanism is selected from a first group consisting of web based registration module of personal details (WRM-1) and a phone based registration module of personal details (PHM-1) and a second registration mechanism is selected from a second group consisting of web based registration module of payment details (WRM-2) and a phone based registration module of payment details (PHM-2).

In accordance with an aspect of this invention, there is provided a web based registration module of personal details (WRM-1) which is a part of the pre-registration mechanism. This module comprises a web-based input means for allowing a customer to enter standard personal information through a web- based interface. This input means is located at a payment facility website. This payment facility website is communicably coupled to a computer system with the third party service provider which receives the entered standard personal information. A database at the third party service provider stores the transferred standard personal information (said database being maintained by the third party service provider). A phone number is a mandatory item of input at the input means of the payment facility website. This phone number or mobile number is sent and stored at the database of the third party service provider. There is further provided a verification code generation mechanism which generates a verification code upon receipt of a mobile number at the database through the input means. This verification code is generated only the first time or one time at the time of the pre-registration by the user using the pre-registration mechanism (PRM), for a single mobile phone number.

For the purpose of the invention, the terms phone number, telephone number and mobile number can be interchangeably used. In accordance with an aspect of this invention, there is provided a web based registration module of payment details (WRM-2) which is a part of the re-registration mechanism (PRM). This module comprises web based input means adapted to allow a customer to input the verification code received by the verification code generation mechanism of the web based registration module of personal details. There is further provided an authentication means to check authenticity of entered code by means of a comparator. Further, there is provided a channeling means in order to channel the system on to a secure system and GUI which belongs to a secure payment gateway service. This secure system comprises payment information input means adapted to allow a customer to input payment information. This payment information, generally, is confidential payment information. This module still further comprises an identifying token generation means adapted to generate an identifying token upon receipt of payment information, which identifying token is relayed to the third party service provider through a secure communication channel. A database is provided which stores the identifying token in a tagged manner for future reference. The tag relates to payment information and user details.

In accordance with an aspect of this invention, there is provided a phone based registration module of personal details (PHM-1) which is a part of the pre-registration mechanism (PRM). This module comprises a phone based input means adapted to allow a customer to input standard personal information. This may be by means of an IVR (Interactive Voice Response) menu set up for the purpose or by relayed communication to an operator adapted to handle the data entry of the inputs through a data entry interface and mechanism. This data entry interface and mechanism is communicably coupled to a computer system with the third party service provider which receives the entered standard personal information. A database at the third party service provider stores the transferred standard personal information (said database being maintained by the third party service provider). A phone number is a mandatory item of input at the phone based input means. This mobile number is sent and stored at the database of the third party service provider. There is further provided a verification code generation mechanism which generates a verification code upon receipt of a mobile number at the database through the input means. This verification code is generated only the first time, for a single mobile phone number.

In accordance with an aspect of this invention, there is provided a phone based registration module of payment details (PHM-2) which is a part of the pre-registration mechanism (PRM). This module comprises a phone based input means adapted to allow a customer to call a pre-defined number and to input the verification code received by the verification code generation mechanism of the web based registration module of personal details. The verification code may be input by one of the several predefined means of user choice. This may comprise an IVR menu or a combination of non-numerical keys as start code and end code with the verification code in between or the like. There is further provided an authentication means to check authenticity of entered code by means of a comparator. Further, there is provided a channeling means in order to channel the system on to a secure system and rVR mechanism which belongs to a secure payment gateway service. This secure system comprises payment information input means adapted to allow a customer to input payment information. This payment information, generally, is confidential payment information. This module still further comprises an identifying token generation means adapted to generate an identifying token upon receipt of payment information, which identifying token is relayed to the third party service provider through a secure communication channel. A database is provided which stores the identifying token in a tagged manner for future reference. The tag relates to payment information and user details.

In accordance with another embodiment of this invention, there is provided an affiliate registration mechanism (ARM) adapted to allow payee affiliates to pre -register in order to avail the use of the system and method of this invention. Affiliate registration also involves additional paperwork as per laws of the land.

The affiliate registration mechanism comprises a combination of first and second registration mechanisms selected from a first group and a second group, respectively. Typically, a first registration mechanism is selected from a first group consisting of web based registration module of personal details (WRM-3) and a phone based registration module of personal details (PHM-3) and a second registration mechanism is selected from a second group consisting of web based registration module of payment details (WRM-4) and a phone based registration module of payment details (PHM-4). In accordance with an aspect of this invention, there is provided a web based registration module of personal details (WRM-3) which is a part of the pre- registration mechanism. This module comprises a web-based input means for allowing an affiliate to enter standard personal information through a web- based interface. This input means is located at a payment facility website. This payment facility website is communicably coupled to a computer system with the insecure third party service provider which receives the entered standard personal information. A database at the third party service provider stores the transferred standard personal information. A phone number is a mandatory item of input at the input means of the payment facility website. This mobile number is sent and stored at the database of the third party service provider. There is further provided a verification code generation mechanism which generates a verification code upon receipt of a mobile number at the database through the input means. This verification code is generated only the first time, for a single mobile phone number.

In accordance with an aspect of this invention, there is provided a web based registration module of payment details (WRM-4) which is a part of the pre- registration mechanism. This module comprises web based input means adapted to allow an affiliate to input the verification code received by the verification code generation mechanism of the web based registration module of personal details. There is further provided an authentication means to check authenticity of entered code by means of a comparator. Further, there is provided a channeling means in order to channel the system on to a secure system and GUI which belongs to a secure payment gateway service. This secure system comprises payment information input means adapted to allow an affiliate to enter details pertaining to mode of payment receipt information. This payment information, generally, is confidential payment information. This module still further comprises an identifying token generation means adapted to generate an identifying token upon receipt of mode of payment information, which identifying token is relayed to the third party service provider through a secure communication channel. A database is provided which stores the identifying token in a tagged manner for future reference. The tag relates to mode of payment information and user details.

In accordance with an aspect of this invention, there is provided a phone based registration module of personal details (PHM-3) which is a part of the pre-registration mechanism. This module comprises a phone based input means adapted to allow an affiliate to input standard personal information. This may be by means of an IVR menu set up for the purpose or by relayed communication to an operator adapted to handle the data entry of the inputs through a data entry interface and mechanism. This data entry interface and mechanism is communicably coupled to a computer system with the third party service provider which receives the entered standard personal information. A database at the insecure third party service provider stores the transferred standard personal information. A phone number is a mandatory item of input at the phone based input means. This mobile number is sent and stored at the database of the third party service provider. There is further provided a verification code generation mechanism which generates a verification code upon receipt of a mobile number at the database through the input means. This verification code is generated only the first time, for a single mobile phone number.

In accordance with an aspect of this invention, there is provided a phone based registration module of payment details (PHM-4) which is a part of the pre-registration mechanism. This module comprises phone based input means adapted to allow an affiliate to call a pre-defined number and to input the verification code received by the verification code generation mechanism of the web based registration module of personal details. The verification code may be input by one of the several pre-defined means of user choice. This may comprise an IVR menu or a combination of non-numerical keys as start code and end code with the verification code in between or the like. There is further provided an authentication means to check authenticity of entered code by means of a comparator. Further, there is provided a channeling means in order to channel the system on to a secure system and r R mechanism which belongs to a secure payment gateway service. This secure system comprises payment information input means adapted to allow an affiliate to enter details pertaining to mode of payment receipt information. This payment information, generally, is confidential payment information. This module still further comprises an identifying token generation means adapted to generate an identifying token upon receipt of mode of payment information, which identifying token is relayed to the third party service provider through a secure communication channel. A database is provided which stores the identifying token in a tagged manner for future reference. The tag relates to mode of payment information and user details.

In accordance with yet another embodiment of this invention, there is provided a post-registration mechanism (PSM) adapted to allow a user to register a plurality of identity tags (or nicknames); each identity tag relating to payment information for a particular payment instrument. This identity tag enables a user to make payments via a phone. These identity tags can be defined and generated only after successful verification as per information stored during the pre-registration process of the pre- registration mechanism.

In accordance with still another embodiment of this invention, there is provided a phone payment mechanism (PPM) adapted to allow a user to make payments in a seamlessly secure manner by means of phone and its voice channel and dial-pad. This mechanism comprises a pre-defined channel defined with a pre-defined phone number which is input by a customer to start usage of the system of this invention. At a first level of authentication, the mobile number which is used to make the call to the predefined phone number is verified and a transferring means transfers the call to an operator or an input system who takes down or notes down payee details. The payee has to be registered with the third-party service provider as an affiliate. The operator or the input system engages a module which reads out standardized affiliate name to which a customer agrees verbally or by means of the phone input system. A comparator matched the confirmation for further engagement of the system. The identity tags of the customer are fetched by the system in a secure manner. If the customer has multiple identity tags, the customer is prompted to select one of the multiple identity tags using any of the input means including use of phone dial-pad or verbal communication or the like. A comparator identifies the correctness of the input identity tag in relation to the pre-stored identity tag. An automated voice confirmation may read out the affiliate name and may spell out the identity tag alphabets for confirmation. Confirmation may occur by means of voice recognition or key input.

In accordance with an additional embodiment of this invention, there is provided a SMS payment mechanism (SPM) adapted to allow a user to make payments in a seamlessly secure manner by means of a phone and its text channel and dial-pad. This mechanism comprises an SMS input means with a pre-defined template in order to text the SMS to the system of this invention. The template comprises fields pertaining to payment instructions with payment name, amount of payment, and identity tag. It further comprises an authentication means to check authenticity of the identity tag in correlation with the mobile number in order to generate a return SMS to the customer and to generate an approval code by an approval code generating means. The return SMS follows a pre-defined template including fields pertaining to payment instructions with standardized affiliate name, amount, identity tag, and approval code. Still further, there is an approval code input means and an approval code relaying means in order to allow a user to input the received approval code which is relayed for initiation of payment.

In accordance with yet an additional embodiment of this invention, there is provided an additional verification mechanism (AVM) adapted to provide additional layers of security for enabling a secure payment transaction using the system of this invention. This mechanism comprises an automated confirmation mechanism which is engaged by the third part service provider in order to relay a call to the customer initiating the payment using the system and after verification of approval code. The automated confirmation mechanism reads out the affiliate name, the digits of the transaction amount, and spells out the identity tag alpha-numerical(s) to the customer for confirmation which is possible by pressing a pre-defined key on the dial-pad of the phone. The customer name in relation to the identity tag may also be read out. Additional verification mechanism may involve puzzles, part questions, identification questions, challenge questions, selective questions and the like.

In an embodiment of the invention, the additional verification allows a two-way verification where both the customer and the third part service provider can verify each other's authenticity though one or more questions.

In accordance with still an additional embodiment of this invention, there is provided a payment process and notification mechanism (NM) adapted to generate a payment request by the third party service provider to the secure payment gateway service, on behalf of the customer, once the payment mechanism is effectively engaged. An approval identity is generated at the end of the transaction along with a billing reference which is communicated to the customer as well as the affiliate involved per transaction. This may be by means of SMS or any chosen means of communication.

According to this invention, there is also provided a method for human assisted secure payment to an insecure third-party service provider. This method comprises the following, non-limiting, steps:

1. It is assumed that the third-party service provider has a prior agreement with the Secure Payment gateway Service.

2. A customer pre-registers with the payment facility of the third-party service provider.

3. At the time of registration, the customer is required to provide both standard personal information as well as confidential payment information.

4. There are two cases: the registration can be web-based or by phone call.

5. If the registration is web based, the customer enters standard personal information at the payment facility website.

6. The standard personal information travels to the computer system with the third party service provider. This includes the phone number as a mandatory item.

7. These details are stored at the third party database.

8. On providing the mobile number, a SMS message is sent to the same containing verification code for this number if it has not been registered yet. Only one registration is possible with a mobile number.

9. The customer then enters the verification code to seamlessly proceed to a secure page which belongs to the Secure Payment gateway Service where the customer enters the confidential payment information.

10. The Secure Payment gateway Service returns an identifying token to the third party service provider through a secure channel.

11. This token is stored by the third-party service provider for future reference.

12. If the registration is phone based, the customer calls from a mobile phone and enters standard personal information to the operator. The operator acknowledges this and the customer hangs up.

13. The operator enters the standard personal information into the computer system with the third party service provider. This includes the phone number as a mandatory item.

14. On providing the mobile number, a SMS message is sent to the customer containing verification code for this number if it has not been registered yet. Only one registration is possible with a mobile number.

15. The customer now calls the third-party service provider from the same mobile number as provided for registration.

16. In this call the verification code can be submitted by several means.

17. The customer may dial the number followed by a hash and verification code.

18. If not entered at the time of calling the customer will be interfaced to the operator who can facilitate the typing of verification code. Note that the operator never comes to know of this code.

19. On entering the verification code, the customer is seamlessly led to a part of the IVR menu which only interacts with the Secure Payment gateway Service. In effect, this part of the call just relays the typed information to the Secure Payment gateway Service without involving human or storage.

20. Here, the customer enters the confidential payment information, which is automatically relayed to the Secure Payment gateway Service.

21. The Secure Payment gateway Service returns an identifying token to the third party service provider through a secure channel.

22. On receipt of this information, the customer is returned to the operator to conclude the registration process.

23. After registration the customer can pay by phone.

24. Note that the customer can register multiple payment options in this manner. In such a case, the customer has to provide an identity tag for each of these.

25. To pay by phone, a customer calls up the calls the third-party service provider from the same mobile number as provided for registration.

26. The mobile number is verified and the call is transferred to an operator who takes down the payee details.

27. The payee has to be registered with the third-party service provider as an affiliate. 28. Affiliate registration is similar to customer registration, except that the affiliate needs to specify the mode of payment receipt rather than payment options. Affiliate registration will involve additional paperwork as per laws of the land.

29. The operator reads out the standardized affiliate name which the customer verbally verifies.

30. If the customer has multiple registered payment options, the customer is prompted to select his choice by the identity tag.

31. In both cases there is an automated voice confirmation where a recorded voice reads out the affiliate name and spells out the identity tag alphabets to the customer for confirmation.

32. The confirmation happens through IVR by typing a single digit.

33. The customer can also request a payment by SMS to the third-party service provider.

34. The SMS follows a distinct format with reserve words punctuating entry. For example if reserve words are #PAY <payee name> #AMT <amount INR> #NICK <identity tag>.

35. In return the customer gets a SMS that has the format #PAY standardized affiliate name> #AMT <amount INR> #NICK <identity tag> #APRC <approval code>.

36. The customer sends back the approval code to initiate payment.

37. As additional security, the customer gets a call from the third-party service provider where there is an automated voice confirmation where a recorded voice reads out the affiliate name, reads out the digits of the transaction amount and spells out the identity tag alphabets to the customer for confirmation which the customer can do by typing a single digit.

38. As additional security, the affiliate gets a call from the third-party service provider where there is an automated voice confirmation where a recorded voice reads out the customer name and reads out the digits of the transaction amount for confirmation which the customer can do by typing a single digit.

39. On receipt of the request, a payment request is initiated by the third-party service provider to the Secure Payment gateway Service on behalf of the customer.

40. The approval id and billing reference is communicated to both the customer and the affiliate by SMS.

In an embodiment of the invention, there is provided a computer implemented method for human assisted secure payment to an insecure third-party service provider by a system of the present invention, the method comprising the steps of:

a. receiving a call by a customer by the phone payment mechanism with a pre-defined phone number which is input by a customer;

b. authenticating of the phone number or mobile number or customer registered phone number or customer registered mobile number which is used to make the call to the predefined phone number by the phone payment mechanism;

c. transferring of the call to an operator or an input system of the insecure third- party service provider who takes down or notes down payee details and wherein the payee has to be registered with the insecure third-party service provider as an affiliate; d. verification of the user by the operator using an additional verification mechanism (AVM);

e. leading the customer seamlessly to a part of the IVR menu by way of a parallel call which only interacts with the Secure Payment gateway Service, such that this part of the call just relays any inputted information to the Secure Payment gateway Service without involving a human or allowing permanent storage;

f. entering of an input by the user with the Secure Payment gateway Service to initiate a payment;

g. initiating a payment by the Secure Payment gateway Service; and

h. receiving of payment status confirming completion or rejection of payment by the user.

In an embodiment of the invention, there is provided a computer implemented method for human assisted secure payment to an insecure third-party service provider by a system of the present invention, the method comprising the steps of:

a. receiving a an SMS by a customer by the phone payment mechanism with a pre-defined phone number which is input by a customer, such that the SMS includes the details required for enabling a payment; b. authenticating of the phone number or mobile number or customer registered phone number or customer registered mobile number which is used to make the call to the predefined phone number by the phone payment mechanism;

c. verification of the user by the operator using an additional verification mechanism (AVM);

d. entering of an input by the user with the Secure Payment gateway Service to initiate a payment;

e. initiating a payment by the Secure Payment gateway Service; and

f. receiving of payment status confirming completion or rejection of payment by the user.

In an embodiment of the invention, the method further comprises the step of sending a verification code to the user using and receiving the said verification code from the user by the additional verification mechanism (AVM) whereby the operator is not able to access the said verification code.

In an embodiment of the invention, the entering of an input by the user with the Secure Payment gateway Service to trigger a payment is selected from a set of entering a dynamic one time password, entering a voice password, entering a pre-stored secure password, entering a token, entering a tag, entering credit card details, entering debit card details, entering a personal identification number and a combination thereof.

In an embodiment of the invention, the method further comprises the step of receiving a call or an SMS from the affiliate to the customer registered phone number or customer registered mobile number.

In an embodiment of the invention, the method further comprises the step of receiving a call or an SMS from the Secure Payment gateway Service to the customer registered phone number or customer registered mobile number.

In an embodiment of the invention, the systems and methods of the invention are computer implemented.

In an embodiment of the invention, the systems and methods of the invention are integrated with a search engine.

In an embodiment of the invention, the systems and methods of the invention are integrated with an information listing directory.

In an embodiment of the invention, there is provided a computer program product for human assisted secure payment to an insecure third-party service provider by a system of the present invention, the computer program product embodied in a computer readable medium that, when executing on a computer, performs steps comprising:

a. receiving a call by a customer by the phone payment mechanism with a pre-defined phone number which is input by a c customer;

b. authenticating of the phone number or mobile number or customer registered phone number or customer registered mobile number which is used to make the call to the predefined phone number by the phone payment mechanism;

c. transferring of the call to an operator or an input system of the insecure third- party service provider who takes down or notes down payee details and wherein the payee has to be registered with the insecure third-party service provider as an affiliate; d. verification of the user by the operator using an additional verification mechanism (AVM);

e. leading the customer seamlessly to a part of the IVR menu by way of a parallel call which only interacts with the Secure Payment gateway Service, such that this part of the call just relays any inputted information to the Secure Payment gateway Service without involving a human or allowing permanent storage;

f. entering of an input by the user with the Secure Payment gateway Service to initiate a payment;

g. initiating a payment by the Secure Payment gateway Service; and h. receiving of payment status confirming completion or rejection of payment by the user.

In an embodiment of the invention, there is provided a computer implemented method for human assisted secure payment to an insecure third-party service provider, the method comprising the steps of: a. pre-registering by a user or a customer using a pre-registration mechanism (PRM) and by entering a verification code by the user wherein the verification code is generated through a verification code generation mechanism upon user input of a phone number or a mobile number through an input means;

b. pre-registering by an affiliate using an affiliate registration mechanism (ARM) and by entering a verification code by the affiliate wherein the verification code is generated through a verification code generation mechanism upon user input of a phone number or a mobile number through an input means;

c. allowing a user to register a plurality of identity tags (or nicknames); each identity tag relating to payment information for a particular payment instrument using a post- registration mechanism (PSM); and

d. allowing a user to make payments in a seamlessly secure manner by means of a phone and its voice channel and a dial-pad using a phone payment mechanism (PPM).

Figure 2 illustrates a schematic flow-diagram of the method for pre-registration of a user or a customer using a pre-registration mechanism (PRM) comprising the following steps:

a. customer logs in to the payment facility website and enters the personal details where mobile number is mandatory.

b. if data is not successfully submitted, step a is repeated

c. if data is successfully submitted, the payment facility shares the details with the third party service provider.

d. if data is successfully submitted, a verification code is generated and sent to the customer. e. the customer logs in to the payment facility website to enter the verification code.

f. code is verified and the customer is transferred to the secure site of the payment gateway service to enter the payment details.

g. after submitting the details an identifying token is generated which is relayed to the third party service provider.

Figure 3 illustrates a schematic flow-diagram of the method for pre-registration of an affiliate using an affiliate registration mechanism (ARM) comprising the following steps:

a. affiliate calls up the payment facility and through an operator enters the required personal where Mobile Number or phone number is mandatory, logs in to the payment facility website and enters the personal details where mobile number is mandatory.

b. if data is not successfully submitted, step a is repeated

c. if data is successfully submitted, the payment facility shares the details with the third party service provider.

d. if data is successfully submitted, a verification code is generated and sent to the affiliate.

e. the affiliate logs in to the payment facility website to enter the verification code.

f. code is verified and the customer is transferred to the secure site of the payment gateway service to enter the payment details.

g. after submitting the details an identifying token is generated which is relayed to the third party service provider.

Figure 4 illustrates a schematic flow-diagram of the method for human assisted secure payment to an insecure third-party service provider using a phone calling procedure comprising the following steps: a. To pay by phone first the customer calls up the third party service provider.

b. The mobile number is verified and call is transferred to an operator who takes the details of the payee.

c. After confirmation identity tags of the customer are fetched. If there are multiple identity tags, the customer is prompted to select one.

d. Standardized affiliate name is provided to the customer to which he/she agrees. e. After verification is done an automated voice confirmation reads out the affiliate name and identity tag for confirmation. Customer can confirm it by voice or key input.

Figure 5 illustrates a schematic flow-diagram of the method for human assisted secure payment to an insecure third-party service provider using an SMS, comprising the following steps:

a. To pay by SMS the customer send an SMS to the third party service provider. The text message includes details related to the payment instruction.

b. After the identity tag and mobile number is verified an approval code is sent to the customer. c. The customer then sends back the approval in order to initiate payment.

The terms used herein if not defined shall deem to have their conventional meaning as in ordinary practice in industry and commerce.

The data, in each of the means of the system and method of this invention, may be 'encrypted' and suitably 'decrypted' when required.

The systems of the present invention in an embodiment are made accessible through a portal or an interface which is a part of, or may be connected to, the internet or World Wide Web or any similar portal, wherein the portals or interfaces are accessed by one or more of users through an electronic device, whereby the user may send and receive data to the portal or interface which gets stored in at least one memory device or at least one data storage device or at least one server, and utilizes at least one processing unit. The portal or interface in combination with one or more of memory device, data storage device, processing unit and serves, form an embedded computing setup, and may be used by, or used in, one or more of a computer program product. In an embodiment of the invention, the embedded computing setup and optionally one or more of a computer program product, in relation with, and in combination with the said portal or interface forms one of the systems of the invention. Typical examples of a portal or interface may be selected from but is not limited to a website, an executable software program or a software application.

In an embodiment of the invention, the systems and methods of the invention may simultaneously involve more than one user or more than one data storage device or more than one host server or any combination thereof.

In an embodiment of the invention, a user may provide user input through any suitable input device or input mechanism such as but not limited to a keyboard, a mouse, a joystick, a touchpad, a virtual keyboard, a virtual data entry user interface, a virtual dial pad, a software or a program, a scanner, a remote device, a microphone, a webcam, a camera, a fingerprint scanner, a cave, pointing stick

In an embodiment of the invention, the systems and methods can be practised using any electronic device which may be connected to one or more of other electronic device with wires or wirelessly which may use technologies such as but not limited to, Bluetooth, WiFi, Wimax. This will also extend to use of the aforesaid technologies to provide an authentication key or access key or electronic device based unique key or any combination thereof.

In an embodiment of the invention, the systems and methods can be practised using any electronic device which may contain or may be infected by one or more of an undesirable software such as but not limited to a virus, or a Trojan, or a worm, malware, spyware, adware, scareware, crimeware, rootkit or any combination thereof.

In an embodiment of the invention the system may involve software updates or software extensions or additional software applications.

In an embodiment of the invention, any form of internet security such as but not limited to, a firewall or antivirus or antimalware or registry protection can be used by a user in the same or different electronic device either simultaneously or separately, along with the systems or methods of the present invention. In an embodiment of the invention, one or more user can be blocked or denied access to one or more of the aspects of the invention.

The term 'encrypt' or 'encryption' means the process of converting digital information into a new form using a key or a code or a program, wherein the new form is unintelligible or indecipherable to a user or a thief or a hacker or a spammer. The term 'encryption' includes encoding, compressing, or any other translating of the digital content. The encryption of the digital media content is performed in accordance with an encryption/decryption algorithm. The encryption/decryption algorithm utilized is not hardware dependent and may change depending on the digital content. For example, a different algorithm may be utilized for different websites or programs. The term 'encryption' further includes one or more aspects of authentication, entitlement, data integrity, access control, confidentiality, segmentation, information control, and combinations thereof.

The described embodiments may be implemented as a system, method, apparatus or article of manufacture using standard programming and/or engineering techniques related to software, firmware, hardware, or any combination thereof. The described operations may be implemented as code maintained in a "computer readable medium", where a processor may read and execute the code from the computer readable medium. A computer readable medium may comprise media such as magnetic storage medium (e.g., hard disk drives, floppy disks, tape, etc.), optical storage (CD-ROMs, DVDs, optical disks, etc.), volatile and non-volatile memory devices (e.g., EEPROMs, ROMs, PROMs, RAMs, DRAMs, SRAMs, Flash Memory, firmware, programmable logic, etc.), etc. The code implementing the described operations may further be implemented in hardware logic (e.g., an integrated circuit chip, Programmable Gate Array (PGA), Application Specific Integrated Circuit (ASIC), etc.). Still further, the code implementing the described operations may be implemented in "transmission signals", where transmission signals may propagate through space or through a transmission media, such as an optical fibre, copper wire, etc. The transmission signals in which the code or logic is encoded may further comprise a wireless signal, satellite transmission, radio waves, infrared signals, Bluetooth, etc. The transmission signals in which the code or logic is encoded is capable of being transmitted by a transmitting station and received by a receiving station, where the code or logic encoded in the transmission signal may be decoded and stored in hardware or a computer readable medium at the receiving and transmitting stations or devices. An "article of manufacture" comprises computer readable medium, hardware logic, and/or transmission signals in which code may be implemented. A device in which the code implementing the described embodiments of operations is encoded may comprise a computer readable medium or hardware logic. Of course, those skilled in the art will recognize that many modifications may be made to this configuration without departing from the scope of the present invention, and that the article of manufacture may comprise suitable information bearing medium known in the art.

In an embodiment of the invention the term network means a system allowing interaction between two or more electronic devices, and includes any form of inter/intra enterprise environment such as the world wide web, Local Area Network (LAN) , Wide Area Network (WAN) , Storage Area Network (SAN) or any form of Intranet.

The term 'pre-defined' with respect to a component or data or item or program means that a particular component or data or item or program or indica is defined at an instant prior to the instant of using the component or data or item or program, which may be done by a system or a user.

In an embodiment of the invention the term computer deems to include a group of computers or a network of computers.

In an embodiment of the invention, the systems and methods can be practised using any electronic device. An electronic device for the purpose of this invention is selected from any device capable of processing or representing data to a user and providing access to a network or any system similar to the internet, wherein the electronic device may be selected from but not limited to, personal computers, mobile phones, laptops, palmtops, portable media players and personal digital assistants. In an embodiment of the invention computer program code for carrying out operations or functions or logic or algorithms for aspects of the present invention may be written in any combination of one or more programming languages which are either already in use or may be developed in future, such as but not limited to Java, Smalltalk, C++, C, Foxpro, Basic, HTML, PHP, SQL, Javascript, COBOL, Extensible Markup Language (XML), Pascal, Python, Ruby, Visual Basic .NET, Visual C++, Visual C# .Net, Python, Delphi, VBA, Visual C++ .Net, Visual FoxPro, YAFL, XOTcl, XML, Wirth, Water, Visual DialogScript, VHDL, Verilog, UML, Turing, TRAC, TOM, Tempo, Tcl-Tk, T3X, Squeak, Specification, Snobol, Smalltalk, S-Lang, Sisal, Simula, SGML, SETL, Self, Scripting, Scheme, Sather, SAS, Ruby, RPG, Rigal, Rexx, Regular Expressions, Reflective, REBOL, Prototype-based, Proteus, Prolog, Prograph, Procedural, PowerBuilder, Postscript, POP-11, PL-SQL, Pliant, PL, Pike, Perl, Parallel, Oz, Open Source, Occam, Obliq, Object-Oriented, Objective-C, Objective Caml, Obfuscated, Oberon, Mumps, Multiparadigm, Modula-3, Modula-2, ML, Miva, Miranda, Mercury, MATLAB, Markup, m4, Lua, Logo, Logic -based, Lisp (351), Limbo, Leda, Language-OS Hybrids, Lagoona, LabVIEW, Interpreted, Interface, Intercal, Imperative, IDL, Icl, ICI, HyperCard, HTMLScript, Haskell, Hardware Description, Goedel, Garbage Collected, Functional, Frontier, Fortran, Forth, Euphoria, Erlang, Elastic, Eiffel, E, Dylan, DOS Batch, Directories, Declarative, Dataflow, Database, D, Curl, C- Sharp, Constraint, Concurrent, Component Pascal, Compiled, Comparison and Review, Cocoa, CobolScript, CLU, Clipper, Clean, Clarion, CHILL, Cecil, Caml, Blue, Bistro, Bigwig, BETA, Befunge, BASIC, Awk, Assembly, ASP, AppleScript, APL, Algol 88, Algol 60, Aleph, ADL, ABEL, ABC, or similar programming languages.

In an embodiment, the data storage unit or data storage device is selected from a set of but not limited to USB flash drive (pen drive), memory card, optical data storage discs, hard disk drive, magnetic disk, magnetic tape data storage device, data server and molecular memory.

Examples:

Example 1 - Registration:-

As a first step to use this invention a customer has to register with the payment gateway for example HDFC Payment Gateway, his payment details like credit/debit cards etc.

While the payment details will be stored with the payment gateway provider, personal details like DOB, Mobile number etc. can also be stored with the insecure third party service provided, for example, Justdial securely.

Example 2 - Transaction Process: -

In order to use this invention the customer calls the toll free number of Justdial, wherein the customer states that he wants to purchase an Air Conditioner in a store, for example, CROMA (Affiliate). After getting this detail the call is disconnected and again a call back originates from Justdial.

In this call the executive from Justdial first of all tries to locate the exact location of the Croma store by either asking the customer to identify any nearby landmarks or by using the phone's GPS.

Once the exact store is confirmed the customer is then asked for further details of the product he wants to buy which in this case is AC, like brand name, model number, split or window, quantity and tonnage.

Example 3 - by Call:-

As these details are confirmed, a series of random 2 way challenges occur. 2 way challenges means both the customer and the executive (of Justdial) can verify each other's authenticity though a series of question. These challenges are computer generated and personal details of the customer are never shown to the executive. For example the executive may ask the customer the last digit of his year of birth and the customer can ask the executive the last digit of his credit card number.

After the authenticity is verified the customer is then transferred to the payment gateway service wherein he may be asked to choose the payment method and enter the corresponding identity tag which he had registered during Pre- Registration Mechanism.

Example 4 - Payment by SMS:- To make payment the customer sends a text message in a pre-defined template to Justdial. As the location of store is confirmed the payee/affiliate name is told to the customer. The text message includes details related to the payment instruction like the payee name, amount to be paid and the identity tag for example

#PAY CROMA #AMT 15000 #TAG ANAND

Once the identity tag is verified, an approval code is generated and is sent to the customer.

The format can be as below

#PAY CROMARETAIL #AMT 15000 #TAG ANAND #APRC 12345

The customer then sends back the approval code to initiate payment.

To further secure the process of payment an additional verification is done.

After the payment process is initiated, Justdial calls up the customer mentioning the payment/transaction details and asking once more for confirmation to proceed with the payment. The customer confirms by pressing a key.

When the payment is processed successfully Justdial sends the customer through SMS or E-mail the details of the transaction along with the billing reference number.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude or rule out the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

The process steps, method steps, algorithms or the like may be described in a sequential order, such processes, methods and algorithms may be configured to work in alternate orders. In other words, any sequence or order of steps that may be described does not necessarily indicate a requirement that the steps be performed in that order. The steps of processes described herein may be performed in any order practical. Further, some steps may be performed simultaneously, in parallel, or concurrently.

In addition to the embodiments and examples shown, numerous variants are possible, which may be obvious to a person skilled in the art relating to the aspects of the invention.

While this detailed description has disclosed certain specific embodiments of the present invention for illustrative purposes, various modifications will be apparent to those skilled in the art which do not constitute departures from the spirit and scope of the invention as defined in the following claims, and it is to be distinctly understood that the foregoing descriptive matter is to be interpreted merely as illustrative of the invention and not as a limitation.

Claims

I claim,
1. A system for human assisted secure payment to an insecure third-party service provider, wherein the system comprises:
a. a pre-registration mechanism (PRM) adapted to allow a user (or a customer) to pre- register in order to avail the use of the system and method of this invention, said pre- registration mechanism comprising a combination of first and second registration mechanisms wherein a first registration mechanism is selected from a first group consisting of web based registration module of personal details (WRM-1) and a phone based registration module of personal details (PHM-1), and wherein a second registration mechanism is selected from a second group consisting of web based registration module of payment details (WRM-2) and a phone based registration module of payment details (PHM-2);
b. a verification code generation mechanism;
c. an affiliate registration mechanism (ARM) adapted to allow payee affiliates to pre- register, said affiliate registration mechanism comprising a combination of first and second registration mechanisms; a first registration mechanism selected from a first group consisting of web based registration module of personal details (WRM-3) and a phone based registration module of personal details (PHM-3) and a second registration mechanism selected from a second group consisting of web based registration module of payment details (WRM-4) and a phone based registration module of payment details (PHM-4);
d. a post-registration mechanism (PSM) adapted to allow a user to register a plurality of identity tags (or nicknames); each identity tag relating to payment information for a particular payment instrument; and
e. a phone payment mechanism (PPM) adapted to allow a user to make payments in a seamlessly secure manner by means of a phone and its voice channel and a dial-pad; wherein the web based registration module of personal details (WRM-1) comprises a web-based input means for allowing a customer to enter standard personal information through a web-based interface, wherein the input means is located at a payment facility website which is communicably coupled to a computer system with an insecure third party service provider which receives the entered standard personal information; and
wherein phone based registration module of personal details (PHM-1) comprises a phone based input means adapted to allow a customer to input standard personal information by means of an IVR (Interactive Voice Response) menu set up for the purpose or by relayed communication to an operator adapted to handle the data entry of the inputs through a data entry interface and mechanism; and
wherein the data entry interface and mechanism is communicably coupled to a computer system with the third party service provider which receives the entered standard personal information; and
wherein a database maintained at the end of the insecure third party service provider stores the standard personal information entered via web-based input means or phone based input means; and
wherein a phone number is a mandatory item of input at the input means of the payment facility website; and
wherein the verification code generation mechanism generates a verification code upon receipt of a phone number or a mobile number at the database through the input means; and
wherein the web based registration module of payment details (WRM-2) comprises a web based input means adapted to allow a customer to input the verification code received by the verification code generation mechanism; and
wherein the phone based registration module of payment details (PHM-2) comprises a phone based input means adapted to allow a customer to call a pre-defined number and to input the verification code received by the verification code generation mechanism; and wherein the web based registration module of payment details (WRM-2) and the phone based registration module of payment details (PHM-2) further comprise an authentication means to check authenticity of entered code by means of a comparator; and
wherein the web based registration module of payment details (WRM-2) and the phone based registration module of payment details (PHM-2) further comprise a channeling means in order to channel the system on to a secure system and GUI which belongs to a secure payment gateway service, the secure system comprises payment information input means adapted to allow a customer to input payment information which is confidential payment information; and
wherein the web based registration module of payment details (WRM-2) and the phone based registration module of payment details (PHM-2) further comprises an identifying token generation means adapted to generate an identifying token upon receipt of payment information, which identifying token is relayed to the third party service provider through a secure communication channel; and
wherein the web based registration module of personal details (WRM-3) comprises a web-based input means for allowing an affiliate to enter standard personal information through a web-based interface, wherein the input means is located at a payment facility website which is communicably coupled to a computer system with an insecure third party service provider which receives the entered standard personal information; and
wherein phone based registration module of personal details (PHM-3) comprises a phone based input means adapted to allow an affiliate to input standard personal information by means of an IVR (Interactive Voice Response) menu set up for the purpose or by relayed communication to an operator adapted to handle the data entry of the inputs through a data entry interface and mechanism; and
wherein the data entry interface and mechanism is communicably coupled to a computer system with the insecure third party service provider which receives the entered standard personal information; and
wherein a database maintained at the end of the insecure third party service provider stores the standard personal information entered via web-based input means or phone based input means; and
wherein a phone number is a mandatory item of input at the input means of the payment facility website; and
wherein the verification code generation mechanism generates a verification code upon receipt of a phone number or a mobile number at the database through the input means; and
wherein the web based registration module of payment details (WRM-4) comprises a web based input means adapted to allow an affiliate to input the verification code received by the verification code generation mechanism; and
wherein the phone based registration module of payment details (PHM-4) comprises a phone based input means adapted to allow an affiliate to call a pre-defined number and to input the verification code received by the verification code generation mechanism; and
wherein the web based registration module of payment details (WRM-4) and the phone based registration module of payment details (PHM-4) further comprise an authentication means to check authenticity of entered code by means of a comparator; and
wherein the web based registration module of payment details (WRM-4) and the phone based registration module of payment details (PHM-4) further comprise a channeling means in order to channel the system on to a secure system and GUI which belongs to a secure payment gateway service, the secure system comprises payment information input means adapted to allow an affiliate to input payment information which is confidential payment information; and
wherein the web based registration module of payment details (WRM-4) and the phone based registration module of payment details (PHM-4) further comprises an identifying token generation means adapted to generate an identifying token upon receipt of payment information, which identifying token is relayed to the third party service provider through a secure communication channel; and
wherein a database is provided which stores the identifying token in a tagged manner for future reference; and
wherein the phone payment mechanism (PPM) comprises a pre-defined channel defined with a pre-defined phone number which is input by a customer to start usage of the system of this invention, and at a first level of authentication, the phone number or mobile number which is used to make the call to the pre-defined phone number is verified and a transferring means transfers the call to an operator or an input system who takes down or notes down payee details and wherein the payee has to be registered with the third-party service provider as an affiliate.
2. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 1 , wherein if the customer has multiple identity tags, the customer is prompted to select one of the multiple identity tags.
3. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 1, wherein an automated voice confirmation may read out the affiliate name and may spell out the identity tag alphabets for confirmation.
4. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 1 , wherein the verification code generation mechanism generates a verification code for a user only one time at the time of the pre-registration by the user using the p re- registration mechanism (PRM).
5. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 1, wherein the system further comprises a notification mechanism adapted to generate a payment request by a third party service provider to the secure payment gateway service, on behalf of the customer, once the phone payment mechanism (PPM) is effectively engaged.
6. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 1, wherein the system further comprises an additional verification mechanism (AVM) adapted to provide additional layers of security for enabling a secure payment transaction.
7. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 1, wherein the system further comprises an SMS payment mechanism (SPM) adapted to allow a user to make payments in a seamlessly secure manner by means of a phone and its text channel and dial-pad, wherein the SMS payment mechanism (SPM) comprises an SMS input means with a pre-defined template in order to text the SMS to the system of this invention.
8. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 7, wherein the pre-defined template comprises fields pertaining to payment instructions with payment name, amount of payment, and identity tag.
9. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 7, wherein the SMS payment mechanism (SPM) comprises an authentication means to check authenticity of the identity tag in correlation with the mobile number in order to generate a return SMS to the customer and to generate an approval code by an approval code generating means, the approval code being capable of being inputted via an approval code input means and relayed for initiation of payment via an approval code relaying means.
10. A computer implemented method for human assisted secure payment to an insecure third-party service provider by a system as claimed in claim 1, the method comprising the steps of: a. receiving a call by a customer by the phone payment mechanism with a pre-defined phone number which is input by a customer;
b. authenticating of the phone number or mobile number or customer registered phone number or customer registered mobile number which is used to make the call to the pre-defined phone number by the phone payment mechanism;
c. transferring of the call to an operator or an input system of the insecure third- party service provider who takes down or notes down payee details and wherein the payee has to be registered with the insecure third-party service provider as an affiliate;
d. verification of the user by the operator using an additional verification mechanism (AVM);
e. leading the customer seamlessly to a part of the IVR menu by way of a parallel call which only interacts with the Secure Payment gateway Service, such that this part of the call just relays any inputted information to the Secure Payment gateway Service without involving a human or allowing permanent storage;
f. entering of an input by the user with the Secure Payment gateway Service to initiate a payment;
g. initiating a payment by the Secure Payment gateway Service; and
h. receiving of payment status confirming completion or rejection of payment by the user.
11. A computer implemented method for human assisted secure payment to an insecure third-party service provider by a system as claimed in claim 10, the method further comprising the step of sending a verification code to the user using and receiving the said verification code from the user by the additional verification mechanism (AVM) whereby the operator is not able to access the said verification code.
12. A computer implemented method for human assisted secure payment to an insecure third-party service provider by a system as claimed in claim 10, wherein the entering of an input by the user with the Secure Payment gateway Service to trigger a payment is selected from a set of entering a dynamic one time password, entering a voice password, entering a pre-stored secure password, entering a token, entering a tag, entering credit card details, entering debit card details, entering a personal identification number and a combination thereof.
13. A computer implemented method for human assisted secure payment to an insecure third-party service provider by a system as claimed in claim 10, the method further comprising the step of receiving a call or an SMS from the affiliate to the customer registered phone number or customer registered mobile number.
14. A computer implemented method for human assisted secure payment to an insecure third-party service provider by a system as claimed in claim 10, the method further comprising the step of receiving a call or an SMS from the Secure Payment gateway Service to the customer registered phone number or customer registered mobile number.
15. A computer program product for human assisted secure payment to an insecure third-party service provider by a system as claimed in claim 1, the computer program product embodied in a computer readable medium that, when executing on a computer, performs steps comprising: a. receiving a call by a customer by the phone payment mechanism with a pre-defined phone number which is input by a customer;
b. authenticating of the phone number or mobile number or customer registered phone number or customer registered mobile number which is used to make the call to the pre-defined phone number by the phone payment mechanism;
c. transferring of the call to an operator or an input system of the insecure third- party service provider who takes down or notes down payee details and wherein the payee has to be registered with the insecure third-party service provider as an affiliate;
d. verification of the user by the operator using an additional verification mechanism (AVM);
e. leading the customer seamlessly to a part of the IVR menu by way of a parallel call which only interacts with the Secure Payment gateway Service, such that this part of the call just relays any inputted information to the Secure Payment gateway Service without involving a human or allowing permanent storage;
f. entering of an input by the user with the Secure Payment gateway Service to initiate a payment;
g. initiating a payment by the Secure Payment gateway Service; and
h. receiving of payment status confirming completion or rejection of payment by the user.
16. A computer program product for human assisted secure payment to an insecure third-party service provider by a system as claimed in claim 1, the computer program product embodied in a computer readable medium that, when executing on a computer, performs steps comprising: a. receiving an SMS by a customer by the phone payment mechanism with a pre-defined phone number which is input by a customer, such that the SMS includes the details required for enabling a payment;
b. authenticating of the phone number or mobile number or customer registered phone number or customer registered mobile number which is used to make the call to the pre-defined phone number by the phone payment mechanism;
c. verification of the user by the operator using an additional verification mechanism (AVM);
d. entering of an input by the user with the Secure Payment gateway Service to initiate a payment;
e. initiating a payment by the Secure Payment gateway Service; and
f. receiving of payment status confirming completion or rejection of payment by the user.
17. A computer implemented method for human assisted secure payment to an insecure third-party service provider, the method comprising the steps of:
a. pre-registering by a user or a customer using a pre-registration mechanism (PRM) and by entering a verification code by the user wherein the verification code is generated through a verification code generation mechanism upon user input of a phone number or a mobile number through an input means;
b. pre-registering by an affiliate using an affiliate registration mechanism (ARM) and by entering a verification code by the affiliate wherein the verification code is generated through a verification code generation mechanism upon user input of a phone number or a mobile number through an input means;
c. allowing a user to register a plurality of identity tags (or nicknames); each identity tag relating to payment information for a particular payment instrument using a post- registration mechanism (PSM); and
d. allowing a user to make payments in a seamlessly secure manner by means of a phone and its voice channel and a dial-pad using a phone payment mechanism (PPM).
18. A system for human assisted secure payment to an insecure third-party service provider as claimed in claim 1, wherein the additional verification allows a two-way verification where both the customer and the third part service provider can verify each other's authenticity though one or more questions.
PCT/IB2013/054510 2012-06-01 2013-05-31 Method and system for human assisted secure payment by phone to an insecure third-party service provider WO2013179271A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
IN3377/MUM/2011 2012-06-01
IN3377MU2011 2012-06-01

Publications (2)

Publication Number Publication Date
WO2013179271A2 true WO2013179271A2 (en) 2013-12-05
WO2013179271A3 WO2013179271A3 (en) 2014-02-06

Family

ID=49673987

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2013/054510 WO2013179271A2 (en) 2012-06-01 2013-05-31 Method and system for human assisted secure payment by phone to an insecure third-party service provider

Country Status (1)

Country Link
WO (1) WO2013179271A2 (en)

Cited By (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8827154B2 (en) 2009-05-15 2014-09-09 Visa International Service Association Verification of portable consumer devices
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9280765B2 (en) 2011-04-11 2016-03-08 Visa International Service Association Multiple tokenization for authentication
US9317848B2 (en) 2009-05-15 2016-04-19 Visa International Service Association Integration of verification tokens with mobile communication devices
US9372971B2 (en) 2009-05-15 2016-06-21 Visa International Service Association Integration of verification tokens with portable computing devices
US9424413B2 (en) 2010-02-24 2016-08-23 Visa International Service Association Integration of payment capability into secure elements of computers
US9516487B2 (en) 2013-11-19 2016-12-06 Visa International Service Association Automated account provisioning
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US9530131B2 (en) 2008-07-29 2016-12-27 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9547769B2 (en) 2012-07-03 2017-01-17 Visa International Service Association Data protection hub
US9582801B2 (en) 2009-05-15 2017-02-28 Visa International Service Association Secure communication of payment information to merchants using a verification token
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
US9680942B2 (en) 2014-05-01 2017-06-13 Visa International Service Association Data verification using access device
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US9792611B2 (en) 2009-05-15 2017-10-17 Visa International Service Association Secure authentication system and method
US9830595B2 (en) 2012-01-26 2017-11-28 Visa International Service Association System and method of providing tokenization as a service
US9848052B2 (en) 2014-05-05 2017-12-19 Visa International Service Association System and method for token domain control
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US9898740B2 (en) 2008-11-06 2018-02-20 Visa International Service Association Online challenge-response
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
US9959531B2 (en) 2011-08-18 2018-05-01 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9972005B2 (en) 2013-12-19 2018-05-15 Visa International Service Association Cloud-based transactions methods and systems
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
US9996835B2 (en) 2013-07-24 2018-06-12 Visa International Service Association Systems and methods for communicating token attributes associated with a token vault
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US10043178B2 (en) 2007-06-25 2018-08-07 Visa International Service Association Secure mobile payment system
US10078832B2 (en) 2011-08-24 2018-09-18 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
US10147089B2 (en) 2012-01-05 2018-12-04 Visa International Service Association Data protection with translation
US10154084B2 (en) 2011-07-05 2018-12-11 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10192216B2 (en) 2012-09-11 2019-01-29 Visa International Service Association Cloud-based virtual wallet NFC apparatuses, methods and systems
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
US10223691B2 (en) 2011-02-22 2019-03-05 Visa International Service Association Universal electronic payment apparatuses, methods and systems
US10243958B2 (en) 2016-01-07 2019-03-26 Visa International Service Association Systems and methods for device push provisoning
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US10255601B2 (en) 2010-12-09 2019-04-09 Visa International Service Association Multifactor authentication using a directory server

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001052127A1 (en) * 2000-01-13 2001-07-19 Aplettix Inc. Secure private agent for electronic transactions
US20040049455A1 (en) * 2001-07-06 2004-03-11 Hossein Mohsenzadeh Secure authentication and payment system
US20040139003A1 (en) * 2002-09-30 2004-07-15 Ifedayo Udiani Simplified internet payment, security, & tax administration protocol (SIPSTAP)
CN101563704A (en) * 2005-11-03 2009-10-21 支付途径股份有限公司 Methods and systems for identity authentication
CN102027495A (en) * 2008-06-24 2011-04-20 国际商业机器公司 Method and system for authenticating an electronic payment request

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001052127A1 (en) * 2000-01-13 2001-07-19 Aplettix Inc. Secure private agent for electronic transactions
US20040049455A1 (en) * 2001-07-06 2004-03-11 Hossein Mohsenzadeh Secure authentication and payment system
US20040139003A1 (en) * 2002-09-30 2004-07-15 Ifedayo Udiani Simplified internet payment, security, & tax administration protocol (SIPSTAP)
CN101563704A (en) * 2005-11-03 2009-10-21 支付途径股份有限公司 Methods and systems for identity authentication
CN102027495A (en) * 2008-06-24 2011-04-20 国际商业机器公司 Method and system for authenticating an electronic payment request

Cited By (68)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10043178B2 (en) 2007-06-25 2018-08-07 Visa International Service Association Secure mobile payment system
US9530131B2 (en) 2008-07-29 2016-12-27 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9898740B2 (en) 2008-11-06 2018-02-20 Visa International Service Association Online challenge-response
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US9317848B2 (en) 2009-05-15 2016-04-19 Visa International Service Association Integration of verification tokens with mobile communication devices
US9372971B2 (en) 2009-05-15 2016-06-21 Visa International Service Association Integration of verification tokens with portable computing devices
US8827154B2 (en) 2009-05-15 2014-09-09 Visa International Service Association Verification of portable consumer devices
US9904919B2 (en) 2009-05-15 2018-02-27 Visa International Service Association Verification of portable consumer devices
US10009177B2 (en) 2009-05-15 2018-06-26 Visa International Service Association Integration of verification tokens with mobile communication devices
US9792611B2 (en) 2009-05-15 2017-10-17 Visa International Service Association Secure authentication system and method
US9582801B2 (en) 2009-05-15 2017-02-28 Visa International Service Association Secure communication of payment information to merchants using a verification token
US10049360B2 (en) 2009-05-15 2018-08-14 Visa International Service Association Secure communication of payment information to merchants using a verification token
US10043186B2 (en) 2009-05-15 2018-08-07 Visa International Service Association Secure authentication system and method
US9589268B2 (en) 2010-02-24 2017-03-07 Visa International Service Association Integration of payment capability into secure elements of computers
US9424413B2 (en) 2010-02-24 2016-08-23 Visa International Service Association Integration of payment capability into secure elements of computers
US10255591B2 (en) 2010-12-07 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
US10255601B2 (en) 2010-12-09 2019-04-09 Visa International Service Association Multifactor authentication using a directory server
US10223691B2 (en) 2011-02-22 2019-03-05 Visa International Service Association Universal electronic payment apparatuses, methods and systems
US9280765B2 (en) 2011-04-11 2016-03-08 Visa International Service Association Multiple tokenization for authentication
US10154084B2 (en) 2011-07-05 2018-12-11 Visa International Service Association Hybrid applications utilizing distributed models and views apparatuses, methods and systems
US10121129B2 (en) 2011-07-05 2018-11-06 Visa International Service Association Electronic wallet checkout platform apparatuses, methods and systems
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US10242358B2 (en) 2011-08-18 2019-03-26 Visa International Service Association Remote decoupled application persistent state apparatuses, methods and systems
US9959531B2 (en) 2011-08-18 2018-05-01 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US10078832B2 (en) 2011-08-24 2018-09-18 Visa International Service Association Method for using barcodes and mobile devices to conduct payment transactions
US10223730B2 (en) 2011-09-23 2019-03-05 Visa International Service Association E-wallet store injection search apparatuses, methods and systems
US10147089B2 (en) 2012-01-05 2018-12-04 Visa International Service Association Data protection with translation
US10262308B2 (en) 2012-01-25 2019-04-16 Visa U.S.A. Inc. Cardless challenge systems and methods
US9830595B2 (en) 2012-01-26 2017-11-28 Visa International Service Association System and method of providing tokenization as a service
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US9547769B2 (en) 2012-07-03 2017-01-17 Visa International Service Association Data protection hub
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US9727858B2 (en) 2012-07-26 2017-08-08 Visa U.S.A. Inc. Configurable payment tokens
US10204227B2 (en) 2012-08-10 2019-02-12 Visa International Service Association Privacy firewall
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
US10192216B2 (en) 2012-09-11 2019-01-29 Visa International Service Association Cloud-based virtual wallet NFC apparatuses, methods and systems
US10176478B2 (en) 2012-10-23 2019-01-08 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US10223710B2 (en) 2013-01-04 2019-03-05 Visa International Service Association Wearable intelligent vision device apparatuses, methods and systems
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
US9996835B2 (en) 2013-07-24 2018-06-12 Visa International Service Association Systems and methods for communicating token attributes associated with a token vault
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
US9516487B2 (en) 2013-11-19 2016-12-06 Visa International Service Association Automated account provisioning
US10248952B2 (en) 2013-11-19 2019-04-02 Visa International Service Association Automated account provisioning
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US9972005B2 (en) 2013-12-19 2018-05-15 Visa International Service Association Cloud-based transactions methods and systems
US10062079B2 (en) 2014-01-14 2018-08-28 Visa International Service Association Payment account identifier system
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
US9680942B2 (en) 2014-05-01 2017-06-13 Visa International Service Association Data verification using access device
US9848052B2 (en) 2014-05-05 2017-12-19 Visa International Service Association System and method for token domain control
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10038563B2 (en) 2014-07-23 2018-07-31 Visa International Service Association Systems and methods for secure detokenization
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10049353B2 (en) 2014-08-22 2018-08-14 Visa International Service Association Embedding cloud-based functionalities in a communication device
US10140615B2 (en) 2014-09-22 2018-11-27 Visa International Service Association Secure mobile device credential provisioning using risk decision non-overrides
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
US10187363B2 (en) 2014-12-31 2019-01-22 Visa International Service Association Hybrid integration of software development kit with secure execution environment
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US10255456B2 (en) 2015-09-28 2019-04-09 Visa International Service Association Remote server encrypted data provisioning system and methods
US10257185B2 (en) 2015-12-11 2019-04-09 Visa International Service Association Automated access data provisioning
US10243958B2 (en) 2016-01-07 2019-03-26 Visa International Service Association Systems and methods for device push provisoning
US10262001B2 (en) 2017-09-27 2019-04-16 Visa International Service Association Multi-source, multi-dimensional, cross-entity, multimedia merchant analytics database platform apparatuses, methods and systems

Also Published As

Publication number Publication date
WO2013179271A3 (en) 2014-02-06

Similar Documents

Publication Publication Date Title
US8567670B2 (en) Dynamic card verification values and credit transactions
US9923885B2 (en) Systems and methods for using imaging to authenticate online users
AU2011348061B2 (en) Mobile phone atm processing methods and systems
AU2007289166B2 (en) Method and system for processing internet purchase transactions
AU2011342282B2 (en) Authenticating transactions using a mobile device identifier
US10089606B2 (en) System and method for trusted mobile device payment
AU2010306566B2 (en) Anti-phishing system and method including list with user data
US8504480B2 (en) Creation of signatures for authenticating applications
US9596237B2 (en) System and method for initiating transactions on a mobile device
KR101723709B1 (en) Image-based financial processing
US8934865B2 (en) Authentication and verification services for third party vendors using mobile devices
US8301500B2 (en) Ghosting payment account data in a mobile telephone payment transaction system
US20130008948A1 (en) Systems and methods for gesture-based interaction with computer systems
US20110113245A1 (en) One time pin generation
US20080243702A1 (en) Tokens Usable in Value-Based Transactions
US8904495B2 (en) Secure transaction systems and methods
US7548890B2 (en) Systems and methods for identification and authentication of a user
US9280765B2 (en) Multiple tokenization for authentication
US20100312703A1 (en) System and method for providing authentication for card not present transactions using mobile device
US20090106150A1 (en) Unified identity verification
US20010051924A1 (en) On-line based financial services method and system utilizing biometrically secured transactions for issuing credit
US8341086B2 (en) End-to-end secure payment processes
KR101617569B1 (en) Hub and spokes pin verification
US20140164254A1 (en) Authenticating Remote Transactions Using a Mobile Device
US20100114773A1 (en) Systems, Methods, And Apparatus For Using A Contactless Transaction Device Reader With A Computing System

Legal Events

Date Code Title Description
122 Ep: pct application non-entry in european phase

Ref document number: 13796840

Country of ref document: EP

Kind code of ref document: A2