WO2015022712A1 - Method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface - Google Patents

Method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface Download PDF

Info

Publication number
WO2015022712A1
WO2015022712A1 PCT/IT2014/000213 IT2014000213W WO2015022712A1 WO 2015022712 A1 WO2015022712 A1 WO 2015022712A1 IT 2014000213 W IT2014000213 W IT 2014000213W WO 2015022712 A1 WO2015022712 A1 WO 2015022712A1
Authority
WO
WIPO (PCT)
Prior art keywords
payment terminal
server
user device
short range
transaction
Prior art date
Application number
PCT/IT2014/000213
Other languages
French (fr)
Inventor
Marco Gagliardi
Marcello MORENA
Laura LANCIA
Alice MORONI
Serena SPOSATO
Marco Carboni
Ylenia DE ROSA
Original Assignee
Aliena S.R.L.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aliena S.R.L. filed Critical Aliena S.R.L.
Publication of WO2015022712A1 publication Critical patent/WO2015022712A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]

Definitions

  • the present disclosure relates to the technical field of computer systems and methods for performing electronic transactions and relates in particular to a method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface.
  • So-called mobile proximity payment computer systems which, in order to pay for goods or a service, require a physical proximity between a user device held by the purchaser and a tool which enables payment, i.e. a payment terminal, held by the vendor or by the tradesperson .
  • NFC Near Field Communication
  • This technology allows wireless connections with short range radio frequency to be established between electronic devices.
  • the NFC devices overcome the distinction between reader and tags and that between active and passive apparatuses, since they are able to operate both in active mode, which means that every NFC node can generate its radio frequency field for transmitting data, and in passive mode, wherein only one of the two devices generates an RF field, as occurs for the RFID systems.
  • the NFC technology currently operates at the frequency of 13.56 MHz (HF band) and can reach at present a maximum transmission rate of 424 Kbit/s.
  • the NFC technology can be used in three different ways, indicated below:
  • Reader/writer - in which the NFC device reads and writes a passive tag, which can perform functions of simple identification, storage and processing of data or protection of content through encoding;
  • Peer-to-peer - in which two NFC devices (initiator and target), placed together within a range for example of 4cm, create a peer-to-peer network via which both devices can send and receive information;
  • Card emulation in which the NFC device is recognised by an external reader (connected to the PC or another device in reader/writer mode) as a tag with identifier, memory and functions of processing and encoding. In card emulation mode the device can perform credit card or mobile wallet functions.
  • a problem felt in electronic transactions is that of protecting some particularly sensitive identification data (such as for example a credit card number, its expiry date and the name of the holder) which allow the same electronic transactions to be performed, in order to avoid that these data are intercepted by the ill- intentioned with fraudulent aims.
  • some particularly sensitive identification data such as for example a credit card number, its expiry date and the name of the holder
  • a secure element is generally provided in mobile proximity payment computer systems of the prior art.
  • the secure element is a tamper-resistant chip able to host securely confidential data and applications in accordance with laws and with the security requirements provided by a series of clearly defined authorities.
  • the secure element can be provided inside the user device, for example inside a smartphone, in this case the development of the secure element is the prerogative of the producer of the smartphone, who can therefore equip the device beforehand enabling it to host the applications in a "secure" place.
  • a choice of this type can inevitably guarantee a total independence from the network operator both for the issuer of the instrument of credit and for the end user.
  • this solution has the disadvantage of requiring the end user to be equipped with a specific smartphone (possibly new or additional) without however having to change operator.
  • WO 2010/033968 and US 2013/091452 discloses prior art solutions which use secure elements.
  • the secure element can be provided inside the SIM (UICC hosted) .
  • SIM user interface
  • this possibility requires the implementation of the secure element by the network operator, who provides a secure environment inside the SIM.
  • a choice of this type is configured as an alternative to the first solution, but despite this it does not free the end user from having to be equipped with a particular device, and also binds the end user and the issuer of the instrument of credit to the network operator.
  • the secure element can be provided inside a removable medium (removable embedded hardware) .
  • a removable medium removable embedded hardware
  • SMC secure memory card
  • the object of the present disclosure is to make available a method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface which is such as to overcome at least in part the problems and the disadvantages described above with reference to the prior art.
  • FIG. 1 shows a flow chart of an exemplary embodiment of a method of performing electronic transactions by means of a user device provided with a short range wireless communication interface
  • FIG. 2 shows a functional block diagram by way of a non-limiting example of a computer system adapted to perform the method of Figure 1.
  • 10 denotes overall the flow chart of a method for performing electronic transactions by means of a user device provided with a short range wireless communication interface.
  • the method 10 of Figure 1 will be described after having given with reference to Figure 2 a description at a general level of a computer system 100 adapted to perform the abovementioned method 10 and in particular configured for performing said method 10.
  • Figure 2 shows the functional block diagram by way of a non-limiting example of a computer system 100 by means of which the method 10 of Figure 1 can be implemented.
  • the computer system 100 comprises:
  • a user device 101 that is a mobile terminal by means of which a user (henceforth also "end user” or “purchaser”) can authorise a transaction, provided with a short range wireless communication interface;
  • a payment terminal 102 comprising a short range wireless communication interface and further comprising an interface for connection to a telecommunications network;
  • the abovementioned telecommunications network 103 at least one server 104, 105 whereto the aforementioned payment terminal 102 can connect by means of the telecommunications network 103.
  • the user device 101 which represents the device held by the purchaser, is for example a smartphone, a tablet PC or a dedicated device and is provided with a short range wireless communication interface, for example an NFC interface.
  • the user device 101 preferably comprises a data processing unit, a data display unit and a data input unit.
  • a software application is installed on board the user device 101 which allows the user device 101 to communicate with the payment terminal 102.
  • the aforesaid short range communication interface is a Transferjet or Bluetooth Low Energy wireless interface.
  • short range communication interface refers to an interface suitable for connecting with an interface of identical or similar type if the distance between said interfaces is shorter than thirty centimetres and preferably shorter than 15 centimetres (and more preferably shorter than five centimetres in the case of NFC and TransferJet) .
  • the payment terminal 102 is intended to be used by a vendor or by a tradesperson and is for example a tablet PC, a smartphone or a POS (point of sale) device.
  • the payment terminal 102 is such as to communicate by means of its short range wireless connection interface with the user device 101.
  • the short range wireless communication interface of the payment terminal 102 is of a type compatible with that of the user device 101 and for this reason is for example an interface of the NFC type or a Transfer et or Bluetooth Low Energy wireless interface.
  • the at least one server 104, 105 (henceforth for the sake of simplicity also referred to as “server 104,105”) is a hardware/software system which can take the shape irrespectively either of a single processor on which different software modules run and having a data base or of a distributed assembly of processors and data bases interconnected one with the other, each one intended to perform one or more specific functions.
  • the server 104, 105 represents the entity, or the assembly of hardware/software components, intended to receive the requests of various payment terminals 102 to allow the user devices 101 to perform the transactions.
  • the server 104, 105 comprises a front end server 104 " S", which is for example a web server, and a back end server 105, which represents the server effectively intended to manage the electronic transactions.
  • the network 103 is Internet
  • the back end server 105 can be in turn divided into a series of physical and/or logic entities and for example can comprise, in a joint manner according to all the possible combinations or disjointed, the following hardware and/or software entities:
  • CM sensitive data of the instruments of credit and/or of the current accounts of the purchasers
  • CD relative database 113
  • a communication module 114 "PM" intended to request finalisation of the transactions authorised by users at an external payment gateway and/or at a virtual POS 116 "VPOS", so that these are finalised by a module of processing of payments, and/or by the virtual POS 116, for example controlled or held by the institutions issuing the instruments of credit and/or by the banking institutions;
  • module 115 RM intended to issue receipts of payment.
  • the sensitive data are stored in encoded form and the management module 112 "CM" intended for the access of the sensitive data of the instruments of credit and/or of the current accounts has exclusive access to these sensitive data and has exclusive power to decode them.
  • the management module 112 can send said sensitive data to the communication module 114 "PM” so that the latter can request finalisation of the transactions authorised by users at an external payment gateway and/or at a virtual POS 116 "VPOS".
  • the requests for finalisation of the transactions are sent by the communication module 114 "PM” via a communication channel which is secure and encoded (for example using the HTTP/SSL protocol) .
  • the management module 108 "MIM" inside the database 109 "MD" the data of the vendors or of the tradespeople and the data of the respective payment terminals 102 are stored and the management module 108 "MIM" has exclusive access to these data.
  • the access to these data preferably allows the management module 108 "MIM” to identify autonomously decoding codes for decoding encoded messages from the payment terminals 102.
  • the data of the users are contained and the management module 110 "UIM” has exclusive access to these data.
  • the access to these data preferably allows the management module 110 "UIM” to identify autonomously decoding codes for decoding encoded messages from the user terminals 101.
  • the method 10 comprises the following steps, preferably performed in the sequence indicated below:
  • the method 10 comprises a phase of validating 19 the aforesaid fifth message by the server 104, 105.
  • the aforesaid phase of validating 19 for example comprises an operation of controlling the integrity and/or the authenticity of the fifth message.
  • the first message sent at step a) represents a request for initialisation/launch of a transaction and this implies that it is the payment terminal 102 which initiates the method 10.
  • the first message is preferably sent from the payment terminal 102 to the server 104, 105 without any participation by the user device 101 (and therefore without any participation by the user and without any reference to the user or to his or her card) .
  • the transaction which is started following sending of the first message is a transaction which can be potentially completed by any user device of the system. In fact all the information relative to the user and to his or her intention to perform the transaction is provided in a subsequent phase .
  • Said first message is preferably sent from the payment terminal 102 to the server 104, 105 independently from any interaction between said payment terminal 102 and said user device 101.
  • step a) of sending the first message preferably represents in absolute terms the first action of communication between the user device 101, the payment terminal 102 and the server 104, 105 required for starting a specific transaction.
  • the method 10 comprises preferably a step 16 of entering a PIN in the user device 101 and of encoding at least part of the fourth message with a code known to said server 104, 105 and obtained starting from said PIN.
  • the user device 101 holds:
  • indirect identification datum is intended to specify that this datum is not a real number of current account or of instrument of credit but is a datum which allows the server 104, 105 to identify the real number of account or of cards on the basis of data exclusively accessible to the server 104, 105.
  • the first message preferably comprises data at least part whereof are encoded by the payment terminal 102.
  • Said encoded data preferably comprise the amount of the transaction.
  • the method of encoding it is possible for example to provide for the payment terminal to hold: - the public code of the server 104, 105;
  • a seed for generating one-time passwords for example of the TOTP, time-based one-time password, type
  • a token with limited-time validity for example daily, for example obtained in the phase of starting following authentication of the vendor by means of the entering of a PIN in the payment terminal 102.
  • the first message preferably further comprises an uncoded datum adapted to identify the payment terminal 102 (i.e. which allows the server 104, 105 to perform this identification) and the encoded datum relative to the amount of the transaction.
  • the second permission message is preferably a message encoded by the server 104, 105 comprising the following encoded data:
  • the server 104, 105 is preferably in possession of the following information:
  • TOTP time-based one-time passwords
  • the third message is preferably an encoded message, comprising the following data:
  • the fourth message preferably comprises data at least part whereof are encoded by the user terminal 101.
  • Said encoded data preferably comprise the datum relative to the amount of the transaction, the identification datum of the payment terminal 102, the identification datum of the transaction, an indirect identification datum of an instrument of credit or of a current account of the user.
  • "indirect identification datum” is intended to specify that this datum is not a real number of current account or of instrument of credit but is a datum which allows the server 104, 105 to identify the real number of account or of cards on the basis of data exclusively accessible to the server 104, 105.
  • the first message preferably further comprises an uncoded datum univocally identifying the user 101 (i.e. which allows the server 104, 105 to perform this identification univocally) .
  • the aforesaid fifth message corresponds to the fourth message as processed by the payment terminal 102 for the sending via a secure protocol over a telecommunications network such as Internet, for example via the HTTP/SSL protocol.
  • the server 104, 105 contains directly identifying encoded sensitive data of the instrument of credit or of the current account of the user.
  • the step of validating 19 comprises a decoding operation of the encoded sensitive data by the server 104, 105. For example this decoding is performed by the module of management 112 of the data of the instruments of credit and/or of the current accounts 112 CM by request of the module of management of the transactions 106 T and passing via the communication module 114 P .
  • the server 104, 105 has exclusive access to the sensitive encoded data directly identifying the instruments of credit and/or the current accounts of the users and has exclusive powers for decoding them. In other words only the server 104, 105 is allowed both access to sensitive encoded data directly identifying the instruments of credit and/or the current accounts of the users and has exclusive powers for decoding said encoded sensitive data.
  • the short range wireless communication interfaces of the user device 101 and of the payment terminal 102 are NFC interfaces.
  • the short range communication interfaces operate in peer-to-peer mode.
  • the user device 101 operates in reading mode and in the second short range connection the user device 101 operates in writing mode.
  • the short range wireless communication interfaces of the user device 101 and of the payment terminal 102 are Transferjet or Bluetooth Low Energy interfaces.
  • the solution proposed moreover allows the abovementioned problem of interoperability of the solutions of the prior art to be overcome in that it is independent of the hardware of the user device and is independent of the telephone operators (or of the network operators) . It is also observed that in the case wherein the user device 101 is a smartphone this solution functions also in the absence of a telephone wireless network or data of the operator, since upon authorisation of the transaction the smartphone communicates exclusively with the payment terminal 102 via the short range connection interface and it is instead the payment terminal 102 which deals with the remote communications with the server 104, 105. Moreover it is noted that it is possible to guarantee the security of the transaction also with respect to a procedure which is particularly simple and intuitive for the end user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

A description is given of a method (10) of performing electronic transactions by means of: a user device (101) provided with a short range wireless communication interface; a payment terminal (102) comprising a short range wireless communication interface and further comprising an interface for connection to a telecommunications network (103); - at least one server (104) connected to the payment terminal (102) by means of the telecommunications network (103). The method described allows transactions to be performed securely given that no sensitive datum directly identifying instruments of credit and/or current accounts is transmitted between the user device 101 and the payment terminal 102 and between the payment terminal 102 and the server 103, 104.

Description

"Method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface"
***
DESCRIPTION
The present disclosure relates to the technical field of computer systems and methods for performing electronic transactions and relates in particular to a method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface.
So-called mobile proximity payment computer systems are known and which, in order to pay for goods or a service, require a physical proximity between a user device held by the purchaser and a tool which enables payment, i.e. a payment terminal, held by the vendor or by the tradesperson .
Mobile proximity payment computer systems are particularly known which are based on the NFC (Near Field Communication) technology. This technology allows wireless connections with short range radio frequency to be established between electronic devices. Unlike the simpler RFID devices, the NFC devices overcome the distinction between reader and tags and that between active and passive apparatuses, since they are able to operate both in active mode, which means that every NFC node can generate its radio frequency field for transmitting data, and in passive mode, wherein only one of the two devices generates an RF field, as occurs for the RFID systems. The NFC technology currently operates at the frequency of 13.56 MHz (HF band) and can reach at present a maximum transmission rate of 424 Kbit/s.
The NFC technology can be used in three different ways, indicated below:
· Reader/writer - in which the NFC device reads and writes a passive tag, which can perform functions of simple identification, storage and processing of data or protection of content through encoding;
• Peer-to-peer - in which two NFC devices (initiator and target), placed together within a range for example of 4cm, create a peer-to-peer network via which both devices can send and receive information;
• Card emulation: in which the NFC device is recognised by an external reader (connected to the PC or another device in reader/writer mode) as a tag with identifier, memory and functions of processing and encoding. In card emulation mode the device can perform credit card or mobile wallet functions.
A problem felt in electronic transactions is that of protecting some particularly sensitive identification data (such as for example a credit card number, its expiry date and the name of the holder) which allow the same electronic transactions to be performed, in order to avoid that these data are intercepted by the ill- intentioned with fraudulent aims.
For this purpose a secure element is generally provided in mobile proximity payment computer systems of the prior art. The secure element is a tamper-resistant chip able to host securely confidential data and applications in accordance with laws and with the security requirements provided by a series of clearly defined authorities.
Substantially the secure element can be provided inside the user device, for example inside a smartphone, in this case the development of the secure element is the prerogative of the producer of the smartphone, who can therefore equip the device beforehand enabling it to host the applications in a "secure" place. A choice of this type can inevitably guarantee a total independence from the network operator both for the issuer of the instrument of credit and for the end user. However this solution has the disadvantage of requiring the end user to be equipped with a specific smartphone (possibly new or additional) without however having to change operator. WO 2010/033968 and US 2013/091452 discloses prior art solutions which use secure elements.
Alternatively the secure element can be provided inside the SIM (UICC hosted) . In contrast to the previous case, this possibility requires the implementation of the secure element by the network operator, who provides a secure environment inside the SIM. A choice of this type is configured as an alternative to the first solution, but despite this it does not free the end user from having to be equipped with a particular device, and also binds the end user and the issuer of the instrument of credit to the network operator.
Alternatively, the secure element can be provided inside a removable medium (removable embedded hardware) . This solution, which can provide for the installation of the secure element for example inside an additional SMC (secure memory card) , such as those provided in many smartphone models, could appear as a good compromise between the first two possibilities: independence from the network operator and independence from the producer of smartphones. It is considered, however, that the use of a removable medium could succeed in guaranteeing security levels which are below those guaranteed by the first two solutions.
The object of the present disclosure is to make available a method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface which is such as to overcome at least in part the problems and the disadvantages described above with reference to the prior art.
This object is achieved by means of a method as defined in general in claim 1 and by means of a computer system as defined in claim 14. Preferred and advantageous embodiments of the abovementioned method and of the abovementioned computer system are defined in the appended dependent claims.
The invention will be made clearer by the following detailed description of its embodiments, given by way of an example and therefore in no way limiting, in relation to the accompanying drawings, in which:
- Figure 1 shows a flow chart of an exemplary embodiment of a method of performing electronic transactions by means of a user device provided with a short range wireless communication interface;
- Figure 2 shows a functional block diagram by way of a non-limiting example of a computer system adapted to perform the method of Figure 1.
Identical or similar elements in the drawings are denoted by the same reference numerals.
Referring to Figure 1, 10 denotes overall the flow chart of a method for performing electronic transactions by means of a user device provided with a short range wireless communication interface. The method 10 of Figure 1 will be described after having given with reference to Figure 2 a description at a general level of a computer system 100 adapted to perform the abovementioned method 10 and in particular configured for performing said method 10.
Figure 2 shows the functional block diagram by way of a non-limiting example of a computer system 100 by means of which the method 10 of Figure 1 can be implemented. The computer system 100 comprises:
- a user device 101, that is a mobile terminal by means of which a user (henceforth also "end user" or "purchaser") can authorise a transaction, provided with a short range wireless communication interface;
- a payment terminal 102 comprising a short range wireless communication interface and further comprising an interface for connection to a telecommunications network;
- the abovementioned telecommunications network 103; at least one server 104, 105 whereto the aforementioned payment terminal 102 can connect by means of the telecommunications network 103.
The user device 101, which represents the device held by the purchaser, is for example a smartphone, a tablet PC or a dedicated device and is provided with a short range wireless communication interface, for example an NFC interface.
The user device 101 preferably comprises a data processing unit, a data display unit and a data input unit. A software application is installed on board the user device 101 which allows the user device 101 to communicate with the payment terminal 102. In an alternative embodiment the aforesaid short range communication interface is a Transferjet or Bluetooth Low Energy wireless interface.
For the purpose of the present description, short range communication interface refers to an interface suitable for connecting with an interface of identical or similar type if the distance between said interfaces is shorter than thirty centimetres and preferably shorter than 15 centimetres (and more preferably shorter than five centimetres in the case of NFC and TransferJet) .
The payment terminal 102 is intended to be used by a vendor or by a tradesperson and is for example a tablet PC, a smartphone or a POS (point of sale) device. The payment terminal 102 is such as to communicate by means of its short range wireless connection interface with the user device 101. The short range wireless communication interface of the payment terminal 102 is of a type compatible with that of the user device 101 and for this reason is for example an interface of the NFC type or a Transfer et or Bluetooth Low Energy wireless interface.
The at least one server 104, 105 (henceforth for the sake of simplicity also referred to as "server 104,105") is a hardware/software system which can take the shape irrespectively either of a single processor on which different software modules run and having a data base or of a distributed assembly of processors and data bases interconnected one with the other, each one intended to perform one or more specific functions.
The server 104, 105 represents the entity, or the assembly of hardware/software components, intended to receive the requests of various payment terminals 102 to allow the user devices 101 to perform the transactions.
For example the server 104, 105 comprises a front end server 104 " S", which is for example a web server, and a back end server 105, which represents the server effectively intended to manage the electronic transactions. In the case wherein the network 103 is Internet, it is possible advantageously to provide for communications between the user terminal 102 and the web server 104 to take place on the network 103 via a secure protocol, for example via the HTTP/SSL protocol. The back end server 105 can be in turn divided into a series of physical and/or logic entities and for example can comprise, in a joint manner according to all the possible combinations or disjointed, the following hardware and/or software entities:
- a module of management of the transactions 106 "TM";
- a database of the transactions 107 "TD";
- a module 108 "MIM" of management of the data of the vendors or of the tradespeople and of the respective payment terminals and a relative database 109 "MD" suitable for storing these data;
- a module of management of the identification data of the users 110 "UIM", i.e. of the purchasers, and a relative database 111 "UD" suitable for storing these data;
- a module 112 "CM" intended for the access of the sensitive data of the instruments of credit and/or of the current accounts of the purchasers and a relative database 113 "CD" suitable for storing these data of the instruments of credit and/or of the current accounts;
- a communication module 114 "PM" intended to request finalisation of the transactions authorised by users at an external payment gateway and/or at a virtual POS 116 "VPOS", so that these are finalised by a module of processing of payments, and/or by the virtual POS 116, for example controlled or held by the institutions issuing the instruments of credit and/or by the banking institutions;
- a module 115 RM intended to issue receipts of payment.
In accordance with a preferred embodiment, inside the database 113 "CD" suitable for storing the sensitive data of the instruments of credit and/or of the current accounts, the sensitive data are stored in encoded form and the management module 112 "CM" intended for the access of the sensitive data of the instruments of credit and/or of the current accounts has exclusive access to these sensitive data and has exclusive power to decode them. It may optionally be provided that the management module 112 can send said sensitive data to the communication module 114 "PM" so that the latter can request finalisation of the transactions authorised by users at an external payment gateway and/or at a virtual POS 116 "VPOS". In accordance with an embodiment the requests for finalisation of the transactions are sent by the communication module 114 "PM" via a communication channel which is secure and encoded (for example using the HTTP/SSL protocol) .
In accordance with a preferred embodiment, inside the database 109 "MD" the data of the vendors or of the tradespeople and the data of the respective payment terminals 102 are stored and the management module 108 "MIM" has exclusive access to these data. The access to these data preferably allows the management module 108 "MIM" to identify autonomously decoding codes for decoding encoded messages from the payment terminals 102.
In accordance with a preferred embodiment, inside the database 111 "UD" the data of the users are contained and the management module 110 "UIM" has exclusive access to these data. The access to these data preferably allows the management module 110 "UIM" to identify autonomously decoding codes for decoding encoded messages from the user terminals 101.
Referring to Figure 1, henceforth the various steps of the method for performing electronic transactions 10 will be described.
The method 10 comprises the following steps, preferably performed in the sequence indicated below:
a) sending 12 a first permission request message to perform a transaction from the payment terminal 102 to the server 104, 105;
b) validating 13 by the server 104, 105 of the first permission request message, initialising a transaction by the server 104, 105 and sending a second permission granted message to perform the transaction from the server 104, 105 to the payment terminal 102; c) approaching 14 and establishing via the short range wireless communication interfaces a first short range connection between the user device 101 and the payment terminal 102 and sending a third transaction authorisation request message from the user containing at least one transaction datum from the payment terminal 102 to the user device 101;
d) distancing 15 the user device 101 from the payment terminal 102 so as to interrupt the first short range connection between the user device 101 and the payment terminal 102;
e) approaching 17 and establishing a second short range connection between the user device 101 and the payment terminal 102 and sending a fourth transaction authorisation request message by the user from the user device 101 to the payment terminal 102;
f) sending 18 a fifth authorisation granted message of the transaction by the user from the payment terminal 102 to the server 104, 105.
Preferably, after the step of sending 18 from the payment terminal 102 the fifth transaction authorisation granted message, the method 10 comprises a phase of validating 19 the aforesaid fifth message by the server 104, 105. The aforesaid phase of validating 19 for example comprises an operation of controlling the integrity and/or the authenticity of the fifth message.
It is noted that the first message sent at step a) represents a request for initialisation/launch of a transaction and this implies that it is the payment terminal 102 which initiates the method 10. The first message is preferably sent from the payment terminal 102 to the server 104, 105 without any participation by the user device 101 (and therefore without any participation by the user and without any reference to the user or to his or her card) . In other words the transaction which is started following sending of the first message is a transaction which can be potentially completed by any user device of the system. In fact all the information relative to the user and to his or her intention to perform the transaction is provided in a subsequent phase .
Said first message is preferably sent from the payment terminal 102 to the server 104, 105 independently from any interaction between said payment terminal 102 and said user device 101.
The abovementioned step a) of sending the first message preferably represents in absolute terms the first action of communication between the user device 101, the payment terminal 102 and the server 104, 105 required for starting a specific transaction. Again referring to Figure 1, the method 10 comprises preferably a step 16 of entering a PIN in the user device 101 and of encoding at least part of the fourth message with a code known to said server 104, 105 and obtained starting from said PIN.
Preferably the user device 101 holds:
- the public code of the server 104, 105;
- a seed for generating TOTP one-time passwords, for example of the TOTP, time-based one-time password, type;
- data indirectly identifying the instruments of credit (e.g. credit cards) and/or current accounts owned by the customer.
For the purpose of the present description, "indirect identification datum" is intended to specify that this datum is not a real number of current account or of instrument of credit but is a datum which allows the server 104, 105 to identify the real number of account or of cards on the basis of data exclusively accessible to the server 104, 105.
The first message preferably comprises data at least part whereof are encoded by the payment terminal 102. Said encoded data preferably comprise the amount of the transaction. As regards the method of encoding, it is possible for example to provide for the payment terminal to hold: - the public code of the server 104, 105;
a seed for generating one-time passwords, for example of the TOTP, time-based one-time password, type; and
- a token with limited-time validity (for example daily) , for example obtained in the phase of starting following authentication of the vendor by means of the entering of a PIN in the payment terminal 102.
The first message preferably further comprises an uncoded datum adapted to identify the payment terminal 102 (i.e. which allows the server 104, 105 to perform this identification) and the encoded datum relative to the amount of the transaction.
The second permission message is preferably a message encoded by the server 104, 105 comprising the following encoded data:
- the aforesaid datum adapted to identify the payment terminal 102;
- the aforesaid datum relative to the amount of the transaction;
- an identification datum of the transaction.
The server 104, 105 is preferably in possession of the following information:
- a private code for signing own messages;
- seeds necessary for generating TOTP (time-based one-time passwords) shared with every instance the applications (both of the user terminal 101 and of the payment terminal 102);
- the hash of the PINs or of the passwords of each user and vendor or in any case for each PIN or password a datum generated by processing said PIN or said password;
- the temporary tokens assigned to each application of the payment terminal 102.
The third message is preferably an encoded message, comprising the following data:
- the datum adapted to identify the payment terminal 102;
- the datum relative to the amount of the transaction;
- the identification datum of the transaction.
The fourth message preferably comprises data at least part whereof are encoded by the user terminal 101. Said encoded data preferably comprise the datum relative to the amount of the transaction, the identification datum of the payment terminal 102, the identification datum of the transaction, an indirect identification datum of an instrument of credit or of a current account of the user. As already illustrated, "indirect identification datum" is intended to specify that this datum is not a real number of current account or of instrument of credit but is a datum which allows the server 104, 105 to identify the real number of account or of cards on the basis of data exclusively accessible to the server 104, 105. The first message preferably further comprises an uncoded datum univocally identifying the user 101 (i.e. which allows the server 104, 105 to perform this identification univocally) .
In accordance with an embodiment the aforesaid fifth message corresponds to the fourth message as processed by the payment terminal 102 for the sending via a secure protocol over a telecommunications network such as Internet, for example via the HTTP/SSL protocol.
In the case wherein the fourth transaction authorisation request message by the user comprises an indirect identification datum of an instrument of credit or of a current account of the user, the server 104, 105 contains directly identifying encoded sensitive data of the instrument of credit or of the current account of the user. In this embodiment the step of validating 19 comprises a decoding operation of the encoded sensitive data by the server 104, 105. For example this decoding is performed by the module of management 112 of the data of the instruments of credit and/or of the current accounts 112 CM by request of the module of management of the transactions 106 T and passing via the communication module 114 P .
According to an embodiment, among the following entities :
- the user device 101;
- the payment terminal 102;
- the server 104, 105;
only the server 104, 105 has exclusive access to the sensitive encoded data directly identifying the instruments of credit and/or the current accounts of the users and has exclusive powers for decoding them. In other words only the server 104, 105 is allowed both access to sensitive encoded data directly identifying the instruments of credit and/or the current accounts of the users and has exclusive powers for decoding said encoded sensitive data.
In accordance with a possible embodiment the short range wireless communication interfaces of the user device 101 and of the payment terminal 102 are NFC interfaces. For example in the first and second short range connections the short range communication interfaces operate in peer-to-peer mode. In another example, in the first short range connection the user device 101 operates in reading mode and in the second short range connection the user device 101 operates in writing mode.
In accordance with a variant embodiment the short range wireless communication interfaces of the user device 101 and of the payment terminal 102 are Transferjet or Bluetooth Low Energy interfaces.
From the above description it is possible to understand how a method and a computer system of the type described above achieve the objects set in full. In fact the method described allows transactions to be performed securely given that no sensitive datum directly identifying instruments of credit and/or current accounts is transmitted between the user device 101 and the payment terminal 102 and between the payment terminal 102 and the server 103, 104.
The solution proposed moreover allows the abovementioned problem of interoperability of the solutions of the prior art to be overcome in that it is independent of the hardware of the user device and is independent of the telephone operators (or of the network operators) . It is also observed that in the case wherein the user device 101 is a smartphone this solution functions also in the absence of a telephone wireless network or data of the operator, since upon authorisation of the transaction the smartphone communicates exclusively with the payment terminal 102 via the short range connection interface and it is instead the payment terminal 102 which deals with the remote communications with the server 104, 105. Moreover it is noted that it is possible to guarantee the security of the transaction also with respect to a procedure which is particularly simple and intuitive for the end user.
Obviously a person skilled in the art may bring numerous modifications and variants to the method and to the system described above in order to meet contingent and specific needs, all moreover contained within the scope of protection of the invention, as defined by the following claims.

Claims

1. Method (10) of performing electronic transactions by means of:
a user device (101) provided with a short range wireless communication interface;
- a payment terminal (102) comprising a short range wireless communication interface and further comprising an interface for connection to a telecommunications network (103) /
- at least one server (104) connected to the payment terminal (102) by means of the telecommunications network (103) ;
the method (10) comprising the steps of:
a) sending (12) a first permission request message to perform a transaction from the payment terminal (102) to the server (104, 105);
b) validating (13) by the server (104, 105) of the first permission request message, initialising a transaction at the server (104, 105) and sending a second permission granted message to perform the transaction from the server (104, 105) to the payment terminal (102); c) approaching (14) and establishing via the short range wireless communication interfaces a first short range connection between the user device (101) and the payment terminal (102) and sending a third transaction authorisation request message from the user containing at least one transaction datum from the payment terminal (102) to the user device (101);
d) distancing (15) the user device (101) from the payment terminal (102) so as to interrupt the first short range connection between the user device (101) and the payment terminal (102);
e) approaching (17) and establishing a second short range connection between the user device (101) and the payment terminal (102) and sending a fourth transaction authorisation request message by the user from the user device (101) to the payment terminal (102); f) sending (18) a fifth authorisation granted message of the transaction by the user from the payment terminal (102) to the server (104, 105) .
2. Method (10) of performing electronic transactions according to claim 1, wherein the short range wireless communication interfaces of the user device and of the payment terminal are NFC interfaces.
3. Method (10) of performing electronic transactions according to claim 2, wherein in the first and second short range connections the short range communication interfaces operate in peer-to-peer mode.
4. Method (10) of performing electronic transactions according to claim 2, wherein in the first short range connection the user device (101) operates in reading mode and in the second short range connection the user device (101) operates in writing mode.
5. Method (10) of performing electronic transactions according to claim 1, wherein the short range wireless communication interfaces of the user device (101) and of the payment terminal (103) are Transferjet or Bluetooth Low Energy interfaces.
6. Method (10) of performing electronic transactions according to claim 1, wherein after the step f) of sending (18) the method (10) comprises a step of validating (19) the aforesaid fifth message by the server (104, 105) .
7. Method (10) according to claim 1, further comprising after said step d) of distancing (15), a step
(16) of entering a PIN in the user device (101) and of encoding at least part of the fourth message with a code known to said server (104, 105) and obtained starting from said PIN.
8. Method (10) according to claim 1, wherein the first message further comprises an uncoded datum adapted to identify the payment terminal (102) and an encoded datum relative to the amount of the transaction.
9. Method (10) according to claim 8, wherein the second permission message is a message encoded by the server (104, 105) comprising the following encoded data:
- the aforesaid datum adapted to identify the payment terminal (102);
- the aforesaid datum relative to the amount of the transaction;
- an identification datum of the transaction.
10. Method (10) according to claim 1, wherein the fourth transaction authorisation message from the user comprises an indirect identification datum of an instrument of credit and/or current account of the user;
- the server (104, 105) contains sensitive encoded data directly identifying the instrument of credit and/or the current account of the user; and
- the step of validating (19) comprises a decoding operation of the encoded sensitive data by the server
(104, 105) .
11. Method (10) according to claim 10, wherein between the following entities:
- the user device (101);
- the payment terminal (102);
- the server (104, 105);
only the server (104, 105) has exclusive access to the sensitive encoded data directly identifying the instruments of credit and/or the current accounts of the users and has exclusive decoding powers.
12. Method (10) according to any one of the preceding claims, wherein said first message is sent by the payment terminal (102) to the server (104, 105) independently from any interaction between said payment terminal (102) and said user device (101).
13. Method (10) according to any one of the preceding claims, wherein said step a) of sending represents in absolute terms the first action of communication between the user device (101), the payment terminal (102) and the server (104, 105) required for starting a specific transaction.
14. Computer system (100) comprising:
- a user device (101) provided with a short range wireless communication interface;
- a payment terminal (102) comprising a short range wireless communication interface and further comprising an interface for connection to a telecommunications network (103); and
- at least one server (104) connected to the payment terminal (102) by means of the telecommunications network (103) ;
wherein said user device (101) , said payment terminal (102), said at least one server (104) are adapted and configured to perform a method (10) according to any one of the previous claims.
15. Computer program product comprising portions of code adapted for being loaded in the memory of one or more processors and adapted to perform a method (10) according to any of the claims from 1 to 13.
PCT/IT2014/000213 2013-08-12 2014-08-08 Method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface WO2015022712A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ITRM2013A000474 2013-08-12
IT000474A ITRM20130474A1 (en) 2013-08-12 2013-08-12 METHOD AND IT SYSTEM TO CARRY OUT ELECTRONIC TRANSACTIONS THROUGH A USER DEVICE PROVIDED WITH A SHORT-RAY WIRELESS COMMUNICATION INTERFACE

Publications (1)

Publication Number Publication Date
WO2015022712A1 true WO2015022712A1 (en) 2015-02-19

Family

ID=49354833

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IT2014/000213 WO2015022712A1 (en) 2013-08-12 2014-08-08 Method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface

Country Status (2)

Country Link
IT (1) ITRM20130474A1 (en)
WO (1) WO2015022712A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106682908A (en) * 2016-12-29 2017-05-17 努比亚技术有限公司 Payment device and method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090104888A1 (en) * 2007-10-17 2009-04-23 First Data Corporation Onetime Passwords For Mobile Wallets
WO2010033968A1 (en) * 2008-09-22 2010-03-25 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US20120166337A1 (en) * 2010-12-23 2012-06-28 Kt Corporation Near field communication terminal for performing secure payment and secure payment method using the same
DE102011112855A1 (en) * 2011-09-12 2013-03-14 Kobil Systems Gmbh Method for electronically conducting payment transaction in smart phone, involves transmitting authentication element of data connection to mobile unit, and utilizing authentication element as part of authentication data
US20130091452A1 (en) * 2011-12-23 2013-04-11 Gary SORDEN Location-based services

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090104888A1 (en) * 2007-10-17 2009-04-23 First Data Corporation Onetime Passwords For Mobile Wallets
WO2010033968A1 (en) * 2008-09-22 2010-03-25 Visa International Service Association Over the air update of payment transaction data stored in secure memory
US20120166337A1 (en) * 2010-12-23 2012-06-28 Kt Corporation Near field communication terminal for performing secure payment and secure payment method using the same
DE102011112855A1 (en) * 2011-09-12 2013-03-14 Kobil Systems Gmbh Method for electronically conducting payment transaction in smart phone, involves transmitting authentication element of data connection to mobile unit, and utilizing authentication element as part of authentication data
US20130091452A1 (en) * 2011-12-23 2013-04-11 Gary SORDEN Location-based services

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
EUROPEAN PAYMENTS COUNCIL EPC AND GSMA: "Mobile contactless payments service management roles requirements and specifications", 31 October 2010 (2010-10-31), XP002720997, Retrieved from the Internet <URL:http://www.europeanpaymentscouncil.eu/knowledge_bank_download.cfm?file=Mobile%20Contactless%20Payments%20Service%20Management%20Roles%20Requirements%20and%20Specifications%20v.2.pdf> [retrieved on 20140225] *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106682908A (en) * 2016-12-29 2017-05-17 努比亚技术有限公司 Payment device and method

Also Published As

Publication number Publication date
ITRM20130474A1 (en) 2015-02-13

Similar Documents

Publication Publication Date Title
CN112602300B (en) System and method for password authentication of contactless cards
EP3518567B1 (en) Remote server encrypted data provisioning system and methods
FI125071B (en) Payment system
KR20210069055A (en) System and method for cryptographic authentication of contactless card
WO2020072575A1 (en) Systems and methods for cryptographic authentication of contactless cards
AU2019355834B2 (en) Systems and methods for cryptographic authentication of contactless cards
US20130024383A1 (en) Mobile Device With Secure Element
EP3286706A1 (en) Verification of contactless payment card for provisioning of payment credentials to mobile device
AU2019354637A1 (en) Systems and methods for cryptographic authentication of contactless cards
KR20140125449A (en) Transaction processing system and method
US20150242844A1 (en) System and method for secure remote access and remote payment using a mobile device and a powered display card
JP2017537421A (en) How to secure payment tokens
WO2020072670A1 (en) Systems and methods for cryptographic authentication of contactless cards
WO2015022712A1 (en) Method and computer system for performing electronic transactions by means of a user device provided with a short range wireless communication interface
KR100901297B1 (en) System for Virtual Mechant Network Application
KR20160140219A (en) Authentication apparatus and method for connectivity of fintech services, and computer program for the same
EP2881908A1 (en) NFC top-up
WO2023285073A1 (en) Method for managing a smart card
KR101145832B1 (en) Payment terminal and card payment method of a payment terminal via virtual merchant network
KR20120089884A (en) Smart phone and method for providing card transaction by mutual consent of certification value
Nieto HCE-oriented payments vs. SE-oriented payments. Security Issues
KR20120106682A (en) Mobile device for providing integrated financial service
KR20120023837A (en) Method for providing financial transaction by selective service access method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14777886

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14777886

Country of ref document: EP

Kind code of ref document: A1