WO2016079546A1 - Electronic payment machine surveilled by the crowd - Google Patents

Electronic payment machine surveilled by the crowd Download PDF

Info

Publication number
WO2016079546A1
WO2016079546A1 PCT/GB2015/053558 GB2015053558W WO2016079546A1 WO 2016079546 A1 WO2016079546 A1 WO 2016079546A1 GB 2015053558 W GB2015053558 W GB 2015053558W WO 2016079546 A1 WO2016079546 A1 WO 2016079546A1
Authority
WO
WIPO (PCT)
Prior art keywords
epm
server
alert
machine readable
data
Prior art date
Application number
PCT/GB2015/053558
Other languages
French (fr)
Inventor
Alistair Taverner
Original Assignee
Sec-Qr Holdings Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sec-Qr Holdings Ltd. filed Critical Sec-Qr Holdings Ltd.
Publication of WO2016079546A1 publication Critical patent/WO2016079546A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/20Administration of product repair or maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/407Cancellation of a transaction
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/205Housing aspects of ATMs
    • G07F19/2055Anti-skimming aspects at ATMs

Definitions

  • This invention relates to a security or alert system for electronic payment machines (EPM) such as ATMs and other similar devices.
  • EPM electronic payment machines
  • This invention relates to an alert system to receive and process security alerts along with other general maintenance issues.
  • EPMs can suffer from a range of security and operation issues. Some problems are skimming, shimming or eavesdropping attack on an EPM. This is when devices are fitted to an EPM that captures card data and PIN (personal identification numbers) entry data. Fraudulent payments can then be made using this data. EPM users can also be victims by having their PIN entry seen by a concealed camera fitted to the EPM or by being overlooked or "shoulder surfed” when they enter their PIN. The card is then stolen either by distracting the customer or by jamming the card in the EPM which can then be removed by the criminal once the victim has left. There are also cash trapping attacks where criminals put devices on the EPM that retains money when a victim tries to withdraw money and is later extracted. EPMs are often vandalised or subject to mechanical breakdown due to wear and tear. They also need to be regularly cleaned and routine maintenance and repairs that needs to be completed.
  • the term "users” includes customers/public who utilise the EPM, bank/store managers responsible for the site where it is located, engineers who maintain or repair the device or law enforcement officers.
  • EPM includes Automatic teller machines ATM's (also known as “cash machines”) but also to any similar device where similar problems arise and where processing of security alerts is advantageous. These include Pin Entry Devices (PEDs), ticket machines, pay at pump fuel pumps or payment kiosks. This is particularly relevant to devices that are unattended some or all of the time. Whilst most current use is envisaged for conventional ATMs, the present invention provides a system suitable for other types of money withdrawal or payment devices or any device that requires maintenance or can suffer from a security threat.
  • PEDs Pin Entry Devices
  • an EPM alert system comprising:
  • a server connected to a mobile telecommunication network
  • machine readable data provided on a plurality of EPMs, the machine readable data being readable by a mobile telecommunication device carried by a user at a specific EPM, the data including server locating information to permit the telecommunication device to communicate with the server over the telecommunication network so that the user may initiate an alert regarding an issue with the specific EPM;
  • c. means for identifying the location of the specific EPM from data provided from the telecommunication device to the server;
  • notifying means to communicate the alert and the location of the specific EPM from the server to an owner/operator of that EPM.
  • an EPM security system comprising:
  • a server connected to a telecommunication network and including a database of EPMs bearing the machine readable codes; and c. a mobile telecommunication device able to read the machine readable code and communicate with the server to provide an alert regarding the EPM the machine readable code of which was read by the telecommunication device,
  • the server monitors for alerts transmitted by the mobile device of the EPM system and notifies the telecommunication device and issues a notification to the owner/operator of the EPM about which the alert was transmitted.
  • mobile telecommunication device includes mobile telephones and smart phones and other devices such as tablets or iPods that can communicate data over the network and are capable of reading the machine readable code
  • the machine readable data is read visually, it needs to be visible to a user of the EPM and in a position where it can be read by the telecommunication device. This may be achieved by printing it on the EPM or providing it on a label affixed to the EPM such that it is externally viewable by a user.
  • externally viewable means visible generally from the outside of the machine not externally of a covering structure such as a building.
  • the machine readable data may be displayed on a display screen forming part of the EPM.
  • Such an electronic code may be provided from the server to the EPM. Such provision may be once at start up or dynamically over time. Such provision may also be direct or indirect through other channels such as the EPM owner.
  • the machine readable data may be in the form of a 1 -dimensional bar-code, a 2-dimensional bar code, a QR code or the like. These may be scanned by a camera or QR Scanner/reader on the user's mobile telecommunication device and decoded to provide the relevant data (including server locating data). A special app may be loaded on the user's telecommunication device to ease this process and the process of communication with the server. Machine readable data that is read non- visually, for example by wireless near field communication, may also be used. These might be accompanied by information to a user about triggering the reading of that code by the telecommunication device.
  • the machine readable data may, in addition to the server locating information, include additional data. This may include one or more of a unique EPM identifier code (that might be used by the server to access data held in a database about the EPMs and/or its position), EPM owner/operator data (which might include address and contact information to pass on alerts), or EPM location data.
  • a unique EPM identifier code that might be used by the server to access data held in a database about the EPMs and/or its position
  • EPM owner/operator data which might include address and contact information to pass on alerts
  • EPM location data which might include address and contact information to pass on alerts
  • alerts may concern operational issues and/or security issues.
  • the alerts may be security alerts.
  • the server may also be adapted to interrogate the telecommunication device to obtain further information.
  • This may include location data derived from the telecommunication device. It may also include one or more of: the nature of the alert or situation (for example missing cash, presence of a suspicious object on the EPM, damage, malfunction), the user's name and contact details, customer safety information (e.g. is there a danger to the user and should the police be summoned), images of the EPM or any suspicious object/person (e.g. for evidence or investigatory reasons).
  • the system may be such that the server derives location data for the EPM from the machine readable code and/or location data provided by the mobile telecommunication device.
  • the server may derive location data for the EPM from both the machine readable code and location data provided by the mobile telecommunication device. As these are independent of each other they can be cross referred to check the accuracy of the data and ensure better verification of the alert data.
  • the location data derived from the mobile device could be determined by circuitry within that device, e.g. using triangulation, GPS, etc.
  • the location data relating to each EPM may be predetermined and included in a readable code specific to each EPM (this can avoid the need to store the location of each EPM in a database and look that up using an EPM unique identifier).
  • a customer (or user) using an EPM may notice something suspicious or operationally deficient e.g. a camera/skimmer attached to the EPM, individuals acting suspiciously, card or cash not coming out, the EPM having signs of physical attack, retention of a card, incorrect cash amount or poor cleanliness.
  • the customer can scan the visible machine readable data (such as in the form of a QR code displayed on EPM screen) using their phone and this is used to connect to an interface with the server (perhaps in the form of a website, or application).
  • the server may request information such as:
  • Location data (such as GPS derived latitude and longitude) to locate the EPM location and/or verify any location data provided by the machine readable data;
  • Some or all of these may be automatically provided to the server with the initial request from the mobile phone (mobile telecommunication device).
  • the server then confirms receipt of the alert to the customer, for example by sending a text or email to the customer.
  • This may include one or more of: a case reference number; bank phone number; a link to download a dedicated app (if not already installed), and details of EPM best practice.
  • Each alert may be electronically reviewed and forwarded to the EPM owner/provider and if pertinent to the customers bank. If several potentially linked cases are detected, the server or operator may use this to highlight the case and identify a problem and may notify the police.
  • the user generating an alert may have been subject to potential fraud. Therefore ideally the notifying means may provide information to the user to allow them to cancel their payment mechanism such as a bank card. This may for example be phone numbers on which to call their bank.
  • the notifying means may also be configured to inform the user, if an appropriate user, as to how service or repair the EPM. This is especially useful if the notification is generated by a staff member on site.
  • the system of the present invention can be used to communicate with an operative such as engineer who visits the EPM following an alert.
  • the system may be configured to allow an operative attending the EPM following an alert to use the machine readable data to access information on the EPM and the nature of the alert.
  • the operative might use the machine readable data to upload information concerning the repair or service of the EPM.
  • FIG. 1 is a schematic representation of an embodiment of EPM system according to the present invention.
  • Figure 2 is a flow diagram representing the stages of operation of the system.
  • FIG. 1 there is an ATM 10 on which is displayed a QR code 1 1 .
  • the QR code is shown in this embodiment both on a sticker 12 and electronically on a screen 13 of the ATM.
  • a user of the ATM can use their mobile phone 15 to scan the QR code 1 1 .
  • This will then be decoded into information that will include server locating information such that a connection 17 over a mobile network to the server 18 can be established.
  • the QR code 1 1 also contains information identifying the ATM. This may be in the form of specific geographic information or it may be in the form of a unique code. If it is in the form of a code then the server 18 may access a database 20 which contains information regarding the ATM that can be derived using the ATM's unique identifier code.
  • communication between the server 18 and the mobile phone 15 may include the delivery to the server 18 of location information derived from the phone.
  • location information may be derived from circuitry within the phone including triangulation of radio signals or GPS data.
  • the server will request from the user, through their mobile phone 15, information pertinent to the security alert. This information may include the nature of the alert, the user's contact details, their safety status and need for assistance, as well as anything else relevant.
  • the server might also request that the mobile phone 15 is used to take a picture of the suspicious item or other suspicious circumstance such that this may be submitted to the server 18.
  • Such a request for user data may be achieved by displaying a website on screen on the mobile device into which the data can be entered or from which it can be selected.
  • the server 18 contacts the operator of the ATM 22 who can take appropriate action to fix the ATM or remove fraudulent objects.
  • the server may be monitoring many ATMs with a variety of different operators 22 it is desirable that the ATM itself may be identified and its operator likewise known. Such information may be derived from the database 20 or may be provided as part of the machine readable QR code 1 1 .
  • the server 18 can notify the relevant authorities such as the police 24. These may then take appropriate emergency action either to secure the safety of the user or prevent further crime.
  • FIG 2 shows a simplified flow chart of some of the steps in the processing of an alert by the system of the present invention.
  • a user is using an ATM. If they do not notice any problem they continue to use the ATM at step 31 as normal. If, however, they notice an issue they initiate an alert at step 32 by scanning the readable data on the ATM (the QR code 1 1 in Figure 1 ) using their mobile device.
  • the mobile device reads the code and derives the server locating information at step 33 such that it may at step 34 establish a connection to the server (usually over the internet) and transmit information concerning the alert and the identity of the ATM.
  • the server obtains this information and establishes a 2 way connection with the mobile device such that it may obtain further information from the user if required.
  • Such further information may relate to the user, the nature of the alert, or locating information such as position data from the mobile phone.
  • the server Once the server has obtained sufficient information concerning the alert it sends confirmation of receipt at step 36 back to the user using the contact information provided during the connection. It also stores the alerted information in an appropriate database for future review and comparison (step 37).
  • the server may also obtain data concerning specific ATMs from a database in which certain information thereon is recorded for reference.
  • an alert is completed it is also forwarded for review at step 38. This review may be conducted solely by the server or may also be subjected to human review by an operator should that be required.
  • an alert notification is sent at step 39 to the ATM owner, provider or the operator thereof such that they may take appropriate action to deal with the alert.
  • the alert may also be notified at step 40 to the police in order that appropriate emergency response or investigative action can be taken.
  • the information stored by the server concerning alerts over a period of time can be used to provide data for analysis in patterns of fraudulent behaviour, which is extremely useful in combatting the associated crime.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Tourism & Hospitality (AREA)
  • Economics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Alarm Systems (AREA)

Abstract

The present invention provides an EPM alert system. The system comprises a server connected to a mobile telecommunication network; and machine readable data provided on a plurality of EPMs, the machine readable data being readable by a mobile telecommunication device carried by a user at a specific EPM. The data includes server locating information to permit the telecommunication device to communicate with the server over the telecommunication network so that the user may initiate an alert regarding an issue with the specific EPM. Means for identifying the location of the specific EPM from data provided from the telecommunication device to the server are provided as are notifying means to communicate the alert and the location of the specific EPM from the server to an owner/operator of that EPM.

Description

ELECTRONIC PAYMENT MACHINE SURVEILLED BY THE CROWD
This invention relates to a security or alert system for electronic payment machines (EPM) such as ATMs and other similar devices. In particular it relates to an alert system to receive and process security alerts along with other general maintenance issues.
EPMs can suffer from a range of security and operation issues. Some problems are skimming, shimming or eavesdropping attack on an EPM. This is when devices are fitted to an EPM that captures card data and PIN (personal identification numbers) entry data. Fraudulent payments can then be made using this data. EPM users can also be victims by having their PIN entry seen by a concealed camera fitted to the EPM or by being overlooked or "shoulder surfed" when they enter their PIN. The card is then stolen either by distracting the customer or by jamming the card in the EPM which can then be removed by the criminal once the victim has left. There are also cash trapping attacks where criminals put devices on the EPM that retains money when a victim tries to withdraw money and is later extracted. EPMs are often vandalised or subject to mechanical breakdown due to wear and tear. They also need to be regularly cleaned and routine maintenance and repairs that needs to be completed.
It is possible for the owners/operators of an EPM regularly to inspect it for security threats such as suspicious items attached to the EPM or damage thereto. However as these EPMs may be in unmanned locations or operating out of normal hours, and as one owner/operator may have many devices spread over a wide geographical area it is both labour and cost intensive to do this. Even if it is done, it is also very slow to pick up problems as the period between routine checks can be long. Whilst faults may be reported by customers this is rarely done as it is complex and time consuming at best.
As used herein the term "users" includes customers/public who utilise the EPM, bank/store managers responsible for the site where it is located, engineers who maintain or repair the device or law enforcement officers. As used herein the term EPM includes Automatic teller machines ATM's (also known as "cash machines") but also to any similar device where similar problems arise and where processing of security alerts is advantageous. These include Pin Entry Devices (PEDs), ticket machines, pay at pump fuel pumps or payment kiosks. This is particularly relevant to devices that are unattended some or all of the time. Whilst most current use is envisaged for conventional ATMs, the present invention provides a system suitable for other types of money withdrawal or payment devices or any device that requires maintenance or can suffer from a security threat.
It is therefore a principle aim of the present invention to provide a solution to some or all of these problems, by facilitating the notification of security or functionality issues by users of the EPMs and other devices.
According to the present invention, there is provided an EPM alert system comprising:
a. a server connected to a mobile telecommunication network; b. machine readable data provided on a plurality of EPMs, the machine readable data being readable by a mobile telecommunication device carried by a user at a specific EPM, the data including server locating information to permit the telecommunication device to communicate with the server over the telecommunication network so that the user may initiate an alert regarding an issue with the specific EPM;
c. means for identifying the location of the specific EPM from data provided from the telecommunication device to the server; and
d. notifying means to communicate the alert and the location of the specific EPM from the server to an owner/operator of that EPM.
According to another aspect of the present invention there is provided an EPM security system comprising:
a. an EPM having an externally viewable machine readable code;
b. a server connected to a telecommunication network and including a database of EPMs bearing the machine readable codes; and c. a mobile telecommunication device able to read the machine readable code and communicate with the server to provide an alert regarding the EPM the machine readable code of which was read by the telecommunication device,
wherein the server monitors for alerts transmitted by the mobile device of the EPM system and notifies the telecommunication device and issues a notification to the owner/operator of the EPM about which the alert was transmitted.
As used herein the term mobile telecommunication device includes mobile telephones and smart phones and other devices such as tablets or iPods that can communicate data over the network and are capable of reading the machine readable code
If as is currently envisaged the machine readable data is read visually, it needs to be visible to a user of the EPM and in a position where it can be read by the telecommunication device. This may be achieved by printing it on the EPM or providing it on a label affixed to the EPM such that it is externally viewable by a user. As used herein, externally viewable means visible generally from the outside of the machine not externally of a covering structure such as a building. Alternatively the machine readable data may be displayed on a display screen forming part of the EPM. Such an electronic code may be provided from the server to the EPM. Such provision may be once at start up or dynamically over time. Such provision may also be direct or indirect through other channels such as the EPM owner.
If visually readable the machine readable data may be in the form of a 1 -dimensional bar-code, a 2-dimensional bar code, a QR code or the like. These may be scanned by a camera or QR Scanner/reader on the user's mobile telecommunication device and decoded to provide the relevant data (including server locating data). A special app may be loaded on the user's telecommunication device to ease this process and the process of communication with the server. Machine readable data that is read non- visually, for example by wireless near field communication, may also be used. These might be accompanied by information to a user about triggering the reading of that code by the telecommunication device.
The machine readable data may, in addition to the server locating information, include additional data. This may include one or more of a unique EPM identifier code (that might be used by the server to access data held in a database about the EPMs and/or its position), EPM owner/operator data (which might include address and contact information to pass on alerts), or EPM location data.
The nature of any alert or notification may concern operational issues and/or security issues. The alerts may be security alerts.
The server may also be adapted to interrogate the telecommunication device to obtain further information. This may include location data derived from the telecommunication device. It may also include one or more of: the nature of the alert or situation (for example missing cash, presence of a suspicious object on the EPM, damage, malfunction), the user's name and contact details, customer safety information (e.g. is there a danger to the user and should the police be summoned), images of the EPM or any suspicious object/person (e.g. for evidence or investigatory reasons).
The system may be such that the server derives location data for the EPM from the machine readable code and/or location data provided by the mobile telecommunication device. The server may derive location data for the EPM from both the machine readable code and location data provided by the mobile telecommunication device. As these are independent of each other they can be cross referred to check the accuracy of the data and ensure better verification of the alert data. The location data derived from the mobile device could be determined by circuitry within that device, e.g. using triangulation, GPS, etc. The location data relating to each EPM may be predetermined and included in a readable code specific to each EPM (this can avoid the need to store the location of each EPM in a database and look that up using an EPM unique identifier).
In use, a customer (or user) using an EPM may notice something suspicious or operationally deficient e.g. a camera/skimmer attached to the EPM, individuals acting suspiciously, card or cash not coming out, the EPM having signs of physical attack, retention of a card, incorrect cash amount or poor cleanliness. In response to this the customer can scan the visible machine readable data (such as in the form of a QR code displayed on EPM screen) using their phone and this is used to connect to an interface with the server (perhaps in the form of a website, or application). The server may request information such as:
1 . Customer safety information /emergency response needs;
2. The nature of the problem (e.g. from a pick list including options such as "Card stolen/missing", "Cash stolen/missing", "PIN stolen", "Suspicious object", "Suspicious person");
3. A photo of any suspicious object or person or of damage to the machine;
4. Location data (such as GPS derived latitude and longitude) to locate the EPM location and/or verify any location data provided by the machine readable data;
5. Customer contact details such as phone number/email.
Some or all of these may be automatically provided to the server with the initial request from the mobile phone (mobile telecommunication device).
Ideally, the server then confirms receipt of the alert to the customer, for example by sending a text or email to the customer. This may include one or more of: a case reference number; bank phone number; a link to download a dedicated app (if not already installed), and details of EPM best practice.
Each alert may be electronically reviewed and forwarded to the EPM owner/provider and if pertinent to the customers bank. If several potentially linked cases are detected, the server or operator may use this to highlight the case and identify a problem and may notify the police.
The user generating an alert may have been subject to potential fraud. Therefore ideally the notifying means may provide information to the user to allow them to cancel their payment mechanism such as a bank card. This may for example be phone numbers on which to call their bank. The notifying means may also be configured to inform the user, if an appropriate user, as to how service or repair the EPM. This is especially useful if the notification is generated by a staff member on site.
The system of the present invention can be used to communicate with an operative such as engineer who visits the EPM following an alert. The system may be configured to allow an operative attending the EPM following an alert to use the machine readable data to access information on the EPM and the nature of the alert. As well or instead the operative might use the machine readable data to upload information concerning the repair or service of the EPM.
In order that it may be better understood, but by way of example only an embodiment of the present invention will now be described in detail with reference to the accompanying drawing in which:
Figure 1 is a schematic representation of an embodiment of EPM system according to the present invention; and
Figure 2 is a flow diagram representing the stages of operation of the system.
As shown in Figure 1 there is an ATM 10 on which is displayed a QR code 1 1 . The QR code is shown in this embodiment both on a sticker 12 and electronically on a screen 13 of the ATM. Should a user of the ATM notice a problem with the ATM, they can use their mobile phone 15 to scan the QR code 1 1 . This will then be decoded into information that will include server locating information such that a connection 17 over a mobile network to the server 18 can be established.
The QR code 1 1 also contains information identifying the ATM. This may be in the form of specific geographic information or it may be in the form of a unique code. If it is in the form of a code then the server 18 may access a database 20 which contains information regarding the ATM that can be derived using the ATM's unique identifier code.
Alternatively, or in addition, communication between the server 18 and the mobile phone 15 may include the delivery to the server 18 of location information derived from the phone. Such location information may be derived from circuitry within the phone including triangulation of radio signals or GPS data.
In addition to geographical data the server will request from the user, through their mobile phone 15, information pertinent to the security alert. This information may include the nature of the alert, the user's contact details, their safety status and need for assistance, as well as anything else relevant. The server might also request that the mobile phone 15 is used to take a picture of the suspicious item or other suspicious circumstance such that this may be submitted to the server 18. Such a request for user data may be achieved by displaying a website on screen on the mobile device into which the data can be entered or from which it can be selected.
Dependent upon the nature of the alert generated the server 18 contacts the operator of the ATM 22 who can take appropriate action to fix the ATM or remove fraudulent objects. As the server may be monitoring many ATMs with a variety of different operators 22 it is desirable that the ATM itself may be identified and its operator likewise known. Such information may be derived from the database 20 or may be provided as part of the machine readable QR code 1 1 .
Should a pattern of criminal behaviour or a serious situation be alerted, the server 18 can notify the relevant authorities such as the police 24. These may then take appropriate emergency action either to secure the safety of the user or prevent further crime.
Figure 2 shows a simplified flow chart of some of the steps in the processing of an alert by the system of the present invention. At step 30 a user is using an ATM. If they do not notice any problem they continue to use the ATM at step 31 as normal. If, however, they notice an issue they initiate an alert at step 32 by scanning the readable data on the ATM (the QR code 1 1 in Figure 1 ) using their mobile device. The mobile device reads the code and derives the server locating information at step 33 such that it may at step 34 establish a connection to the server (usually over the internet) and transmit information concerning the alert and the identity of the ATM. At 35 the server obtains this information and establishes a 2 way connection with the mobile device such that it may obtain further information from the user if required. Such further information may relate to the user, the nature of the alert, or locating information such as position data from the mobile phone. Once the server has obtained sufficient information concerning the alert it sends confirmation of receipt at step 36 back to the user using the contact information provided during the connection. It also stores the alerted information in an appropriate database for future review and comparison (step 37). Although not shown the server may also obtain data concerning specific ATMs from a database in which certain information thereon is recorded for reference. When an alert is completed it is also forwarded for review at step 38. This review may be conducted solely by the server or may also be subjected to human review by an operator should that be required. Dependent upon the review, an alert notification is sent at step 39 to the ATM owner, provider or the operator thereof such that they may take appropriate action to deal with the alert. The alert may also be notified at step 40 to the police in order that appropriate emergency response or investigative action can be taken.
Although the examples shown herein show only a single ATM, in reality the server would be adapted to receive alerts from a large number of ATMs, hence why the locating information on each one is important to identify the appropriate ATM and channels of communication.
The information stored by the server concerning alerts over a period of time can be used to provide data for analysis in patterns of fraudulent behaviour, which is extremely useful in combatting the associated crime.

Claims

Claims
1 . An EPM alert system comprising:
a. a server connected to a mobile telecommunication network; b. machine readable data provided on a plurality of EPMs, the machine readable data being readable by a mobile telecommunication device carried by a user at a specific EPM, the data including server locating information to permit the telecommunication device to communicate with the server over the telecommunication network so that the user may initiate an alert regarding an issue with the specific EPM;
c. means for identifying the location of the specific EPM from data provided from the telecommunication device to the server; and
d. notifying means to communicate the alert and the location of the specific EPM from the server to an owner/operator of that EPM.
2. An EPM alert system as claimed in claim 1 , wherein the machine readable data is provided on a label affixed to the EPM such that it is externally viewable by a user.
3. An EPM alert system as claimed in claim 1 , wherein the machine readable data is displayed on a display screen of the EPM.
4. An EPM alert system as claimed in any of the preceding claims wherein the machine readable data is in the form of a 1 dimensional barcode, a 2 dimensional bar code, a QR code that may be scanned by a camera on the user's mobile telecommunication device.
5. An EPM alert system as claimed in any of the preceding claims wherein the machine readable data in addition to the server locating information includes one or more of: a unique EPM identifier code, EPM owner data and/or EPM location data.
6. An EPM alert system as claimed in any of the preceding claims wherein the server is adapted to interrogate the telecommunication device to obtain location data derived from the telecommunication device or user.
7. An EPM alert system as claimed in any of the preceding claims wherein the server is adapted to interrogate the telecommunication device or user to request additional data including one or more of: the nature of the alert or situation, the user's name and contact details, customer safety information, images of the EPM or any suspicious object/person.
8. An EPM alert system as claimed in any of the preceding claims wherein the notifying means provides information to the user to allow them to cancel their payment mechanism.
9. An EPM alert system as claimed in any of the preceding claims wherein the notifying means provides information to the user to allow them to service or repair the EPM.
10. An EPM alert system as claimed in any of the preceding claims wherein an operative attending the EPM following an alert can use the machine readable data to access information on the EPM and the alert.
1 1 . An EPM alert system as claimed in any of the preceding claims wherein an operative attending the EPM following an alert can use the machine readable data to upload information concerning the repair or service of the EPM.
12. An EPM security system comprising:
a. an EPM having an externally viewable machine readable code;
b. a server connected to a telecommunication network and including a database of EPMs bearing the machine readable codes; and
c. a mobile telecommunication device able to read the machine readable code and communicate with the server to provide an alert regarding the EPM the machine readable code of which was read by the telecommunication device,
wherein the server monitors for alerts transmitted by the mobile device of the EPM system and notifies the telecommunication device and issues a notification to the owner/operator of the EPM about which the alert was transmitted.
13. An EPM security system as claimed in claim 12 wherein the server derives location data for the EPM from one or more of the machine readable code and location data provided by the mobile telecommunication device.
14. An EPM security system as claimed in claim 13 wherein the server derives location data for the EPM from both the machine readable code and location data provided by the mobile telecommunication device and cross refers these to improve veracity of data.
PCT/GB2015/053558 2014-11-21 2015-11-20 Electronic payment machine surveilled by the crowd WO2016079546A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1420764.1 2014-11-21
GBGB1420764.1A GB201420764D0 (en) 2014-11-21 2014-11-21 ATM crowd surveillance

Publications (1)

Publication Number Publication Date
WO2016079546A1 true WO2016079546A1 (en) 2016-05-26

Family

ID=52292366

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2015/053558 WO2016079546A1 (en) 2014-11-21 2015-11-20 Electronic payment machine surveilled by the crowd

Country Status (2)

Country Link
GB (1) GB201420764D0 (en)
WO (1) WO2016079546A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108765786A (en) * 2018-04-03 2018-11-06 中电金融设备系统(深圳)有限公司 Quick Response Code withdrawal safe verification method and its system, computer storage media
US20210042743A1 (en) * 2019-08-09 2021-02-11 Its, Inc. Interoperable mobile-initiated transactions with dynamic authentication

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014064647A1 (en) * 2012-10-26 2014-05-01 Rancilio Group S.p.A. System for monitoring coffee machines and corresponding monitoring method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014064647A1 (en) * 2012-10-26 2014-05-01 Rancilio Group S.p.A. System for monitoring coffee machines and corresponding monitoring method

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108765786A (en) * 2018-04-03 2018-11-06 中电金融设备系统(深圳)有限公司 Quick Response Code withdrawal safe verification method and its system, computer storage media
CN108765786B (en) * 2018-04-03 2020-11-24 中电金融设备系统(深圳)有限公司 Two-dimensional code withdrawal safety verification method and system and computer storage medium
US20210042743A1 (en) * 2019-08-09 2021-02-11 Its, Inc. Interoperable mobile-initiated transactions with dynamic authentication
US11562351B2 (en) * 2019-08-09 2023-01-24 Its, Inc. Interoperable mobile-initiated transactions with dynamic authentication
US12008554B2 (en) 2019-08-09 2024-06-11 Its, Inc. Interoperable mobile-initiated transactions with dynamic authentication

Also Published As

Publication number Publication date
GB201420764D0 (en) 2015-01-07

Similar Documents

Publication Publication Date Title
US10477156B2 (en) Video analytics system
US9070233B2 (en) Automated banking machine system and monitoring
CA2745953C (en) Electronic transaction fraud prevention
US20110078034A1 (en) Apparatus and method for point of sale terminal fraud detection
CA2966553A1 (en) Credit and debit fraud card usage monitoring for transit
CN104380298A (en) Systems and methods for dynamically assessing and mitigating risk of an insured entity
US9646477B2 (en) Branch device geo-fencing pairing security
JPWO2016135860A1 (en) Card verification system, card unauthorized use detection method, and card unauthorized use detection program
WO2016079546A1 (en) Electronic payment machine surveilled by the crowd
JP2008027167A (en) Monitoring system for automatic teller machine
CA2585494C (en) Known loss data logging
KR102483071B1 (en) System for monitoring people
JP5566505B1 (en) ATM skimming prevention system and method
CN101751727B (en) Method and device for monitoring installation of card stealing device as well as self-service terminal
RU2798157C2 (en) System for the monitoring people
US11881089B2 (en) Monitoring and predicting physical force attacks on transaction terminals
KR20180023680A (en) System and method for managing annuity
KR20110042813A (en) Management objective entrance and exit authentication system and the method
Srilatha et al. Safety and maintenance of ATM system using Internet of things
KR20050064436A (en) Method for managing to preventing illegal use in automated teller machine
KR20140142182A (en) Method for determining illegal use of card in cash card use security system and computer-readable recording medium storing the same
KR20140029683A (en) Method for determining illegal use of card in cash card use security system and computer-readable recording medium storing the same

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15820566

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15820566

Country of ref document: EP

Kind code of ref document: A1