WO2014111888A1 - Mobile payment system - Google Patents

Mobile payment system Download PDF

Info

Publication number
WO2014111888A1
WO2014111888A1 PCT/IB2014/058355 IB2014058355W WO2014111888A1 WO 2014111888 A1 WO2014111888 A1 WO 2014111888A1 IB 2014058355 W IB2014058355 W IB 2014058355W WO 2014111888 A1 WO2014111888 A1 WO 2014111888A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile
data
audio
communications channel
transactor
Prior art date
Application number
PCT/IB2014/058355
Other languages
French (fr)
Inventor
Cornelius Johannes Badenhorst
Original Assignee
Visa International Service Association
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Visa International Service Association filed Critical Visa International Service Association
Publication of WO2014111888A1 publication Critical patent/WO2014111888A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3272Short range or proximity payments by means of M-devices using an audio code
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications

Definitions

  • This invention relates to the field of mobile payment systems.
  • the invention relates to mobile payment systems conducted at mobile communications devices.
  • SMS Short Message Service
  • GPRS General Packet Radio Service
  • a further problem is that mobile network operators may be required to approve the use of such services in advance, and may often charge higher rates for communications that involve banking transactions than the normal cost of the data transmitted, thus increasing the cost of mobile banking.
  • a method for performing a mobile payment transaction conducted at a mobile communications device of a transactor, the method comprising the steps of: capturing data relating to a mobile payment transaction; modulating the data into an audio stream capable of being transmitted over an audio communications channel; establishing an audio communications channel with a secure banking server; and, transmitting the audio stream over the audio communications channel to the secure banking server.
  • a further feature of the invention provides for the step of modulating the data into an audio stream to include using any one of the group of: amplitude modulation (AM); frequency modulation (FM); phase modulation (PM); quadrature amplitude modulation (QAM); frequency shift keying (FSK); dual-tone multi-frequency (DTMF); on-off keying (OOK); audio frequency shift keying (AFSK); phase shift keying (PSK); trellis code modulation (TCM).
  • AM amplitude modulation
  • FM frequency modulation
  • PM phase modulation
  • QAM quadrature amplitude modulation
  • FSK frequency shift keying
  • DTMF dual-tone multi-frequency
  • OOK on-off keying
  • AFSK audio frequency shift keying
  • PSK phase shift keying
  • TCM trellis code modulation
  • Still further features of the invention provide for the step of capturing data to include capturing data entered by the transactor into the mobile communications device and for the captured data to include a unique identifier of the transactor and payment information.
  • a yet further feature of the invention provides for the unique identifier of the transactor to be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
  • GUID globally unique identifier
  • PIN personal identification number
  • IMEI international mobile station equipment identifier
  • a further feature of the invention provides for the step of capturing data to include a step of obtaining the GUID or IMEI from a digital storage of the mobile communications device.
  • a further feature of the invention provides for the method to include a step of encrypting the captured data.
  • a still further feature of the invention provides for the step of establishing an audio communications channel with the secure banking server to include placing a telephone call to the secure banking server.
  • a yet further feature of the invention provides for a duration over which the audio communications channel is active to be short enough to avoid incurring mobile network operator call charges.
  • a further feature of the invention provides for the duration over which the audio communications channel is active to be less than three seconds.
  • Still further features of the invention provide for the step of establishing an audio communications channel with the secure banking server to include subsequently terminating the audio communications channel, responsive to which a subsequent audio communications channel is established with the mobile communications device by the secure banking server, and for the step of transmitting the modulated data over the audio communications channel to include transmitting the modulated data over the subsequent audio communications channel.
  • a method for performing a mobile payment transaction conducted at a secure banking server, and comprising the steps of: receiving, from a mobile communications device of a transactor via an audio communications channel, an audio stream into which captured data is modulated; demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
  • a further feature of the invention provides for the data modulated into the audio stream to be encrypted, and for the method to include a step of decrypting the encrypted data to obtain the data which are used to conduct a mobile payment transaction.
  • a still further feature of the invention provides for the audio communications channel to be established by the mobile communications device.
  • a yet further feature of the invention provides for the method to include a step of obtaining one or more unique identifiers of the transactor.
  • a further feature of the invention provides for the step of obtaining one or more unique identifiers of the transactor to include: identifying a caller line identification number associated with the mobile communications device of the transactor using caller line identification (CLI), and for the caller line identification number to be a mobile subscriber integrated services digital network (MSISDN) number.
  • CLI caller line identification
  • MSISDN mobile subscriber integrated services digital network
  • Still further features of the invention provide for the step of obtaining one or more unique identifiers of the transactor to include obtaining a unique identifier of the transactor included in the data and for the unique identifier of the transactor included in the data to be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
  • GUID globally unique identifier
  • PIN personal identification number
  • IMEI international mobile station equipment identifier
  • a yet further feature of the invention provides for the method to include a step of comparing the one or more unique identifiers of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server.
  • the captured data to include payment information, for the payment information to at least include a transaction amount and transactee information, and for the transactee information to include one or both of: a unique identifier of the transactee and financial account information of the transactee.
  • a still further feature of the invention provides for the unique identifier of the transactee to be a mobile subscriber integrated services digital network (MSISDN) number of the transactee.
  • MSISDN mobile subscriber integrated services digital network
  • a yet further feature of the invention provides for the method includes a step of querying the database to identify a financial account associated with the unique identifier of the transactor.
  • Further features of the invention provide for the method to include a step of conducting a mobile payment transaction from the financial account of the transactor, and for conducting a mobile payment transaction to include making a deposit into a financial account of the transactee or communicating a one-time PIN (OTP) to a mobile communications device of the transactee for use by the transactee in a cash withdrawal.
  • OTP one-time PIN
  • Still further features of the invention provide for the audio communications channel to be established and subsequently terminated by the mobile communications device and for, responsive to the termination of the audio communications channel, the secure banking server to establish a subsequent audio communications channel with the mobile communications device.
  • the secure banking server to be configured to retrieve a caller line identification (CLI) or an international mobile station equipment identity (IMEI) number of the mobile communications device establishing the audio communications channel; to compare the CLI or IMEI number with CLI or IMEI numbers stored on a system database; for the CLI or IMEI numbers stored on the system database to be associated with mobile communications devices of users registered on the secure banking server; for the secure banking server to establish an audio communications channel with the mobile communications device where the retrieved CLI or IMEI of the mobile communications device matches a CLI or IMEI number stored on the system database or to transmit a connection failure notification to the mobile communications device where no match can be established.
  • CLI caller line identification
  • IMEI international mobile station equipment identity
  • a system for performing a mobile payment transaction comprising a mobile communications device of a transactor, which has: a data capturing component for capturing data relating to a mobile payment transaction; a modulation component for modulating the data into an audio stream capable of being transmitted over an audio communications channel; an audio communication establishing component for establishing an audio communications channel with a secure banking server; and, a transmitting component for transmitting the audio stream over the audio communications channel to the secure banking server.
  • a system for performing a mobile payment transaction comprising a secure banking server which has: a receiving component for receiving, from a mobile communications device of a transactor, via an audio communications channel, an audio stream onto which data is modulated; and, a demodulation component for demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
  • a computer program product for performing a mobile payment transaction
  • the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit to perform the steps of: capturing data relating to a mobile payment transaction; modulating the data into an audio stream capable of being transmitted over an audio communications channel; establishing an audio communications channel with a secure banking server; and, transmitting the audio stream over the audio communications channel to the secure banking server.
  • a computer program product for performing a mobile payment transaction
  • the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit to perform the steps of: receiving, from a mobile communications device of a transactor, via an audio communications channel, an audio stream onto which data is modulated; demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
  • a computer program product for performing a mobile payment transaction comprising a computer-readable medium having stored computer-readable program code for performing the steps of: capturing data relating to a mobile payment transaction; modulating the data into an audio stream capable of being transmitted over an audio communications channel; establishing an audio communications channel with a secure banking server; and, transmitting the audio stream over the audio communications channel to the secure banking server.
  • a computer program product for performing a mobile payment transaction comprising a computer-readable medium having stored computer-readable program code for performing the steps of: receiving, from a mobile communications device of a transactor, via an audio communications channel, an audio stream onto which data is modulated; demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
  • FIG. 1 A is a block diagram which illustrates a system for performing mobile payment transactions according to an embodiment of the invention
  • FIG. 1 B is a block diagram which illustrates a system for performing mobile payment transactions according to another embodiment of the invention.
  • FIG. 2 is a block diagram which illustrates components of a mobile communications device for performing mobile payment transactions according to embodiments of the invention
  • FIG. 3 is a block diagram which illustrates components of a secure banking server for performing mobile payment transactions according to embodiments of the invention
  • FIG. 4 is a swim-lane flow diagram which illustrates methods for performing a mobile payment transaction according to embodiments of the invention.
  • FIG. 5 is a swim-lane flow diagram which illustrates different methods for performing a mobile payment transaction according to embodiments of the invention.
  • FIG. 6 is a schematic diagram which illustrates an in-use scenario of a system for performing mobile payment transactions according to embodiments of the invention
  • FIG. 7 is a block flow diagram which illustrates of a method for performing a mobile payment transaction conducted at a secure banking server according to embodiments of the invention.
  • FIG. 8 illustrates an example of a computing device in which various aspects of the disclosure may be implemented.
  • FIG. 9 shows a block diagram of a communication device that may be used in embodiments of the disclosure.
  • An audio stream may include an audio clip or audio file into or onto which data is modulated or encoded and which may be transmitted over an audio communications channel.
  • the audio stream may include a carrier signal onto which data is modulated or encoded.
  • the carrier signal may be a single tone carrier signal having a frequency within the audio range.
  • the carrier signal may have a frequency between 20 Hz and 20 kHz such that it is capable of being transmitted and received over an audio communications channel of, for example, a public switched telephone network (PTSN).
  • PTSN public switched telephone network
  • the data may be modulated into the audio stream using amplitude modulation (AM), frequency modulation (FM), phase modulation (PM), quadrature amplitude modulation (QAM), frequency shift keying (FSK), dual-tone multi-frequency (DTMF), on-off keying (OOK), audio frequency shift keying (AFSK), phase shift keying (PSK), trellis code modulation (TCM), or any other appropriate modulation scheme.
  • AM amplitude modulation
  • FM frequency modulation
  • PM phase modulation
  • QAM quadrature amplitude modulation
  • FSK frequency shift keying
  • DTMF dual-tone multi-frequency
  • OOK on-off keying
  • AFSK audio frequency shift keying
  • PSK phase shift keying
  • TCM trellis code modulation
  • the data is preferably modulated onto or into the audio stream using a digital modulation technique.
  • a telephone call (which may be a telephone call from a cellphone, mobile phone, satellite phone or a voice over internet protocol (VOIP) call from, for example, an appropriate smart phone or tablet computer, or the like) is designed for transferring audible sounds.
  • digital communication over a telephone call is possible by representing digital bits as tones (which may be referred to as symbols) using modulation. For example, four alternative symbols may respectively represent the bit sequence 00, 01 , 10 and 1 1 .
  • FIG. 1 A illustrates a block diagram of a system (100) for performing mobile payment transactions according to the invention.
  • the system (100) includes a mobile communications device (104), associated with a transactor (106), on which a mobile communications device application (102) is installed.
  • the system (100) may also include a mobile communications device (124) associated with a transactee (126).
  • the system (100) also includes a secure banking server (1 10) which is in communication with the mobile communications device (104) via communication network (1 14) which may be a cellular communication network or the like.
  • the system (100) may be a mobile money system wherein the secure banking server (1 10) is maintained by a mobile money financial institution.
  • the transactor (106) may be any user of the system who initiates a transaction while the transactee (126) may be any other user in the transaction.
  • the transactor (106) may, for example initiate a payment to the transactee (126) in what may be referred to as a "push" transaction.
  • the transactor (106) may initiate a payment from the transactee (126) in what may be referred to as a "pull" transaction.
  • the mobile communications devices (104, 124) may be mobile phones, smartphones, personal digital assistants, laptop computers, smart watches, tablet computers or the like. In the embodiment illustrated in FIG. 1 A, the mobile communications devices (104, 124) are mobile feature phones.
  • the mobile communications device (104) of the transactor (106) has a mobile communications device application (102) resident therein and executable on one or more processors of the mobile communications device (104) such that, when executed by the mobile communications device (104), the mobile software application causes the mobile communications device (104) to perform operations, such as to prompt the transactor (106) for input, communicate messages to the transactor, perform encryption and/or modulation, place telephone calls or the like.
  • the mobile communications device (124) of the transactee may also have a mobile communications device application resident therein.
  • the mobile communications device application (102), and in turn the mobile communications device (104), is configured to capture data relating to a mobile payment transaction.
  • the data captured may be entered by the transactor (106) using the mobile communications device application (102) and may include one or more unique identifiers (105) of the transactor as well as payment information such as details of the mobile payment transaction.
  • the unique identifier (105) of the transactor may be one or more of the group of: a globally unique identifier (GUID); a personal identification number (PIN); or an international mobile station equipment identifier (IMEI); a media access control (MAC) address; a unique token; a key, an app identifier; or any other appropriate unique identifier.
  • the unique identifier of the transactor may be a caller line identification number, such as a mobile subscriber integrated services digital network (MSISDN) number, which is identifiable or obtainable using caller line identification or any other appropriate service.
  • MSISDN mobile subscriber integrated services digital network
  • the unique identifier may be generated by the secure server and transmitted to the mobile communications device for storage in a digital storage thereof.
  • a combination of unique identifiers may be used, for example: a PIN and caller line identification number; a GUID and a PIN; a GUID, IMEI and a caller line identification number.
  • GUID may be a 128-bit value, which may be displayed as 32 hexadecimal digits with groups separated by hyphens.
  • An exemplary GUID may appear as the following: ⁇ 334EA020-3AEC-1069-A2BD-09072B30369E ⁇ .
  • GUIDs may be generated from random numbers and may contain 6 fixed bits saying they are random and 122 random bits. This number of different GUIDs is large such that the probability of the same GUID being generated randomly twice is small.
  • one or more unique identifiers may be encrypted and stored in a digital storage of the mobile communications device.
  • the one or more unique identifiers may be stored in a secret or hidden location and may be adapted to appear to be something different.
  • one or more unique identifiers may be masked; obfuscated; hidden in "plain sight", for example, in a picture file using steganography; embedded in a file; or any other applicable data hiding technique known to those skilled in the art.
  • one or more unique identifiers may be concealed in memory, slack space, hidden directories, bad blocks, alternate data streams, hidden partitions or the like so as to not be easily identifiable by an unscrupulous third party obtaining access the mobile communications device.
  • the mobile communications device application (102) may be configured to prompt the transactor for a PIN, to capture a PIN entered by the transactor (106) and to include the PIN in the captured data for verification by the secure banking server (1 10).
  • the application (102) may be configured to obtain the GUID and/or IMEI from a digital storage of the mobile communications device (104) and to include the GUID and/or IMEI in the captured data.
  • the mobile communications device application (102) is configured to retrieve and decrypt, where appropriate, the unique identifier and include the retrieved unique identifier in the captured data to be modulated into an audio stream.
  • the payment information may at least include a transaction amount and transactee information.
  • the transactee information may include one or both of: a unique identifier (125) of the transactee and financial account information of the transactee.
  • the mobile communications device application (102) may be further configured to encrypt the captured data and to modulate the encrypted data into an audio stream that is capable of being transmitted over an audio communications channel.
  • the mobile communications device application (102) is configured to establish an audio communications channel (108) with a secure banking server (1 10) by placing a telephone call to the secure banking server (1 10). It may be that establishing an audio communications channel requires participation from the secure banking server (1 10).
  • the mobile communications device application (102) may be configured to attempt to establish an audio communications channel while the secure banking server (1 10), on the other hand, may be configured to allow the audio communications channel to be established.
  • the mobile communications device (104) may initiate an audio communications channel with the secure banking server by placing a call to the secure banking server (1 10), while the secure banking server (1 10) may then allow the audio communications channel to be established by answering the call.
  • the mobile communications device application (102) is further configured to transmit the modulated data in the form of the audio stream over the audio communications channel (108) to the secure banking server (1 10).
  • the duration over which the mobile communications device application (102) transmits the audio stream is configured to be short.
  • the duration over the audio communications channel is active may be predefined and may, for example, be four seconds, three seconds, two seconds, one second or the like. As many mobile network operators only start billing a telephone call after, for example, two seconds, the duration over which the audio communications channel is active may thus be short enough to avoid incurring mobile network operator call charges.
  • the duration over which the audio communications channel is active will be adapted, where possible, as per relevant mobile network operators charging rules so as to avoid incurring call charges.
  • the mobile communications device application (102) is configured to establish an audio communications channel with the secure banking server (1 10) and subsequently terminate the audio communications channel without transmitting the audio stream.
  • the mobile communications device application (102) may then be configured to accept a subsequent audio communications channel being established by the secure banking server (1 10) and to transmit the modulated data in the form of the audio stream over the subsequent audio communications channel to the secure banking server (1 10).
  • the mobile communications device application (102) may be configured to "missed call" the secure banking server (1 10) so as to avoid incurring mobile network operator call charges.
  • the secure banking server (1 10) may be any appropriate server computer or distributed server computer and is configured to receive data modulated onto an audio stream from the mobile communications device (104) of a transactor via an audio communications channel (108). The secure banking server (1 10) is then configured to demodulate the audio stream to obtain the data which may be used to conduct a mobile payment transaction.
  • the data may be encrypted, in which case the secure banking server (1 10) is configured to decrypt the encrypted data to obtain the captured data which may be used to conduct a mobile payment transaction.
  • the secure banking server (1 10) in some embodiments may be configured to retrieve or obtain one or more unique identifiers (105) of the transactor (106).
  • the secure banking server (1 10) may be configured to identify a caller line identification number, such as a mobile subscriber integrated services digital network (MSISDN) number, associated with the mobile communications device of the transactor using caller line identification (CLI).
  • MSISDN mobile subscriber integrated services digital network
  • the secure banking server (1 10) may be configured to obtain a unique identifier (105) of the transactor (106) included in the captured data which may be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI), a unique token, a key, an application identifier or the like.
  • GUID globally unique identifier
  • PIN personal identification number
  • IMEI international mobile station equipment identifier
  • Embodiments of the invention further provide for the secure banking server (1 10) to be configured to compare the unique identifier (105) of the transactor (106) with unique identifiers (1 13) stored on the database (1 12) in association with users registered with the secure banking server.
  • the secure banking server (1 10) may be configured to verify whether or not the audio communications channel (108) has been established by a registered user of the system (100) and/or whether or not to enact a mobile payment transaction. For example, if a GUID retrieved from the audio stream does not correspond to a GUID of a registered user, the secure banking server may not enact a mobile payment transaction.
  • the secure banking server (1 10) may be further configured to query the database (1 12) to identify a financial account associated with the unique identifier of the transactor. Furthermore, the secure banking server (1 10) may be configured to query the database (1 12) to identify a financial account of the transactee (126) using the unique identifier (125) of the transactee.
  • the unique identifier (125) of the transactee may, for example, be a mobile subscriber integrated services digital network (MSISDN) number of the transactee.
  • MSISDN mobile subscriber integrated services digital network
  • embodiments of the invention provide for the secure banking server (1 10) to be configured to conduct a mobile payment transaction from the financial account of the transactor (106).
  • the mobile payment transaction may include making a cash deposit into a financial account of the transactee (126) or communicating a one-time PIN (OTP) to a mobile communications device (124) of the transactee for use by the transactee (126) in a cash withdrawal.
  • the cash withdrawal may, for example, be an automatic teller machine cash withdrawal or a mobile money agent cash withdrawal where the transactee presents the OTP to the ATM or mobile money agent, as the case may be, so as to withdraw cash.
  • the mobile payment transaction may be a payment from a financial account of the transactee (126) to a financial account of the transactor (106).
  • the transactee (126) may provide the transactor (106) with his or her unique identifier (125), for example an MSISDN, which the transactor (106) then enters into his or her mobile communications device (104).
  • the secure banking server (1 10) may then prompt the transactee (106) for his or her approval, for example, by placing a call to the transactee's mobile communications device (124) before conducting the mobile payment transaction.
  • the mobile communications device application (102) is configured to terminate the audio communications channel (108) before transmitting the audio stream.
  • the secure banking server (1 10) is configured to establish a subsequent audio communications channel with the mobile communications device (104) of the transactor and to receive data modulated onto an audio stream from the mobile communications device (104) of a transactor via the subsequent audio communications channel.
  • the secure banking server (1 10) may be in data communication with the system database (1 12) on which the caller line identification (CLI) numbers, that is numbers which may be identified using caller line identification such as a mobile subscriber integrated services digital network (MSISDN) number associated with the mobile communications device (104), and/or the unique identifier of the transactor may be stored.
  • CLI caller line identification
  • MSISDN mobile subscriber integrated services digital network
  • the secure banking server (1 10) is configured to retrieve the CLI (for example an MSISDN) and/or IMEI numbers of or from the mobile communications device (104) which is establishing the audio communications channel (108) with the secure banking server (1 10), and to compare such numbers with the CLI (or MSISDN) and/or IMEI numbers stored on the system database (1 12). If matching numbers are found, the secure banking server (1 10) will, in some embodiments, establish a subsequent audio communications channel (108) with the mobile communications device (104), however, if no matching number is found, the secure banking server (1 10) will not establish an audio communications channel (108) with the mobile communications device (104) (or will not allow further transactions to occur) and will transmit a connection failure notification to the mobile communications device (104).
  • CLI for example an MSISDN
  • IMEI numbers for example an MSISDN
  • IMEI numbers stored on the system database (1 12
  • the secure banking server (1 10) will, in some embodiments, establish a subsequent audio communications channel (108) with the mobile communications device (104), however, if
  • the mobile communications device application (102) may transmit the modulated data to the secure banking server (1 10) over the audio communications channel.
  • the secure banking server (1 10) may be enabled to receive audio communications over an audio communications channel and to demodulate the received audio communication into data capable of being processed by the secure banking server (1 10).
  • the secure banking server (1 10) may decrypt the transmitted data where appropriate and may perform a mobile payment transaction.
  • the secure banking server (1 10) may generate a payment notification, modulate the payment notification into an audio stream capable of being transmitted over an audio communications channel and transmit the modulated notification to the mobile communications device (104) over the audio communications channel (108).
  • the payment notification may be communicated to the communication device over another channel, for example a short messaging service (SMS) channel.
  • SMS short messaging service
  • FIG. 1 B illustrates a block diagram of a system (160) for performing mobile payment transactions according to another embodiment of the invention.
  • the system (160) comprises a mobile communications device application (162) that is installed on a mobile communications device (164) associated with a transactor (166).
  • the mobile communications device (164) may be a mobile smartphone, a personal digital assistant, a laptop computer or a tablet computer.
  • the mobile communications device (164) is a mobile smartphone.
  • the mobile communications device application (162) is configured to capture data relating to a mobile payment transaction.
  • the data captured is entered by the transactor (166) on the mobile communications device application (162) and may include a unique identifier of the transactor, such as a personal identification number (PIN), as well as details of the mobile payment transaction, such as a transaction amount and payee details.
  • PIN personal identification number
  • the mobile communications device application (162) may be further configured to encrypt the captured data and to modulate the encrypted data into an audio stream that is capable of being transmitted over an audio communications channel.
  • the modulation of the data into an audio stream may by means of amplitude modulation (AM), frequency modulation (FM), phase modulation (PM), quadrature amplitude modulation (QAM), frequency shift keying (FSK), phase shift keying (PSK), trellis code modulation (TCM), or the like
  • the mobile communications device application (162) may establish an audio communications channel (168) with a secure banking server (170) by placing a telephone call to the secure banking server.
  • the secure banking server (170) may be in data communication with a system database (172) on which other unique identifiers such as a caller line identification (CLI) and/or international mobile station equipment identity (IMEI) numbers of all mobile communications devices registered on the system (160) may be stored.
  • CLI caller line identification
  • IMEI international mobile station equipment identity
  • the secure banking server (170) may be configured to retrieve the CLI or IMEI number of the mobile communications device (164) which is establishing the audio communications channel (168) with the secure banking server (170), and may compare the number with the CLI and IMEI numbers stored on the system database (172).
  • the secure banking server (170) may establish an audio communications channel (168) with the mobile communications device (164) (i.e. allow the audio communications channel to be established), however, if no matching number is found, the secure banking server (170) may not establish an audio communications channel (168) with the mobile communications device (164) (and/or may not allow further transactions to occur) and may transmit a connection failure notification to the mobile communications device (164).
  • the mobile communications device application (162) may transmit the modulated data to the secure banking server (170) over the audio communications channel (168).
  • the secure banking server (170) may be enabled to receive audio communications over an audio communications channel and to demodulate the received audio communication into data capable of being processed by the secure banking server (170).
  • the secure banking server (170) may decrypt the transmitted data and perform a mobile payment transaction.
  • the secure banking server (170) may generate a payment notification, modulate the payment notification into an audio stream capable of being transmitted over an audio communications channel and transmit the modulated notification to the mobile communications device (164) over the audio communications channel (168).
  • FIG. 2 is a block diagram which illustrates components of a mobile communications device (204) for performing mobile payment transactions according to embodiments of the invention.
  • Embodiments of the invention provide for the mobile communications device (204) to have a mobile communications device application (202) resident therein and/or installed thereon.
  • the components of the mobile communications device (204) may be provided by the mobile communications device application (202).
  • the components may include a data capturing component (206) for capturing data relating to a mobile payment transaction as well as a modulation component (208) for modulating the data onto an audio stream capable of being transmitted over an audio communications channel.
  • An audio communications channel establishing component (210) may also be provided for establishing an audio communications channel with a secure banking server.
  • Embodiments of the invention further provide a transmitting component (212) for transmitting the modulated data or audio stream over the audio communications channel to the secure banking server.
  • An encryption component (214) may also be provided for encrypting the captured data before modulating it onto an audio stream.
  • FIG. 3 is a block diagram which illustrates components of a secure banking server (310) for performing mobile payment transactions according to embodiments of the invention.
  • the secure banking server (310) includes a receiving component (312) for receiving, from a mobile communications device of a transactor via an audio communications channel, data modulated onto an audio stream and a demodulation component (314) for demodulating the audio stream to obtain the data which may be used to conduct a mobile payment transaction.
  • the secure banking server (310) may also include a decryption component (316) for decrypting encrypted data to obtain the data which may be used to conduct a mobile payment transaction.
  • the secure banking server (310) may further include a unique identifier obtaining component (318) for obtaining one or more unique identifiers of the transactor as well as a comparison component (320) for comparing the obtained unique identifier of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server.
  • the secure banking server may further include a mobile payment conducting component (322) for conducting a mobile payment transaction from the financial account of the transactor.
  • FIG. 4 is a swim-lane flow diagram (400) which illustrates methods for performing a mobile payment transaction according to embodiments of the invention. The steps carried out by the mobile communications device (404) and the secure banking server (410) are illustrated in respective swim-lanes.
  • the mobile communications device (404) captures data relating to a mobile payment transaction.
  • the step of capturing data may include capturing data entered by the transactor into the mobile communications device (404) or data received from another device.
  • the step of capturing data may include obtaining a unique identifier from a digital storage of the mobile communications device (404) and/or receiving a unique identifier input by the user on the mobile communications device (404).
  • the captured data may include data received in a message, for example a short messaging service (SMS) message.
  • SMS short messaging service
  • the message may, for example, be received from a transactee's mobile communications device, a merchant's point-of-sales (POS) device or the like and may contain payment information and/or a transaction amount.
  • POS point-of-sales
  • the message received at, and captured by, the mobile communications device of the transactor may already be encrypted.
  • the secure banking server (404) may encrypt the captured data and, in a following step (1006), modulates the data onto an audio stream capable of being transmitted over an audio communications channel.
  • the mobile communications device (404) then, in a following step (1008), establishes an audio communications channel with the secure banking server (410).
  • the secure banking server may then allow the audio communications channel to be established by the mobile communications device (404) in a following step (1009).
  • the mobile communications device (404) may then transmit the audio stream containing the modulated data over the audio communications channel to the secure banking server (410) in a next step (1010).
  • the mobile communications device (404) terminates (101 1 ) the audio communications channel after the audio stream has been transmitted.
  • the duration for which the audio communications channel is active is preferably less than three seconds so as to avoid incurring mobile network operator call charges.
  • the data modulated onto an audio stream is then received by the secure banking server (410) from the mobile communications device (404) of a transactor via the audio communications channel in a following step (1012).
  • the secure banking server (410) then, in a following step (1014), demodulates the audio stream to obtain the encrypted data.
  • the secure banking server (410) decrypts the encrypted data to obtain the data which may be used to conduct a mobile payment transaction in a next step (1016).
  • the secure banking server (410) obtains one or more unique identifiers of the transactor.
  • this step (1018) may include obtaining a unique identifier of the transactor included in the data which may be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
  • GUID globally unique identifier
  • PIN personal identification number
  • IMEI international mobile station equipment identifier
  • the secure banking server (410) compares the unique identifier of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server and, in a following step (1022), identifies a financial account of the transactor associated with the unique identifier such that, in a final step (1024), a mobile payment transaction may be conducted.
  • the mobile communications device (404) does not terminate the audio communications channel after the audio stream has been transmitted.
  • the mobile communications device (404) may wait for a transaction approval or denial message, as the case may be, to be modulated into an audio stream by the secure banking server (410) and transmitted to the mobile communications device (404) over the audio communications channel. Thereafter, the mobile communications device (404) may terminate the audio communications channel.
  • a transaction approval or denial message may be transmitted to the mobile communications device (404) from the secure banking server via an alternate communication channel, for example a short messaging service (SMS) channel.
  • SMS short messaging service
  • FIG. 5 is a swim-lane flow diagram (500) which illustrates methods for performing a mobile payment transaction according to another embodiment of the invention. The steps carried out by the mobile communications device (504) and the secure banking server (510) are illustrated in respective swim-lanes.
  • FIG. 5 The embodiment illustrated in FIG. 5 is similar to that of FIG. 4, differing in that the mobile communications device (504) establishes an audio communications channel with the secure banking server (510) at a step (1 108) similar to the corresponding step (1008) of FIG. 4 and then, in a following step (1 1 12), terminates the audio communications channel shortly after it is established.
  • the mobile communications device (504) establishes an audio communications channel with the secure banking server (510) at a step (1 108) similar to the corresponding step (1008) of FIG. 4 and then, in a following step (1 1 12), terminates the audio communications channel shortly after it is established.
  • the secure banking server obtains one or more unique identifiers.
  • the secure banking server may, for example, identify a caller line identification number, such as a mobile subscriber integrated services digital network (MSISDN) number associated with the mobile communications device (504), using caller line identification (CLI).
  • MSISDN mobile subscriber integrated services digital network
  • CLI caller line identification
  • the secure banking server (510) then, in a next step (1 1 14), establishes a subsequent audio communications channel with the mobile communications device (504). This may include a step (1 1 15) of the mobile communications device (504) allowing the audio communications channel to be established.
  • the secure banking server (510) may for example use the unique identifier to call the mobile communications device (504) or alternatively may use the unique identifier to query a database and to obtain a number (e.g. an MSISDN) on which the mobile communications device (504) may be called.
  • the mobile communications device (504) transmits the modulated data over the subsequent audio communications channel to the secure banking server (510) in a following step (1 1 16).
  • the data modulated onto an audio stream is then received by the secure banking server (510) from the mobile communications device (504) of a transactor via the subsequent audio communications channel in a following step (1 1 18).
  • the secure banking server (510) then, in a following step (1 120), demodulates the audio stream to obtain the encrypted data.
  • the secure banking server (510) decrypts the encrypted data to obtain the data which may be used to conduct a mobile payment transaction in a next step (1 122).
  • the secure banking server (510) may obtain one or more other unique identifiers of the transactor. This may include obtaining a unique identifier of the transactor included in the data which may be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
  • GUID globally unique identifier
  • PIN personal identification number
  • IMEI international mobile station equipment identifier
  • the secure banking server (510) may compare the unique identifier of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server and, in a following step (1 128), query the database to identify a financial account associated with the unique identifier of the transactor such that, in a final step (1 130), a mobile payment transaction may be conducted from the financial account of the transactor.
  • the one or more unique identifiers may further be used to authenticate the transactor.
  • FIG. 6 is a schematic diagram which illustrates an exemplary in-use scenario of a system for performing mobile payment transactions according to embodiments of the invention.
  • the figure illustrates a transactor (606) who is already registered with the system and has a mobile communications device application (602) installed on his or her mobile communications device (604) and is thus enabled to perform mobile payment transactions using the system.
  • a database of a secure banking server already contains a record of one or more unique identifiers of the transactor and may also contain payment information of the transactor (606).
  • the one or more unique identifiers may be one or more of the group of: a mobile subscriber integrated services digital network (MSISDN) number associated with the mobile communications device (604) of the transactor; a globally unique identifier (GUID); a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
  • MSISDN mobile subscriber integrated services digital network
  • GUID globally unique identifier
  • PIN personal identification number
  • IMEI international mobile station equipment identifier
  • the registered transactor (606) may, for example wish to pay a transactee an amount of money.
  • the transactor (606) at a first step (1202), launches a mobile communications device application (602).
  • the mobile communications device application (602) may then, at a next step (1204), capture data such as payment information by entered the transactor (606).
  • the payment information may, for example, include a transaction amount and a unique identifier of a transactee to whom the money is to be paid.
  • the mobile communications device application (602) may also capture a unique identifier of the transactor (606) such as a globally unique identifier (GUID) and/or an international mobile station equipment identifier (IMEI) from a digital storage of the mobile communications device (604).
  • GUID globally unique identifier
  • IMEI international mobile station equipment identifier
  • the mobile communications device application captures a unique identifier being a PIN of the transactor (606) and then modulates the all of the captured data onto an audio stream in a following step (1208).
  • the mobile communications device application (602) then establishes an audio communications channel with the secure banking server (610) in a next step (1210). Once the audio communications channel has been established, the mobile communications device application (602) transmits the audio stream to the secure banking server (610) over the audio communications channel in a final step (1212).
  • FIG. 7 illustrates a flow diagram (1300) of a method for performing mobile payment transactions according to embodiments of the invention.
  • the transactor associated with the mobile communications device installs the mobile communications device application on the mobile communications device. Upon installation of the mobile communications device application, the transactor will be prompted to register with the system for mobile payment transactions.
  • the secure banking server will store the mobile communications device's CLI number (which may for example be an MSISDN or other communication address of the mobile communications device) and/or IMEI and/or one or more additional unique identifiers on the system database.
  • the transactor activates the mobile communications device application, and the application requests the user to enter his or her unique identifier (such as the user PIN) as well as the mobile payment transaction details.
  • the mobile communications device application captures the entered mobile payment transaction details, encrypts the captured data and modulates the encrypted data into an audio stream that is capable of being transmitted over an audio communications channel.
  • the mobile communications device application attempts to establish an audio communications channel with the secure banking server by placing a telephone call to the secure banking server.
  • the secure banking server will retrieve the CLI and/or IMEI number from the mobile communications device establishing the audio communications channel and compare the retrieved number with the CLI and IMEI numbers of registered users stored on the system database. Where matching numbers are found, then at a next stage (1310), the secure banking server allows the audio communications channel with the mobile communications device to be established. However, if no matching number is found, then at a next stage (1312), the secure banking server does not allow the audio communications channel to be established with the mobile communications device, generates a connection failure notification and transmits the notification to the mobile communications device.
  • the secure banking server receives the audio communication from the mobile communications device, demodulates the communication into data capable of being processed by the secure banking server and decrypts the received data. The secure banking server then performs the payment transaction in accordance with the received payment instruction.
  • the secure banking server After the payment transaction has been completed, then at a last stage (1318), the secure banking server generates a payment notification, modulates the payment notification into an audio stream capable of being transmitted over an audio communications channel and transmits the modulated data to the mobile communications device.
  • the audio channel for communication between the mobile communications device and the secure banking server and encrypting the contents of the communication, special or additional charges or tariffs or approval imposed by mobile network operators may be avoided. With the invention, no approval from mobile network operators is required as is the case when using USSD (which requires access to a mobile network operator USSD gateway) or when using a Subscriber Identity Module (SIM) Toolkit (STK), which requires space on a mobile network operator's SIM cards.
  • USSD which requires access to a mobile network operator USSD gateway
  • SIM Subscriber Identity Module
  • STK Subscriber Identity Module
  • GPRS general packet radio service
  • UMTS universal mobile telecommunication system
  • 3G or 4G data channels are typically charged for by mobile network operators or other entities making them not a cost effective alternative.
  • GPRS general packet radio service
  • UMTS universal mobile telecommunication system
  • 3G or 4G data channels are typically charged for by mobile network operators or other entities making them not a cost effective alternative.
  • many users in developing regions may not be able to afford data charges levied by mobile network operators and thus may elect not to make use of a mobile money system requiring use of such data channels.
  • SMS messages is typically also charged for by mobile network operators meaning that a user of a mobile money system may be required to have a prepaid account balance and also raises the cost of transacting.
  • call charges imposed by mobile network operators may be kept to a minimum or preferably completely avoided. This may help to reduce the overall cost of transacting which may be particularly beneficial to transactors in developing nations.
  • the mobile communications device may rather terminate the call and receive a call back from the secure banking server over which the audio stream may be sent.
  • the secure banking server incurs the call charge and not the mobile communications device which helps to keep the cost of transacting for a user of the mobile money system to a minimum.
  • the invention has the further advantage that the transacting user can be identified by both a device hardware signature, such as the IMEI number and/or GUID, and a signature of the phone number or other communication address associated with the mobile communications device as provided by CLI (for example an MSISDN). This provides a higher level of certainty that the transacting user is the authorized person.
  • a device hardware signature such as the IMEI number and/or GUID
  • CLI for example an MSISDN
  • FIG. 8 illustrates an example of a computing device (800) in which various aspects of the disclosure may be implemented.
  • the computing device (800) may be suitable for storing and executing computer program code.
  • the various participants and elements in the previously described system diagrams may use any suitable number of subsystems or components of the computing device (800) to facilitate the functions described herein.
  • the computing device (800) may include subsystems or components interconnected via a communication infrastructure (805) (for example, a communications bus, a cross-over bar device, or a network).
  • the computing device (800) may include at least one central processor (810) and at least one memory component in the form of computer-readable media.
  • the memory components may include system memory (815), which may include read only memory (ROM) and random access memory (RAM).
  • ROM read only memory
  • RAM random access memory
  • a basic input/output system (BIOS) may be stored in ROM.
  • System software may be stored in the system memory (815) including operating system software.
  • the memory components may also include secondary memory (820).
  • the secondary memory (820) may include a fixed disk (821 ), such as a hard disk drive, and, optionally, one or more removable-storage interfaces (822) for removable- storage components (823).
  • the removable-storage interfaces (822) may be in the form of removable- storage drives (for example, magnetic tape drives, optical disk drives, floppy disk drives, etc.) for corresponding removable storage-components (for example, a magnetic tape, an optical disk, a floppy disk, etc.), which may be written to and read by the removable-storage drive.
  • removable- storage drives for example, magnetic tape drives, optical disk drives, floppy disk drives, etc.
  • removable storage-components for example, a magnetic tape, an optical disk, a floppy disk, etc.
  • the removable-storage interfaces (822) may also be in the form of ports or sockets for interfacing with other forms of removable-storage components (823) such as a flash memory drive, external hard drive, or removable memory chip, etc.
  • the computing device (800) may include an external communications interface (830) for operation of the computing device (800) in a networked environment enabling transfer of data between multiple computing devices (800).
  • Data transferred via the external communications interface (830) may be in the form of signals, which may be electronic, electromagnetic, optical, radio, or other types of signal.
  • the external communications interface (830) may enable communication of data between the computing device (800) and other computing devices including servers and external storage facilities. Web services may be accessible by the computing device (800) via the communications interface (830).
  • the external communications interface (830) may also enable other forms of communication to and from the computing device (800) including, voice communication, near field communication, Bluetooth, etc.
  • the computer-readable media in the form of the various memory components may provide storage of computer-executable instructions, data structures, program modules, and other data.
  • a computer program product may be provided by a computer-readable medium having stored computer-readable program code executable by the central processor (810).
  • a computer program product may be provided by a non-transient computer- readable medium, or may be provided via a signal or other transient means via the communications interface (830).
  • Interconnection via the communication infrastructure (805) allows a central processor (810) to communicate with each subsystem or component and to control the execution of instructions from the memory components, as well as the exchange of information between subsystems or components.
  • Peripherals such as printers, scanners, cameras, or the like
  • I/O input/output
  • Peripherals such as printers, scanners, cameras, or the like
  • I/O input/output
  • These components may be connected to the computing device (800) by any number of means known in the art, such as a serial port.
  • One or more monitors (845) may be coupled via a display or video adapter (840) to the computing device (800).
  • FIG. 9 shows a block diagram of a communication device (900) that may be used in embodiments of the disclosure.
  • the communication device (900) may be a cell phone, a feature phone, a smart phone, a satellite phone, or a computing device having a phone capability.
  • the communication device (900) may include a processor (905) (e.g., a microprocessor) for processing the functions of the communication device (900) and a display (920) to allow a user to see the phone numbers and other information and messages.
  • the communication device (900) may further include an input element (925) to allow a user to input information into the device (e.g., input buttons, touch screen, etc.), a speaker (930) to allow the user to hear voice communication, music, etc., and a microphone (935) to allow the user to transmit his or her voice through the communication device (900).
  • the processor (910) of the communication device (900) may connect to a memory (915).
  • the memory (915) may be in the form of a computer-readable medium that stores data and, optionally, computer-executable instructions.
  • the communication device (900) may also include a communication element (940) for connection to communication channels (e.g., a cellular telephone network, data transmission network, Wi-Fi network, satellite-phone network, Internet network, Satellite Internet Network, etc.).
  • the communication element (940) may include an associated wireless transfer element, such as an antenna.
  • the communication element (940) may include a subscriber identity module (SIM) in the form of an integrated circuit that stores an international mobile subscriber identity and the related key used to identify and authenticate a subscriber using the communication device (900).
  • SIM subscriber identity module
  • One or more subscriber identity modules may be removable from the communication device (900) or embedded in the communication device (900).
  • the communication device (900) may further include a contactless element (950), which is typically implemented in the form of a semiconductor chip (or other data storage element) with an associated wireless transfer element, such as an antenna.
  • the contactless element (950) may be associated with (e.g., embedded within) the communication device (900) and data or control instructions transmitted via a cellular network may be applied to the contactless element (950) by means of a contactless element interface (not shown).
  • the contactless element interface may function to permit the exchange of data and/or control instructions between mobile device circuitry (and hence the cellular network) and the contactless element (950).
  • the contactless element (950) may be capable of transferring and receiving data using a near field communications (NFC) capability (or near field communications medium) typically in accordance with a standardized protocol or data transfer mechanism (e.g., ISO 14443/NFC).
  • NFC near field communications
  • Near field communications capability is a short-range communications capability, such as radio-frequency identification (RFID), Bluetooth, infra-red, or other data transfer capability that can be used to exchange data between the communication device (900) and an interrogation device.
  • RFID radio-frequency identification
  • Bluetooth infra-red
  • the communication device (900) may be capable of communicating and transferring data and/or control instructions via both a cellular network and near field communications capability.
  • the data stored in the memory (915) may include: operation data relating to the operation of the communication device (900), personal data (e.g., name, date of birth, identification number, etc.), financial data (e.g., bank account information, a bank identification number (BIN), credit or debit card number information, account balance information, expiration date, loyalty provider account numbers, etc.), transit information (e.g., as in a subway or train pass), access information (e.g., as in access badges), etc.
  • a user may transmit this data from the communication device (900) to selected receivers.
  • the communication device (900) may be, amongst other things, a notification device that can receive alert messages and access reports, a portable merchant device that can be used to transmit control data identifying a discount to be applied, as well as a portable consumer device that can be used to make payments.
  • the software components or functions described in this application may be implemented as software code to be executed by one or more processors using any suitable computer language such as, for example, Java, C++, or Perl using, for example, conventional or object-oriented techniques.
  • the software code may be stored as a series of instructions, or commands on a non-transitory computer- readable medium, such as a random access memory (RAM), a read-only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such computer-readable medium may also reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
  • a software module is implemented with a computer program product comprising a non-transient computer- readable medium containing computer program code, which can be executed by a computer processor for performing any or all of the steps, operations, or processes described.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method and system for performing mobile payment transactions is presented. According to one aspect, a mobile communications device application may be configured to capture data relating to a mobile payment transaction, modulate the captured data into an audio stream capable of being transmitted over an audio communications channel, establish an audio communications channel with a secure banking server by placing a telephone call to the secure banking server, and transmit the audio stream over the audio communications channel to the secure banking server.

Description

MOBILE PAYMENT SYSTEM
FIELD OF INVENTION
[0001] This invention relates to the field of mobile payment systems. In particular, the invention relates to mobile payment systems conducted at mobile communications devices.
BACKGROUND
[0002] Advancements in technology have caused traditional banking services to rapidly become replaced by electronic banking means, such as internet banking, mobile banking or the like. It is highly convenient to conduct financial transactions or access bank accounts over a mobile phone without the use of a computer or the need for entering a banking institution.
[0003] Mobile banking transactions typically require that the mobile phone communicate with a banking server through communication channels that may include Short Message Service (SMS), General Packet Radio Service (GPRS), or
Unstructured Supplementary Service Data (USSD). However, these communication channels may not be secure, thereby making users susceptible to malicious attacks.
A further problem is that mobile network operators may be required to approve the use of such services in advance, and may often charge higher rates for communications that involve banking transactions than the normal cost of the data transmitted, thus increasing the cost of mobile banking.
BRIEF SUMMARY
[0004] In accordance with a first aspect of the invention there is provided a method for performing a mobile payment transaction, conducted at a mobile communications device of a transactor, the method comprising the steps of: capturing data relating to a mobile payment transaction; modulating the data into an audio stream capable of being transmitted over an audio communications channel; establishing an audio communications channel with a secure banking server; and, transmitting the audio stream over the audio communications channel to the secure banking server. [0005] A further feature of the invention provides for the step of modulating the data into an audio stream to include using any one of the group of: amplitude modulation (AM); frequency modulation (FM); phase modulation (PM); quadrature amplitude modulation (QAM); frequency shift keying (FSK); dual-tone multi-frequency (DTMF); on-off keying (OOK); audio frequency shift keying (AFSK); phase shift keying (PSK); trellis code modulation (TCM).
[0006] Still further features of the invention provide for the step of capturing data to include capturing data entered by the transactor into the mobile communications device and for the captured data to include a unique identifier of the transactor and payment information. [0007] A yet further feature of the invention provides for the unique identifier of the transactor to be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
[0008] A further feature of the invention provides for the step of capturing data to include a step of obtaining the GUID or IMEI from a digital storage of the mobile communications device.
[0009] A still further feature of the invention provides for the step of capturing data to include a step of receiving a PIN input by the transactor on the mobile communications device. [0010] A yet further feature of the invention provides for the step of capturing data to include receiving data in a message sent to the mobile communications device.
[0011] A further feature of the invention provides for the method to include a step of encrypting the captured data. [0012] A still further feature of the invention provides for the step of establishing an audio communications channel with the secure banking server to include placing a telephone call to the secure banking server.
[0013] A yet further feature of the invention provides for a duration over which the audio communications channel is active to be short enough to avoid incurring mobile network operator call charges.
[0014] A further feature of the invention provides for the duration over which the audio communications channel is active to be less than three seconds.
[0015] Still further features of the invention provide for the step of establishing an audio communications channel with the secure banking server to include subsequently terminating the audio communications channel, responsive to which a subsequent audio communications channel is established with the mobile communications device by the secure banking server, and for the step of transmitting the modulated data over the audio communications channel to include transmitting the modulated data over the subsequent audio communications channel.
[0016] In accordance with a second aspect of the invention there is provided a method for performing a mobile payment transaction, conducted at a secure banking server, and comprising the steps of: receiving, from a mobile communications device of a transactor via an audio communications channel, an audio stream into which captured data is modulated; demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
[0017] A further feature of the invention provides for the data modulated into the audio stream to be encrypted, and for the method to include a step of decrypting the encrypted data to obtain the data which are used to conduct a mobile payment transaction.
[0018] A still further feature of the invention provides for the audio communications channel to be established by the mobile communications device.
[0019] A yet further feature of the invention provides for the method to include a step of obtaining one or more unique identifiers of the transactor. [0020] A further feature of the invention provides for the step of obtaining one or more unique identifiers of the transactor to include: identifying a caller line identification number associated with the mobile communications device of the transactor using caller line identification (CLI), and for the caller line identification number to be a mobile subscriber integrated services digital network (MSISDN) number.
[0021] Still further features of the invention provide for the step of obtaining one or more unique identifiers of the transactor to include obtaining a unique identifier of the transactor included in the data and for the unique identifier of the transactor included in the data to be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
[0022] A yet further feature of the invention provides for the method to include a step of comparing the one or more unique identifiers of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server.
[0023] Further features of the invention provide for the captured data to include payment information, for the payment information to at least include a transaction amount and transactee information, and for the transactee information to include one or both of: a unique identifier of the transactee and financial account information of the transactee.
[0024] A still further feature of the invention provides for the unique identifier of the transactee to be a mobile subscriber integrated services digital network (MSISDN) number of the transactee. [0025] A yet further feature of the invention provides for the method includes a step of querying the database to identify a financial account associated with the unique identifier of the transactor.
[0026] Further features of the invention provide for the method to include a step of conducting a mobile payment transaction from the financial account of the transactor, and for conducting a mobile payment transaction to include making a deposit into a financial account of the transactee or communicating a one-time PIN (OTP) to a mobile communications device of the transactee for use by the transactee in a cash withdrawal.
[0027] Still further features of the invention provide for the audio communications channel to be established and subsequently terminated by the mobile communications device and for, responsive to the termination of the audio communications channel, the secure banking server to establish a subsequent audio communications channel with the mobile communications device.
[0028] Further features of the invention provide for the secure banking server to be configured to retrieve a caller line identification (CLI) or an international mobile station equipment identity (IMEI) number of the mobile communications device establishing the audio communications channel; to compare the CLI or IMEI number with CLI or IMEI numbers stored on a system database; for the CLI or IMEI numbers stored on the system database to be associated with mobile communications devices of users registered on the secure banking server; for the secure banking server to establish an audio communications channel with the mobile communications device where the retrieved CLI or IMEI of the mobile communications device matches a CLI or IMEI number stored on the system database or to transmit a connection failure notification to the mobile communications device where no match can be established. [0029] In accordance with a third aspect of the invention there is provided a system for performing a mobile payment transaction comprising a mobile communications device of a transactor, which has: a data capturing component for capturing data relating to a mobile payment transaction; a modulation component for modulating the data into an audio stream capable of being transmitted over an audio communications channel; an audio communication establishing component for establishing an audio communications channel with a secure banking server; and, a transmitting component for transmitting the audio stream over the audio communications channel to the secure banking server. [0030] In accordance with a fourth aspect of the invention there is provided a system for performing a mobile payment transaction comprising a secure banking server which has: a receiving component for receiving, from a mobile communications device of a transactor, via an audio communications channel, an audio stream onto which data is modulated; and, a demodulation component for demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
[0031] In accordance with a fifth aspect of the invention there is provided a computer program product for performing a mobile payment transaction, the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit to perform the steps of: capturing data relating to a mobile payment transaction; modulating the data into an audio stream capable of being transmitted over an audio communications channel; establishing an audio communications channel with a secure banking server; and, transmitting the audio stream over the audio communications channel to the secure banking server.
[0032] According to a sixth aspect of the invention there is provided a computer program product for performing a mobile payment transaction, the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit to perform the steps of: receiving, from a mobile communications device of a transactor, via an audio communications channel, an audio stream onto which data is modulated; demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction. [0033] According to a seventh aspect of the invention there is provided a computer program product for performing a mobile payment transaction, the computer program product comprising a computer-readable medium having stored computer-readable program code for performing the steps of: capturing data relating to a mobile payment transaction; modulating the data into an audio stream capable of being transmitted over an audio communications channel; establishing an audio communications channel with a secure banking server; and, transmitting the audio stream over the audio communications channel to the secure banking server.
[0034] According to an eighth aspect of the invention there is provided a computer program product for performing a mobile payment transaction, the computer program product comprising a computer-readable medium having stored computer-readable program code for performing the steps of: receiving, from a mobile communications device of a transactor, via an audio communications channel, an audio stream onto which data is modulated; demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
BRIEF DESCRIPTION OF THE DRAWINGS
[0035] FIG. 1 A is a block diagram which illustrates a system for performing mobile payment transactions according to an embodiment of the invention;
[0036] FIG. 1 B is a block diagram which illustrates a system for performing mobile payment transactions according to another embodiment of the invention;
[0037] FIG. 2 is a block diagram which illustrates components of a mobile communications device for performing mobile payment transactions according to embodiments of the invention; [0038] FIG. 3 is a block diagram which illustrates components of a secure banking server for performing mobile payment transactions according to embodiments of the invention;
[0039] FIG. 4 is a swim-lane flow diagram which illustrates methods for performing a mobile payment transaction according to embodiments of the invention;
[0040] FIG. 5 is a swim-lane flow diagram which illustrates different methods for performing a mobile payment transaction according to embodiments of the invention.
[0041] FIG. 6 is a schematic diagram which illustrates an in-use scenario of a system for performing mobile payment transactions according to embodiments of the invention;
[0042] FIG. 7 is a block flow diagram which illustrates of a method for performing a mobile payment transaction conducted at a secure banking server according to embodiments of the invention;
[0043] FIG. 8 illustrates an example of a computing device in which various aspects of the disclosure may be implemented; and,
[0044] FIG. 9 shows a block diagram of a communication device that may be used in embodiments of the disclosure.
DETAILED DESCRIPTION
[0045] The term "audio stream" as used in this specification is intended to be interpreted broadly. An audio stream may include an audio clip or audio file into or onto which data is modulated or encoded and which may be transmitted over an audio communications channel. The audio stream may include a carrier signal onto which data is modulated or encoded. The carrier signal may be a single tone carrier signal having a frequency within the audio range. For example, the carrier signal may have a frequency between 20 Hz and 20 kHz such that it is capable of being transmitted and received over an audio communications channel of, for example, a public switched telephone network (PTSN).
[0046] The data may be modulated into the audio stream using amplitude modulation (AM), frequency modulation (FM), phase modulation (PM), quadrature amplitude modulation (QAM), frequency shift keying (FSK), dual-tone multi-frequency (DTMF), on-off keying (OOK), audio frequency shift keying (AFSK), phase shift keying (PSK), trellis code modulation (TCM), or any other appropriate modulation scheme. The data is preferably modulated onto or into the audio stream using a digital modulation technique. [0047] For example, a telephone call (which may be a telephone call from a cellphone, mobile phone, satellite phone or a voice over internet protocol (VOIP) call from, for example, an appropriate smart phone or tablet computer, or the like) is designed for transferring audible sounds. However, digital communication over a telephone call is possible by representing digital bits as tones (which may be referred to as symbols) using modulation. For example, four alternative symbols may respectively represent the bit sequence 00, 01 , 10 and 1 1 .
[0048] FIG. 1 A illustrates a block diagram of a system (100) for performing mobile payment transactions according to the invention. The system (100) includes a mobile communications device (104), associated with a transactor (106), on which a mobile communications device application (102) is installed. The system (100) may also include a mobile communications device (124) associated with a transactee (126). The system (100) also includes a secure banking server (1 10) which is in communication with the mobile communications device (104) via communication network (1 14) which may be a cellular communication network or the like. In some embodiments the system (100) may be a mobile money system wherein the secure banking server (1 10) is maintained by a mobile money financial institution.
[0049] The transactor (106) may be any user of the system who initiates a transaction while the transactee (126) may be any other user in the transaction. The transactor (106) may, for example initiate a payment to the transactee (126) in what may be referred to as a "push" transaction. In another example, the transactor (106) may initiate a payment from the transactee (126) in what may be referred to as a "pull" transaction.
[0050] The mobile communications devices (104, 124) may be mobile phones, smartphones, personal digital assistants, laptop computers, smart watches, tablet computers or the like. In the embodiment illustrated in FIG. 1 A, the mobile communications devices (104, 124) are mobile feature phones. [0051] The mobile communications device (104) of the transactor (106) has a mobile communications device application (102) resident therein and executable on one or more processors of the mobile communications device (104) such that, when executed by the mobile communications device (104), the mobile software application causes the mobile communications device (104) to perform operations, such as to prompt the transactor (106) for input, communicate messages to the transactor, perform encryption and/or modulation, place telephone calls or the like. Similarly, the mobile communications device (124) of the transactee may also have a mobile communications device application resident therein. [0052]The mobile communications device application (102), and in turn the mobile communications device (104), is configured to capture data relating to a mobile payment transaction. The data captured may be entered by the transactor (106) using the mobile communications device application (102) and may include one or more unique identifiers (105) of the transactor as well as payment information such as details of the mobile payment transaction.
[0053] The unique identifier (105) of the transactor may be one or more of the group of: a globally unique identifier (GUID); a personal identification number (PIN); or an international mobile station equipment identifier (IMEI); a media access control (MAC) address; a unique token; a key, an app identifier; or any other appropriate unique identifier. Furthermore, the unique identifier of the transactor may be a caller line identification number, such as a mobile subscriber integrated services digital network (MSISDN) number, which is identifiable or obtainable using caller line identification or any other appropriate service. In some embodiments, the unique identifier may be generated by the secure server and transmitted to the mobile communications device for storage in a digital storage thereof. In some embodiments, a combination of unique identifiers may be used, for example: a PIN and caller line identification number; a GUID and a PIN; a GUID, IMEI and a caller line identification number.
[0054]The GUID may be a 128-bit value, which may be displayed as 32 hexadecimal digits with groups separated by hyphens. An exemplary GUID may appear as the following: {334EA020-3AEC-1069-A2BD-09072B30369E}. GUIDs may be generated from random numbers and may contain 6 fixed bits saying they are random and 122 random bits. This number of different GUIDs is large such that the probability of the same GUID being generated randomly twice is small.
[0055] In some embodiments, one or more unique identifiers may be encrypted and stored in a digital storage of the mobile communications device. In some embodiments, the one or more unique identifiers may be stored in a secret or hidden location and may be adapted to appear to be something different. For example one or more unique identifiers may be masked; obfuscated; hidden in "plain sight", for example, in a picture file using steganography; embedded in a file; or any other applicable data hiding technique known to those skilled in the art. In other embodiments, one or more unique identifiers may be concealed in memory, slack space, hidden directories, bad blocks, alternate data streams, hidden partitions or the like so as to not be easily identifiable by an unscrupulous third party obtaining access the mobile communications device.
[0056] Accordingly, in embodiments of the invention the mobile communications device application (102) may be configured to prompt the transactor for a PIN, to capture a PIN entered by the transactor (106) and to include the PIN in the captured data for verification by the secure banking server (1 10). Similarly, in embodiments of the invention the application (102) may be configured to obtain the GUID and/or IMEI from a digital storage of the mobile communications device (104) and to include the GUID and/or IMEI in the captured data. In embodiments where the unique identifier is encrypted, hidden in a secret location, masked, obfuscated or embedded in a file, the mobile communications device application (102) is configured to retrieve and decrypt, where appropriate, the unique identifier and include the retrieved unique identifier in the captured data to be modulated into an audio stream. [0057] The payment information may at least include a transaction amount and transactee information. The transactee information may include one or both of: a unique identifier (125) of the transactee and financial account information of the transactee.
[0058] The mobile communications device application (102) may be further configured to encrypt the captured data and to modulate the encrypted data into an audio stream that is capable of being transmitted over an audio communications channel. [0059] Once the data has been modulated into an audio stream, the mobile communications device application (102) is configured to establish an audio communications channel (108) with a secure banking server (1 10) by placing a telephone call to the secure banking server (1 10). It may be that establishing an audio communications channel requires participation from the secure banking server (1 10). For example, the mobile communications device application (102) may be configured to attempt to establish an audio communications channel while the secure banking server (1 10), on the other hand, may be configured to allow the audio communications channel to be established. Thus the mobile communications device (104) may initiate an audio communications channel with the secure banking server by placing a call to the secure banking server (1 10), while the secure banking server (1 10) may then allow the audio communications channel to be established by answering the call.
[0060]The mobile communications device application (102) is further configured to transmit the modulated data in the form of the audio stream over the audio communications channel (108) to the secure banking server (1 10). The duration over which the mobile communications device application (102) transmits the audio stream is configured to be short. For example, the duration over the audio communications channel is active may be predefined and may, for example, be four seconds, three seconds, two seconds, one second or the like. As many mobile network operators only start billing a telephone call after, for example, two seconds, the duration over which the audio communications channel is active may thus be short enough to avoid incurring mobile network operator call charges. Of course, it is anticipated that the duration over which the audio communications channel is active will be adapted, where possible, as per relevant mobile network operators charging rules so as to avoid incurring call charges.
[0061] In another embodiment of the invention, the mobile communications device application (102) is configured to establish an audio communications channel with the secure banking server (1 10) and subsequently terminate the audio communications channel without transmitting the audio stream. The mobile communications device application (102) may then be configured to accept a subsequent audio communications channel being established by the secure banking server (1 10) and to transmit the modulated data in the form of the audio stream over the subsequent audio communications channel to the secure banking server (1 10). In this manner, the mobile communications device application (102) may be configured to "missed call" the secure banking server (1 10) so as to avoid incurring mobile network operator call charges. [0062] The secure banking server (1 10) may be any appropriate server computer or distributed server computer and is configured to receive data modulated onto an audio stream from the mobile communications device (104) of a transactor via an audio communications channel (108). The secure banking server (1 10) is then configured to demodulate the audio stream to obtain the data which may be used to conduct a mobile payment transaction.
[0063] In some embodiments, the data may be encrypted, in which case the secure banking server (1 10) is configured to decrypt the encrypted data to obtain the captured data which may be used to conduct a mobile payment transaction.
[0064] The secure banking server (1 10) in some embodiments may be configured to retrieve or obtain one or more unique identifiers (105) of the transactor (106). The secure banking server (1 10) may be configured to identify a caller line identification number, such as a mobile subscriber integrated services digital network (MSISDN) number, associated with the mobile communications device of the transactor using caller line identification (CLI). Alternatively or additionally, the secure banking server (1 10) may be configured to obtain a unique identifier (105) of the transactor (106) included in the captured data which may be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI), a unique token, a key, an application identifier or the like. [0065] Embodiments of the invention further provide for the secure banking server (1 10) to be configured to compare the unique identifier (105) of the transactor (106) with unique identifiers (1 13) stored on the database (1 12) in association with users registered with the secure banking server. In this manner the secure banking server (1 10) may be configured to verify whether or not the audio communications channel (108) has been established by a registered user of the system (100) and/or whether or not to enact a mobile payment transaction. For example, if a GUID retrieved from the audio stream does not correspond to a GUID of a registered user, the secure banking server may not enact a mobile payment transaction.
[0066] In some embodiments of the invention, the secure banking server (1 10) may be further configured to query the database (1 12) to identify a financial account associated with the unique identifier of the transactor. Furthermore, the secure banking server (1 10) may be configured to query the database (1 12) to identify a financial account of the transactee (126) using the unique identifier (125) of the transactee. The unique identifier (125) of the transactee may, for example, be a mobile subscriber integrated services digital network (MSISDN) number of the transactee.
[0067] As such, embodiments of the invention provide for the secure banking server (1 10) to be configured to conduct a mobile payment transaction from the financial account of the transactor (106). The mobile payment transaction may include making a cash deposit into a financial account of the transactee (126) or communicating a one-time PIN (OTP) to a mobile communications device (124) of the transactee for use by the transactee (126) in a cash withdrawal. The cash withdrawal may, for example, be an automatic teller machine cash withdrawal or a mobile money agent cash withdrawal where the transactee presents the OTP to the ATM or mobile money agent, as the case may be, so as to withdraw cash. [0068] In another embodiment of the invention, the mobile payment transaction may be a payment from a financial account of the transactee (126) to a financial account of the transactor (106). In such an embodiment, the transactee (126) may provide the transactor (106) with his or her unique identifier (125), for example an MSISDN, which the transactor (106) then enters into his or her mobile communications device (104). Upon receiving the captured data from the transactor's mobile communications device (104), the secure banking server (1 10) may then prompt the transactee (106) for his or her approval, for example, by placing a call to the transactee's mobile communications device (124) before conducting the mobile payment transaction. [0069] In some embodiments of the invention, the mobile communications device application (102) is configured to terminate the audio communications channel (108) before transmitting the audio stream. In this case the secure banking server (1 10) is configured to establish a subsequent audio communications channel with the mobile communications device (104) of the transactor and to receive data modulated onto an audio stream from the mobile communications device (104) of a transactor via the subsequent audio communications channel. [0070] As such, embodiments of the invention provide that the secure banking server (1 10) may be in data communication with the system database (1 12) on which the caller line identification (CLI) numbers, that is numbers which may be identified using caller line identification such as a mobile subscriber integrated services digital network (MSISDN) number associated with the mobile communications device (104), and/or the unique identifier of the transactor may be stored.
[0071] The secure banking server (1 10) is configured to retrieve the CLI (for example an MSISDN) and/or IMEI numbers of or from the mobile communications device (104) which is establishing the audio communications channel (108) with the secure banking server (1 10), and to compare such numbers with the CLI (or MSISDN) and/or IMEI numbers stored on the system database (1 12). If matching numbers are found, the secure banking server (1 10) will, in some embodiments, establish a subsequent audio communications channel (108) with the mobile communications device (104), however, if no matching number is found, the secure banking server (1 10) will not establish an audio communications channel (108) with the mobile communications device (104) (or will not allow further transactions to occur) and will transmit a connection failure notification to the mobile communications device (104).
[0072] Where an audio communications channel is established, the mobile communications device application (102) may transmit the modulated data to the secure banking server (1 10) over the audio communications channel. The secure banking server (1 10) may be enabled to receive audio communications over an audio communications channel and to demodulate the received audio communication into data capable of being processed by the secure banking server (1 10). Once the received audio stream has been demodulated, the secure banking server (1 10) may decrypt the transmitted data where appropriate and may perform a mobile payment transaction. Upon completion of the mobile payment transaction, the secure banking server (1 10) may generate a payment notification, modulate the payment notification into an audio stream capable of being transmitted over an audio communications channel and transmit the modulated notification to the mobile communications device (104) over the audio communications channel (108). In other embodiments the payment notification may be communicated to the communication device over another channel, for example a short messaging service (SMS) channel. As this is a payment notification and does not contain sensitive information, security or encryption of the communication is not paramount or necessary.
[0073] FIG. 1 B illustrates a block diagram of a system (160) for performing mobile payment transactions according to another embodiment of the invention. The system (160) comprises a mobile communications device application (162) that is installed on a mobile communications device (164) associated with a transactor (166). The mobile communications device (164) may be a mobile smartphone, a personal digital assistant, a laptop computer or a tablet computer. In the embodiment of FIG. 1 B, the mobile communications device (164) is a mobile smartphone. The mobile communications device application (162) is configured to capture data relating to a mobile payment transaction. The data captured is entered by the transactor (166) on the mobile communications device application (162) and may include a unique identifier of the transactor, such as a personal identification number (PIN), as well as details of the mobile payment transaction, such as a transaction amount and payee details.
[0074] The mobile communications device application (162) may be further configured to encrypt the captured data and to modulate the encrypted data into an audio stream that is capable of being transmitted over an audio communications channel. The modulation of the data into an audio stream may by means of amplitude modulation (AM), frequency modulation (FM), phase modulation (PM), quadrature amplitude modulation (QAM), frequency shift keying (FSK), phase shift keying (PSK), trellis code modulation (TCM), or the like
[0075] Once the encrypted data has been modulated into an audio stream, the mobile communications device application (162) may establish an audio communications channel (168) with a secure banking server (170) by placing a telephone call to the secure banking server. [0076] The secure banking server (170) may be in data communication with a system database (172) on which other unique identifiers such as a caller line identification (CLI) and/or international mobile station equipment identity (IMEI) numbers of all mobile communications devices registered on the system (160) may be stored. The secure banking server (170) may be configured to retrieve the CLI or IMEI number of the mobile communications device (164) which is establishing the audio communications channel (168) with the secure banking server (170), and may compare the number with the CLI and IMEI numbers stored on the system database (172). If matching numbers are found, the secure banking server (170) may establish an audio communications channel (168) with the mobile communications device (164) (i.e. allow the audio communications channel to be established), however, if no matching number is found, the secure banking server (170) may not establish an audio communications channel (168) with the mobile communications device (164) (and/or may not allow further transactions to occur) and may transmit a connection failure notification to the mobile communications device (164).
[0077] Where an audio communications channel (168) is established, the mobile communications device application (162) may transmit the modulated data to the secure banking server (170) over the audio communications channel (168). The secure banking server (170) may be enabled to receive audio communications over an audio communications channel and to demodulate the received audio communication into data capable of being processed by the secure banking server (170). Once the received communication has been demodulated, the secure banking server (170) may decrypt the transmitted data and perform a mobile payment transaction. Upon completion of the mobile payment transaction, the secure banking server (170) may generate a payment notification, modulate the payment notification into an audio stream capable of being transmitted over an audio communications channel and transmit the modulated notification to the mobile communications device (164) over the audio communications channel (168).
[0078] FIG. 2 is a block diagram which illustrates components of a mobile communications device (204) for performing mobile payment transactions according to embodiments of the invention. Embodiments of the invention provide for the mobile communications device (204) to have a mobile communications device application (202) resident therein and/or installed thereon. The components of the mobile communications device (204) may be provided by the mobile communications device application (202).
[0079] The components may include a data capturing component (206) for capturing data relating to a mobile payment transaction as well as a modulation component (208) for modulating the data onto an audio stream capable of being transmitted over an audio communications channel. An audio communications channel establishing component (210) may also be provided for establishing an audio communications channel with a secure banking server. Embodiments of the invention further provide a transmitting component (212) for transmitting the modulated data or audio stream over the audio communications channel to the secure banking server. An encryption component (214) may also be provided for encrypting the captured data before modulating it onto an audio stream.
[0080] FIG. 3 is a block diagram which illustrates components of a secure banking server (310) for performing mobile payment transactions according to embodiments of the invention. The secure banking server (310) includes a receiving component (312) for receiving, from a mobile communications device of a transactor via an audio communications channel, data modulated onto an audio stream and a demodulation component (314) for demodulating the audio stream to obtain the data which may be used to conduct a mobile payment transaction. The secure banking server (310) may also include a decryption component (316) for decrypting encrypted data to obtain the data which may be used to conduct a mobile payment transaction. The secure banking server (310) may further include a unique identifier obtaining component (318) for obtaining one or more unique identifiers of the transactor as well as a comparison component (320) for comparing the obtained unique identifier of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server. In some embodiments, the secure banking server may further include a mobile payment conducting component (322) for conducting a mobile payment transaction from the financial account of the transactor. [0081] FIG. 4 is a swim-lane flow diagram (400) which illustrates methods for performing a mobile payment transaction according to embodiments of the invention. The steps carried out by the mobile communications device (404) and the secure banking server (410) are illustrated in respective swim-lanes.
[0082] At a first step (1002), the mobile communications device (404) captures data relating to a mobile payment transaction. The step of capturing data may include capturing data entered by the transactor into the mobile communications device (404) or data received from another device. Furthermore, the step of capturing data may include obtaining a unique identifier from a digital storage of the mobile communications device (404) and/or receiving a unique identifier input by the user on the mobile communications device (404). In some embodiments, the captured data may include data received in a message, for example a short messaging service (SMS) message. The message may, for example, be received from a transactee's mobile communications device, a merchant's point-of-sales (POS) device or the like and may contain payment information and/or a transaction amount. In some embodiments, the message received at, and captured by, the mobile communications device of the transactor may already be encrypted.
[0083] At a next step (1004), the secure banking server (404) may encrypt the captured data and, in a following step (1006), modulates the data onto an audio stream capable of being transmitted over an audio communications channel.
[0084]The mobile communications device (404) then, in a following step (1008), establishes an audio communications channel with the secure banking server (410). The secure banking server may then allow the audio communications channel to be established by the mobile communications device (404) in a following step (1009). The mobile communications device (404) may then transmit the audio stream containing the modulated data over the audio communications channel to the secure banking server (410) in a next step (1010). The mobile communications device (404) terminates (101 1 ) the audio communications channel after the audio stream has been transmitted. The duration for which the audio communications channel is active is preferably less than three seconds so as to avoid incurring mobile network operator call charges. [0085] The data modulated onto an audio stream is then received by the secure banking server (410) from the mobile communications device (404) of a transactor via the audio communications channel in a following step (1012). The secure banking server (410) then, in a following step (1014), demodulates the audio stream to obtain the encrypted data. As the data is encrypted in this embodiment, the secure banking server (410) decrypts the encrypted data to obtain the data which may be used to conduct a mobile payment transaction in a next step (1016). [0086] In an additional step (1018), the secure banking server (410) obtains one or more unique identifiers of the transactor. This may include identifying a mobile subscriber integrated services digital network (MSISDN) number or any other appropriate communication address associated with the mobile communications device of the transactor using caller line identification (CLI). Additionally or alternatively, this step (1018) may include obtaining a unique identifier of the transactor included in the data which may be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
[0087] In a later step (1020), the secure banking server (410) compares the unique identifier of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server and, in a following step (1022), identifies a financial account of the transactor associated with the unique identifier such that, in a final step (1024), a mobile payment transaction may be conducted.
[0088] In some embodiments, the mobile communications device (404) does not terminate the audio communications channel after the audio stream has been transmitted. The mobile communications device (404) may wait for a transaction approval or denial message, as the case may be, to be modulated into an audio stream by the secure banking server (410) and transmitted to the mobile communications device (404) over the audio communications channel. Thereafter, the mobile communications device (404) may terminate the audio communications channel. In other embodiments, a transaction approval or denial message, as the case may be, may be transmitted to the mobile communications device (404) from the secure banking server via an alternate communication channel, for example a short messaging service (SMS) channel. [0089] FIG. 5 is a swim-lane flow diagram (500) which illustrates methods for performing a mobile payment transaction according to another embodiment of the invention. The steps carried out by the mobile communications device (504) and the secure banking server (510) are illustrated in respective swim-lanes.
[0090] The embodiment illustrated in FIG. 5 is similar to that of FIG. 4, differing in that the mobile communications device (504) establishes an audio communications channel with the secure banking server (510) at a step (1 108) similar to the corresponding step (1008) of FIG. 4 and then, in a following step (1 1 12), terminates the audio communications channel shortly after it is established.
[0091] At a step (1 1 10) intermediate these two steps (1 108, 1 1 12), the secure banking server (510) obtains one or more unique identifiers. The secure banking server may, for example, identify a caller line identification number, such as a mobile subscriber integrated services digital network (MSISDN) number associated with the mobile communications device (504), using caller line identification (CLI).
[0092] Using this unique identifier, the secure banking server (510) then, in a next step (1 1 14), establishes a subsequent audio communications channel with the mobile communications device (504). This may include a step (1 1 15) of the mobile communications device (504) allowing the audio communications channel to be established. The secure banking server (510) may for example use the unique identifier to call the mobile communications device (504) or alternatively may use the unique identifier to query a database and to obtain a number (e.g. an MSISDN) on which the mobile communications device (504) may be called.
[0093] Once the audio communications channel has been established, the mobile communications device (504) transmits the modulated data over the subsequent audio communications channel to the secure banking server (510) in a following step (1 1 16). [0094] The data modulated onto an audio stream is then received by the secure banking server (510) from the mobile communications device (504) of a transactor via the subsequent audio communications channel in a following step (1 1 18). The secure banking server (510) then, in a following step (1 120), demodulates the audio stream to obtain the encrypted data. As the data is encrypted in this embodiment, the secure banking server (510) decrypts the encrypted data to obtain the data which may be used to conduct a mobile payment transaction in a next step (1 122). [0095] In an additional step (1 124), the secure banking server (510) may obtain one or more other unique identifiers of the transactor. This may include obtaining a unique identifier of the transactor included in the data which may be one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
[0096] In a later step (1 126), the secure banking server (510) may compare the unique identifier of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server and, in a following step (1 128), query the database to identify a financial account associated with the unique identifier of the transactor such that, in a final step (1 130), a mobile payment transaction may be conducted from the financial account of the transactor. The one or more unique identifiers may further be used to authenticate the transactor.
[0097] FIG. 6 is a schematic diagram which illustrates an exemplary in-use scenario of a system for performing mobile payment transactions according to embodiments of the invention.
[0098] The figure illustrates a transactor (606) who is already registered with the system and has a mobile communications device application (602) installed on his or her mobile communications device (604) and is thus enabled to perform mobile payment transactions using the system. As such, a database of a secure banking server already contains a record of one or more unique identifiers of the transactor and may also contain payment information of the transactor (606). The one or more unique identifiers may be one or more of the group of: a mobile subscriber integrated services digital network (MSISDN) number associated with the mobile communications device (604) of the transactor; a globally unique identifier (GUID); a personal identification number (PIN), or an international mobile station equipment identifier (IMEI). Some of these unique identifiers (for example the GUID and PIN) may be kept private by the transactor and not revealed to anyone whilst others (for example the MSISDN or IMEI) may be public or easily obtainable.
[0099] The registered transactor (606) may, for example wish to pay a transactee an amount of money. The transactor (606), at a first step (1202), launches a mobile communications device application (602). The mobile communications device application (602) may then, at a next step (1204), capture data such as payment information by entered the transactor (606). The payment information may, for example, include a transaction amount and a unique identifier of a transactee to whom the money is to be paid. The mobile communications device application (602) may also capture a unique identifier of the transactor (606) such as a globally unique identifier (GUID) and/or an international mobile station equipment identifier (IMEI) from a digital storage of the mobile communications device (604).
[0100] At a next step (1206) of the exemplary scenario, the mobile communications device application (602) captures a unique identifier being a PIN of the transactor (606) and then modulates the all of the captured data onto an audio stream in a following step (1208). The mobile communications device application (602) then establishes an audio communications channel with the secure banking server (610) in a next step (1210). Once the audio communications channel has been established, the mobile communications device application (602) transmits the audio stream to the secure banking server (610) over the audio communications channel in a final step (1212).
[0101]The secure banking server (610) may then receive the audio stream, decode it to obtain the captured data and then use the data to conduct a mobile payment transaction from the financial account of the transactor to the transactee as has been described in the foregoing specification. [0102] FIG. 7 illustrates a flow diagram (1300) of a method for performing mobile payment transactions according to embodiments of the invention. At a first stage (1302), the transactor associated with the mobile communications device installs the mobile communications device application on the mobile communications device. Upon installation of the mobile communications device application, the transactor will be prompted to register with the system for mobile payment transactions. Once registered, the secure banking server will store the mobile communications device's CLI number (which may for example be an MSISDN or other communication address of the mobile communications device) and/or IMEI and/or one or more additional unique identifiers on the system database. [0103] At a next stage (1304), the transactor activates the mobile communications device application, and the application requests the user to enter his or her unique identifier (such as the user PIN) as well as the mobile payment transaction details. [0104] At a next stage (1306), the mobile communications device application captures the entered mobile payment transaction details, encrypts the captured data and modulates the encrypted data into an audio stream that is capable of being transmitted over an audio communications channel. [0105] At a next stage (1308), the mobile communications device application attempts to establish an audio communications channel with the secure banking server by placing a telephone call to the secure banking server. The secure banking server will retrieve the CLI and/or IMEI number from the mobile communications device establishing the audio communications channel and compare the retrieved number with the CLI and IMEI numbers of registered users stored on the system database. Where matching numbers are found, then at a next stage (1310), the secure banking server allows the audio communications channel with the mobile communications device to be established. However, if no matching number is found, then at a next stage (1312), the secure banking server does not allow the audio communications channel to be established with the mobile communications device, generates a connection failure notification and transmits the notification to the mobile communications device.
[0106]Where a CLI or IMEI number matches a number stored on the system database, and an audio communications channel is established between the mobile communications device and the secure banking server, then at a next stage (1314), the mobile communications device transmits the modulated payment transaction data over the audio communications channel to the secure banking server.
[0107] At a next stage (1316), the secure banking server receives the audio communication from the mobile communications device, demodulates the communication into data capable of being processed by the secure banking server and decrypts the received data. The secure banking server then performs the payment transaction in accordance with the received payment instruction.
[0108] Once the payment transaction has been completed, then at a last stage (1318), the secure banking server generates a payment notification, modulates the payment notification into an audio stream capable of being transmitted over an audio communications channel and transmits the modulated data to the mobile communications device. [0109] By making use of the audio channel for communication between the mobile communications device and the secure banking server and encrypting the contents of the communication, special or additional charges or tariffs or approval imposed by mobile network operators may be avoided. With the invention, no approval from mobile network operators is required as is the case when using USSD (which requires access to a mobile network operator USSD gateway) or when using a Subscriber Identity Module (SIM) Toolkit (STK), which requires space on a mobile network operator's SIM cards. As USSD gateways and SIM cards are typically controlled by mobile network operators, the mobile network operators may levy charges, sometimes being exorbitant, for the use of either a USSD gateway or space on a SIM card by mobile money financial institutions. This may erode the competitiveness of such institutions.
[0110] Furthermore, use of conventional mobile data channels, for example general packet radio service (GPRS), universal mobile telecommunication system (UMTS), third generation (3G) or fourth generation (4G) data channels are typically charged for by mobile network operators or other entities making them not a cost effective alternative. For example, many users in developing regions may not be able to afford data charges levied by mobile network operators and thus may elect not to make use of a mobile money system requiring use of such data channels. [0111] Similarly, the sending of SMS messages is typically also charged for by mobile network operators meaning that a user of a mobile money system may be required to have a prepaid account balance and also raises the cost of transacting.
[0112] Thus, by ensuring that the duration over which the audio communications channel is active is short, call charges imposed by mobile network operators may be kept to a minimum or preferably completely avoided. This may help to reduce the overall cost of transacting which may be particularly beneficial to transactors in developing nations. In cases where the mobile network operators start billing telephone calls after time periods which are too short for the transfer of the audio stream, the mobile communications device may rather terminate the call and receive a call back from the secure banking server over which the audio stream may be sent. Thus the secure banking server incurs the call charge and not the mobile communications device which helps to keep the cost of transacting for a user of the mobile money system to a minimum.
[0113] The invention has the further advantage that the transacting user can be identified by both a device hardware signature, such as the IMEI number and/or GUID, and a signature of the phone number or other communication address associated with the mobile communications device as provided by CLI (for example an MSISDN). This provides a higher level of certainty that the transacting user is the authorized person.
[0114] FIG. 8 illustrates an example of a computing device (800) in which various aspects of the disclosure may be implemented. The computing device (800) may be suitable for storing and executing computer program code. The various participants and elements in the previously described system diagrams may use any suitable number of subsystems or components of the computing device (800) to facilitate the functions described herein. [0115] The computing device (800) may include subsystems or components interconnected via a communication infrastructure (805) (for example, a communications bus, a cross-over bar device, or a network). The computing device (800) may include at least one central processor (810) and at least one memory component in the form of computer-readable media. [0116] The memory components may include system memory (815), which may include read only memory (ROM) and random access memory (RAM). A basic input/output system (BIOS) may be stored in ROM. System software may be stored in the system memory (815) including operating system software.
[0117] The memory components may also include secondary memory (820). The secondary memory (820) may include a fixed disk (821 ), such as a hard disk drive, and, optionally, one or more removable-storage interfaces (822) for removable- storage components (823).
[0118] The removable-storage interfaces (822) may be in the form of removable- storage drives (for example, magnetic tape drives, optical disk drives, floppy disk drives, etc.) for corresponding removable storage-components (for example, a magnetic tape, an optical disk, a floppy disk, etc.), which may be written to and read by the removable-storage drive.
[0119] The removable-storage interfaces (822) may also be in the form of ports or sockets for interfacing with other forms of removable-storage components (823) such as a flash memory drive, external hard drive, or removable memory chip, etc.
[0120] The computing device (800) may include an external communications interface (830) for operation of the computing device (800) in a networked environment enabling transfer of data between multiple computing devices (800). Data transferred via the external communications interface (830) may be in the form of signals, which may be electronic, electromagnetic, optical, radio, or other types of signal.
[0121] The external communications interface (830) may enable communication of data between the computing device (800) and other computing devices including servers and external storage facilities. Web services may be accessible by the computing device (800) via the communications interface (830).
[0122] The external communications interface (830) may also enable other forms of communication to and from the computing device (800) including, voice communication, near field communication, Bluetooth, etc.
[0123] The computer-readable media in the form of the various memory components may provide storage of computer-executable instructions, data structures, program modules, and other data. A computer program product may be provided by a computer-readable medium having stored computer-readable program code executable by the central processor (810).
[0124] A computer program product may be provided by a non-transient computer- readable medium, or may be provided via a signal or other transient means via the communications interface (830).
[0125] Interconnection via the communication infrastructure (805) allows a central processor (810) to communicate with each subsystem or component and to control the execution of instructions from the memory components, as well as the exchange of information between subsystems or components. [0126] Peripherals (such as printers, scanners, cameras, or the like) and input/output (I/O) devices (such as a mouse, touchpad, keyboard, microphone, joystick, or the like) may couple to the computing device (800) either directly or via an I/O controller (835). These components may be connected to the computing device (800) by any number of means known in the art, such as a serial port.
[0127] One or more monitors (845) may be coupled via a display or video adapter (840) to the computing device (800).
[0128] FIG. 9 shows a block diagram of a communication device (900) that may be used in embodiments of the disclosure. The communication device (900) may be a cell phone, a feature phone, a smart phone, a satellite phone, or a computing device having a phone capability.
[0129]The communication device (900) may include a processor (905) (e.g., a microprocessor) for processing the functions of the communication device (900) and a display (920) to allow a user to see the phone numbers and other information and messages. The communication device (900) may further include an input element (925) to allow a user to input information into the device (e.g., input buttons, touch screen, etc.), a speaker (930) to allow the user to hear voice communication, music, etc., and a microphone (935) to allow the user to transmit his or her voice through the communication device (900). [0130]The processor (910) of the communication device (900) may connect to a memory (915). The memory (915) may be in the form of a computer-readable medium that stores data and, optionally, computer-executable instructions.
[0131] The communication device (900) may also include a communication element (940) for connection to communication channels (e.g., a cellular telephone network, data transmission network, Wi-Fi network, satellite-phone network, Internet network, Satellite Internet Network, etc.). The communication element (940) may include an associated wireless transfer element, such as an antenna.
[0132] The communication element (940) may include a subscriber identity module (SIM) in the form of an integrated circuit that stores an international mobile subscriber identity and the related key used to identify and authenticate a subscriber using the communication device (900). One or more subscriber identity modules may be removable from the communication device (900) or embedded in the communication device (900).
[0133] The communication device (900) may further include a contactless element (950), which is typically implemented in the form of a semiconductor chip (or other data storage element) with an associated wireless transfer element, such as an antenna. The contactless element (950) may be associated with (e.g., embedded within) the communication device (900) and data or control instructions transmitted via a cellular network may be applied to the contactless element (950) by means of a contactless element interface (not shown). The contactless element interface may function to permit the exchange of data and/or control instructions between mobile device circuitry (and hence the cellular network) and the contactless element (950).
[0134] The contactless element (950) may be capable of transferring and receiving data using a near field communications (NFC) capability (or near field communications medium) typically in accordance with a standardized protocol or data transfer mechanism (e.g., ISO 14443/NFC). Near field communications capability is a short-range communications capability, such as radio-frequency identification (RFID), Bluetooth, infra-red, or other data transfer capability that can be used to exchange data between the communication device (900) and an interrogation device. Thus, the communication device (900) may be capable of communicating and transferring data and/or control instructions via both a cellular network and near field communications capability.
[0135]The data stored in the memory (915) may include: operation data relating to the operation of the communication device (900), personal data (e.g., name, date of birth, identification number, etc.), financial data (e.g., bank account information, a bank identification number (BIN), credit or debit card number information, account balance information, expiration date, loyalty provider account numbers, etc.), transit information (e.g., as in a subway or train pass), access information (e.g., as in access badges), etc. A user may transmit this data from the communication device (900) to selected receivers. [0136]The communication device (900) may be, amongst other things, a notification device that can receive alert messages and access reports, a portable merchant device that can be used to transmit control data identifying a discount to be applied, as well as a portable consumer device that can be used to make payments.
[0137] The foregoing description of the embodiments of the invention has been presented for the purpose of illustration; it is not intended to be exhaustive or to limit the invention to the precise forms disclosed. Persons skilled in the relevant art can appreciate that many modifications and variations are possible in light of the above disclosure.
[0138] Some portions of this description describe the embodiments of the invention in terms of algorithms and symbolic representations of operations on information. These algorithmic descriptions and representations are commonly used by those skilled in the data processing arts to convey the substance of their work effectively to others skilled in the art. These operations, while described functionally, computationally, or logically, are understood to be implemented by computer programs or equivalent electrical circuits, microcode, or the like. The described operations may be embodied in software, firmware, hardware, or any combinations thereof.
[0139] The software components or functions described in this application may be implemented as software code to be executed by one or more processors using any suitable computer language such as, for example, Java, C++, or Perl using, for example, conventional or object-oriented techniques. The software code may be stored as a series of instructions, or commands on a non-transitory computer- readable medium, such as a random access memory (RAM), a read-only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such computer-readable medium may also reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
[0140] Any of the steps, operations, or processes described herein may be performed or implemented with one or more hardware or software modules, alone or in combination with other devices. In one embodiment, a software module is implemented with a computer program product comprising a non-transient computer- readable medium containing computer program code, which can be executed by a computer processor for performing any or all of the steps, operations, or processes described.
[0141] Finally, the language used in the specification has been principally selected for readability and instructional purposes, and it may not have been selected to delineate or circumscribe the inventive subject matter. It is therefore intended that the scope of the invention be limited not by this detailed description, but rather by any claims that issue on an application based hereon. Accordingly, the disclosure of the embodiments of the invention is intended to be illustrative, but not limiting, of the scope of the invention, which is set forth in the following claims.

Claims

WHAT IS CLAIMED IS:
1 . A method for performing a mobile payment transaction, conducted at a mobile communications device of a transactor, the method comprising the steps of:
capturing data relating to a mobile payment transaction;
modulating the data into an audio stream capable of being transmitted over an audio communications channel;
establishing an audio communications channel with a secure banking server; and,
transmitting the audio stream over the audio communications channel to the secure banking server.
2. The method as claimed in claim 1 , wherein the step of modulating the data into an audio stream includes using any one of the group of: amplitude modulation (AM); frequency modulation (FM); phase modulation (PM); quadrature amplitude modulation (QAM); frequency shift keying (FSK); dual-tone multi-frequency (DTMF); on-off keying (OOK); audio frequency shift keying (AFSK); phase shift keying (PSK); trellis code modulation (TCM).
3. The method as claimed in either one of claim 1 or 2, wherein the step of capturing data includes capturing data entered by the transactor into the mobile communications device and wherein the captured data includes a unique identifier of the transactor and payment information.
4. The method as claimed in claim 3, wherein the unique identifier of the transactor is one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
5. The method as claimed in claim 4, wherein the step of capturing data includes a step of obtaining the GUID or IMEI from a digital storage of the mobile communications device.
6. The method as claimed in either one of claims 4 or 5, wherein the step of capturing data includes a step of receiving a PIN input by the transactor on the mobile communications device.
7. The method as claimed in any one of the preceding claims, wherein the step of capturing data includes receiving data in a message sent to the mobile communications device.
8. The method as claimed in any one of the preceding claims, wherein the method includes a step of encrypting the captured data.
9. The method as claimed in any one of the preceding claims, wherein the step of establishing an audio communications channel with the secure banking server includes placing a telephone call to the secure banking server.
10. The method as claimed in any one of the preceding claims, wherein a duration over which the audio communications channel is active is short enough to avoid incurring mobile network operator call charges.
1 1 . The method as claimed in claim 10, wherein the duration over which the audio communications channel is active is less than three seconds.
12. The method as claimed in either one of claims 10 or 1 1 , wherein,
the step of establishing an audio communications channel with the secure banking server includes subsequently terminating the audio communications channel, responsive to which a subsequent audio communications channel is established with the mobile communications device by the secure banking server, and wherein,
the step of transmitting the modulated data over the audio communications channel includes transmitting the modulated data over the subsequent audio communications channel.
13. A method for performing a mobile payment transaction, conducted at a secure banking server, and comprising the steps of: receiving, from a mobile communications device of a transactor via an audio communications channel, an audio stream into which captured data is modulated;
demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
14. The method as claimed in claim 13, wherein the data modulated into the audio stream is encrypted, and wherein the method includes a step of decrypting the encrypted data to obtain the data which are used to conduct a mobile payment transaction.
15. The method as claimed in either one of claims 13 or 14, wherein the audio communications channel is established by the mobile communications device.
16. The method as claimed in any one of claims 13 to 15, wherein the method includes a step of obtaining one or more unique identifiers of the transactor.
17. The method as claimed in claim 16, wherein the step of obtaining one or more unique identifier of the transactor includes:
identifying a caller line identification number associated with the mobile communications device of the transactor using caller line identification (CLI), wherein the caller line identification number is a mobile subscriber integrated services digital network (MSISDN) number.
18. The method as claimed in claimed 16 or 17, wherein the step of obtaining one or more unique identifiers of the transactor includes:
obtaining a unique identifier of the transactor included in the data and wherein the unique identifier of the transactor included in the data is one or more of the group of: a globally unique identifier (GUID), a personal identification number (PIN), or an international mobile station equipment identifier (IMEI).
19. The method as claimed in any one of claims 16 to 18, wherein the method includes a step of comparing the one or more unique identifier of the transactor with unique identifiers stored on a database in association with users registered with the secure banking server.
20. The method as claimed in any one of claims 13 to 19, wherein the captured data includes payment information, wherein the payment information at least includes a transaction amount and transactee information, and wherein the transactee information includes one or both of: a unique identifier of the transactee and financial account information of the transactee.
21 . The method as claimed in claim 20, wherein the unique identifier of the transactee is a mobile subscriber integrated services digital network (MSISDN) number of the transactee.
22. The method as claimed in any one of claims 16 to 21 , wherein the method includes a step of querying the database to identify a financial account associated with the unique identifier of the transactor.
23. The method as claimed in claim 22, wherein the method includes the step of conducting a mobile payment transaction from the financial account of the transactor, and wherein conducting a mobile payment transaction includes making a deposit into a financial account of the transactee or communicating a one-time PIN (OTP) to a mobile communications device of the transactee for use by the transactee in a cash withdrawal.
24. The method as claimed in any one of claims 13 to 23, wherein the audio communications channel is established and subsequently terminated by the mobile communications device and wherein responsive to the termination of the audio communications channel, the secure banking server establishes a subsequent audio communications channel with the mobile communications device.
25. A system for performing a mobile payment transaction comprising a mobile communications device of a transactor, which has:
a data capturing component for capturing data relating to a mobile payment transaction; a modulation component for modulating the data into an audio stream capable of being transmitted over an audio communications channel;
an audio communication establishing component for establishing an audio communications channel with a secure banking server; and,
a transmitting component for transmitting the audio stream over the audio communications channel to the secure banking server.
26. A system for performing a mobile payment transaction comprising a secure banking server which has:
a receiving component for receiving, from a mobile communications device of a transactor, via an audio communications channel, an audio stream onto which data is modulated; and,
a demodulation component for demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
27. A computer program product for performing a mobile payment transaction, the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit to perform the steps of:
capturing data relating to a mobile payment transaction;
modulating the data into an audio stream capable of being transmitted over an audio communications channel;
establishing an audio communications channel with a secure banking server; and,
transmitting the audio stream over the audio communications channel to the secure banking server.
28. A computer program product for performing a mobile payment transaction, the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit to perform the steps of:
receiving, from a mobile communications device of a transactor, via an audio communications channel, an audio stream onto which data is modulated; demodulating the audio stream to obtain the data which are used to conduct a mobile payment transaction.
PCT/IB2014/058355 2013-01-17 2014-01-17 Mobile payment system WO2014111888A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA201300453 2013-01-17
ZA2013/00453 2013-01-17

Publications (1)

Publication Number Publication Date
WO2014111888A1 true WO2014111888A1 (en) 2014-07-24

Family

ID=51209079

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2014/058355 WO2014111888A1 (en) 2013-01-17 2014-01-17 Mobile payment system

Country Status (1)

Country Link
WO (1) WO2014111888A1 (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9652770B1 (en) 2014-04-30 2017-05-16 Wells Fargo Bank, N.A. Mobile wallet using tokenized card systems and methods
US10445739B1 (en) 2014-08-14 2019-10-15 Wells Fargo Bank, N.A. Use limitations for secondary users of financial accounts
US10997592B1 (en) 2014-04-30 2021-05-04 Wells Fargo Bank, N.A. Mobile wallet account balance systems and methods
US11074577B1 (en) 2018-05-10 2021-07-27 Wells Fargo Bank, N.A. Systems and methods for making person-to-person payments via mobile client application
US11288660B1 (en) 2014-04-30 2022-03-29 Wells Fargo Bank, N.A. Mobile wallet account balance systems and methods
US11295297B1 (en) 2018-02-26 2022-04-05 Wells Fargo Bank, N.A. Systems and methods for pushing usable objects and third-party provisioning to a mobile wallet
US11410161B1 (en) 2014-04-30 2022-08-09 Wells Fargo Bank, N.A. Mobile wallet systems and methods
US11461766B1 (en) 2014-04-30 2022-10-04 Wells Fargo Bank, N.A. Mobile wallet using tokenized card systems and methods
US11468414B1 (en) 2016-10-03 2022-10-11 Wells Fargo Bank, N.A. Systems and methods for establishing a pull payment relationship
US11568389B1 (en) 2014-04-30 2023-01-31 Wells Fargo Bank, N.A. Mobile wallet integration within mobile banking
US11610197B1 (en) 2014-04-30 2023-03-21 Wells Fargo Bank, N.A. Mobile wallet rewards redemption systems and methods
US11615401B1 (en) 2014-04-30 2023-03-28 Wells Fargo Bank, N.A. Mobile wallet authentication systems and methods
US11775955B1 (en) 2018-05-10 2023-10-03 Wells Fargo Bank, N.A. Systems and methods for making person-to-person payments via mobile client application
US11853919B1 (en) 2015-03-04 2023-12-26 Wells Fargo Bank, N.A. Systems and methods for peer-to-peer funds requests
US11948134B1 (en) 2019-06-03 2024-04-02 Wells Fargo Bank, N.A. Instant network cash transfer at point of sale
US11995621B1 (en) 2021-10-22 2024-05-28 Wells Fargo Bank, N.A. Systems and methods for native, non-native, and hybrid registration and use of tags for real-time services

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040082000A (en) * 2003-03-17 2004-09-23 주식회사 비즈모델라인 System and Method for Mobile Payment
US20050177484A1 (en) * 2004-01-16 2005-08-11 Keith Jentoft Audio-equipped transaction card systems and approaches
KR20070047938A (en) * 2005-11-03 2007-05-08 주식회사 하렉스인포텍 Audio card information receive combination apparatus of card inquiry device
US20110106699A1 (en) * 2007-08-23 2011-05-05 Target Brands, Inc. Transaction card with audio file pitch transformation
US20120061467A1 (en) * 2009-02-10 2012-03-15 4361423 Canada Inc. Apparatus and method for commercial transactions using a communication device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040082000A (en) * 2003-03-17 2004-09-23 주식회사 비즈모델라인 System and Method for Mobile Payment
US20050177484A1 (en) * 2004-01-16 2005-08-11 Keith Jentoft Audio-equipped transaction card systems and approaches
KR20070047938A (en) * 2005-11-03 2007-05-08 주식회사 하렉스인포텍 Audio card information receive combination apparatus of card inquiry device
US20110106699A1 (en) * 2007-08-23 2011-05-05 Target Brands, Inc. Transaction card with audio file pitch transformation
US20120061467A1 (en) * 2009-02-10 2012-03-15 4361423 Canada Inc. Apparatus and method for commercial transactions using a communication device

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11587058B1 (en) 2014-04-30 2023-02-21 Wells Fargo Bank, N.A. Mobile wallet integration within mobile banking
US11748736B1 (en) 2014-04-30 2023-09-05 Wells Fargo Bank, N.A. Mobile wallet integration within mobile banking
US9652770B1 (en) 2014-04-30 2017-05-16 Wells Fargo Bank, N.A. Mobile wallet using tokenized card systems and methods
US11935045B1 (en) 2014-04-30 2024-03-19 Wells Fargo Bank, N.A. Mobile wallet account provisioning systems and methods
US11593789B1 (en) 2014-04-30 2023-02-28 Wells Fargo Bank, N.A. Mobile wallet account provisioning systems and methods
US11288660B1 (en) 2014-04-30 2022-03-29 Wells Fargo Bank, N.A. Mobile wallet account balance systems and methods
US11928668B1 (en) 2014-04-30 2024-03-12 Wells Fargo Bank, N.A. Mobile wallet using tokenized card systems and methods
US11295294B1 (en) 2014-04-30 2022-04-05 Wells Fargo Bank, N.A. Mobile wallet account provisioning systems and methods
US11410161B1 (en) 2014-04-30 2022-08-09 Wells Fargo Bank, N.A. Mobile wallet systems and methods
US11423393B1 (en) 2014-04-30 2022-08-23 Wells Fargo Bank, N.A. Mobile wallet account balance systems and methods
US11461766B1 (en) 2014-04-30 2022-10-04 Wells Fargo Bank, N.A. Mobile wallet using tokenized card systems and methods
US11610197B1 (en) 2014-04-30 2023-03-21 Wells Fargo Bank, N.A. Mobile wallet rewards redemption systems and methods
US11568389B1 (en) 2014-04-30 2023-01-31 Wells Fargo Bank, N.A. Mobile wallet integration within mobile banking
US11574300B1 (en) 2014-04-30 2023-02-07 Wells Fargo Bank, N.A. Mobile wallet systems and methods using trace identifier using card networks
US10997592B1 (en) 2014-04-30 2021-05-04 Wells Fargo Bank, N.A. Mobile wallet account balance systems and methods
US11663599B1 (en) 2014-04-30 2023-05-30 Wells Fargo Bank, N.A. Mobile wallet authentication systems and methods
US11651351B1 (en) 2014-04-30 2023-05-16 Wells Fargo Bank, N.A. Mobile wallet account provisioning systems and methods
US11615401B1 (en) 2014-04-30 2023-03-28 Wells Fargo Bank, N.A. Mobile wallet authentication systems and methods
US11645647B1 (en) 2014-04-30 2023-05-09 Wells Fargo Bank, N.A. Mobile wallet account balance systems and methods
US11132693B1 (en) 2014-08-14 2021-09-28 Wells Fargo Bank, N.A. Use limitations for secondary users of financial accounts
US10445739B1 (en) 2014-08-14 2019-10-15 Wells Fargo Bank, N.A. Use limitations for secondary users of financial accounts
US11853919B1 (en) 2015-03-04 2023-12-26 Wells Fargo Bank, N.A. Systems and methods for peer-to-peer funds requests
US11468414B1 (en) 2016-10-03 2022-10-11 Wells Fargo Bank, N.A. Systems and methods for establishing a pull payment relationship
US11734657B1 (en) 2016-10-03 2023-08-22 Wells Fargo Bank, N.A. Systems and methods for establishing a pull payment relationship
US11295297B1 (en) 2018-02-26 2022-04-05 Wells Fargo Bank, N.A. Systems and methods for pushing usable objects and third-party provisioning to a mobile wallet
US11775955B1 (en) 2018-05-10 2023-10-03 Wells Fargo Bank, N.A. Systems and methods for making person-to-person payments via mobile client application
US11074577B1 (en) 2018-05-10 2021-07-27 Wells Fargo Bank, N.A. Systems and methods for making person-to-person payments via mobile client application
US11948134B1 (en) 2019-06-03 2024-04-02 Wells Fargo Bank, N.A. Instant network cash transfer at point of sale
US11995621B1 (en) 2021-10-22 2024-05-28 Wells Fargo Bank, N.A. Systems and methods for native, non-native, and hybrid registration and use of tags for real-time services

Similar Documents

Publication Publication Date Title
WO2014111888A1 (en) Mobile payment system
US11687920B2 (en) Facilitating a fund transfer between user accounts
CN105934771B (en) Automatic account provisioning
EP2316169B1 (en) Systems, methods, and computer readable media for providing for secure offline data transfer between wireless smart devices
EP1277301B1 (en) Method for transmitting payment information between a terminal and a third equipement
US9660814B2 (en) Providing digital certificates
US20190251561A1 (en) Verifying an association between a communication device and a user
US20100010932A1 (en) Secure wireless deposit system and method
CN111357025A (en) Secure QR code services
EP2961094A1 (en) System and method for generating a random number
CN109039652B (en) Digital certificate generation and application method
US10404475B2 (en) Method and system for establishing a secure communication tunnel
US20140180931A1 (en) System and Method for Secure Wi-Fi- Based Payments Using Mobile Communication Devices
WO2016088087A1 (en) Third party access to a financial account
EP1142194A1 (en) Method and system for implementing a digital signature
EP2824603A2 (en) System and method for authenticating public keys
WO2013140196A1 (en) A system for electronic payments with privacy enhancement via trusted third parties
CN105160531B (en) Transaction data processing method and processing device
CN102487320B (en) Method and system used for automatic teller machine identity authentication
CN111652612B (en) Mobile payment method and device
US20170024729A1 (en) Secure Transmission of Payment Credentials
WO2020058861A1 (en) A payment authentication device, a payment authentication system and a method of authenticating payment
JP2004110487A (en) Electronic settlement authentication system
CN114549192A (en) Mobile terminal digital currency transaction method free of digital wallet installation
Çabuk et al. WIDIPAY: A CROSS-LAYER DESIGN FOR MOBILE PAYMENT SYSTEM OVER LTE DIRECT

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14740934

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14740934

Country of ref document: EP

Kind code of ref document: A1