WO2017006256A1 - Système et procédé pour mener une transaction - Google Patents

Système et procédé pour mener une transaction Download PDF

Info

Publication number
WO2017006256A1
WO2017006256A1 PCT/IB2016/054041 IB2016054041W WO2017006256A1 WO 2017006256 A1 WO2017006256 A1 WO 2017006256A1 IB 2016054041 W IB2016054041 W IB 2016054041W WO 2017006256 A1 WO2017006256 A1 WO 2017006256A1
Authority
WO
WIPO (PCT)
Prior art keywords
payor
transaction
value store
payee
token
Prior art date
Application number
PCT/IB2016/054041
Other languages
English (en)
Inventor
Johan Dawid MEYER
Original Assignee
Meyer Johan Dawid
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Meyer Johan Dawid filed Critical Meyer Johan Dawid
Publication of WO2017006256A1 publication Critical patent/WO2017006256A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices

Definitions

  • This invention relates to systems and methods for conducting a transaction which, in one example, may be a financial transaction conducted between a merchant and a consumer.
  • CPPD consumer portable payment device
  • the consumer provides the merchant with payment information stored on the CPPD.
  • the merchant passes this information onto an acquiring financial institution which then obtains payment, generally via a payment processing network, from an issuing financial institution of the consumer.
  • a problem associated with such financial transactions is that the consumer's payment information is capable of interception by unscrupulous third parties, in whose hands the payment information can be fraudulently used.
  • PCI-DSS Payment Card Industry Data Security Standard
  • PCI-DSS Payment Card Industry Data Security Standard
  • POS Point of Sale
  • a transaction processor comprising:
  • the transaction request including a transaction amount and transaction data
  • a further feature provides for receiving a transaction request to receive the transaction request from the payee electronic device.
  • a yet further feature provides for the transaction data to include a payee identifier and for the method to include a step of obtaining payee account information associated with the payee identifier and relating to a financial account of the payee.
  • Further features provide for generating a single-use transaction token to include storing the generated single-use transaction token, for the single-use transaction token to be stored in association with a validity period, and for the validity period to be a time period selected from the range between 10 and 180 seconds.
  • a still further feature provides for authenticating the single-use transaction token against a received single-use transaction token to include:
  • a further feature provides for the step of initiating a payment from the payor value store to a payee value store to include transmitting the transaction amount and account information relating to a financial account of the payee to the payor value store for initiation of a payment between the payor value store and the payee value store.
  • An even further feature provides for the method to include a step of, if the single-use transaction token is authenticated, transmitting a confirmation message to the payee electronic device.
  • a transaction processor comprising:
  • a transaction request receiving component for receiving a transaction request, the transaction request including a transaction amount and transaction data
  • a generating component for generating a single-use transaction token
  • a first token transmitting component for transmitting the single-use transaction token to a payee electronic device associated with a payee entity
  • an authentication component for authenticating the single-use transaction token against a received single-use transaction token, the received single-use transaction token having been received at a payor value store from a payor electronic device via a secure communication channel between the payor electronic device and the payor value store;
  • a payment component for, responsive to authenticating the single-use transaction token, initiating a payment from the payor value store to a payee value store.
  • a further feature provides for the transaction request receiving component to receive the transaction request from the payee electronic device.
  • a yet further feature provides for the transaction data to include a payee identifier and for the transaction processor to include an obtaining component for obtaining payee account information associated with the payee identifier and relating to a financial account of the payee.
  • the generating component to include a storing component for storing the generated single-use transaction token, for the single-use transaction token to be stored in association with a validity period, and for the validity period to be a time period selected from the range between 10 and 180 seconds.
  • a further feature provides for the authentication component to include:
  • a token receiving component for receiving, from the payor value store, a single-use transaction token, the received single-use transaction token having been received at the payor value store from a payor electronic device via a secure communication channel between the payor electronic device and the payor value store;
  • a comparing component for comparing the received single-use transaction token with the generated single-use transaction token
  • an authentication indication transmitting component for, if the received single-use transaction token matches the generated single-use transaction token, transmitting an authentication indication to the payor value store.
  • a yet further feature provides for the payment component to transmit the transaction amount and account information relating to a financial account of the payee to the payor value store for initiation of a payment between the payor value store and the payee value store.
  • An even further feature provides for the transaction processor to include a confirmation component for, if the single-use transaction token is authenticated, transmitting a confirmation message to the payee electronic device.
  • a transaction processor comprising:
  • FIG. 1 is a schematic diagram which illustrates an example of a system for conducting a transaction; is a block diagram which illustrates an example of a system for conducting a transaction; is a swim-lane flow diagram which illustrates one embodiment of a method for conducting a transaction; illustrates an example of a computing device in which various aspects of the disclosure may be implemented; and, shows a block diagram of a communication device that may be used in embodiments of the disclosure.
  • FIG. 1 is a schematic diagram which illustrates an example of a system (100) for conducting a transaction.
  • the system (100) includes a payor electronic device (1 10) which is associated with a payor (1 12) and a payee electronic device (120) which is associated with a payee (122).
  • the system (100) also includes a transaction processor (130), a payor value store (140) and a payee value store (150).
  • a communication network (102) enables communication between the transaction processor (130), payee electronic device (120), payor electronic device (1 10), the payor value store (140) and the payee value store (150).
  • the payee (122) is a merchant from which the payor (1 12) can purchase goods or services.
  • the payee (122) may be an online merchant which makes its goods or services available over the Internet or, alternatively, may be a brick-and-mortar merchant.
  • the payee is an individual partaking in a peer-to-peer transaction.
  • the payee electronic device (120) is any appropriate electronic device including one of the group of: a point of sale (POS) terminal, an e-commerce server computer, a mobile phone, a smart phone, a tablet computer, a computing device, a wearable electronic device such as a smart watch, or the like.
  • the payee electronic device (120) is able to communicate with the transaction processor (130) via a secure communication channel (104) over which the payee electronic device (120) is operable transmit a transaction request including transaction data and a transaction amount to the transaction processor (130).
  • the transaction data includes one or more of the group of: a payor value store identifier, a transaction type information, a unique transaction identifier, and a payee identifier.
  • the payee electronic device (120) is also operable to receive a single-use transaction token from the transaction processor (130) via the secure communication channel (104) and to provide the received token to the payor electronic device (1 10).
  • the payee electronic device (120) may display the token on a display screen thereof for manual capture by the payor (1 12) or for capture by a camera of the payor electronic device (1 10). It is also anticipated that the token may be transmitted from the payee electronic device (120) to the payor electronic device (1 10) via a short- range wireless radio, such as near field communication (NFC), or the like.
  • NFC near field communication
  • the payor (1 12) is a consumer wishing to make a purchase or request services from the payee (122).
  • the payor electronic device (1 10) is any appropriate electronic device including one of the group of: a mobile phone, a smart phone, a tablet computer, a computing device, a wearable electronic device such as a smart watch, or the like.
  • the payor electronic device (1 10) is operable to obtain the token from the payee electronic device (120), to establish a secure communication channel (104) with the payor value store (140) and to transmit the obtained token to the payor value store (140) via the secure communication channel (104).
  • the payor electronic device (1 10) has a device identifier associated therewith.
  • the device identifier is one or more of: an international mobile station equipment identity (IMEI) number, a mobile station international subscriber directory number (MSISDN) or the like.
  • the transaction processor (130) is any appropriate server computer, distributed server computer, cloud-based server computer, server computer cluster, or the like.
  • the transaction processor (130) has access to a first database (132), a second database (134) and a third database (136) in each of which information is stored and organised and from which information is accessible by the transaction processor (130).
  • the first database (132) has list of registered payor value stores and their associated payor value store identifiers stored therein.
  • the second database (134) has a list of registered payees and their associated payee identifiers and optionally financial account information of the registered payees stored there.
  • the third database (136) is a transaction database in which a running log of transactions is maintained. This running log may include, but is not limited to, information such as whether a transaction is pending and/or complete, account information associated with the transaction, and identifiers associated with a transaction. Data from the transaction database may be used for analytical derivatives that are exchanged between the transaction processor and a value store over, for example, a secure file transfer infrastructure.
  • the third database (136) may assist in managing the status of a transaction and it may record the history of all transactions that are processed through/by the transaction processor.
  • the third database (136) allows each value store to resolve disputes over transactions as well as permitting consumers to view transactions that they have made using the transaction processor.
  • the transaction data may include identifiers identifying items for which payment is being made, and these identifiers may be stored by the transaction processor (130), and may be provided to the payor value store (140) for retention by the payor value store and/or onward transmission to the payor for, inter alia, reconciliation and fraud detection and prevention purposes.
  • the transaction processor (130) is maintained or operated by a third party entity and is configured to communicate securely with at least the payee electronic device (120) and the payor value store (140).
  • the transaction processor (130) is operable to receive the transaction request from the payee electronic device (120), and to generate the single-use transaction token.
  • the transaction processor (130) is configured to transmit the single-use transaction token to the payee electronic device (120) and is also operable to authenticate the single-use transaction token against a received single-use transaction token having been received at the payor value store (140) from the payor electronic device (1 10).
  • the transaction processor (130) receives the token from the payor value store (140) and authenticates the received token thereat.
  • the payor value store (140) is one or more of the group of: an issuing bank of the payor (1 12), a mobile wallet service provider providing a mobile wallet to the payor (1 12), a mobile money operator; or, a digital currency wallet provider, providing, for example, a bitcoin wallet, to the payor (1 12) to enable the payor to make payments using the digital currency.
  • the payor value store (140) includes a server computer (142) which has access to a database (144) in which information is stored and organised and from which information is accessible by the server computer (142). A financial account of the payor is maintained in the database (144) against which payments made by the payor may be debited.
  • the payor value store (140) is operable to receive the token from the payor electronic device (1 10) and to authenticate the received token.
  • the payor value store transmits the received token to the transaction processor (130) for authentication thereat. Once the token has been authenticated, a payment can be initiated from the payor value store (140) to the payee value store (150).
  • the payor electronic device (1 10) is a mobile phone which has mobile applications ("apps") installed thereon, one of the apps being a mobile banking app which creates the secure communication channel (104) between the device (1 10) and the payor value store (140).
  • apps mobile applications
  • the apps being a mobile banking app which creates the secure communication channel (104) between the device (1 10) and the payor value store (140).
  • the payee value store (150) may be an acquiring bank of the payee (122).
  • the payee value store (150) includes a server computer (152) which has access to a database (154) in which information is stored and organised and from which information is accessible by the server computer (152). A financial account of the payee is maintained in the database (154) against which payments made in favour of the payee may be credited.
  • the system (100) thus enables a unique transaction token to be generated and transmitted to a payee electronic device for input to a payor electronic device.
  • the payor electronic device transmits the token to a payor value store for authentication. If the token is authenticated, a payment from the payor in favour of the payee is initiated.
  • the system (200) illustrated in Figure 2 includes a transaction processor (130) and a payor value store (140).
  • the transaction processor (130) includes a processing circuit and memory in which instructions executable by the processing circuit are stored.
  • the transaction processor (130) further includes a database accessing component (202) for accessing one or more databases to store information therein and retrieve information therefrom.
  • the transaction processor (130) also has one or more application programming interfaces (APIs) which include, but are not limited to, registry management APIs, payment transaction APIs, administrative APIs, person-to-merchant (P2M) payment APIs, third party payment service APIs, as well as future risk management APIs and analytics APIs. These APIs allow the transaction processor to communicate with various value stores and third-party payment service entities.
  • APIs application programming interfaces
  • the transaction processor (130) further includes a payee device interface component (204) for interfacing with the payee electronic device and a payor value store interface component (206) for interfacing with the payor value store (140).
  • the payee device interface component (204) is implemented using web service description language (WSDL) and schemas or representational state transfer (RESTFULL Web Services), however, other programming languages and schemas are anticipated. Integration of payee systems with the transaction processor occurs through various sets of standards-based service interface messages. These messages provide all the necessary capabilities to initiate a payment, confirm or reject a payment, to provide notification of a pending payment transaction, and provide all financial management information for settlement between members.
  • the APIs may be based on open industry standards for the construction and deployment of interoperable web services. They may leverage a basic simple object access protocol (SOAP) payload using WSDL defined contracts with extensible mark-up (XML) schema based data definitions or RESTFULL Web Services. These standards may supported by a wide range of development tools on a variety of different platforms.
  • SOAP basic simple object access protocol
  • XML extensible mark-up
  • the payor value store interface component (206) is implemented using the ISO 20022 standard for financial business models and messages and facilitates the exchange of information between value stores such as financial institutions. It provides a business process catalogue and data dictionary to standardise both the message syntax and semantics for a wide breadth of financial transactions.
  • the payor value store interface component (206) accordingly enables ISO 20022 messages to be transmitted from and received by the transaction processor (130).
  • the transaction processor (130) further includes a transaction request receiving component (208) for receiving a transaction request.
  • the transaction request is received from the payee electronic device, via the payee device interface component (204).
  • the transaction request includes a transaction amount and transaction data.
  • the transaction processor (130) includes a generating component (210) for generating a single- use transaction token.
  • the generating component (210) includes a storing component (212) for storing the generated single-use transaction token.
  • the single-use transaction token is stored in a transaction database in association with a validity period selected from the range between 10 and 180 seconds.
  • the transaction processor (130) further includes a first token transmitting component (214) for transmitting the single-use transaction token to the payee electronic device using the payee device interface component (204).
  • the transaction processor (130) also includes an authentication component (216) for authenticating the single-use transaction token against a received single-use transaction token.
  • the authentication component (216) includes a token receiving component (218) for receiving a single-use transaction token from the payor value store (140), via the payor value store interface component (206), and a comparing component (220) for comparing the received single-use transaction token with the generated single-use transaction token.
  • the authentication component (216) also includes an authentication indication transmitting component (222) for, if the received single-use transaction token matches the generated single- use transaction token, transmitting an authentication indication to the payor value store (140). The authentication indication is transmitted to the payor value store via the payor value store interface component (206)
  • the transaction processor (130) also includes a payment component (224) for, responsive to authenticating the single-use transaction token, initiating a payment from the payor value store to a payee value store.
  • the payment component (224) includes an obtaining component (226) for obtaining account information relating to a financial account of the payee. The details of the financial account of the payee, transaction details and transaction amount are sent to the payor value store (140) together with the authentication indication.
  • the transaction processor (130) also includes a confirmation component (228) for, if the single- use transaction token is authenticated, transmitting a confirmation message to the payee electronic device via, for example, the payee device interface component (204).
  • the payor value store (140) includes a server computer having a processing circuit and memory in which instructions executable by the processing circuit are stored.
  • the payor value store (140) includes a database accessing component (232) for accessing databases and storing information therein and retrieving information therefrom.
  • the payor value store (140) includes a transaction processor interface component (234) which implements ISO 20022 standards and enables ISO 20022 messages to be transmitted to and received from the transaction processor (130).
  • the payor value store (140) also includes a secure interface component (236) which is operable to establish a secure communication channel between the payor value store (140) and a payor electronic device.
  • a mobile application resident on the payor electronic device is used to exchange encryption keys and/or a preregistered fingerprint to establish the secure communication channel.
  • an encryption key exchange performed with the payor electronic device may enable an encrypted channel, for example, a transport layer security (TLS), secure sockets layer (SSL) or other appropriate channel to be established.
  • TLS transport layer security
  • SSL secure sockets layer
  • a preregistered fingerprint securely stored in the mobile application may be used to uniquely identify the payor electronic device.
  • the secure interface component (236) is operable to establish a secure communication channel using unstructured supplementary services data (USSD) with the payor electronic device being uniquely identified using a device identifier (e.g. IMEI or MSISDN) associated therewith. It is further anticipated that the secure communication channel be established using the short messaging service (SMS) protocol, wireless access protocol (WAP) or the like. In some embodiments, the secure interface component (236) may use of a third party authentication service to establish the secure communication channel. In some embodiments, the secure interface component (236) authenticates the payor using one or more of: a password, a personal identification number (PIN), biometric information, a one-time PIN (OTP) sent out of band to another electronic device (e.g. mobile device) of the payor, and the like.
  • a password e.g. password
  • PIN personal identification number
  • OTP one-time PIN
  • the payor value store (140) also includes a first token receiving component (238) for receiving a single-use transaction token from the payor electronic device via the secure interface component (236).
  • the payor value store (140) also includes an identifier obtaining component (240) for obtaining an identifier of the payor electronic device and an account identifying component (242) for using the obtained identifier to identify a financial account associated with the payor.
  • the payor value store (140) further includes an authentication component (244) for authenticating the received single-use transaction token.
  • the authentication component (244) includes a token transmitting component (246) for transmitting the single-use transaction token to the transaction processor (130) and an authentication indication receiving component (247) for receiving, from the transaction processor (130), an authentication indication indicating that the received single-use transaction token matches a single-use transaction token generated at the transaction processor.
  • the payor value store (140) includes a payment component (248) for, responsive to authenticating the single-use transaction token, initiating a payment from the payor value store (140) to a payee value store.
  • the payment component (248) includes a transaction data component (250) for receiving, from the transaction processor, details of the financial account of the payee, a transaction amount and transaction data.
  • the transaction data component (250) receives the transaction data from the transaction processor together with the authentication indication.
  • the payment component (248) also includes a payment initiating component (252) for initiating a payment for the transaction amount in favour of a financial account of the payee.
  • the payor value store (140) further includes a confirmation component (254) for, if the received single-use transaction token is authenticated, transmitting a confirmation message to the payor electronic device.
  • Figure 3 is a swim-lane flow diagram which illustrates one embodiment of a method (300) for conducting a transaction. Respective swim-lanes illustrate stages of the method performed by a payor electronic device (1 10), a payee electronic device (120), a transaction processor (130) and a payor value store (140).
  • a payor may indicate to a payee an interest in making a payment in favour of the payee.
  • the payee may for example be a merchant and the payor may be consumer wishing to purchase goods or services from the payee.
  • the payee electronic device (120) receives a transaction indication together with a transaction amount having been input by the payee.
  • the payee electronic device (120) then generates a transaction request and transmits the transaction request, together with the transaction amount and transaction data, to the transaction processor (130) at a following stage (304).
  • the transaction data at least includes a payee identifier and in this embodiment, the transaction request is sent in a RESTFUL message.
  • the transaction processor (130) then, at a next stage (306), receives the transaction request including the transaction amount and transaction data.
  • payee account information relating to a financial account of the payee is obtained.
  • the payee account information is obtained from a database by querying the database using the received payee identifier.
  • the transaction processor At a further stage (310), the transaction processor generates a single-use transaction token and, at a next stage (312), stores the generated single-use transaction token in a database in association with a validity period, the transaction amount and transaction data.
  • the validity period is any time period selected from, for example, the range between 10 and 180 seconds. In this embodiment, the validity period is 60 seconds.
  • the transaction processor (130) then transmits the single-use transaction token to the payee electronic device (120) at a following stage (314). The token is sent in a RESTFUL message.
  • the payee electronic device (120) receives the token and provides the token for capture by the payor electronic device (1 10) at a following stage (318).
  • Providing the token for capture by the payor electronic device (1 10) may include displaying the token in a human readable format such that the payor can manually enter the token into the payor electronic device; displaying the token in a machine readable format (e.g. a barcode) for capture by the payor electronic device; or transmitting the token via a short-range wireless radio (e.g. NFC).
  • the payor electronic device (1 10) establishes a secure communication channel with the payor value store (140).
  • establishing a secure communication channel establishes a USSD session between the payor electronic device (1 10) and the payor value store.
  • the payor may dial a predefined USSD short-code (e.g. * 1234#).
  • the payor is prompted for a password which is authenticated by the payor value store before the payor is permitted to input the single-use transaction token.
  • establishing a secure communication channel uses a mobile application resident on the payor electronic device which uses encryption keys and a preregistered fingerprint to establish a secure (e.g. SSL or TLS) communication channel.
  • the payor is prompted for a password which is authenticated by the mobile application and/or the payor value store before the payor is permitted to obtain the single- use transaction token.
  • the payor electronic device (1 10) then, at a following stage (320), obtains the token from the payee electronic device (120), either directly (e.g. using optical character recognition (OCR), barcode scanner, NFC, etc.) or via payor input (e.g. the payor keying the token into the payor electronic device).
  • OCR optical character recognition
  • the payor electronic device (1 10) transmits the token to the payor value store via the secure communication channel.
  • the payor value store (140) receives the single-use transaction token from the payor electronic device (1 10).
  • the payor value store (140) obtains an identifier of the payor electronic device (1 10) and, at a next stage (328), uses the identifier to identify a financial account associated with the payor.
  • the payor value store (140) then authenticates the received single-use transaction token, which, in this embodiment, includes a stage (330) of transmitting the single-use transaction token to the transaction processor (130).
  • the token is sent to the transaction processor in an ISO 20022 message.
  • the transaction processor (130) receives the single-use transaction token from the payor value store (140), and, at a following stage (334), compares the received single- use transaction token with the generated single-use transaction token stored thereat. Comparing the received token includes determining whether the received token has been received within the validity period. If the received token has not been received within the validity period, the token will not be authenticated. If (336) the received single-use transaction token matches the generated single-use transaction token, the single-use transaction token is authenticated and an authentication indication is generated for transmission to the payor value store (140). The authentication indication is transmitted to the payor value store (140) at a following stage (338) in an ISO 20022 message which includes the transaction amount and account information relating to the financial account of the payee.
  • the payor value store receives the authentication indication, transaction amount, account information relating to a financial account of the payee from the transaction processor.
  • the payor value store initiates a payment from the financial account of the payor to a payee value store for the transaction amount.
  • the payor value store (140) transmits a confirmation message to the payor electronic device (1 10) and the transaction processor (130).
  • the transaction processor (130) receives the confirmation message from the payor value store (140) and responsive thereto transmits a confirmation message to the payee electronic device (120).
  • Systems and methods for facilitating payments are described herein which do not necessarily rely on traditional cash, credit card, debit card or check infrastructure.
  • the systems and methods enable a consumer to make a payment at any payment terminal using his or her traditional bank account or any digital currency or wallet.
  • the payor's financial account information is not passed on to the payee which obviates the need for the payee to implement stringent data protection standards (e.g. PCI-DSS) and also reduces complexity required of, and in turn cost of, the payee electronic device.
  • Some embodiments of the described systems and methods leverage an existing secure communication channel between the payor value store and the payor electronic device (e.g. between a consumer's mobile phone and the consumer's issuing bank) to provide secure systems and methods for conducting a transaction.
  • FIG 4 illustrates an example of a computing device (500) in which various aspects of the disclosure may be implemented.
  • the computing device (500) may be suitable for storing and executing computer program code.
  • the various participants and elements in the previously described system diagrams may use any suitable number of subsystems or components of the computing device (500) to facilitate the functions described herein.
  • the computing device (500) may include subsystems or components interconnected via a communication infrastructure (505) (for example, a communications bus, a cross-over bar device, or a network).
  • the computing device (500) may include at least one central processor (510) and at least one memory component in the form of computer-readable media.
  • the memory components may include system memory (515), which may include read only memory (ROM) and random access memory (RAM).
  • a basic input/output system may be stored in ROM.
  • System software may be stored in the system memory (515) including operating system software.
  • the memory components may also include secondary memory (520).
  • the secondary memory (520) may include a fixed disk (521 ), such as a hard disk drive, and, optionally, one or more re movable- storage interfaces (522) for removable-storage components (523).
  • the removable-storage interfaces (522) may be in the form of removable-storage drives (for example, magnetic tape drives, optical disk drives, floppy disk drives, etc.) for corresponding removable storage-components (for example, a magnetic tape, an optical disk, a floppy disk, etc.), which may be written to and read by the removable-storage drive.
  • removable-storage drives for example, magnetic tape drives, optical disk drives, floppy disk drives, etc.
  • removable storage-components for example, a magnetic tape, an optical disk, a floppy disk, etc.
  • the removable-storage interfaces (522) may also be in the form of ports or sockets for interfacing with other forms of removable-storage components (523) such as a flash memory drive, external hard drive, or removable memory chip, etc.
  • the computing device (500) may include an external communications interface (530) for operation of the computing device (500) in a networked environment enabling transfer of data between multiple computing devices (500). Data transferred via the external communications interface (530) may be in the form of signals, which may be electronic, electromagnetic, optical, radio, or other types of signal.
  • the external communications interface (530) may enable communication of data between the computing device (500) and other computing devices including servers and external storage facilities. Web services may be accessible by the computing device (500) via the communications interface (530).
  • the external communications interface (530) may also enable other forms of communication to and from the computing device (500) including, voice communication, near field communication, Bluetooth, etc.
  • the computer-readable media in the form of the various memory components may provide storage of computer-executable instructions, data structures, program modules, and other data.
  • a computer program product may be provided by a computer-readable medium having stored computer-readable program code executable by the central processor (510).
  • a computer program product may be provided by a non-transient computer-readable medium, or may be provided via a signal or other transient means via the communications interface (530).
  • Interconnection via the communication infrastructure (505) allows a central processor (510) to communicate with each subsystem or component and to control the execution of instructions from the memory components, as well as the exchange of information between subsystems or components.
  • Peripherals such as printers, scanners, cameras, or the like
  • input/output (I/O) devices such as a mouse, touchpad, keyboard, microphone, or the like
  • I/O controller 535
  • These components may be connected to the computing device (500) by any number of means known in the art, such as a serial port.
  • One or more monitors (545) may be coupled via a display or video adapter (540) to the computing device (500).
  • FIG. 5 shows a block diagram of a communication device (600) that may be used in embodiments of the disclosure.
  • the communication device (600) may be a cell phone, a feature phone, a smart phone, a satellite phone, or a computing device having a phone capability.
  • the communication device (600) may include a processor (605) (e.g., a microprocessor) for processing the functions of the communication device (600) and a display (620) to allow a user to see the phone numbers and other information and messages.
  • the communication device (600) may further include an input element (625) to allow a user to input information into the device (e.g., input buttons, touch screen, etc.), a speaker (630) to allow the user to hear voice communication, music, etc., and a microphone (635) to allow the user to transmit his or her voice through the communication device (600).
  • the processor (610) of the communication device (600) may connect to a memory (615).
  • the memory (615) may be in the form of a computer-readable medium that stores data and, optionally, computer-executable instructions.
  • the communication device (600) may also include a communication element (640) for connection to communication channels (e.g., a cellular telephone network, data transmission network, Wi-Fi network, satellite-phone network, Internet network, Satellite Internet Network, etc.).
  • the communication element (640) may include an associated wireless transfer element, such as an antenna.
  • the communication element (640) may include a subscriber identity module (SIM) in the form of an integrated circuit that stores an international mobile subscriber identity and the related key used to identify and authenticate a subscriber using the communication device (600).
  • SIM subscriber identity module
  • One or more subscriber identity modules may be removable from the communication device (600) or embedded in the communication device (600).
  • the communication device (600) may further include a contactless element (650), which is typically implemented in the form of a semiconductor chip (or other data storage element) with an associated wireless transfer element, such as an antenna.
  • the contactless element (650) may be associated with (e.g., embedded within) the communication device (600) and data or control instructions transmitted via a cellular network may be applied to the contactless element (650) by means of a contactless element interface (not shown).
  • the contactless element interface may function to permit the exchange of data and/or control instructions between mobile device circuitry (and hence the cellular network) and the contactless element (650).
  • the contactless element (650) may be capable of transferring and receiving data using a near field communications (NFC) capability (or near field communications medium) typically in accordance with a standardized protocol or data transfer mechanism (e.g., ISO 14443/NFC).
  • NFC near field communications
  • Near field communications capability is a short-range communications capability, such as radio- frequency identification (RFID), Bluetooth, infra-red, or other data transfer capability that can be used to exchange data between the communication device (600) and an interrogation device.
  • RFID radio- frequency identification
  • Bluetooth infra-red
  • the communication device (600) may be capable of communicating and transferring data and/or control instructions via both a cellular network and near field communications capability.
  • the data stored in the memory (615) may include: operation data relating to the operation of the communication device (600), personal data (e.g., name, date of birth, identification number, etc.), financial data (e.g., bank account information, a bank identification number (BIN), credit or debit card number information, account balance information, expiration date, loyalty provider account numbers, etc.), transit information (e.g., as in a subway or train pass), access information (e.g., as in access badges), etc.
  • a user may transmit this data from the communication device (600) to selected receivers.
  • the communication device (600) may be, amongst other things, a notification device that can receive alert messages and access reports, a portable merchant device that can be used to transmit control data identifying a discount to be applied, as well as a portable consumer device that can be used to make payments.
  • the software components or functions described in this application may be implemented as software code to be executed by one or more processors using any suitable computer language such as, for example, Java, C++, or Perl using, for example, conventional or object-oriented techniques.
  • the software code may be stored as a series of instructions, or commands on a non- transitory computer-readable medium, such as a random access memory (RAM), a read-only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such computer-readable medium may also reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.
  • a software module is implemented with a computer program product comprising a non-transient computer-readable medium containing computer program code, which can be executed by a computer processor for performing any or all of the steps, operations, or processes described.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention concerne un système et un procédé pour mener une transaction, menées au niveau d'un processeur de transaction, comprenant les étapes suivantes : réception d'une demande de transaction, la demande de transaction comprenant un montant de transaction et des données de transaction ; génération d'un jeton de transaction à usage unique ; transmission du jeton de transaction à usage unique à un dispositif électronique de bénéficiaire associé à une entité bénéficiaire ; authentification du jeton de transaction à usage unique par rapport à un jeton de transaction à usage unique reçu, le jeton de transaction à usage unique reçu ayant été reçu au niveau d'un magasin de valeurs de payeur de la part d'un dispositif électronique du payeur par le biais d'un canal de communication sécurisé entre le dispositif électronique du payeur et le magasin de valeurs de payeur ; et, en réponse à l'authentification du jeton de transaction à usage unique, initiation d'un paiement depuis le magasin de valeurs de payeur vers un magasin de valeurs de bénéficiaire.
PCT/IB2016/054041 2015-07-07 2016-07-06 Système et procédé pour mener une transaction WO2017006256A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA2015/04865 2015-07-07
ZA201504865 2015-07-07

Publications (1)

Publication Number Publication Date
WO2017006256A1 true WO2017006256A1 (fr) 2017-01-12

Family

ID=57685303

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2016/054041 WO2017006256A1 (fr) 2015-07-07 2016-07-06 Système et procédé pour mener une transaction

Country Status (2)

Country Link
WO (1) WO2017006256A1 (fr)
ZA (1) ZA201600809B (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109949155A (zh) * 2017-12-20 2019-06-28 万事达卡国际公司 用于经由区块链的基于信任的支付的方法和系统
US11093649B2 (en) 2019-02-21 2021-08-17 The Toronto-Dominion Bank Enforcing restrictions on cryptographically secure exchanges of data using permissioned distributed ledges

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6908030B2 (en) * 2001-10-31 2005-06-21 Arcot Systems, Inc. One-time credit card number generator and single round-trip authentication
US20140149293A1 (en) * 2010-04-09 2014-05-29 Kevin Laracey Transaction token issuing authorities
US20140372308A1 (en) * 2013-06-17 2014-12-18 John Sheets System and method using merchant token

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6908030B2 (en) * 2001-10-31 2005-06-21 Arcot Systems, Inc. One-time credit card number generator and single round-trip authentication
US20140149293A1 (en) * 2010-04-09 2014-05-29 Kevin Laracey Transaction token issuing authorities
US20140372308A1 (en) * 2013-06-17 2014-12-18 John Sheets System and method using merchant token

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109949155A (zh) * 2017-12-20 2019-06-28 万事达卡国际公司 用于经由区块链的基于信任的支付的方法和系统
US11715099B2 (en) 2017-12-20 2023-08-01 Mastercard International Incorporated Method and system for trust-based payments via blockchain
CN109949155B (zh) * 2017-12-20 2023-09-22 万事达卡国际公司 用于经由区块链的基于信任的支付的方法和系统
US11093649B2 (en) 2019-02-21 2021-08-17 The Toronto-Dominion Bank Enforcing restrictions on cryptographically secure exchanges of data using permissioned distributed ledges

Also Published As

Publication number Publication date
ZA201600809B (en) 2017-05-31

Similar Documents

Publication Publication Date Title
AU2017203373B2 (en) Provisioning payment credentials to a consumer
US11810085B2 (en) Processing financial transactions
US11176536B2 (en) Token generating component
CN105531733B (zh) 使得支付能够仅由一个商家处理
US20150324764A1 (en) Enabling a User to Transact Using Cryptocurrency
US20140289130A1 (en) Secure remotely configurable point of sale terminal
US10489565B2 (en) Compromise alert and reissuance
CN113015992B (zh) 多个令牌的云令牌预配
US10748134B2 (en) System and method for management of payee information
US20220291979A1 (en) Mobile application integration
WO2017006256A1 (fr) Système et procédé pour mener une transaction
CA2919323C (fr) Systeme et procede de production de justificatifs d'identite de paiement
US10504113B2 (en) Method and apparatus for providing pre-certification for chip card mobile merchant payments
WO2016046765A1 (fr) Systèmes et procédés destinés à la vérification d'un enregistrement d'identité
US20190156334A1 (en) System and method for providing anonymous payments
KR101049555B1 (ko) 무매체 금융거래 방법, 자동화기기 및 이를 위한 프로그램 기록매체
AU2017101240A4 (en) Multi bank, multi-currency and multi- country platform and system for executing bank and terminal agnostic cardless cash withdrawal transaction utilising issuing platform for configurable and adaptable multi-factor secure transaction authentication/verification.
WO2019171288A1 (fr) Transactions financières basées sur une communication sans contact
EP4176402A1 (fr) Traitement de jeton comprenant une annulation sélective de segmentation en jetons pour des interactions de dispositif d'accès basées sur la proximité

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16820929

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16820929

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16820929

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 18.07.2018)

122 Ep: pct application non-entry in european phase

Ref document number: 16820929

Country of ref document: EP

Kind code of ref document: A1