WO2014051468A1 - Procédé de confirmation de paiement - Google Patents
Procédé de confirmation de paiement Download PDFInfo
- Publication number
- WO2014051468A1 WO2014051468A1 PCT/RU2013/000837 RU2013000837W WO2014051468A1 WO 2014051468 A1 WO2014051468 A1 WO 2014051468A1 RU 2013000837 W RU2013000837 W RU 2013000837W WO 2014051468 A1 WO2014051468 A1 WO 2014051468A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- payment
- card
- acquirer
- payment card
- values
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4018—Transaction verification using the card verification value [CVV] associated with the card
Definitions
- the invention relates to the field of acquiring, and in particular to the field of security of cashless payments using payment cards of international payment systems, such as Visa, MasterCard, JCB International, AmericanExpress and others (hereinafter - MPS).
- international payment systems such as Visa, MasterCard, JCB International, AmericanExpress and others (hereinafter - MPS).
- the invention can be applied to further verify the intention to make a payment (debiting funds from a payment card) by a buyer when he makes a payment remotely, without personal presence.
- a payment debiting funds from a payment card
- the acquirer refers to a bank providing acquiring services, as well as other third parties providing intermediary services to the acquiring bank as part of the latter's provision of acquiring services
- - TSP trade and service company
- Card parameters are displayed (in some cases embossed) on the card itself, namely: card number, card expiration date, special verification code, and sometimes the name of the card holder. To make a payment, it is enough to know the card number, its validity period and verification code.
- a TSP or an acquirer may not always know in advance the true contacts of the card holder and thus cannot be guaranteed to contact the latter.
- 3-D Secure authentication model that allows authentication of the payer on the issuer's secure site.
- 3-D Secure is an XML protocol that is used as an additional level of security for online credit and debit cards, two-factor user authentication. It was developed by Visa IPU to improve the security of Internet payments. Based on it, Visa offered its customers the Verified by Visa (VbV) service. Services based on this protocol have also been adopted by MasterCard, under the name MasterCard SecureCode (MCC), and JCB International, as J / Secure.
- the present invention is aimed at achieving a technical result, which consists in increasing the security of conducting payment transactions using a card when making payments in real time.
- the method of confirming the payment in the remote access mode is characterized in that when the payment is made, the payment card holder enters information on the payment amount on the web page of the trade and service company payment card data in the form of part of the digits of the bank identification number of the payment card and transmits this information in an online request to the hardware and software system of the acquirer, in which they check the database of the bank 5 identification number of the payment card and generates at least one list values of the parameters of this card, which include real and false values of the parameters of this card, which are in the HTTPS-initiated session mode with a browser or payment card holder application In the form of a text message, they transmit to the holder’s receiving device with a request to select the correct ones from the proposed values and, when the correct answers are received by the hardware and software system of the acquirer, carry out the payment with the specified parameters in the direction of the trade and service company.
- the present invention is illustrated by an embodiment.
- FIG. 1 - presents the procedure for authentication of the card holder.
- a new method for verifying the intention of a cardholder to make a payment which is based on
- the invention provides a method for verifying the intent of a cardholder to make a payment in real time.
- Conditions except for the conditions of making a payment through the website) for the invention: the availability of tables of bank identification numbers (BIN) of the IPS cards at the acquirer,
- a method of confirming a payment in remote access mode is characterized in that when a payment is made, the payment card holder enters on the web page of the merchant service information on the payment amount and payment card data as part of the digits of the bank identification number of the payment card and transfers this information to it on-line request to the hardware-software complex of the acquirer, in which they check in the database of received data on the bank identification number of the payment card and generates at least one list of parameter values for this card, which includes real and false values for the parameters of this card, which are in the HTTPS-initiated session mode with a browser or payment card holder application in They send a text message to the holder’s receiver with a request to select the correct ones from the proposed values and, if the correct answers are received, by the hardware-software complex the acquirer carry out the payment with the specified parameters in the direction of the trade and service company.
- the invention involves trying to make a payment in real time to clarify the bank identification number (BIN) of the card, which is the first 6 digits of the card number.
- BIN bank identification number
- the values of these parameters can be obtained only by having in front of you a card or its scan (photo) or an agreement with the bank, which greatly complicates fraud. In this case, fraudulent use of the card is limited to the presence, as a rule, of only its number, validity period and verification code.
- the user is prompted to select the value of one or more card parameters from the list on the same web page.
- the user may be offered several incorrect options and one correct, or several incorrect options and an option that reports that there is no true option.
- the number of card parameters selected for verification may vary depending on the degree of suspicion of the operation in fraud by the TSP or the acquirer. For example, a user trying to pay for a product or service with a MasterCard Gold card issued by Alfa-Bank may be asked to indicate the values of three parameters from the proposed options:
- results of these questions are analyzed by the Acquirer's APK and if all the answers are correct, then a decision is made that the card is really present at the time of payment. This increases the likelihood that the buyer is a card holder.
- the implementation of the invention requires only the automation of checking the BIN card according to the tables of the Ministry of Railways supplied to banks.
- a condition of the invention is the automation in the agro-industrial complex of the acquirer of checking the BIN tables.
- the invention allows in real time to exchange signals with the user's browser and, thereby, verify that the buyer is very likely to be the cardholder.
- a message is used with a question about choosing the correct values of the map parameters from the list of options provided.
- a signal indicating the selected value is used.
- the invention works in two steps.
- Step 1 Exchange between the APK of the acquirer and the buyer's browser https messages, the result of which is the delivery of the card number to the APK of the acquirer, or rather the BIN card.
- Stage 2 Exchange between the acquirer's APK and the buyer’s browser https messages, the result of which is a combination of values of the card parameters and a conclusion about the authenticity of the card holder.
- the invention works in the following order:
- the payer when trying to make a payment, enters the card details, which are then reported in the online payment request in the acquiring APK.
- the APC of the acquirer checks the BIN card value in the database, compiles lists of the card parameter values and initiates an HTTPS session with the browser or the customer’s application. As part of the session, a request is sent to the buyer’s device, including a text message with a request to select the correct one from the proposed values.
- the browser or application on the buyer's device automatically establishes a session and receives a signal.
- the buyer views the message transmitted in the signal and selects the values of the card parameters.
- the browser or application in real time sends the response to the acquirer's APK.
- the APK of the acquirer upon receipt of the correct answers, carries out the payment with the specified parameters. Upon receipt of at least one incorrect value of the APK, the acquirer does not make a payment.
- FIG. 1 is a diagram showing a method of authenticating a card holder.
- Step 1 The user enters the map data on the TSP web page in the browser.
- the browser transmits the data entered by the user to the acquirer in the form of a "Write-off" payment request via a secure communication channel.
- Step 2 The acquirer checks the presence of the BIN card in his agribusiness. Generates lists of card parameters and their values for customer verification.
- Step 3 The acquirer sends an https request to the address of the browser or application.
- the request contains a signal in the form of a message requiring a response - lists selects the correct values for the parameters of the entered map.
- Step 4 The user selects the values and his browser or application sends a signal to the APK of the acquirer.
- the signal contains a response to the request with the selected parameter values.
- Step B The acquirer, based on the result of the buyer's response, checks the answers received and makes a decision on processing the request “Write-off of funds”.
Abstract
L'invention concerne le domaine de l'acquiring. Le procédé de confirmation de paiement en mode accès à distance est caractérisé en ce que lors de la réalisation du paiement le détenteur de la carte de paiement saisit sur la page Web les données sur le montant de paiement et les données de la carte de paiement sous forme d'une partie de chiffres du numéro d'identification bancaire de la carte de paiement et transmet ces informations en mode en ligne dans un ensemble matériel et logiciel de l'acquéreur à l'intérieur dans lequel on effectue une vérification dans la base des données reçues sur le numéro d'identification bancaire et on forme au moins une liste des valeurs de paramètres de cette carte qui comprend les valeurs vraies ou fosses de cette carte qui, dans un mode de la séance lancée dans un navigateur ou au moyen d'une application du détenteur de la carte bancaire, sont transmises sous la forme d'un message texte au dispositif de réception du détenteur, avec une demande de sélection dans les valeurs proposées les réponses justes, et en cas de réception de réponses justes l'ensemble matériel et logiciel de l'acquéreur effectue le paiement avec les paramètres indiqués.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
RU2012141091/08A RU2509359C1 (ru) | 2012-09-26 | 2012-09-26 | Способ подтверждения платежа |
RU2012141091 | 2012-09-26 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014051468A1 true WO2014051468A1 (fr) | 2014-04-03 |
Family
ID=50192204
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/RU2013/000837 WO2014051468A1 (fr) | 2012-09-26 | 2013-09-26 | Procédé de confirmation de paiement |
Country Status (2)
Country | Link |
---|---|
RU (1) | RU2509359C1 (fr) |
WO (1) | WO2014051468A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170017952A1 (en) * | 2015-07-14 | 2017-01-19 | Samsung Electronics Co., Ltd. | Card registration method for payment service and mobile electronic device implementing the same |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2360383A (en) * | 2000-03-17 | 2001-09-19 | Tradesafely Com Ltd | Payment authorisation |
US20060271497A1 (en) * | 2005-05-24 | 2006-11-30 | Cullen Andrew J | Payment authorisation process |
US20080154770A1 (en) * | 2003-06-04 | 2008-06-26 | Bruce Rutherford | Customer Authentication In E-Commerce Transactions |
EA201070720A1 (ru) * | 2007-12-11 | 2010-12-30 | ЭксЭс ИННОВЕЙШН ХОЛДИНГЗ ЛИМИТЕД | Управление риском счетов и система авторизации для предотвращения несанкционированного использования счетов |
US20110276492A1 (en) * | 2000-04-17 | 2011-11-10 | Verisign, Inc. | Authenticated payment |
-
2012
- 2012-09-26 RU RU2012141091/08A patent/RU2509359C1/ru active
-
2013
- 2013-09-26 WO PCT/RU2013/000837 patent/WO2014051468A1/fr active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2360383A (en) * | 2000-03-17 | 2001-09-19 | Tradesafely Com Ltd | Payment authorisation |
US20110276492A1 (en) * | 2000-04-17 | 2011-11-10 | Verisign, Inc. | Authenticated payment |
US20080154770A1 (en) * | 2003-06-04 | 2008-06-26 | Bruce Rutherford | Customer Authentication In E-Commerce Transactions |
US20060271497A1 (en) * | 2005-05-24 | 2006-11-30 | Cullen Andrew J | Payment authorisation process |
EA201070720A1 (ru) * | 2007-12-11 | 2010-12-30 | ЭксЭс ИННОВЕЙШН ХОЛДИНГЗ ЛИМИТЕД | Управление риском счетов и система авторизации для предотвращения несанкционированного использования счетов |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170017952A1 (en) * | 2015-07-14 | 2017-01-19 | Samsung Electronics Co., Ltd. | Card registration method for payment service and mobile electronic device implementing the same |
Also Published As
Publication number | Publication date |
---|---|
RU2509359C1 (ru) | 2014-03-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7407254B2 (ja) | 位置照合を使用する認証システムおよび方法 | |
US11398910B2 (en) | Token provisioning utilizing a secure authentication system | |
CN113507377B (zh) | 用于使用基于交易特定信息的令牌和密码的交易处理的装置和方法 | |
CN109658103B (zh) | 身份认证、号码保存和发送、绑定号码方法、装置及设备 | |
CN107438992B (zh) | 浏览器与密码的集成 | |
RU2438172C2 (ru) | Способ и система для осуществления двухфакторной аутентификации при транзакциях, связанных с заказами по почте и телефону | |
US8768837B2 (en) | Method and system for controlling risk in a payment transaction | |
AU2019236715A1 (en) | Verification of contactless payment card for provisioning of payment credentials to mobile device | |
US11663600B2 (en) | Method and system for authorization of multiple transactions using a single authentication process | |
RU2301449C2 (ru) | Способ осуществления многофакторной строгой аутентификации держателя банковской карты с использованием мобильного телефона в среде мобильной связи при осуществлении межбанковских финансовых транзакций в международной платежной системе по протоколу спецификации 3-d secure (варианты) и реализующая его система | |
CN105590214A (zh) | 一种虚拟卡的支付方法以及支付系统 | |
US11935058B2 (en) | Systems and methods for authenticating a user using private network credentials | |
JP2019525645A (ja) | 暗号認証とトークン化されたトランザクション | |
AU2020260506A1 (en) | Remote transaction system, method and point of sale terminal | |
CN112106091A (zh) | 电子身份验证系统和方法 | |
RU137815U1 (ru) | Система проверки подлинности держателя платежной карты | |
KR101502997B1 (ko) | 일회성 비밀번호를 이용한 결제 시스템 및 결제 방법 | |
RU2509359C1 (ru) | Способ подтверждения платежа | |
US11544704B2 (en) | Systems and methods for tracking stored accounts | |
US11574310B2 (en) | Secure authentication system and method | |
RU2530323C2 (ru) | Способ безопасного использования банковских карт (варианты) | |
US20150356553A1 (en) | System for verifying the authenticity of a payment card holder | |
EA041883B1 (ru) | Система и способ для проведения удаленных транзакций с использованием платежного терминала точки продаж | |
WO2014051469A1 (fr) | Système pour confirmer l'intention d'un détenteur d'une carte de paiement d'effectuer un paiement |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13841883 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13841883 Country of ref document: EP Kind code of ref document: A1 |