WO2018234882A1

WO2018234882A1 - A system and method for conducting a transaction

Info

Publication number: WO2018234882A1
Application number: PCT/IB2018/053407
Authority: WO
Inventors: Angus Bernhardt Pohl
Original assignee: Angus Bernhardt Pohl
Priority date: 2017-05-16
Filing date: 2018-05-16
Publication date: 2018-12-27

Abstract

A system and method for conducting a transaction are provided, in a method at a transaction terminal device (102), consumer identifier data is received as an input, the consumer identifier data being uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device (102). An authentication request is transmitted to a remote server (104), the authentication request including the consumer identifier data and requesting validation of the consumer identifier data. In response to the remote server (104) validating the consumer identifier data, an encryption key uniquely associated with the consumer identifier data is received. A transaction request message having a payload including the consumer identifier data and an amount associated with the transaction is generated. The payload of the transaction request message is encrypted using the encryption key. The transaction request message is transmitted to the remote server (104) for processing the transaction.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority from United States provisional patent application number 82/506,643 filed on 16 May 2017, which is incorporated by reference herein,

FIELD OF THE INVENTION

The invention relates to a system and method for conducting a transaction, BACKGROUND TO THE INVENTION Current payment systems using card-based transaction terminals are typically limited to processing just one type of transaction at a time, for example either so-called "fiat money" payments (being payments using a currency without intrinsic value that has been established as money, often by government regulation) or a "loyalty" transaction which typically uses loyalty points accumulated by a consumer from a particular merchant and which can be spent with the particular merchant.

While some such terminals may be enabled for near field communication (NFC) based transactions, these terminals can be expensive to acquire and may incur high transaction costs to the detriment of the merchant. This high cost may be in part due to complexity added to such terminals to allow them to meet the Payment Card Industry Data Security Standards (PCi DSS), which specify rules for handling sensitive consumer data. Despite the stringent requirements imposed on such terminals by the PCI DSS, current payment systems may still be susceptible to fraud, in the case of mobile handset-based NFC payments, compatibility issues may hamper adoption.

From the perspective of consumers, current payment systems may require consumers to carry around either their wallets or a suitable smart phone to transact, and, where loyalty benefits are to be taken advantage of, often require the presentation of more than one card (e.g. one for loyalty and one for payment). The effect of this may be increased friction experienced by the consumer in transacting and may also increase transaction times and in turn lead to longer queues and the like.

There is accordingly scope for improvement. The preceding discussion of the background to the invention is intended only to facilitate an understanding of the present invention. It should be appreciated that the discussion is not an acknowledgment or admission that any of the material referred to was part of the common general knowledge in the art as at the priority date of the application,

SUMMARY OF THE INVENTION

In accordance with an aspect of the invention, there is provided a computer-implemented method conducted at a transaction terminal device, comprising: receiving consumer identifier data as an input into the transaction terminal device, the consumer identifier data being uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device; transmitting an authentication request to a remote server, the authentication request including the consumer identifier data and requesting validation of the consumer identifier data; in response to the remote server validating the consumer identifier data, receiving, from the remote server, an encryption key uniquely associated with the consumer identifier data; generating a transaction request message having a payload including the consumer identifier data and an amount associated with the transaction; encrypting at least the payload of the transaction request message using the encryption key; and, transmitting the transaction request message including the encrypted payload for processing the transaction by a transaction processing module.

A further feature provides for transmitting the transaction request message for processing the transaction by a transaction processing module to include transmitting the transaction request message to the remote server for on-forwarding to the transaction processing module.

Further features provide for receiving the consumer identifier data to include receiving one or both of biometric data uniquely linked to the consumer and a passcode; for the biometric data to include the output of a hash function, the output of the hash function having been generated by performing a hash operation on raw biometric data obtained directly from the consumer; for the biometric data to be received via a biometric reader module. The passcode may be received via a keypad.

A still further feature provides for the encryption key to a public key of a public private key pair uniquely associated with the consumer identifier data. Yet further features provide for one or more of the consumer identifier data, amount, encryption key, authentication request message and transaction request message to be stored temporarily in a dedicated memory module and for the method to include purging the dedicated memory module after transmitting the transaction request message.

A further feature provides for the method to include receiving a confirmation message confirming processing of the transaction,

A yet further feature provides for the method to include: receiving, from the remote server, a payment service selection prompt requesting selection by the consumer of a payment service uniquely associated with the consumer identifier data; displaying the prompt to the consumer via a display; receiving a consumer payment service selection; and, transmitting the consumer payment service selection to the remote server. in accordance with a further aspect of the invention, there is provided a computer-implemented method conducted at a server computer, comprising: receiving an authentication request from a transaction terminal device, the authentication request including consumer identifier data uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device, the authentication request requesting validation of the consumer identifier data; validating the consumer identifier data against a consumer authentication record; if the consumer identifier data is valid, accessing an encryption key uniquely associated with the consumer identifier data; transmitting the encryption key to the transaction terminal device; receiving, from the transaction terminal device, a transaction request message including an encrypted payload, the encrypted payload including the consumer identifier data and an amount associated with the transaction and having been encrypted by the transaction terminal device using the encryption key; and, forwarding the transaction request message to a transaction processing module for decryption of the encrypted payload and processing of the transaction.

Further features provide for the consumer identifier data to include one or both of biometric data uniquely linked to the consumer and a passcode; and for validating the consumer identifier data to include one or both of using the biometric data to identify the consumer authentication record and validating the passcode against a passcode stored in association with the biometric data in the consumer authentication record. Still further features provide for the transaction processing module to have access to a consumer account record and a decryption key corresponding to the encryption key, and for the method to include the transaction processing module decrypting the encrypted payload using the decryption key and processing the transaction against consumer account data stored in the consumer account record; for the encryption key to be a public key and for the decryption key to be a corresponding private key of a public private key pair uniquely associated with the consumer identifier data, for the encryption key to be stored in the consumer authentication record and for the decryption key to be stored in the transaction processing module.

Yet further features provide for the transaction processing module to be one or both of a physically and logically separated module, and for the consumer account record to be stored in the transaction processing module; for the consumer account data to include one or both of payment card data and wallet service data usable in conducting a financial transaction against a financial account associated with the consumer; and for the transaction processing module to be one of a subset of transaction processing modules, each transaction processing module being associated with a different geographical area and being a mirror of the other transaction processing modules. in accordance with a further aspect of the invention, there is provided a system including a transaction terminal device comprising: a processor and a memory configured to provide computer program instructions to the processor to execute functions of components; a consumer identifier data receiving component for receiving consumer identifier data as an input into the transaction terminal device, the consumer identifier data being uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device; an authentication request transmitting component for transmitting an authentication request to a remote server, the authentication request including the consumer identifier data and requesting validation of the consumer identifier data; an encryption key receiving component for, in response to the remote server validating the consumer identifier data, receiving, from the remote server, an encryption key uniquely associated with the consumer identifier data; a transaction request message generating component for generating a transaction request message having a payioad including the consumer identifier data and an amount associated with the transaction; an encryption component for encrypting at least the payioad of the transaction request message using the encryption key; and, a transaction request message transmitting component for transmitting the transaction request message including the encrypted payioad for processing the transaction by a transaction processing module.

In accordance with a further aspect of the invention, there is provided a system including a remote server comprising: a processor and a memory configured to provide computer program instructions to the processor to execute functions of components; an authentication request receiving component for receiving an authentication request from a transaction terminal device, the authentication request including consumer identifier data uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device, the authentication request requesting validation of the consumer identifier data; a validating component for validating the consumer identifier data against a consumer authentication record; an accessing component for, if the consumer identifier data is valid, accessing an encryption key uniquely associated with the consumer identifier data; an encryption key transmitting component for transmitting the encryption key to the transaction terminal device; a transaction request message receiving component for receiving, from the transaction terminal device, a transaction request message including an encrypted payload, the encrypted payload including the consumer identifier data and an amount associated with the transaction and having been encrypted by the transaction terminal device using the encryption key; and, a forwarding component for forwarding the transaction request message to a transaction processing module for decryption of the encrypted payload and processing of the transaction, in accordance with a further aspect of the invention, there is provided a computer program product comprising a computer-readable medium having stored computer-readable program code for performing the steps of: receiving consumer identifier data as an input into the transaction terminal device, the consumer identifier data being uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device; transmitting an authentication request to a remote server, the authentication request including the consumer identifier data and requesting validation of the consumer identifier data; in response to the remote server validating the consumer identifier data, receiving, from the remote server, an encryption key uniquely associated with the consumer identifier data; generating a transaction request message having a payload including the consumer identifier data and an amount associated with the transaction; encrypting at least the payload of the transaction request message using the encryption key; and, transmitting the transaction request message including the encrypted payload for processing the transaction by a transaction processing module. In accordance with a further aspect of the invention, there is provided a computer program product comprising a computer-readable medium having stored computer-readable program code for performing the steps of: receiving an authentication request from a transaction terminal device, the authentication request including consumer identifier data uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device, the authentication request requesting validation of the consumer identifier data; validating the consumer identifier data against a consumer authentication record; if the consumer identifier data is valid, accessing an encryption key uniquely associated with the consumer identifier data; transmitting the encryption key to the transaction terminal device; receiving, from the transaction terminal device, a transaction request message including an encrypted payload, the encrypted payload including the consumer identifier data and an amount associated with the transaction and having been encrypted by the transaction terminal device using the encryption key; and, forwarding the transaction request message to a transaction processing module for decryption of the encrypted payload and processing of the transaction.

Further features provide for the computer-readable medium to be a non-transitory computer- readable medium and for the computer-readable program code to be executable by a processing circuit.

Embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings. BRIEF DESCRIPTION OF THE DRAWINGS

In the drawings:

Figure 1 is a schematic diagram which illustrates an exemplary system (100) for conducting a transaction;

Figure 2 is a swim-lane flow diagram which illustrates an exemplary method for conducting a transaction;

Figure 3 is a flow diagram which illustrates an exemplary method for conducting a transaction at a transaction processing module according to aspects of the present disclosure;

Figure 4 is a block diagram which illustrates exemplary components which may be provided by a system for conducting a transaction; and,

Figure 5 illustrates an example of a computing device in which various aspects of the disclosure may be implemented. DETAILED DESCRIPTION WITH REFERENCE TO THE DRAWINGS Aspects of the present disclosure are directed towards a transaction-agnostic terminal which may incorporate a physical touch terminal configured to capture end-user data such as a fingerprint and secret passcode (such as a PIN), merchant entered data, etc.. and transmit it to a dedicated cloud transaction management platform on behalf of participants as a transaction request. The cloud transaction management platform may in turn be configured to host participant related data and receive and process transaction requests on behalf of said participants, in a manner that enables them to settle transactions directly amongst one another.

Figure 1 is a schematic diagram which illustrates an exemplary system (100) for conducting a transaction. The system may include a plurality of transaction terminal devices (102) and a plurality of remote servers (104). There may for example be one remote server for each of a number of predefined geographical areas, for example one remote server per country. Each remote server may be connected to a plurality of transaction terminal devices located in the same predefined geographical area. For example, the transaction terminal device in a particular country may be connected to the remote server associated with that particular country. The system (100) may also include one or more third party service providers (108), such as financial institutions, wallet service providers, cryptocurrency wallet services providers and the like.

The transaction terminal devices communicate with the associated remote server by way of an appropriate communication network, such as the Internet. Each remote server may be in communication with the other remote servers by way of an appropriate communication network, which may also be the Internet. Communication via the communication networks may be secured. For example, in some implementations, secure communication channels between the remote servers and respective transaction terminal devices, between the remote server and third party service providers, and between the remote server and end-user devices (e.g. consumer and operator) may be provided. The secure communication channels may be achieved by way of end-to-end firewailed encryption (e.g. using TLS or SSL), or the like.

Aspects of the disclosure provide for the communication of transaction related data between a transaction terminal device, its associated remote server and an external service provider. In some implementations, a centralised communication network may be provided, where for example a transaction terminal device is connected by, for example, GSM radio, to the associated remote server on the front-end in real time. Other participants, (such as consumers and third party service providers) may be connected to the associated remote server on the back-end by API, web portal, mobile application and the like. In other implementations, a hybrid network infrastructure may be utilised in which a transaction terminal device on the front-end is connected by GSM radio, etc., to the associated remote server in real time, and the remote server is connected to other remote servers by way of a distributed (optionally peer-to-peer) network (e.g. a blockchain- or hashgraph-based network). in the hybrid network infrastructure, the transaction terminal device may also be connected on the front-end by GSM Radio, etc., to the associated remote server in real time via a virtual distributed (optionally peer-to-peer) network within the associated remote server. Other participants (e.g. consumers and third party service providers) may be directly connected to the associated remote server and/or the distributed network on the back-end by API , web portal or mobile application. in other implementations, a distributed network infrastructure may be utilised in which the transaction terminal device on the front-end is connected, e.g. by GSM radio, to a distributed (optionally peer-to-peer) network and other participants (e.g. consumers and third party service providers) are connected to the same distributed network on the back-end by APS, web portal, mobile application or the like.

Each remote server (104) may be provided a suitable computing device configured to perform a server role. Each remote server (104) may be a cloud-based or distributed server computer and the exact geographical location (or locations) at which the server is located may be irrelevant for the purposes of the described system and method (except in that each remote server may be associated with a predefined geographical area). Each remote server (104) may host or provide a cloud transaction management platform (CTMP). The CTMP may interface with the transaction terminal devices. The CTMP may be configured for managing and communicating transaction requests on behalf of service providers, enabling them to settle transactions directly amongst one another. The CTMP may provide transaction emulation, which may enable virtualisation of transaction terminal devices, cards and biockchains or the like. The CTMP may facilitate network connection of the transaction terminal devices (front-end) to the CTMP, and the CTMP to 3rd party participants on the back-end by one of a centralised, distributed or hybrid network. The CTMP may be configured to provide platform security for secure data storage and protecting data communicated between the transaction terminal devices, the CTMP and third party participants. The CTMP may be configured to provide data management, enabling the collection, storage and analysis of consumer related data, and may utilise artificial intelligence / machine learning to improve efficiencies of targeted marketing campaigns, end-user preferences control and the like. The CTMP may be configured for the management of user privacy, for example through the use of unique algorithm generated fingerprint hash codes and public and private keys to engage consumers instead of personal names or the like.

Each remote server (104) may have access to a consumer authentication database (108) in which a consumer authentication record may be stored for each consumer registered to make use of the system and method. Each consumer authentication record may store one or more of: consumer identifier data, an encryption key which is uniquely linked to the consumer identifier data and/or the consumer, payment service selection data (e.g. a list of payment services linked to the consumer and by way of which the consumer can make payments).

Each remote server (104) may also provide or have access to a transaction processing module. The transaction processing module may be hosted by a physical or virtual server computer which is one or both of physically and logically separated from the remote server. The server computer may for example be separated from the remote server by way of a firewall or the like. The transaction processing module may have access to a consumer account database (1 12) in which a consumer account record is stored for each registered consumer. The consumer account database may be stored on the separated server computer. The consumer account record may store one or more of: a decryption key corresponding to the encryption key (and which may be a private key of a public private key pair), consumer account data associated with one or more financial accounts and optionally other personal information of the consumer (know-your-consumer information, transaction history, a consumer profile detailing transaction habits, etc. and the like). The transaction processing module may have access to the consumer account records and hence the decryption key corresponding to the encryption key. The consumer account data may include one or both of payment card data and wallet service data (including, for example, cryptocurrency wallet service data) usable in conducting a financial transaction against a financial account associated with the consumer. Access may be limited to the end-user's authentication data in association with the end-users public keys in order to identify a consumers account. In some implementations, each remote server (104) has access to its own CTMP and associated transaction processing module. The system (100) may thus include a plurality of CTMPs, each CTMP being associated with a different geographical area. The CTMPs may be configured to mirror each other, such that each CTMP stores the same data. The data may be mirrored using an open, distributed ledger, for example using biockchain technology, hashgraph technology or the like. Transaction terminal devices may stiii connect to their associated remote server (or CTMP), but each remote server is connected to other remote servers by way of a suitable distributed network. Connecting various remote servers through distributed networks may enable efficient synchronization of the various databases of different regions so that when traveling to other countries consumers will not be required to re-register but may simply proceed to seamlessly use the relevant transaction terminal device to transact as they would do so when at home.

Each transaction terminal device (102) may be provided by an appropriately configured computing device capable of communicating with an associated remote server (104) via a communication network. In some implementations, transaction terminal devices may be mobile or portable electronic devices. The transaction terminal devices may be purpose-built devices. Each transaction terminal device may be a physical device and may be configured to connect to and communicate with the CTMP and/or a physical point of sale device associated with a merchant.

Each transaction terminal device may include a user data entry component including, for example, a biometric reading module configured to capture a consumer's biometric data (such as a fingerprint). In some implementations, the biometric reading module may be configured to generate a hash or similar irreversible obfuscation of the raw biometric data every time the biometric data is obtained, and may be configured to purge any record of the raw or hashed biometric data. The user data entry component may further include a keyboard, such as a software-based keyboard on a touch screen or the like, for a consumer to enter information, such as a secret passcode, a mobile handset number, transaction related data and the like. The user data entry component may further include a contactless data input component for inputting data into the transaction terminal device using a contactless communication technique, such as by way of a graphical code, near field communication, near sound communication or the like.

Each transaction terminal device may include a wired or wireless connection to a point of sale device (e.g. cash register) enabling a merchant to enter transaction related data into the transaction terminal device directly from the point of sale device. Each transaction terminal device may include dedicated (or closed loop) hardware configured to provide transaction terminal functionality, which hardware may be exclusively connected to the CTMP. Each transaction terminal device may further include dedicated (or closed loop) software configured to provide transaction terminal functionality, which software may be exclusively connected to the CTMP. Each transaction terminal device may be configured to accept consumer related identifiers such as fingerprints (or other biometric data), mobile handset numbers (or other unique identifiers) and secret passcodes to authenticate a transaction in association with merchant inputs, and to communicate said data to the CTMP as a request for a transaction to be processed by participating third party service providers plugged in on the back-end, directly amongst one another. The system may further include mobile handsets of one or more consumers who are registered to make use of the system. The mobile handsets may be provided by any suitable communication device capable of communicating with the remote server via a communication network, such as a mobile phone (smart phone or feature phone), tablet computer, wearable computing device or the like. The mobile handsets may be configured to exchange data and/or information with the remote servers via the communication networks. In some cases, communications may be directed to the mobile handsets by way of a mobile handset number or other unique identifier.

The system (100) described above may implement a method for conducting a transaction. An exemplary method for conducting a transaction is illustrated in the flow diagrams of Figures 2 and 3, of which Figure 2 is a swim-lane flow diagram in which respective swim-lanes delineate steps, operations or procedures performed by respective entities or devices.

The method may be implemented in the context of a consumer conducting a transaction with a merchant. The transaction may be financial transaction in which the consumer purchases goods or services from the merchant in exchange for a monetary value. The transaction may thus be associated with an amount which the consumer pays to the merchant in exchange for the goods and/or services. While physically present at the merchant, the consumer may provide consumer identifier data to a transaction terminal device physically located at the merchant. The consumer identifier data may include one or more of a unique identification number (e.g. a globally unique identifier) assigned to the consumer upon registration; biometric data (such as a fingerprint, thumbprint, facial recognition data, etc.); a mobile handset number; a passcode (e.g. PIN, password, etc.) and the like.

The consumer may input the consumer identifier data into the transaction terminal device (102) using a user data entry component associated therewith. The consumer may for example input a unique identification number stored in his or her mobile handset (e.g. mobile phone) using a contactless communication technique (e.g. using graphical codes, near field communication or the like). The consumer may also input raw biometric data via a biometric reading module. The consumer may input a secret passcode via a keypad. The transaction terminal device (102) may receive (202) the consumer identifier data input into the transaction terminal device (102). The consumer identifier data may be input via the user data entry component and may be uniquely associated with the consumer. Receiving (202) the consumer identifier data may include receiving one or both of biometric data uniquely linked to the consumer and a passcode. In some implementations, the biometric data may include or be in the form of the output of a hash function. The output of the hash function may for example have been generated by performing a hash operation on raw biometric data obtained directly from the consumer. The biometric data may be received via a biometric reader module (which may be configured to perform the hash operation) and the passcode may be received via a keypad. Sn other implementations, the consumer may input a portion of the consumer identifier data into the transaction terminal device and the remaining portion of the consumer identifier data into a mobile handset associated with the consumer. The transaction terminal device (102) may transmit (204) an authentication request to a remote server (104). The authentication request may be transmitted to a remote server associated with the transaction terminal device (e.g. a remote server associated with a geographical area in which the transaction terminal device is physically located). The authentication request may include and request validation of the consumer identifier data. In some implementations, the authentication request may include a merchant identifier which uniquely identifies the merchant.

The remote server (104) may receive (206) the authentication request from the transaction terminal device (102). The remote server (104) may validate (208) the consumer identifier data against a consumer authentication record. In some implementations, validating (208) the consumer identifier data may include using the biometric data to identify the consumer authentication record and validating the passcode against a passcode stored in association with the biometric data in the consumer authentication record. In other implementations, where for example the consumer identifier data includes a unique identification number, the unique identification number may be used to identify the consumer authentication record and one or both of biometric data and the passcode may be validated against respective biometric data and passcode records stored in the consumer authentication record. In some implementations, validating (208) the consumer identifier data may include identifying a mobile handset associated with the consumer authentication record and transmitting an authentication validation request to the mobile handset. The authentication validation request may be transmitted to the mobile handset via an appropriate communication network, and may for example take the form of a push notification, USSD message or the like. The authentication validation request may request the consumer to validate his or her identity by inputting consumer identifier data (e.g. a secret passcode) into the mobile handset for transmission to and validation by the remote server. The remote server may receive the consumer identifier data from the mobile handset and may validate the received data against data stored in the consumer authentication record.

If (210) the consumer identifier data is valid, the remote server (104) may access (21 1 ) an encryption key uniquely associated with the consumer identifier data. Accessing the encryption key may include accessing an encryption key stored in the consumer authentication record. The encryption key may be a public key of a public private key pair which may be uniquely associated with the consumer identifier data. Thus each registered user of the system may have his or her own unique encryption key associated therewith and by way of which sensitive information may be encrypted.

In some implementations, the remote server (104) may access (212) payment service data stored in the consumer authentication record. The remote server (104) may generate (214) and transmit a payment service selection prompt to the transaction terminal device which requests selection by the consumer of a payment service by way of which the consumer wishes to make payment in respect of the transaction. The payment service data may for example be a list of payment services which the consumer has registered or linked with the system and by way of which the consumer can make payments in favour of the merchant. The payment service selection prompt may be configured to prompt the consumer to select one of the registered or linked payment services by way of which the pending transaction will be funded.

The remote server (104) may transmit (216) the encryption key to the transaction terminal device (102). In some implementations, the payment service selection prompt may be transmitted (216) to the transaction terminal device together with the encryption key.

The transaction terminal device (102) may receive (218) the encryption key from the remote server (104). The encryption key may be received in response to the remote server validating the consumer identifier data successfully. In some implementations, the transaction terminal device (102) may receive (220) a payment service selection prompt from the remote server. The payment service selection prompt may request selection by the consumer of a payment service uniquely associated with the consumer identifier data and may be received from the remote server together with the encryption key. The transaction terminal device may display (222) the prompt to the consumer via a display associated therewith and may receive a consumer payment service selection, which may be transmitted to the remote server (104).

The transaction terminal device (102) may receive (224) transaction related data. The transaction related data may be received via the user data entry component (e.g. via the keypad) or from a point of sale device connected to the transaction terminal device. The transaction related data may include an amount associated with the transaction (e.g. a purchase price), details of the goods/services to which the transaction relates and the like.

The transaction terminal device (102) may generate (226) a transaction request message. Generating the transaction request message may include compiling a payioad of the transaction request message. The payioad may include the consumer identifier data and transaction related data, such as the amount associated with the transaction. In some implementations, the payioad may include the consumer payment service selection, being an indication of the payment service which the consumer wishes to use to fund the transaction. The payioad may further include a merchant identifier. The transaction terminal device (102) may encrypt (228) at least the payioad of the transaction request message using the encryption key. As mentioned, the encryption key may be a public key of a public private key pair and encrypting the payioad may have the effect that the encrypted payioad can only be decrypted using the corresponding private key. In other words, it may be impossible for practical purposes to decrypt or otherwise decipher the contents of the encrypted payioad without the corresponding private key.

The transaction terminal device (102) may transmit (230) the transaction request message including the encrypted payioad for processing the transaction. Transmission may be to the remote server (104) or directly to a transaction processing module. In some implementations, the transaction request message may include a merchant identifier which uniquely identifies the merchant. The merchant identifier may be linked to merchant financial account data stored at the remote server and via which payments may be made in favour of the merchant, in some cases the merchant identifier may directly identify a financial account via which payments can be pushed (e.g. a bank card primary account number, cryptocurrency address, etc.). In such a case, the merchant identifier may be a transaction terminal device identifier (in that it is uniquely linked to the device). It should be appreciated that in some implementations, the transaction terminal device (102) may have a memory module which is dedicated to the temporary storage of transaction data. For example one or more of the consumer identifier data, transaction related data (e.g. the amount), encryption key, authentication request message and transaction request message may be stored temporarily in the dedicated memory module. \n such an implementation, the transaction terminal device may purge (232) the dedicated memory module of all transaction data after transmitting the transaction request message. Purging the dedicated memory module may have the effect of permanently erasing the data stored therein such that it is not capable of being recovered from the dedicated memory module at a later date. The dedicated memory module is thus configured to store temporarily any data relating to a particular transaction such that this data is known to the transaction terminal device for the duration of the particular transaction only. The transaction terminal device may purge (232) the dedicated memory module immediately after transmitting the transaction request message (e.g. within a few milliseconds or less).

The remote server (104) may receive (240) the transaction request message including the encrypted payload from the transaction terminal device (102).

The above steps or operations delineated as being performed by the remote server may be performed by a consumer authentication module of the remote server (104). The remote server (104) may further include a transaction processing module which may be one or both of logically and physically separated from the consumer authentication module.

The remote server (104) may forward (242) the transaction request message to a transaction processing module for decryption of the encrypted payload and processing of the transaction. This may include forwarding the transaction request message from the consumer authentication module to the transaction processing module.

Referring now to Figure 3, the transaction processing module may periodically synchronise (260) consumer account records maintained thereat with other transaction processing modules, for example transaction processing modules associated with remote servers linked to other geographical areas. Synchronising (260) of the consumer account records may include using distributed ledger-based technology (e.g. blockchain or hashgraph based technology) to implement a peer-to-peer distributed ledger of consumer account records. The use of distributed ledger-based technology may enable synchronisation of data in close to real time as immutable data not requiring re-registration in other regional territories, so that consumers my seamlessly continue using associated terminals wherever they may be located. The transaction processing module may receive (262) the transaction request message including the encrypted payioad. In some implementations, the message may be received from the remote sever or in particular from the consumer authentication module. In other implementations, the transaction processing module may receive the message from the transaction terminal device.

The transaction processing module may identify (264) the consumer account record associated with the transaction request message. The transaction request message may for example include an identifier which links the transaction request message to the consumer account record.

The transaction processing module may access (266) a decryption key stored in the consumer account record and which corresponds to the encryption key which was used to encrypt the encrypted payioad. As mentioned, the decryption key may be a private key corresponding to a public key having been used to encrypt the encrypted payioad.

The transaction processing module may use the decryption key to decrypt (268) the encrypted payioad and output the decrypted payioad. As mentioned, the payioad may include one or more of the consumer identifier data, transaction related data, the consumer payment service selection, merchant identifier and the like.

The transaction processing module may use the payioad to process the transaction. This may include the transaction processing module generating (270) a payment instruction message which may include the amount and the merchant identifier. The payment instruction message may be formatted in a predefined format based on the payment service that is to be used to process the payment.

Generating (270) the payment instruction message may include accessing a payment instruction message template associated with the payment service to be used. The transaction processing module may determine the payment service to be used based on a consumer payment service selection or, in the absence thereof, a default payment service. The payment instruction message may be configured to instruct the payment service to which it is addressed to make a payment in respect of the amount in favour of a merchant account associated with the merchant identifier. The payment instruction message may include consumer account data usable by the payment service in authenticating the consumer and processing the transaction. The consumer account data may for example be credentials in the form of login credentials for the relevant payment (or wallet) service, payment card details and the like.

The transaction processing module may transmit (272) the payment instruction message to the payment service to cause the payment service to process the transaction against a consumer account maintained thereat in favour of a merchant account.

It is anticipated that a variety of different payment services may be used. For example, a push transaction payment service may be provided and processing the transaction may include transmitting the payment instruction message to a participating service provider (representing a consumer) to directly settle a transaction with a participating merchant. Exemplary push transaction payment services include bank to bank fiat payments, where upon receiving the transaction request, the consumer's bank can directly push a payment transaction to the merchant's bank without using traditional payment gateways or the credit card networks.

Another exemplary push transaction payment service includes card to card fiat payments, where upon receiving the transaction request, the payment instruction message is transmitted to a consumer's card company (e.g. issuing bank) to cause direct pushing of a credit or debit card payment transaction to the merchant's credit or debit card as a peer to peer transaction.

Exemplary push transaction payment services may also include cryptocurrency payments, where processing the payment includes transmitting the payment instruction message to the consumers cryptocurrency wallet provider to cause direct pushing of a payment transaction to the merchant's cryptocurrency wallet, or to an intermediary service converting the related cryptocurrency into a fiat currency of the merchant's choice.

In some implementations, upon receiving the transaction request, a consumer's registered loyalty card is automatically processed prior to the actual payment step in order to benefit from possible discounts directly impacting the transaction. Similarly, donations on behalf of the consumer, according to predefined rules, may be automatically added to the payment step to include this cost to total amount payable.

In some implementations, pull transaction payment services may be provided. For example, processing the transaction may include transmitting the payment instruction message to a participating card payment processing service provider, such as a payment gateway or acquiring bank able to securely store a consumer's card data, to cause remote processing of a credit or debit card type payment in favour of the merchant, it is also anticipated that the transaction processing module may have direct access to consumer payment credentials (e.g. credit card details) and may be configured to process payments directly. In such an implementation, and if the consumer selected payment service is 'credit card', then the transaction processing module may submit a transaction request to a payment processing network and/or acquiring financial institution directly, in some implementations a transaction emulation mechanism may be provided in which each transaction terminal device or associated point of sale device may be registered within the remote server or the CTMP as a virtual person with a virtual account, such as virtual credit card, virtual debit card, virtual cryptocurrency wallet or the like. Processing the transaction may include processing push payments from a consumer's account in favour of the virtual account, and optionally through multiple virtual merchant accounts, to a central merchant account. Such a transaction emulation mechanism may be implemented in embodiments in which the transaction terminal device is connected directly to a distributed network instead of a central server, where every transaction terminal device (or point of sale if a proxy) would have to be registered as a virtual entity on the network to which consumers can push peer-to-peer-fype transactions.

In some implementations, a distributed network may be emulated from within a central server directly connected to the terminals. The transactions may be processed by the server as virtualised blockchain transactions in order to benefit from advantages that blockchain, hashgraph, etc. related transactions might have for certain business cases. This may for example assist in overcoming latency issues related to some cryptocurrencies such as Bitcoin and Ethereum. For example establishing a virtualised blockchain within the cloud may enable instant immutable transactions on behalf of cryptocurrency wallet-based consumers on the front-end, allowing for the clearing of the actual transactions on the back-end at a later stage by putting a hold on the consumer's cryptocurrency wallet account as the first step which is instant.

After successfully processing the transaction, the transaction processing module may transmit a payment confirmation message to the remote server, which may on-forward the payment confirmation message to the transaction terminal device and/or a consumer mobile handset. The payment confirmation message may confirm processing of the transaction.

In some implementations, the transaction processing module may perform a data management method. The method may be for the management and use of transaction related data collected and stored during the processing of transactions. The method may include collecting end-user transaction data from the transaction terminal device and/or point of sale device. The method may include storing this data as end-user associated transaction information over time and analysing this information for purposes of marketing relevance. Ultimately extremely large data sets may be built up that may be analysed computationally to reveal patterns, trends, and associations, especially relating to human behaviour and interactions.

The analysis of this information may use artificial intelligence or machine learning techniques for performing end-user associated transaction profiling, where transaction related data is scrubbed for cues pointing towards an end-user's product preferences. This analysis may in turn be used for end-user associated target marketing, where the consumer is exclusively exposed to marketing campaigns for products of their interest. The analysis may also be used for consumer transaction preference control, where the consumer's default preferred payment services are pre-selected on the basis of transaction habits in the past.

Aspects of the present disclosure may enable secure consumer, service provider, operator and transaction related data and may utilise secure cloud servers to manage consumer accounts and process transactions using consumer generated public and private keys instead of sensitive personal data. Consumers may be identified by way of multiple factors, for example including one or more of biometric data (e.g. a fingerprint) secret passcode voice biometric (e.g. via a voice call to a mobile handset associated with the consumer) and the like, all of which may be associated with the consumer public and private keys. Aspects of the disclosure provide for sensitive data to be encrypted and stored in siloed and/or firewalied servers.

The transaction terminal devices described herein may be secure and tamperproof. For example one or both of the hardware and software executing on the secure transaction terminals may be tamperproof, Tamperproof hardware may be achieved by configuring hardware components to self-destruct when power is applied after having been opened without a unique code entered. In some cases firmware may be configured to communicate with the remote server (or CTMP) to blacklist the transaction terminal device when unauthorised use is detected. Tamperproof software may be achieved by configuring the software to communicate with the remote server (or CTMP) to blacklist itself when unauthorised use is detected. In some cases, the software may be configured to delete itself and the operating system by formatting a memory component in which the relevant computer-readable instructions are stored.

On-boarding, or registration of consumers with the system described herein may be effected in a number of ways. In some implementations, a consumer may use a mobile wallet or web portal to pre~register, and may then register his or her biometric data using a transaction terminal device at a participating merchant. In such a case, the transaction terminal device may be configured to notify the pre-registered consumer when attempting to transact that their fingerprint/s data does not exist on the database. On-boarding may include the transaction terminal device instructing the consumer to enter his her mobile handset number and a passcode to verify pre-registration. On-boarding may include the transaction terminal device instructing the pre-registered consumer to input biometric data for registration (e.g. by placing his/her finger/s on the biometric reader to capture fingerprint data). The transaction terminal may confirm successful biometric data capturing process, and may then allow the consumer to transact. In another on-boarding or registration process, a kiosk terminal may be provided for use by a consumer in registering with the system and capturing biometric data.

Various components may be provided for implementing the methods described above. Figure 4 is a block diagram which illustrates exemplary components which may be provided by a system (400) for conducting a transaction. The system (400) may include a transaction terminal device (102) and a remote server (104).

The transaction terminal device (102) may include a processor (402) for executing the functions of components described below, which may be provided by hardware or by software units executing on the transaction terminal device (102). In some implementations, the transaction terminal may include a secure processor configured to perform secure operations. The software units may be stored in a memory component (404) and instructions may be provided to the processor (402) to carry out the functionality of the described components. Some or ail of the components may be provided by a secure software application (406) which executes on the transaction terminal device (102). in some cases, the secure software application (408) may execute on the secure processor.

The software application (406) may include a consumer identifier data receiving component (408) which may be arranged to receive consumer identifier data as an input into the transaction terminal device. The consumer identifier data may be uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device. The consumer identifier data receiving component (408) may receive the consumer identifier data via a user data entry component (409) which may include one or more of a biometric reading module (409A) a keypad component (409B) and a camera (409C).

The biometric reading module (409A) may utilise unique algorithms to generate a unique hash code or the like for every consumer fingerprint, which may be stored at the remote server (or in the consumer authentication database) for future reference when the code is re-generated once the consumer places their fingerprint on the or another transaction terminal device for the next transaction. Use of such algorithms may enable fingerprint images to be saved as long, irreversible codes which can be compared to one another instead of the fingerprint image itself, as images can be reproduced in the event of a data breach. The software application (406) may include an authentication request transmitting component (410) arranged to transmit an authentication request to the remote server (104). The authentication request may include the consumer identifier data and may request validation of the consumer identifier data. The software application (406) may include an encryption key receiving component (412) which may be arranged to receive an encryption key uniquely associated with the consumer identifier data from the remote server. The encryption key may be received in response to the remote server validating the consumer identifier data. The software application (406) may include a transaction request message generating component (418) which may be arranged to generate a transaction request message having a payload including the consumer identifier data and an amount associated with the transaction.

The software application (406) may include an encryption component (420) which may be arranged to encrypt at least the payload of the transaction request message using the encryption key.

The software application (406) may include a transaction request message transmitting component (422) which may be arranged to transmit the transaction request message including the encrypted payload to the remote server (104) for processing the transaction.

The transaction terminal device (102) may include a dedicated memory module (424) which may be arranged to store data specific to a particular transaction for the duration of the transaction only. The software application (406) may have a dedicated memory module purging component (426) which may be configured to purge the dedicated memory module (424) of any data stored therein at specified times, for example after the transaction request message has been sent to the remote server.

The transaction terminal device (102) may include a hardware tamper detection component (428) which may be configured to detect unauthorised tampering with hardware of the transaction terminai device and to erase permanently ail memory components of the transaction terminal device and transmit an alert to the remote server in response to the detection. Similarly, the software application (406) may include a software tamper detection component (430) which may be arranged to detect unauthorised tampering with software of the transaction terminal device and, in response thereto, to erase permanently ail memory components of the transaction terminal device and transmit an alert to the remote server.

The remote server (104) may include a processor (452) for executing the functions of components described below, which may be provided by hardware or by software units executing on the remote server (104). The software units may be stored in a memory component (454) and instructions may be provided to the processor (452) to carry out the functionality of the described components.

The remote server may host or provide a cloud transaction management platform (CTMP) (456). The CTMP (456) may include a consumer authentication module (458) and a transaction processing module (460). The consumer authentication module and transaction processing module may be one or both of physically and logically separated (462) from one another. In some implementations, the separation may be achieved by way of a firewall or other suitable network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. In some cases, each of the consumer authentication module and transaction processing module may be hosted on or provided by physically and/or logically (or virtually) separated server computers.

The consumer authentication module (458) may include an authentication request receiving component (464) which may be arranged to receive an authentication request from the transaction terminal device (102), The authentication request may include consumer identifier data uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device and may request validation of the consumer identifier data.

The consumer authentication module (458) may include a validating component (466) which may be arranged to validate the consumer identifier data against a consumer authentication record. This may include accessing a consumer authentication database (108) in which the consumer authentication record may be stored.

The consumer authentication module (458) may include an accessing component (468) which may be arranged to access, if the consumer identifier data is valid, an encryption key uniquely associated with the consumer identifier data. The encryption key may be accessed from the consumer authentication record. The consumer authentication moduie (458) may include an encryption key transmitting component (470) which may be arranged to transmit the encryption key to the transaction terminal device (102).

The consumer authentication moduie (458) may include a transaction request message receiving component (472) which may be arranged to receive a transaction request message including an encrypted payioad. The transaction request message may be received from the transaction terminal device. The encrypted pay!oad may include the consumer identifier data and an amount associated with the transaction and may have been encrypted by the transaction terminal device using the encryption key.

The consumer authentication module (458) may include a forwarding component (474) which may be arranged to forward the transaction request message to the transaction processing moduie (480) for decryption of the encrypted payioad and processing of the transaction.

The transaction processing module (480) may include message receiving component (478) which may be arranged to receive a transaction request message from the consumer authentication module (458).

The transaction processing module (460) may include a decryption key accessing component (480) which may be arranged to access a decryption key associated with the encryption key. The decryption key may be accessed from a consumer account database (112). The transaction processing module (460) may include a decrypting component (482) which may be arranged to decrypt the encrypted payioad using the decryption key to output the decrypted payioad.

The transaction processing module (460) may include a transaction processing component (484) which may be arranged to generate a payment instruction message and forward the payment instruction message to an appropriate payment service for effecting processing of the transaction against a consumer account and in favour of a merchant account.

A method and system for configuring a transaction agnostic terminal in association with a cloud transaction platform are disclosed herein which may provide participants in the point of sale terminal market with a low cost, secure and fool-proof method of accepting and processing any one or more transactions simultaneously using a biometric identifier such as a fingerprint and (optional) secret passcode.

Figure 5 illustrates an example of a computing device (500) in which various aspects of the disclosure may be implemented. The computing device (500) may be embodied as any form of data processing device including a personal computing device (e.g. laptop or desktop computer), a server computer (which may be self-contained, physically distributed over a number of locations), a client computer, or a communication device, such as a mobile phone (e.g. cellular telephone), satellite phone, tablet computer, personal digital assistant or the like. Different embodiments of the computing device may dictate the inclusion or exclusion of various components or subsystems described below.

The computing device (500) may be suitable for storing and executing computer program code. The various participants and elements in the previously described system diagrams may use any suitable number of subsystems or components of the computing device (500) to facilitate the functions described herein. The computing device (500) may include subsystems or components interconnected via a communication infrastructure (505) (for example, a communications bus, a network, etc.). The computing device (500) may include one or more processors (510) and at least one memory component in the form of computer-readable media. The one or more processors (510) may include one or more of: CPUs, graphical processing units (GPUs), microprocessors, field programmable gate arrays (FPGAs), application specific integrated circuits (ASICs) and the like. In some configurations, a number of processors may be provided and may be arranged to carry out calculations simultaneously. In some implementations various subsystems or components of the computing device (500) may be distributed over a number of physical locations (e.g. in a distributed, cluster or cloud-based computing configuration) and appropriate software units may be arranged to manage and/or process data on behalf of remote devices.

The memory components may include system memory (515), which may include read only memory (ROM) and random access memory (RAM). A basic input/output system (BIOS) may be stored in ROM. System software may be stored in the system memory (515) including operating system software. The memory components may also include secondary memory (520). The secondary memory (520) may include a fixed disk (521 ), such as a hard disk drive, and, optionally, one or more storage interfaces (522) for interfacing with storage components (523), such as removable storage components (e.g. magnetic tape, optical disk, flash memory drive, external hard drive, removable memory chip, etc.), network attached storage components (e.g. NAS drives), remote storage components (e.g. cloud-based storage) or the like. The computing device (500) may include an external communications interface (530) for operation of the computing device (500) in a networked environment enabling transfer of data between multiple computing devices (500) and/or the Internet. Data transferred via the external communications interface (530) may be in the form of signals, which may be electronic, electromagnetic, optical, radio, or other types of signal. The external communications interface (530) may enable communication of data between the computing device (500) and other computing devices including servers and external storage facilities. Web services may be accessible by and/or from the computing device (500) via the communications interface (530). The external communications interface (530) may be configured for connection to wireless communication channels (e.g., a cellular telephone network, wireless local area network (e.g. using Wi-Fi™), satellite-phone network, Satellite Internet Network, etc.) and may include an associated wireless transfer element, such as an antenna and associated circuitry. The external communications interface (530) may include a subscriber identity module (SIM) in the form of an integrated circuit that stores an international mobile subscriber identity and the related key used to identify and authenticate a subscriber using the computing device (500). One or more subscriber identity modules may be removable from or embedded in the computing device (500). The external communications interface (530) may further include a contactless element (550), which is typically implemented in the form of a semiconductor chip (or other data storage element) with an associated wireless transfer element, such as an antenna. The contactless element (550) may be associated with (e.g., embedded within) the computing device (500) and data or control instructions transmitted via a cellular network may be applied to the contactless element (550) by means of a contactless element interface (not shown). The contactless element interface may function to permit the exchange of data and/or control instructions between computing device circuitry (and hence the cellular network) and the contactless element (550). The contactless element (550) may be capable of transferring and receiving data using a near field communications capability (or near field communications medium) typically in accordance with a standardized protocol or data transfer mechanism (e.g., ISO 14443/NFC). Near field communications capability may include a short-range communications capability, such as radio-frequency identification (RF!D), Bluetooth™, infra-red, or other data transfer capability that can be used to exchange data between the computing device (500) and an interrogation device. Thus, the computing device (500) may be capable of communicating and transferring data and/or control instructions via both a cellular network and near field communications capability. The computer-readable media in the form of the various memory components may provide storage of computer-executable instructions, data structures, program modules, software units and other data. A computer program product may be provided by a computer-readable medium having stored computer-readable program code executable by the central processor (510). A computer program product may be provided by a non-transient computer-readable medium, or may be provided via a signal or other transient means via the communications interface (530).

Interconnection via the communication infrastructure (505) allows the one or more processors (510) to communicate with each subsystem or component and to control the execution of instructions from the memory components, as well as the exchange of information between subsystems or components. Peripherals (such as printers, scanners, cameras, or the like) and input/output (I/O) devices (such as a mouse, touchpad, keyboard, microphone, touch-sensitive display, input buttons, speakers and the like) may couple to or be integrally formed with the computing device (500) either directly or via an I/O controller (535). One or more displays (545) (which may be touch-sensitive displays) may be coupled to or integrally formed with the computing device (500) via a display (545) or video adapter (540).

The computing device (500) may include a geographical location element (555) which is arranged to determine the geographical location of the computing device (500). The geographical location element (555) may for example be implemented by way of a global positioning system (GPS), or similar, receiver module. In some implementations the geographical location element (555) may implement an indoor positioning system, using for example communication channels such as cellular telephone or Wi-Fi™ networks and/or beacons (e.g. Bluetooth™ Low Energy (BLE) beacons, iBeacons™, etc.) to determine or approximate the geographical location of the computing device (500). In some implementations, the geographical location element (555) may implement inertia! navigation to track and determine the geographical location of the communication device using an initial set point and inertial measurement data. The foregoing description has been presented for the purpose of illustration; it is not intended to be exhaustive or to limit the invention to the precise forms disclosed. Persons skilled in the relevant art can appreciate that many modifications and variations are possible in light of the above disclosure. Any of the steps, operations, components or processes described herein may be performed or implemented with one or more hardware or software units, alone or in combination with other devices. In one embodiment, a software unit is implemented with a computer program product comprising a non-transient computer-readable medium containing computer program code, which can be executed by a processor for performing any or all of the steps, operations, or processes described. Software units or functions described in this application may be implemented as computer program code using any suitable computer language such as, for example, Java™, C++, or Perl™ using, for example, conventional or object-oriented techniques. The computer program code may be stored as a series of instructions, or commands on a non- transitory computer-readable medium, such as a random access memory (RAM), a read-only memory (ROM), a magnetic medium such as a hard-drive, or an optical medium such as a CD- ROM, Any such computer-readable medium may also reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.

Flowchart illustrations and block diagrams of methods, systems, and computer program products according to embodiments are used herein. Each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, may provide functions which may be implemented by computer readable program instructions. In some alternative implementations, the functions identified by the blocks may take place in a different order to that shown in the flowchart illustrations. The language used in the specification has been principally selected for readability and instructional purposes, and it may not have been selected to delineate or circumscribe the inventive subject matter. It is therefore intended that the scope of the invention be limited not by this detailed description, but rather by any claims that issue on an application based hereon. Accordingly, the disclosure of the embodiments of the invention is intended to be illustrative, but not limiting, of the scope of the invention, which is set forth in the following claims.

Finally, throughout the specification and claims unless the contents requires otherwise the word 'comprise' or variations such as 'comprises' or 'comprising' will be understood to imply the inclusion of a stated integer or group of integers but not the exclusion of any other integer or group of integers.

Claims

C LAI MS :

1. A computer-implemented method conducted at a transaction terminal device, comprising:

receiving consumer identifier data as an input into the transaction terminal device, the consumer identifier data being uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device;

transmitting an authentication request to a remote server, the authentication request including the consumer identifier data and requesting validation of the consumer identifier data; in response to the remote server validating the consumer identifier data, receiving, from the remote server, an encryption key uniquely associated with the consumer identifier data; generating a transaction request message having a payioad including the consumer identifier data and an amount associated with the transaction;

encrypting at least the payioad of the transaction request message using the encryption key; and,

transmitting the transaction request message including the encrypted payioad for processing the transaction by a transaction processing module.

2. The method according to claim 1 , wherein receiving the consumer identifier data includes receiving one or both of biometric data uniquely linked to the consumer and a passcode.

3. The method according to claim 2, wherein the biometric data includes the output of a hash function, the output of the hash function having been generated by performing a hash operation on raw biometric data obtained directly from the consumer.

4. The method according to claim 2 or claim 3, wherein the biometric data is received via a biometric reader module and wherein the passcode is received via a keypad. 5. The method as claimed in any one of the preceding claims, wherein the encryption key is a public key of a public private key pair uniquely associated with the consumer identifier data.

8, The method as claimed in any one of the preceding claims, wherein one or more of the consumer identifier data, amount, encryption key, authentication request message and transaction request message are stored temporarily in a dedicated memory module and wherein the method includes purging the dedicated memory module after transmitting the transaction request message.

7. The method as claimed in any one of the preceding claims, including receiving a confirmation message confirming processing of the transaction, 8. The method as claimed in any one of the preceding claims, including:

receiving, from the remote server, a payment service selection prompt requesting selection by the consumer of a payment service uniqueiy associated with the consumer identifier data;

displaying the prompt to the consumer via a display;

receiving a consumer payment service selection; and,

transmitting the consumer payment service selection to the remote server,

9. A computer-implemented method conducted at a server computer, comprising:

receiving an authentication request from a transaction terminal device, the authentication request including consumer identifier data uniqueiy associated with a consumer conducting a transaction with a merchant via the transaction terminal device, the authentication request requesting validation of the consumer identifier data;

validating the consumer identifier data against a consumer authentication record;

if the consumer identifier data is valid, accessing an encryption key uniquely associated with the consumer identifier data;

transmitting the encryption key to the transaction terminal device;

receiving, from the transaction terminal device, a transaction request message including an encrypted payioad, the encrypted payload including the consumer identifier data and an amount associated with the transaction and having been encrypted by the transaction terminal device using the encryption key; and,

forwarding the transaction request message to a transaction processing module for decryption of the encrypted payioad and processing of the transaction.

10. The method according to claim 9, wherein the consumer identifier data includes one or both of biometric data uniqueiy linked to the consumer and a passcode.

1 1. The method according to claim 10, wherein validating the consumer identifier data includes one or both of using the biometric data to identify the consumer authentication record and validating the passcode against a passcode stored in association with the biometric data in the consumer authentication record.

12. The method as claimed in any one of claims 9 to 11 , wherein the transaction processing module has access to a consumer account record and a decryption key corresponding to the encryption key, and wherein the method includes the transaction processing module decrypting the encrypted payload using the decryption key and processing the transaction against consumer account data stored in the consumer account record,

13. The method as claimed in claims 11 or 12. wherein the encryption key is a public key and the decryption key is a corresponding private key of a public private key pair uniquely associated with the consumer identifier data, wherein the encryption key is stored in the consumer authentication record and wherein the decryption key is stored in the transaction processing module.

14. The method as claimed in claim 12 or claim 13, wherein the transaction processing module is one or both of a physically and logically separated module, and wherein the consumer account record is stored in the transaction processing module.

15. The method as claimed in any one of claims 12 to 14, wherein the consumer account data includes one or both of payment card data and wallet service data usable in conducting a financial transaction against a financial account associated with the consumer.

16. The method as claimed in any one of claims 9 to 15, wherein the transaction processing module is one of a subset of transaction processing modules, each transaction processing module being associated with a different geographical area and being a mirror of the other transaction processing modules.

17. A system including a transaction terminal device comprising:

a processor and a memory configured to provide computer program instructions to the processor to execute functions of components;

a consumer identifier data receiving component for receiving consumer identifier data as an input into the transaction terminal device, the consumer identifier data being uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device;

an authentication request transmitting component for transmitting an authentication request to a remote server, the authentication request including the consumer identifier data and requesting validation of the consumer identifier data; an encryption key receiving component for, in response to the remote server validating the consumer identifier data, receiving, from the remote server, an encryption key uniquely associated with the consumer identifier data;

a transaction request message generating component for generating a transaction request message having a payload including the consumer identifier data and an amount associated with the transaction;

an encryption component for encrypting at least the payload of the transaction request message using the encryption key; and,

a transaction request message transmitting component for transmitting the transaction request message including the encrypted payload for processing the transaction by a transaction processing module.

18. A system including a remote server comprising:

an authentication request receiving component for receiving an authentication request from a transaction terminal device, the authentication request including consumer identifier data uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device, the authentication request requesting validation of the consumer identifier data;

a validating component for validating the consumer identifier data against a consumer authentication record;

an accessing component for, if the consumer identifier data is valid, accessing an encryption key uniquely associated with the consumer identifier data;

an encryption key transmitting component for transmitting the encryption key to the transaction terminal device;

a transaction request message receiving component for receiving, from the transaction terminal device, a transaction request message including an encrypted payload, the encrypted payload including the consumer identifier data and an amount associated with the transaction and having been encrypted by the transaction terminal device using the encryption key; and, a forwarding component for forwarding the transaction request message to a transaction processing module for decryption of the encrypted payload and processing of the transaction.

19. A computer program product comprising a computer-readable medium having stored computer-readable program code for performing the steps of: receiving consumer identifier data as an input into the transaction terminal device, the consumer identifier data being uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device;

transmitting an authentication request to a remote server, the authentication request including the consumer identifier data and requesting validation of the consumer identifier data; in response to the remote server validating the consumer identifier data, receiving, from the remote server, an encryption key uniquely associated with the consumer identifier data; generating a transaction request message having a payload including the consumer identifier data and an amount associated with the transaction;

encrypting at least the payload of the transaction request message using the encryption key; and,

transmitting the transaction request message including the encrypted payload for processing the transaction by a transaction processing module. 20. A computer program product comprising a computer-readable medium having stored computer-readable program code for performing the steps of:

receiving an authentication request from a transaction terminal device, the authentication request including consumer identifier data uniquely associated with a consumer conducting a transaction with a merchant via the transaction terminal device, the authentication request requesting validation of the consumer identifier data;

transmitting the encryption key to the transaction terminal device;

receiving, from the transaction terminal device, a transaction request message including an encrypted payload, the encrypted payload including the consumer identifier data and an amount associated with the transaction and having been encrypted by the transaction terminal device using the encryption key; and,

forwarding the transaction request message to a transaction processing module for decryption of the encrypted payload and processing of the transaction.