WO2016048255A1 - Platform for payment with digital wallet over internet - Google Patents

Platform for payment with digital wallet over internet Download PDF

Info

Publication number
WO2016048255A1
WO2016048255A1 PCT/TR2015/000324 TR2015000324W WO2016048255A1 WO 2016048255 A1 WO2016048255 A1 WO 2016048255A1 TR 2015000324 W TR2015000324 W TR 2015000324W WO 2016048255 A1 WO2016048255 A1 WO 2016048255A1
Authority
WO
WIPO (PCT)
Prior art keywords
establishment
digital wallet
user
card
password
Prior art date
Application number
PCT/TR2015/000324
Other languages
French (fr)
Inventor
Leylak YURDA
Original Assignee
Bankalararasi Kart Merkesi A. Ş.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to TR2014/11400 priority Critical
Priority to TR201411400 priority
Application filed by Bankalararasi Kart Merkesi A. Ş. filed Critical Bankalararasi Kart Merkesi A. Ş.
Publication of WO2016048255A1 publication Critical patent/WO2016048255A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management

Abstract

The invention relates to a platform for making payments and transferring money (price of the goods, receipt, etc.) over a digital wallet which will allow a user to make shopping securely by creating an electronic wallet without having to share card information with the establishment in purchases in stores or over the internet. It can be used via web browser or via mobile applications developed for mobile devices over the internet. The platform makes use of the POS device of the establishment acquired from the corporations which signed the member establishment agreement and all types of cards such as credit/bank cards provided to the card owners by card issuing corporations. Platform operates realtime with these establishments by means of direct integrations with both the card systems and POS systems thereof.

Description

DESCRIPTION

Platform for Payment with Digital Wallet over Internet

Technical Field

The invention relates to a method which allows users to create a digital wallet over internet. The method comprises identification of any number of credit cards owned by users to their digital wallets and conduct practical and safe transaction while shopping from an establishment without giving card information again and again to the establishment by selecting one of the cards predefined on the electronic wallet.

State of the Art

In other applications similar to the digital wallet, in order to create a digital wallet, the user has to sign up to the system with user name and password and after that card must be identified by entering all important card information to the system. The important information required include complete card number, the validity date of the card and the last three digits of the numbers on the backside of the card (CW2/CVC2). In such wallet applications, all of the important card information are kept on the system and during shopping they are retrieved from the database with inquiry and utilized. As all of the card information are acquired from the users over internet, even though they are acquired for once only, there may be various attacks and the card information can be stolen or used without the knowledge of the card owner. It is seen that this type of fraud is on the rise in recent years.

Object of the Invention

The invention is a method for creating a safe and practical digital wallet, wherein the disadvantages of the state of the art are eliminated by not asking complete card information to the user any time. Another object of the invention is to prevent the establishment from knowing the complete card information and thus, eliminate the risks that may rise from this.

With the invention, apart from some information asked from the user, storing any important information on the database and recording said data are prevented.

Another object of the invention is to request a "single use password" from the card owner in addition to user name and password in card identification and shopping steps while receiving shopping details or identifying a new card, and thus, to increase the transaction security by confirming the identity of the card owner. This method also distinguishes the invention from the state of the art.

Another object of the invention is to further increase the safety of transaction by means of signing (Express Signature: ExpSign) the transactions being conducted with digital methods using the keys previously shared with said card issuing corporations through secure methods in a way to allow confirmation of related transaction by card issuing corporation owning the card via transferring the signature (ExpSign), even if there is a POS owned by the corporation which signed member establishment agreement different from the card issuing corporation therebetween, while transferring conducted transactions to the systems of said corporations for authorization.

Another object of the invention is to increase process security by providing both the confirmation of the establishment messages and the confirmation of the messages received from the digital wallet by the establishment. Messages can be confirmed by both the establishment and the digital wallet in terms of both the integrity of the message content and the validity of the message. This way, attackers that may get in between the messages are prevented from tricking the establishment or the system by altering the message content or by reusing a valid but old message. Besides, provided that the establishment secures its own key, ill-intentioned people are prevented from sending transactions to the digital wallet by acting as said establishment. For this purpose, the establishment places digital signatures calculated by the cryptographic key specific to its own into all the messages. Likewise, the messages transmitted to the establishment by the digital wallet also contain digital signature.

The method and system used for realizing the invention is shown in the figures. Description of the Figures

Fig. 1: Shopping Flow Chart

Fig. 2: Money Transfer Flow

Fig. 3: System Topography

The elements in the figures are numbered and their explanations are shown below. Description of the Reference Numbers

References

1- Establishment Payment Media

2- Member Establishment

3- The Corporation Which Signed Member Establishment Agreement and Which Works With The Establishment

4- Card Owning/Card Issuing Corporation

5- Digital Wallet

6- Digital Wallet Receiving Section

7- Confirmation Input Media

8- Establishment Digital Wallet Service

9- Digital Wallet Integration Unit

10- POS (Point of Sale)

11- Establishment Result Service

12- Sending Establishment

13- Receiving Establishment

14- Authorization Infrastructure

15- User Detailed Description of the Reference List and the Invention

The invention is a digital wallet (5) which is an overall of systems providing fast, easy and secure payment for the users (15) while shopping.

It comprises the process steps of creating the digital wallet (5), signing up of the user (15), and identification of current credit cards, bank cards or any type of cards to the digital wallet (5), even if they are issued by different Card Issuing Corporations, for future or current uses.

Using the digital wallet (5) comprises also the establishment (2) where the products and services are sold for the purchase of the users (15), establishment payment media (1) belonging to the establishment to which the user (15) will make payment after deciding the products he or she will purchase, the corporation (3) which signed the member establishment agreement and which works with the member establishment (2) providing real/virtual POS (10) to the establishments as a result of the agreement to the establishments to allow them receive payment with cards, and the card issuing corporation (4) which supplies the payment card of the user.

This digital wallet method comprises the digital receiving section (6) which stores a part of the card information of the users (15) to be used in payment and money transaction and which receives the information regarding special offers, installment etc. transmitted to the digital wallet (5) by the relevant establishment (2) at the moment of the use of digital wallet; and the digital wallet confirmation input media (7) through which the user (15) enters the confirmation information to the digital wallet (5) in order to sign in.

It comprises the establishment digital wallet service (8) through which the establishment (2) transmits to the digital wallet (5) the selection regarding which POS (10) will the transaction be transmitted to (if there are more than one POS); and digital wallet integration unit (9) which provides integration of the digital wallet (5) with the external systems (messaging with Establishments and Payment Systems). The establishment result service (1 1 ), to which the result of the financial transaction received from the establishment (2) POS (10) by the digital wallet (5) by means of the POS (10) device or system provided by the corporation (3) which signed the member establishment agreement with which the establishment (2) works in order to be able to receive payment with card, is transmitted for displaying to the user (15), operates integrated with the establishment (12) sending money over the digital wallet (5), with the establishment (13) to which the money is sent over the digital wallet (5), and with the authorization and direction (switch) infrastructure (14), which provides transmitting credit/bank card transactions to the relevant establishment by the BKM (Interbank Card Center).

Creating the Digital Wallet

The user (15) creates an account for himself/herself on the secure website of the digital wallet (5).

While creating the account, the user enters e-mail address and other required information. The user designates the fixed password to access the digital wallet (5).

The Flow for Adding a New Card to the Digital Wallet

Not all of the card information are requested while adding cards to the digital wallet (5). This method distinguishes the invention from other techniques in the state of the art. The user (15) logs in to the digital wallet (5) with the user name (e-mail address) and the password.

The user (15) enters ID number, the first six and last four digits of the card number and the last three digits of the number on the backside of the card (CW2/CVC2). Digital wallet (5) transmits related card information to the card issuing corporation owning the card (4) and a single use password is transmitted to the phone number of the user which is registered to the card issuing corporation (5). The user enters the password on the digital wallet (5) display.

The digital wallet (5) confirms the password with the confirmation input media (7) and generates a limited amount of single use password if the password is wrong. If the password is correct, the card is added to the electronic wallet of the user.

Shopping Flow Chart

The user (15) enters the website of the member establishment (2) from which he or she will shop.

Upon completing the shopping and reaching payment step, the user select payment with "Digital Wallet" (5) option.

The user (15) logs in with the user name (e-mail address) and predefined the password. The cards previously added to the digital wallet (5) by the user (1 ) and the installments (if any) applied for these cards by the establishment (2) are displayed. Optionally, the user (15) can add a new card during shopping.

The user (15) selects the card from which the payment will be made.

A single use password is sent to the user (15) by the card issuing corporation (4).

The user (15) enters the single use password he or she receives on the display.

If the password is correct, transaction confirmation is received from the digital wallet (5) through POS (10) and afterwards, the user (15) is redirected to the website of the establishment (2) and sees the transaction result.

Detailed Description of the Shopping Flow

The user (15) enters the website of the member establishment (2) from which he or she will shop.

Upon completing the shopping and reaching payment (1) step, the user select payment with "Digital wallet" (5) option. The establishment (2) transmits information such as special offers and installment to the digital wallet (5) online through digital wallet receiving unit (6). Digital wallet (5) transmits the establishment (2) a token stating the transaction.

Establishment (2) directs the user (15) to the digital wallet (5) confirmation input media (7) with this token.

The user (15) logs in to the digital wallet (5) with his/her e-mail address and predefined the password.

The cards previously added to the digital wallet (5) by the user (15) and the installments (if any) applied for these cards by the establishment (2) and card points (if any) are displayed. Optionally, the user (15) can add a new card during shopping. The user (15) selects the card to be used for payment.

Digital wallet (5) summarizes the transaction details on the display for confirmation and requests the single use password. A single use password is transmitted to the phone number registered for related card by the card owning/card issuing corporation (4). The user (15) enters the single use password on the digital wallet (5) display.

In accordance with the selection and by means of the digital wallet (5) risk management feature, the current transaction information and predefined information such as transaction amount, transactions made by the user in a specific period, the establishment (2) on which the transaction is made, and if the user has a main card identified for said establishment (2); and in some suitable transactions one, few or all of the abovementioned steps can be skipped;

logging in to the digital wallet (5) with the user name (e-mail address) and the password by the user,

selecting the cards previously added to the digital wallet (5) by the user (15) and the installments (if any) applied for these cards by the establishment (2) and card points (if any), summarizing the transaction details on the display for confirmation and requesting the single use password by the digital wallet (5).

Digital wallet (5) checks the password with the confirmation input media (7). If the password is incorrect, the single use password can be sent again. If the password is correct, the POS (10) selection of the establishment (2) is requested from the establishment digital wallet service (8) through the integration unit (9) with an online message. Establishment (2) digital wallet service (8) transmits to the integration unit (9) in the reply message the POS (10) information.

The digital wallet calculates the digital signature (Expsign) of the transaction and requests financial confirmation of the transaction via POS (10) through the integration unit (9). POS (10) transmits the financial confirmation result to the digital wallet (5). The digital wallet (5) transmits the POS (10) transaction result to the establishment (2) via establishment result service (11). The user (15) and the result of the POS (10) transaction result are directed back to the establishment (2) through the establishment result service (11).

If the the transaction is successful, the establishment (2) displays the success screen and continues its internal processes such as delivery of the product, billing and e-mail notification. Money Transfer Flow

The user (15) logs in to the mobile application of the digital wallet (5) with the user name (e-mail) and the password and selects Money Transfer option. The user enters the phone number and card information of the recepient.

Digital wallet (5) checks the mobile phone information of the recipient, if the recipient is a registered user (5), the option for money transfer with mobile phone information is displayed as active. In the cases the sending establishment supports, money transfer from the users (15) to unregistered recipients through an ATM is provided as an option by the digital wallet (5).

Digital wallet (5) receives explanation and amount information regarding the money transfer from the user (15). If the recipient is a registered user, the digital wallet (5) requests recipient card information from the receiving establishment (13).

The receiving establishment (13) transmits recipient card information to the digital wallet (5). Digital wallet (5) transmits information regarding the sender and the recipient to the sending establishment.

The sending establishment (13) gets in contact with the receiving establishment (13) through the BKM (Interbank Card Center) authorization and direction (switch) infrastructure; receives the first two letters of the name and last name of the user (15) and transmits the information to the digital wallet (5) together with the commission amount determined by the sending establishment (12).

The digital wallet (5) displays on the screen the recipient and commission information to the user (15) for confirmation. After the user (15) confirms the details, the sending establishment (12) transmits a single use password to the mobile phone of the user (15) confirmed for the related card.

The user enters the password on the digital wallet (5) display, if the password is incorrect, it can be sent again for a limited number of time. If the password is correct, digital wallet (5) transmits the confirmation of the user to the sending establishment (12).

The sending establishment (12) gets in contact with the receiving establishment (13) through the BKM (Interbank Card Center) authorization and direction (switch) infrastructure; transmits that the transaction is confirmed by the user (15); the receiving establishment (13) confirms receiving the confirmation via the authorization infrastructure; and the sending establishment (12) transmits the confirmation to the digital wallet (5). After the reply messages of the establishments, the transaction result is displayed to the user (15) on the screen by the digital wallet (5).

Claims

1- A secure payment system with digital wallet for shopping over internet, characterized in comprising member establishment (2), establishment payment media (1), the corporation (3) which signed the member establishment agreement, digital wallet (5) providing secure and fast transaction between the user (15) and the card owning establishment (4), digital wallet receiving section (6), confirmation input media (7), establishment digital wallet service (8), digital wallet integration unit (9), point of sale POS (10), establishment result service (1 1), sending establishment (12), receiving establishment (13), and authorization infrastructure (14). 2-The secure payment system with digital wallet over internet according to Claim 1 , characterized in comprising the process steps of;
- creating the digital wallet (5) by the user (15) over the secure website by entering e- mail and other information and by designating a fixed password,
- identifying any intended card to the digital wallet (5) by entering ID number, first six and last four digits of the credit card and the CW2/CVC2 numbers on the backside of the card,
- notifying the digital wallet (5) of the special offers and installments by the member establishment (2) via the digital wallet receiving unit (6) upon selection of the payment option by the user (15) to make the shopping; and transmitting of a token stating the transaction by the digital wallet (5) to the establishment (2),
- directing the user by the establishment (2) to the digital wallet (5) confirmation input media (7) by said token; the user (15) logging in to the digital wallet (5) via his/her e- mail and password, and entering the single use password with the card to be used for shopping; and checking of the password by the confirmation input media (7), - requesting the POS (10) selection and reply message of the establishment (2) by the user (15) by means of the integration unit (9) from the establishment digital wallet service (8) if the single use password sent to the mobile phone for payment is correct, and - calculating transaction digital signature (expsign) by the digital wallet (5) and transmitting the financial confirmation result to the digital wallet (5) over the POS (10) by means of the integration unit (9).
3- The secure payment method with digital wallet over internet according to Claim 1 , characterized in comprising the process steps of; - logging in to the digital wallet (5) mobile application using his/her e-mail and password by the user, activating money transfer option over mobile phone information, and if the sending establishment (12) supports, providing the option of sending money to the unregistered recipients via ATM,
- subsequent to receiving the explanation and amount information regarding money transfer from the user (15) by the digital wallet (5); requesting recipient card information from the receiving establishment (13) by the digital wallet (5), transmitting the recipient card information to the digital wallet (5) by the receiving establishment (13), transmitting the information regarding sender and recipient to the sending establishment (12) by the digital wallet (5) in case the recipient is a registered user, - getting in contact with the receiving establishment (13) through the BKM
(Interbank Card Center) authorization and direction (switch) infrastructure by the sending establishment (12); receiving the first two letters of the name and last name of the user (15) and transmitting the information to the digital wallet (5) by the sending establishment (12) together with the commission amount determined thereby, - displaying the recipient and commission information to the user (15) on the screen by the digital wallet (5), and after the user (15) confirms the details, transmitting a single use password to the mobile phone of the user (15) confirmed for the related card by the sending establishment (12), - entering the password on the digital wallet (5) screen by the user (15), and if the password is correct, transmitting the confirmation of the user to the sending establishment (12) by the digital wallet (5), and
- getting in contact with the receiving establishment (13) by the sending establishment (12) through the BKM (Interbank Card Center) authorization and direction (switch) infrastructure (14); transmitting that the transaction is confirmed by the user (15); confirming the receival of the confirmation via the authorization infrastructure (14) by the receiving establishment (13) to the sending establishment (12); and transmitting the confirmation to the digital wallet (5) by the sending establishment (12); and displaying the transaction result on the screen to the user (1) by the digital wallet (5). 4- The secure payment method with digital wallet over internet according to Claim 1 , characterized in further comprising the process step of; increasing the safety of transaction during the shopping of the user (15) by means of signing (Express Signature: ExpSign) the transactions being conducted with digital methods using the keys previously shared with said card issuing corporations (4) through secure methods in a way to allow confirmation of related transaction by card issuing corporation owning the card via transferring the signature (ExpSign), even if there is a virtual POS (10) owned by the corporation (3) which signed member establishment agreement different from the card issuing corporation therebetween, while transferring conducted transactions to the systems of said corporations for authorization. 5- The secure payment method with digital wallet over internet according to Claim 1 , characterized in that;
The establishment (2) places digital signatures calculated by the cryptographic key specific to its own into all the messages, and likewise, the messages transmitted to the establishment (2) by the digital wallet (5) also contain digital signature. Thanks to confirming the message by both the establishment (2) and the digital wallet (5) in terms of both the integrity of the message content and the validity of the message by placing digital signatures calculated by the cryptographic key specific to its own into all the messages; the feature of preventing ill-intentioned people, which ma get in between the messages, from tricking the establishment or the system by altering the message content or by reusing a valid but old message; and, provided that the establishment (2) secures its own key, at the same time preventing ill-intentioned people from sending transactions to the digital wallet (5) by acting as said establishment, is achieved.
6- The secure payment method with digital wallet over internet according to Claim 1 , characterized in comprising the process step of;
In addition to completing the transactions suitable in terms of amount and other aspects without making the user (15) enter e-mail or password, or choosing a card, by directly entering a single use password, by allowing Risk Management for each establishment (2), directly making the payment without demanding a password in suitable transactions and conditions depending on the establishment (2) Risk Management parameters, or operating all confirmation levels in normal process by again evaluating the parameters.
PCT/TR2015/000324 2014-09-26 2015-09-23 Platform for payment with digital wallet over internet WO2016048255A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
TR2014/11400 2014-09-26
TR201411400 2014-09-26

Publications (1)

Publication Number Publication Date
WO2016048255A1 true WO2016048255A1 (en) 2016-03-31

Family

ID=54780451

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/TR2015/000324 WO2016048255A1 (en) 2014-09-26 2015-09-23 Platform for payment with digital wallet over internet

Country Status (1)

Country Link
WO (1) WO2016048255A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130054336A1 (en) * 2011-04-05 2013-02-28 Roam Data Inc System and method for incorporating one-time tokens, coupons, and reward systems into merchant point of sale checkout systems
US20130179337A1 (en) * 2012-01-09 2013-07-11 Walter Ochynski Account free possession and transfer of electronic money

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130054336A1 (en) * 2011-04-05 2013-02-28 Roam Data Inc System and method for incorporating one-time tokens, coupons, and reward systems into merchant point of sale checkout systems
US20130179337A1 (en) * 2012-01-09 2013-07-11 Walter Ochynski Account free possession and transfer of electronic money

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Similar Documents

Publication Publication Date Title
US10692076B2 (en) Device pairing via trusted intermediary
US20180268404A1 (en) Remote variable authentication processing
US20180114210A1 (en) Secure payments with untrusted devices
JP6214724B2 (en) Method, apparatus and system for secure provisioning, transmission and authentication of payment data
RU2713703C2 (en) Advance authorization of digital requests
US10049357B2 (en) System and method of processing PIN-based payment transactions via mobile devices
US20190102776A1 (en) Methods and systems for using physical payment cards in secure e-commerce transactions
US20190325405A1 (en) System and method for rendering virtual currency related services
US9818099B2 (en) Self-authenticating peer to peer transaction
US20180255460A1 (en) Device enrollment system and method
US20200090182A1 (en) Authenticating remote transactions using a mobile device
US10078835B2 (en) Authentication token for wallet based transactions
US20180130033A1 (en) Acquisition of card information to enhance user experience
AU2017200988B2 (en) Payment device with integrated chip
US10037516B2 (en) Secure transactions using a point of sale device
US8874913B1 (en) Secure communications between devices using a trusted server
US9361619B2 (en) Secure and convenient mobile authentication techniques
US10592899B2 (en) Master applet for secure remote payment processing
KR101617569B1 (en) Hub and spokes pin verification
US8788389B1 (en) Methods and systems for providing a customer controlled account lock feature
US20180006821A1 (en) Token and cryptogram using transaction specific information
US20170039566A1 (en) Method and system for secured processing of a credit card
US20140337237A1 (en) System and method for authenticating a payment terminal
CN103765861B (en) The payment of mobile device selects and authorizes
US20170140379A1 (en) Credit card randomly generated pin

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15804636

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15804636

Country of ref document: EP

Kind code of ref document: A1