WO2022260782A1 - Wireless terminal apparatus and method - Google Patents

Wireless terminal apparatus and method Download PDF

Info

Publication number
WO2022260782A1
WO2022260782A1 PCT/US2022/027583 US2022027583W WO2022260782A1 WO 2022260782 A1 WO2022260782 A1 WO 2022260782A1 US 2022027583 W US2022027583 W US 2022027583W WO 2022260782 A1 WO2022260782 A1 WO 2022260782A1
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
interaction
payment
processing
application
Prior art date
Application number
PCT/US2022/027583
Other languages
French (fr)
Inventor
Patrick Mestre
Original Assignee
Mastercard International Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastercard International Incorporated filed Critical Mastercard International Incorporated
Priority to EP22725080.0A priority Critical patent/EP4352679A1/en
Publication of WO2022260782A1 publication Critical patent/WO2022260782A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/204Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • G06Q20/3263Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices

Definitions

  • the present disclosure relates to a wireless terminal apparatus and an associated method.
  • the method and apparatus are particularly suitable for use when one of several different applications may be used at a c lient device for interaction with the terminal device.
  • Payment cards such as credit cards and debit cards are very widely used for all forms of financial transaction.
  • the use of payment cards has evolved significantly with technological developments over recent years.
  • transactions were on paper, using an imprint of a transaction card and confirmed by a signature.
  • This approach was largely replaced by use of a magnetic stripe of a transaction card swiped through a magnetic stripe reader on a point of sale (POS) terminal to perform a transaction.
  • Transaction cards developed to contain an integrated circuit (“chip cards” or “smart cards”) that communicates with a smart card reader in the POS terminal.
  • PIN personal identification number
  • Cards of this type typically operate under the EMV® specification for interoperation of chip cards and associated apparatus (such as POS terminals and ATMs).
  • the EMV specifications are based on the ISO/IEC 7816 standards for operation of cards of this type.
  • Contactless payments are now possible between suitably enabled payment cards or devices and merchant terminals by short range wireless technology proximity protocols, and the EMV specifications implement contactless communication based on the ISO/IEC 14443 standard.
  • Payment cards and devices are provided under a transaction scheme (such as Mastercard, American Express or Visa) and the transaction mechanism is mediated by the transaction scheme infrastructure.
  • EMV chip specifications relate to contact and contactless payment protocols and are publicly available at the EMVCo website (EMVCo is the industry' body tasked with maintaining these specifications with the support of major transaction scheme providers) - https://www.emvco.com/document-searcb/ - and would readily be consulted by the person skilled in the art. Terminology relating to EMV technology not expressly defined in this document is referenced and defined in EMV specifications, as will be appreciated by the person skilled in the art.
  • a transaction scheme or payment card scheme - involving a payment network linked to a payment card - is typically based on one of two models: a three- party model (adopted by American Express) or a four-party model (adopted by Visa and Mastercard).
  • the relevant parties in the four-party model include a merchant, an acquirer, an issuer and a cardholder.
  • the four-party model of a credit card or debit card purchase involves an exchange of authorisation request and response messages between the parties prior to the settlement of funds between the cardholder and the merchant.
  • the messages may include transaction data such as a primary account number, a transaction amount, a merchant identifier, and a date and time of the transaction.
  • Merchant terminals are connected to the acquirer (acquiring bank) supporting the merchant.
  • a transaction is routed to the acquirer from the merchant, and then through the transaction system network provided by the payment scheme provider to the issuer (issuing bank) for the consumer (cardholder).
  • the issuer uses transaction information and its knowledge of the cardholder to determine whether to authorise the transaction, with an authorisation result being routed back through the transaction system infrastructure to the merchant.
  • Protocols for performing and processing transactions using payment schemes of this type are defined by payment schemes or in some cases by national bodies, with these being typically based on ISO 8583 or its replacement ISO 20022.
  • EMV specifications enable common implementations of such protocols according to specifications developed in connection with EMVCo, with specifications being publicty available as indicated above.
  • a developing form of transaction is over a short range between a user device (also termed here a consumer device) and a merchant terminal using a wireless communications technology.
  • a user device also termed here a consumer device
  • a merchant terminal using a wireless communications technology.
  • Such transactions can be conducted as contactless transactions using a contactless protocol, or as e-commerce transactions. Both of these approaches have some disadvantages when compared with a “chip-and- PIN” contact solution.
  • contactless transactions are triggered by proximity alone, they require special security management, and in most jurisdictions have a low transaction threshold.
  • Online transactions also require a set of specific security protocols which will tend to make the transaction process more complex than for a contact transaction.
  • the payment device In short range “wireless” contexts, where a user payment device can communicate locally over an appropriate protocol with a merchant terminal, the payment device will typically be a user mobile phone handset - the merchant terminal is a local computing device that may act as a client to a service provided in the cloud. In these circumstances, it would be desirable to provide a rich set of payment options for the user and to allow full use of the mobile phone interface, while for efficiency it is still desirable that communication between the payment device and the merchant terminal will be constrained. Similar to contactless transactions today, it may w'ell be that for wireless payments the consumer device supports products using different data exchange protocols wlrile the terminal also supports products using different data exchange protocols
  • the present disclosure has been devised to mitigate or overcome at least some of the above-mentioned problems.
  • a method of performing an interaction over a wireless communication network between a first device and a second device for processing by a discrete processing system according to a set of protocols wherein the interaction may be processed by a plurality of kernels on the first device and a plurality of applications on the second device, wherein: the first device establishes from the plurality of kernels a plurality of possible applications for processing the interaction at the second device, the first device obtaining from the kernels information needed for all the plurality of possible applications to enable the second device to run each possible application to perform the interaction; the first device providing a message to the second device identifying the plurality of possible applications and the information needed for all the plurality of possible applications; the first device receiving from the second device a choice of application from the possible applications and interaction data from the chosen application at the second device for processing by said one of the kernels adapted to support that application; the first device obtaining an interaction result for processing by the discrete processing system from said one of the plurality of kernels.
  • the communications to and from the second device may be mediated through a wireless entry' point, such that the kernels communicate only with the wireless entry point.
  • the interaction is a transaction between a merchant represented by the first device and a consumer represented by the second device acting as a payment device, wherein the discrete processing system is a payment processing network, and the interaction result is a request to authorize the transaction.
  • each of the plurality of kernels may be adapted to provide merchant processing of a transaction performed with one or more payment applications, wherein a payment application is used for processing of a transaction on a payment device.
  • Establishing from the plurality of kernels a plurality of possible applications may then comprise for at least one kernel determining and identifying allowable payment application and transaction type combinations, and it may also comprise providing from that kernel the said combinations together with transaction and merchant information needed by the payment application of each said combination for processing the transaction. This may further comprise said at least one kernel generating an unpredictable number and providing the unpredictable number with said combinations and said information.
  • the interaction data received from the second device may comprise transaction data including an application cryptogram, wherein the interaction result includes a request to authorize the transaction including the application cryptogram.
  • This interaction data may further comprise a cardholder verification strategy and result, and wherein the kernel processing the interaction data determines whether the cardholder verification strategy and result allows a legitimate request for authorization of the transaction.
  • the disclosure provides a computing device comprising a processor, a memory, and a wireless communication means, wherein the computing device is programmed to perform the method of the first aspect as set out above.
  • This computing device may be a merchant point-of-sale terminal.
  • the disclosure provides a method of performing an interaction over a wireless communication network between a first device and a second device for processing by a discrete processing system according to a set of protocols, wherein the interaction may be processed by a plurality of kernels on the first device and a plurality of applications on the second device, wherein: the second device receives a message from the first device identifying a plurality of possible applications for processing the interaction at the second device and the information needed for all the plurality of possible applications to enable the second device to run each possible application to perform the interaction; selecting one of the plurality of possible applications at the second device; at the second device, running said one of the plurality of possible applications using the information for that possible application from the message received from the first device to produce interaction data for the interaction; and sending to the first device a response message comprising a choice of application from the possible applications and interaction data from the chosen application for processing by said one of the kernels adapted to support that application.
  • the interaction is a transaction between a merchant represented by the first device and a consumer represented by the second device acting as a payment device, wherein the discrete processing system is a payment processing network, and the response message is sent to enable the first device to request authorization of the transaction through the payment processing network.
  • the discrete processing system is a payment processing network
  • receiving the message from the first device may comprise receiving a message identifying allowable payment application and transaction type combinations supported by the first device, together with for the said combinations transaction and merchant information needed by the payment application of each said combination for processing the transaction.
  • the possible applications for processing the interaction may then be payment applications and selecting one of the plurality of possible applications may comprise selecting a payment application for processing the transaction and providing the transaction and merchant information provided in the message to the payment application for processing of the transaction at the second device.
  • the method may further comprise determining a cardholder verification strategy and, if required by the cardholder verification strategy, performing a cardholder verification action for inclusion in the processing of the transaction.
  • Processing of the transaction by the selected payment application may comprise determining whether to complete the transaction and providing an application cryptogram to enable authorisation of the transaction through the payment processing system.
  • the disclosure provides a computing device comprising a processor, a memory, and a wireless communication means, wherein the computing device is programmed to perform the method of the third aspect as set out above.
  • This computing device may be a payment device, and may be a handheld computing device, such as a mobile telephone handset.
  • a payment device may comprise a wallet application for interaction with merchant devices and for management of payment cards associated with the cardholder, and a plurality of payment applications accessible to the wallet application.
  • Figure 1 shows a transaction ecosystem including a payment system along with other parties acting and interacting in the transaction system
  • Figure 2 illustrates schematically a terminal system, including its key elements and its set of interactions with other transaction ecosystem elements
  • Figure 3 shows an overall transaction flow according to embodiments of the disclosure
  • Figure 4 shows exemplary kernel processing of a pre process message in the transaction flow of Figure 3;
  • Figures 5 A and 5B show exemplary' kernel processing of a prepare authorization data message in the transaction flow of Figure 3;
  • Figure 6 shows schematically a transaction system using the four-party model.
  • Figure 1 shows an architecture according to an embodiment of the disclosure appropriate for interaction between a cardholder and a merchant. This embodiment relies on the four-party model for payment interactions, which will be described in more detail in Figure 4 below.
  • the cardholder 1 uses their computing device - which may be for example a cellular telephone handset, a tablet, a laptop, or any other suitable computing device (here a cellular telephone handset or smartphone 11 is shown) - to act either as a proxy for a physical payment card 6 or as a virtual payment card operating only in a digital domain.
  • a cellular telephone handset or smartphone 11 is shown
  • the conventional interaction between a physical payment card 6 and a merchant POS terminal 7 is shown, but the smartphone 11 achieves this with a mobile payment application and typically a digital wallet 17 which may be siting within the transaction scheme infrastructure 5.
  • the smartphone 11 is here able to transact with a merchant POS terminal 7 locally wirelessly using an appropriate short range wireless technology.
  • the merchant 2 may be supported by a cloud service 18 for which the merchant POS terminal 7 is acting as a client.
  • the transaction scheme infrastructure (transaction infrastructure) 5 here provides not only the computing infrastructure necessary to operate the card scheme and provide routing of transactions and other messaging to parties such as the acquirer 3 and the issuer 4, but also a wallet service 17 to support a digital wallet on the cardholder computing device.
  • Other elements may be present to support digital domain transactions - for example, an internet gateway for a merchant server and a tokenisation provider for tokenising digital cards and an associated digital enablement service - but a main consideration in embodiments of the disclosure is the handling of transactions between a card or other cardholder payment device and a terminal, as the terminal to acquirer connection is under particular consideration. This may have limited ability to carry additional data, or may only be adapted for handling of transaction data according to legacy protocols- in particular, an existing terminal to acquirer connection may not be suitable to handle additional information beyond that provided in a conventional EMVCo protocol transaction.
  • FIG. 2 An exemplary POS terminal for implementing an embodiment of the disclosure is shown in Figure 2, and details of a transaction flow according to an embodiment of the disclosure are set out in detail in Figure 3. Before discussing the details of this terminal and this transaction flow, it is desirable to set out the elements of a transaction between a payment device and a terminal for a transaction according to normal EMV protocols used for contact transactions, and for the modifications made for the contactless case.
  • contact EMV In contact EMV:
  • the terminal and payment device make an application choice.
  • There are a number of possible payment applications on a payment device these are proprietary to payment system providers, and a payment device may have several payment applications a vailable - in the case of a payment device such as a mobile telephone, these may be multiple payment applications from multiple issuers using multiple payment system providers.
  • Payment applications are identified by an Application Identifier (AID).
  • the terminal reads data from that application.
  • Data is authenticated offline to make sure the card associated with the payment device is not a counterfeit.
  • Cardholder verification is done for example with a PIN.
  • Transaction checks are made at the terminal - for example, for floor limits and the like. This is typically done if there is a choice of authorisation option, but if there is not - for example, if all authorisation will be online, as is increasingly the case - then this step may not be necessary.
  • the terminal requests approval for the transaction.
  • the card approves the transaction.
  • the transaction is finalized, and an issuing response is sent back to the card.
  • the process and the security model are limited by the short time period of the transaction and the reliance on physical control and proximity.
  • EMV protocols the early stage of a transaction process is governed by the Entry Point specification - the Entry Point specification for contactless transactions is found at https://wwiy.enTvco.com/terms-of-use/ 9 u ::: 7wp- content/uploa.ds/docitments/B Entry Point Specification v2 7 Finai.pdf.
  • preliminary transaction processing also called pre-processing
  • protocol activation which is activation of the contactless interface
  • combination selection which is selection of the combination to use for the transaction
  • kernel activation where Entry Point activates the selected kernel and this begins kernel processing
  • outcome processing where Entry Point processes an outcome according to the type of outcome and the values of the outcome par ameters.
  • FIG. 2 shows the functional arrangement provided by the POS terminal 7 and its interactions with other system elements - here, this is similar to existing contactless architectures in that it also uses an entry point approach.
  • the POS terminal 7 communicates with the transaction scheme infrastructure 5 (also referred to here as the payment scheme network) for processing of the transaction.
  • Interaction with the consumer device 11 is through a wireless connection 20 with the wireless entry point 21 (WEP, or wireless EP) of the terminal 7.
  • WEP wireless entry point 21
  • the wireless EP 21 is in communication with a number of different wireless kernels 22 (Kernel 1, Kernel 2, ... Kernel N). These wireless kernels are all adapted to interact with different payment applications - a particular payment application on the consumer device 11 will typically not be supported unless there is a wireless kernel in the terminal adapted to support it.
  • the kernels 22 will only communicate via the wireless EP 21.
  • the consumer device is here showm as having a number of payment applications 23 which each may or may not match one of the kernels in the terminal 7 - interaction with these payment applications 23 is by means of a wallet application 25 which also provides the user interface for the user of the consumer device 11.
  • the wireless EP 21 is used to mediate communication effectively - it will be appreciated by the skilled person that other options are also available for mediating interaction between payment applications and kernels, so embodiments of the disclosure may be constructed without an explicit wireless EP 21.
  • a transaction flow which achieves the intended goals of user functionality and efficient operation follows the following general approach to performing an interaction over a wdreless communication network between a first device and a second device for processing by a discrete processing system according to a set of protocols - while this appl ies to payment over a wireless communication infrastructure, it is applicable to other interactions, particularly those providing permissions or capabilities to a user interacting indirectly with a computing system.
  • the interaction may be processed by a plurality of kernels on a first device and a plurality of applications on a second device - in the payment case, the first device may be a point-of-sale terminal, and the second device a user computing device with a payment capability.
  • the first device establishes from the plurality of kernels a plurality' of possible applications for processing the interaction at the second device.
  • the first device obtains from the kernels such information as is needed for all the plurality of possible applications to enable the second device to ran each possible application to perform the interaction.
  • the first device then provides a message to the second device identifying the plurality of possible applications and the information needed for all the plurality of possible applications;
  • a choice of application from the possible applications is made at the second device and interaction data is produced the chosen application at the second device.
  • the choice of application and the interaction data is then provided by the second device to the first device for processing by said one of the kernels adapted to support that application.
  • the first device then obtains an interaction result for processing by the discrete processing system from said one of the plurality of kernels.
  • this may be an authorisation request for a transaction.
  • FIG. 3 A specific implementation of this approach in the context of the system shown in Figures 1 and 2 is shown in Figure 3. Note that for the purposes of this transaction flow, the terminal 7 is considered to be a discrete entity to the wireless entry point 21 , as are the kernels 22. Similarly, the consumer device 11 is considered discretely from the payment applications 23 that it hosts - in practice, relevant activity at the consumer device 11 is at the w'allet application 25. Exemplary message formats are provided further below, as is an exemplary flow within a specific kernel 22.
  • a new' transaction is initiated at the terminal 7.
  • the terminal 7 sends an initiate Jx message 3100 to the wireless EP 21, with the amount, the amount other and the transaction type. Note that the currency is fixed and knowm by the different wireless kernels. “Amount other” is used to indicate a cashback payment - if there is no cashback as part of the transaction, it will have a value of zero.
  • the exchanges with kernel 1 may be as follows:
  • the EP sends 3110 the pre-process message with the amount, the amount other and the transaction type to kernel 1.
  • Kernel 1 responds 3120 with the pre-process response message with the kernel ID - in this case, 1 - and a list of product data.
  • the list of product data contains, for all AIDs supported by the kernel and eligible for the transaction, kernel proprietary data.
  • the kernel proprietary data corresponding to AID(x) will be used by the payment application 1 on the cardholder device, if the cardholder chooses to process the transaction with this AID(x) and this kernel 1.
  • the wireless EP 21 then gathers the responses 3130 from all the kernels to prepare a transact message.
  • the EP sends 3140 the transact message with the list of pre-process responses from the kernels 22 to the terminal 7.
  • the terminal 7 then sends 3210 the transact message with the list of pre-process responses from the kernels 22 to the w'aliet 25.
  • the cardholder 1 then chooses 3220 the AID and the kernel ID that will be used for the transaction. This may be done directly through a user interface, may follow a pre-established default selection, or may take place according to a process that includes other factors relevant to the immediate transaction - this selection is not directly relevant to the present disclosure, and so is not discussed further here. In the example shown in Figure 3, this sel ecti on leads to the choice of payment application 1.
  • the w'allet 25 sends 3230 a prepare Jx data message to the chosen payment application (here, payment application 1).
  • This message contains the product data corresponding to the selected AID and kernel ID.
  • the payment application 1 prepares 3240 transaction data for the transaction, and responds wdth a transaction data message to the wallet 25, this message containing the transaction outcome and kernel proprietary' data.
  • the wallet sends 3250 a transact response message to the terminal 7, this message containing the transaction outcome, the selected kernel ID, the selected AID and the kernel proprietary data prepared by the payment application 23. Assuming the transaction has not been declined, the terminal 7 then sends 3310 a prepare authorization data message to the EP 21 containing the amount, the transaction type, the selected kernel ID, the selected AID and the kernel proprietary data as prepared by the payment application 23. The EP 21 sends 3320 this prepare authorization data message to the selected kernel (kernel 1 in the diagram).
  • the kernel responds 3330 to the EP 21 with an authorization data message containing the outcome of processing at the kernel and kernel proprietary data. Exemplary kernel processing will be discussed further below.
  • the EP 21 forwards 3340 the authorization data message to die terminal 7. Assuming the transaction has not been declined, the terminal then proceeds with authorization 3350 in a conventional manner.
  • the transaction flow indicated here is a minimal version, and it can be added to in other embodiments - for example, change of card by the consumer, change of transaction type, or modification of amount for a tip - but the skilled person will appreciate how these flows could be provided.
  • other data such as currency code, transaction type and so on
  • the parameters exchanged between the entities may be specified in JSON format - this may be used between the wireless EP 21 and the terminal 7, and also between the terminal 7 and the consumer device 11 (wallet 25).
  • the terminal cannot process the transaction according to the flow, the transaction should be aborted, and no message sent to the wireless EP.
  • the kernel processes two messages received from the EP:
  • Transaction Date is stored 420 for later prepare authorization data message processing.
  • the Unpredictable Number is then generated 430 - this may be according to any existing EMV technique - and also stored 440 for later prepare authorization data message processing.
  • All the AIDs in the database are then inspected in an inspection loop - after determining 450 whether there is another AID in supported and whether that AID supports the relevant transaction type key 460 in the database, product data is built 470 using any positive AID/ transaction type combination.
  • Product data is built according to the following plan:
  • the pre-process response message is built 480 in the following format:
  • This pre ⁇ process response message is then sent 490 to the entry point.
  • the prepare authorization data message and its processing will be described in more detail with reference to Figures 5 A to 5C.
  • the parameters are set out further below in the section on messages associated with the terminal and the entry point (as message 12).
  • Figures 5A to 5C provide a flow diagram for the processing of the message. As shown in Figure 5 A, the following parameters are retrieved 510 from the message:
  • This message is sent 540 to the entry point, ending the process.
  • Flowever if the AID is supported, the next step is to determine 550 whether the transaction type is supported. If not, again an appropriate authorization data message is built 560 to indicate this as follows:
  • the message to be sent to the entry point 570 takes the same format as before, but with a different outcome value as shown above.
  • the next check 580 is for whether any mandatory data is missing in data recovered from kernel proprietary data. If any of this data is missing, an authorization data message is built 590 as follows: The message to be sent to the entry point 600 takes the same format as before, but with the outcome value as shown above.
  • the next step is to establish 610 that the card has actually requested authorization of the transaction, which it does with an ARQC cryptogram under EMV standards - this is one of a group of application cryptograms that can be produced by the card, and is the one specifically used for a transaction which a card has accepted and wishes to be authorized. If there is no ARQC cryptogram, an authorization data message is built 620 as follows:
  • the message to be sent to the entry point 630 takes the same format as before, but with the outcome value as shown above.
  • a risk management strategy for the transaction is established 640. It is then established 650 whether there has been cardholder verification appropriate to the transaction. If this fails, an authorisation message is built 660 as follows:
  • a positive authorization data message can then built 680 as follows:
  • This message is then sent to the entry point 690 and can be used as a basis for the subsequent authorization request.
  • Terminal - initiate tx message to wireless EP
  • the transaction is aborted if the status is not “OK”, or if there is not at least one AID in the list.
  • the transact message is then prepared and sent to the consumer device.
  • the transaction is aborted if the transaction outcome is not AUTHORIZE ONLINE.
  • the prepare authorization data message is sent to the wireless EP. 5.
  • the transaction is aborted if the outcome is not “AUTHORIZE ONLINE”.
  • Wireless entry point - initiate Jx message from the terminal Message parameters are described in message 1 above. In processing, the format and values of the parameters are verified.
  • the transact message is sent to the terminal with the following parameter:
  • the pre-process message is prepared and sent to each kernel.
  • the prepare authorization _data message is prepared and sent to the selected kernel.
  • Wireless entry point - prepare authorization data message to the kernel.
  • Wireless entry point - authorization data from the kernel In processing, the authorization data message is prepared with Status value “OK” and sent to the terminal.
  • Kernel ID - Identifies the kernel.
  • Figure 6 is a block diagram of a typical four-party model or four-party payment transaction scheme. The diagram illustrates the entities present in the model and the interactions occurring between entities operating in a card scheme.
  • card schemes - payment networks linked to payment cards - are based on one of two models: a three-party model or a four-party model (adopted by the present applicant).
  • a three-party model or a four-party model (adopted by the present applicant).
  • the four-party model is described in further detail below.
  • the four-party model may be used as a basis for the transaction network.
  • the model comprises four entity types: cardholder 110, merchant 120, issuer 130 and acquirer 140.
  • the cardholder 110 purchases goods or services from the merchant 120.
  • the issuer 130 is the bank or any other financial institution that issued the card to the cardholder 110.
  • the acquirer 140 provides services for card processing to the merchant 120.
  • the model also comprises a central switch 150 - interactions between the issuer 130 and the acquirer 140 are routed via the switch 150.
  • the switch 150 enables a merchant 120 associated with one particular bank acquirer 140 to accept payment transactions from a cardholder 110 associated with a different bank issuer 130.
  • a typical transaction between the entities in the four-party model can be divided into two main stages: authorisation and settlement.
  • the cardholder 110 initiates a purchase of a good or service from the merchant 120 using their card. Details of the card and the transaction are sent to the issuer 130 via the acquirer 140 and the switch 150 to authorise the transaction. Should the transaction be considered abnormal by the issuer 130, the cardholder 110 may be required to undergo an additional verification process to verify their identity and the details of the transaction. Once the additional verification process is complete the transaction is authorised.
  • the transaction details are submitted by the merchant 120 to the acquirer 140 for settlement.
  • the transaction details are then routed to the relevant issuer 130 by the acquirer 140 via the switch 150.
  • the issuer 130 Upon receipt of these transaction details, the issuer 130 provides the settlement funds to the switch 150, which in turn forwards these funds to the merchant 120 via the acquirer 140.
  • the issuer 130 and the cardholder 110 settle the payment amount between them.
  • a service fee is paid to the acquirer 140 by the merchant 120 for each transaction, and an interchange fee is paid to the issuer 130 by the acquirer 140 in return for the settlement of funds.
  • the roles of a specific party may involve multiple elements acting together. This is typically the case in implementations that have developed beyond a contact-based interaction between a customer card and a merchant terminal to digital implementations using proxy or virtual cards on user computing devices such as a smart phone.

Abstract

A method of performing an interaction over a wireless communication network between a first device and a second device is described. The result of this interaction is for processing by a discrete processing system according to a set of protocols. The interaction itself may be processed by a plurality of kernels on the first device and a plurality of applications on the second device. To establish which kernel and application will be used, the following steps are taken. The first device establishes from the plurality of kernels a plurality of possible applications for processing the interaction at the second device, the first device obtaining from the kernels information needed for all the plurality of possible applications to enable the second device to run each possible application to perform the interaction, and provides a message to the second device identifying the plurality of possible applications and the information needed for all the plurality of possible applications. The second device selects one of the plurality of possible applications at the second device and runs that application using the information provided for that application to produce interaction data for the interaction. The second device then sends the choice of application and the interaction data to the first device. This is then provided to the appropriate kernel at the first device which uses the interaction data to obtain an interaction result for processing by the discrete processing system from said one of the plurality of kernels.

Description

WIRELESS TERMINAL APPARATUS AND METHOD
CROSS REFERENCE TO RELATED APPLICATION
This application claims the benefit of United Kingdom Patent Application No. 2108281.3, which was filed on June 10, 2021, the entire contents of which are hereby incorporated by reference for all purposes.
TECHNICAL FIELD
The present disclosure relates to a wireless terminal apparatus and an associated method. The method and apparatus are particularly suitable for use when one of several different applications may be used at a c lient device for interaction with the terminal device.
BACKGROUND
Payment cards such as credit cards and debit cards are very widely used for all forms of financial transaction. The use of payment cards has evolved significantly with technological developments over recent years. Originally, transactions were on paper, using an imprint of a transaction card and confirmed by a signature. This approach was largely replaced by use of a magnetic stripe of a transaction card swiped through a magnetic stripe reader on a point of sale (POS) terminal to perform a transaction. Transaction cards developed to contain an integrated circuit (“chip cards” or “smart cards”) that communicates with a smart card reader in the POS terminal. Using this approach, a transaction is typically confirmed by a personal identification number (PIN) entered by the card user. Cards of this type typically operate under the EMV® specification for interoperation of chip cards and associated apparatus (such as POS terminals and ATMs). For contact communications the EMV specifications are based on the ISO/IEC 7816 standards for operation of cards of this type. Contactless payments are now possible between suitably enabled payment cards or devices and merchant terminals by short range wireless technology proximity protocols, and the EMV specifications implement contactless communication based on the ISO/IEC 14443 standard. Payment cards and devices are provided under a transaction scheme (such as Mastercard, American Express or Visa) and the transaction mechanism is mediated by the transaction scheme infrastructure. EMV chip specifications relate to contact and contactless payment protocols and are publicly available at the EMVCo website (EMVCo is the industry' body tasked with maintaining these specifications with the support of major transaction scheme providers) - https://www.emvco.com/document-searcb/ - and would readily be consulted by the person skilled in the art. Terminology relating to EMV technology not expressly defined in this document is referenced and defined in EMV specifications, as will be appreciated by the person skilled in the art.
A transaction scheme or payment card scheme - involving a payment network linked to a payment card - is typically based on one of two models: a three- party model (adopted by American Express) or a four-party model (adopted by Visa and Mastercard). The relevant parties in the four-party model include a merchant, an acquirer, an issuer and a cardholder. Typically, the four-party model of a credit card or debit card purchase involves an exchange of authorisation request and response messages between the parties prior to the settlement of funds between the cardholder and the merchant. The messages may include transaction data such as a primary account number, a transaction amount, a merchant identifier, and a date and time of the transaction.
Merchant terminals are connected to the acquirer (acquiring bank) supporting the merchant. A transaction is routed to the acquirer from the merchant, and then through the transaction system network provided by the payment scheme provider to the issuer (issuing bank) for the consumer (cardholder). The issuer uses transaction information and its knowledge of the cardholder to determine whether to authorise the transaction, with an authorisation result being routed back through the transaction system infrastructure to the merchant.
Protocols for performing and processing transactions using payment schemes of this type are defined by payment schemes or in some cases by national bodies, with these being typically based on ISO 8583 or its replacement ISO 20022. EMV specifications enable common implementations of such protocols according to specifications developed in connection with EMVCo, with specifications being publicty available as indicated above.
A developing form of transaction is over a short range between a user device (also termed here a consumer device) and a merchant terminal using a wireless communications technology. Currently, such transactions can be conducted as contactless transactions using a contactless protocol, or as e-commerce transactions. Both of these approaches have some disadvantages when compared with a “chip-and- PIN” contact solution. As contactless transactions are triggered by proximity alone, they require special security management, and in most jurisdictions have a low transaction threshold. Online transactions also require a set of specific security protocols which will tend to make the transaction process more complex than for a contact transaction. In short range “wireless” contexts, where a user payment device can communicate locally over an appropriate protocol with a merchant terminal, the payment device will typically be a user mobile phone handset - the merchant terminal is a local computing device that may act as a client to a service provided in the cloud. In these circumstances, it would be desirable to provide a rich set of payment options for the user and to allow full use of the mobile phone interface, while for efficiency it is still desirable that communication between the payment device and the merchant terminal will be constrained. Similar to contactless transactions today, it may w'ell be that for wireless payments the consumer device supports products using different data exchange protocols wlrile the terminal also supports products using different data exchange protocols
The present disclosure has been devised to mitigate or overcome at least some of the above-mentioned problems.
SUMMARY OF THE DISCLOSURE
According to a first aspect of the present disclosure there is provided a method of performing an interaction over a wireless communication network between a first device and a second device for processing by a discrete processing system according to a set of protocols, wherein the interaction may be processed by a plurality of kernels on the first device and a plurality of applications on the second device, wherein: the first device establishes from the plurality of kernels a plurality of possible applications for processing the interaction at the second device, the first device obtaining from the kernels information needed for all the plurality of possible applications to enable the second device to run each possible application to perform the interaction; the first device providing a message to the second device identifying the plurality of possible applications and the information needed for all the plurality of possible applications; the first device receiving from the second device a choice of application from the possible applications and interaction data from the chosen application at the second device for processing by said one of the kernels adapted to support that application; the first device obtaining an interaction result for processing by the discrete processing system from said one of the plurality of kernels.
This approach leads to a particularly effective and flexible response which minimises the number of wireless interactions between the first device and the second device while still allowing the best choice of possible application to be made.
In embodiments, the communications to and from the second device may be mediated through a wireless entry' point, such that the kernels communicate only with the wireless entry point.
In particular embodiments, the interaction is a transaction between a merchant represented by the first device and a consumer represented by the second device acting as a payment device, wherein the discrete processing system is a payment processing network, and the interaction result is a request to authorize the transaction.
In such cases, each of the plurality of kernels may be adapted to provide merchant processing of a transaction performed with one or more payment applications, wherein a payment application is used for processing of a transaction on a payment device. Establishing from the plurality of kernels a plurality of possible applications may then comprise for at least one kernel determining and identifying allowable payment application and transaction type combinations, and it may also comprise providing from that kernel the said combinations together with transaction and merchant information needed by the payment application of each said combination for processing the transaction. This may further comprise said at least one kernel generating an unpredictable number and providing the unpredictable number with said combinations and said information.
In such cases, the interaction data received from the second device may comprise transaction data including an application cryptogram, wherein the interaction result includes a request to authorize the transaction including the application cryptogram. This interaction data may further comprise a cardholder verification strategy and result, and wherein the kernel processing the interaction data determines whether the cardholder verification strategy and result allows a legitimate request for authorization of the transaction.
In a second aspect, the disclosure provides a computing device comprising a processor, a memory, and a wireless communication means, wherein the computing device is programmed to perform the method of the first aspect as set out above. This computing device may be a merchant point-of-sale terminal.
In a third aspect, the disclosure provides a method of performing an interaction over a wireless communication network between a first device and a second device for processing by a discrete processing system according to a set of protocols, wherein the interaction may be processed by a plurality of kernels on the first device and a plurality of applications on the second device, wherein: the second device receives a message from the first device identifying a plurality of possible applications for processing the interaction at the second device and the information needed for all the plurality of possible applications to enable the second device to run each possible application to perform the interaction; selecting one of the plurality of possible applications at the second device; at the second device, running said one of the plurality of possible applications using the information for that possible application from the message received from the first device to produce interaction data for the interaction; and sending to the first device a response message comprising a choice of application from the possible applications and interaction data from the chosen application for processing by said one of the kernels adapted to support that application.
In particular embodiments, the interaction is a transaction between a merchant represented by the first device and a consumer represented by the second device acting as a payment device, wherein the discrete processing system is a payment processing network, and the response message is sent to enable the first device to request authorization of the transaction through the payment processing network.
In such case, receiving the message from the first device may comprise receiving a message identifying allowable payment application and transaction type combinations supported by the first device, together with for the said combinations transaction and merchant information needed by the payment application of each said combination for processing the transaction. The possible applications for processing the interaction may then be payment applications and selecting one of the plurality of possible applications may comprise selecting a payment application for processing the transaction and providing the transaction and merchant information provided in the message to the payment application for processing of the transaction at the second device. The method may further comprise determining a cardholder verification strategy and, if required by the cardholder verification strategy, performing a cardholder verification action for inclusion in the processing of the transaction. Processing of the transaction by the selected payment application may comprise determining whether to complete the transaction and providing an application cryptogram to enable authorisation of the transaction through the payment processing system.
In a fourth aspect, the disclosure provides a computing device comprising a processor, a memory, and a wireless communication means, wherein the computing device is programmed to perform the method of the third aspect as set out above. This computing device may be a payment device, and may be a handheld computing device, such as a mobile telephone handset. Such a payment device may comprise a wallet application for interaction with merchant devices and for management of payment cards associated with the cardholder, and a plurality of payment applications accessible to the wallet application.
BRIEF DESCRIPTION OF TFIE DRAWINGS
One or more embodiments of the disclosure will now be described, by way of example only, with reference to the accompanying drawings, in which:
Figure 1 shows a transaction ecosystem including a payment system along with other parties acting and interacting in the transaction system;
Figure 2 illustrates schematically a terminal system, including its key elements and its set of interactions with other transaction ecosystem elements;
Figure 3 shows an overall transaction flow according to embodiments of the disclosure;
Figure 4 shows exemplary kernel processing of a pre process message in the transaction flow of Figure 3;
Figures 5 A and 5B show exemplary' kernel processing of a prepare authorization data message in the transaction flow of Figure 3; and
Figure 6 shows schematically a transaction system using the four-party model.
DETAILED DESCRIPTION
General and specific embodiments of the disclosure will be described below with reference to the Figures. Figure 1 shows an architecture according to an embodiment of the disclosure appropriate for interaction between a cardholder and a merchant. This embodiment relies on the four-party model for payment interactions, which will be described in more detail in Figure 4 below.
The cardholder 1 uses their computing device - which may be for example a cellular telephone handset, a tablet, a laptop, or any other suitable computing device (here a cellular telephone handset or smartphone 11 is shown) - to act either as a proxy for a physical payment card 6 or as a virtual payment card operating only in a digital domain. The conventional interaction between a physical payment card 6 and a merchant POS terminal 7 is shown, but the smartphone 11 achieves this with a mobile payment application and typically a digital wallet 17 which may be siting within the transaction scheme infrastructure 5. The smartphone 11 is here able to transact with a merchant POS terminal 7 locally wirelessly using an appropriate short range wireless technology. In embodiments of interest here, the merchant 2 may be supported by a cloud service 18 for which the merchant POS terminal 7 is acting as a client.
The transaction scheme infrastructure (transaction infrastructure) 5 here provides not only the computing infrastructure necessary to operate the card scheme and provide routing of transactions and other messaging to parties such as the acquirer 3 and the issuer 4, but also a wallet service 17 to support a digital wallet on the cardholder computing device. Other elements may be present to support digital domain transactions - for example, an internet gateway for a merchant server and a tokenisation provider for tokenising digital cards and an associated digital enablement service - but a main consideration in embodiments of the disclosure is the handling of transactions between a card or other cardholder payment device and a terminal, as the terminal to acquirer connection is under particular consideration. This may have limited ability to carry additional data, or may only be adapted for handling of transaction data according to legacy protocols- in particular, an existing terminal to acquirer connection may not be suitable to handle additional information beyond that provided in a conventional EMVCo protocol transaction.
An exemplary POS terminal for implementing an embodiment of the disclosure is shown in Figure 2, and details of a transaction flow according to an embodiment of the disclosure are set out in detail in Figure 3. Before discussing the details of this terminal and this transaction flow, it is desirable to set out the elements of a transaction between a payment device and a terminal for a transaction according to normal EMV protocols used for contact transactions, and for the modifications made for the contactless case. In contact EMV:
The terminal and payment device make an application choice. There are a number of possible payment applications on a payment device - these are proprietary to payment system providers, and a payment device may have several payment applications a vailable - in the case of a payment device such as a mobile telephone, these may be multiple payment applications from multiple issuers using multiple payment system providers. Payment applications are identified by an Application Identifier (AID).
The terminal reads data from that application.
Data is authenticated offline to make sure the card associated with the payment device is not a counterfeit.
Confirmation of the transaction and of the payment device takes place.
Cardholder verification is done for example with a PIN.
Transaction checks are made at the terminal - for example, for floor limits and the like. This is typically done if there is a choice of authorisation option, but if there is not - for example, if all authorisation will be online, as is increasingly the case - then this step may not be necessary.
The terminal requests approval for the transaction.
The card approves the transaction.
An online authorization request and authentication are completed and sent to the payment authorizer.
The transaction is finalized, and an issuing response is sent back to the card.
Some variation to this model is required for contactless and online transactions. For online transactions, the existing model has been to treat these as “cardholder not present” transactions and to add additional processes for authentication - for example, the additional verification process of 3D-Secure - to ensure security.
For contactless transactions, the process and the security model are limited by the short time period of the transaction and the reliance on physical control and proximity. In EMV protocols, the early stage of a transaction process is governed by the Entry Point specification - the Entry Point specification for contactless transactions is found at https://wwiy.enTvco.com/terms-of-use/9u:::7wp- content/uploa.ds/docitments/B Entry Point Specification v2 7 Finai.pdf. This specification defines five main functional sections: preliminary transaction processing ( also called pre-processing), which is processing prior to the activation of the contactless interface of the reader and before the cardholder is invited to present a contactless card; protocol activation, which is activation of the contactless interface; combination selection, which is selection of the combination to use for the transaction; kernel activation, where Entry Point activates the selected kernel and this begins kernel processing; and outcome processing, where Entry Point processes an outcome according to the type of outcome and the values of the outcome par ameters.
Figure 2 shows the functional arrangement provided by the POS terminal 7 and its interactions with other system elements - here, this is similar to existing contactless architectures in that it also uses an entry point approach. The POS terminal 7 communicates with the transaction scheme infrastructure 5 (also referred to here as the payment scheme network) for processing of the transaction. Interaction with the consumer device 11 is through a wireless connection 20 with the wireless entry point 21 (WEP, or wireless EP) of the terminal 7. The wireless EP 21 is in communication with a number of different wireless kernels 22 (Kernel 1, Kernel 2, ... Kernel N). These wireless kernels are all adapted to interact with different payment applications - a particular payment application on the consumer device 11 will typically not be supported unless there is a wireless kernel in the terminal adapted to support it. The kernels 22 will only communicate via the wireless EP 21. The consumer device is here showm as having a number of payment applications 23 which each may or may not match one of the kernels in the terminal 7 - interaction with these payment applications 23 is by means of a wallet application 25 which also provides the user interface for the user of the consumer device 11. Here, the wireless EP 21 is used to mediate communication effectively - it will be appreciated by the skilled person that other options are also available for mediating interaction between payment applications and kernels, so embodiments of the disclosure may be constructed without an explicit wireless EP 21.
A transaction flow which achieves the intended goals of user functionality and efficient operation follows the following general approach to performing an interaction over a wdreless communication network between a first device and a second device for processing by a discrete processing system according to a set of protocols - while this appl ies to payment over a wireless communication infrastructure, it is applicable to other interactions, particularly those providing permissions or capabilities to a user interacting indirectly with a computing system. Here, the interaction may be processed by a plurality of kernels on a first device and a plurality of applications on a second device - in the payment case, the first device may be a point-of-sale terminal, and the second device a user computing device with a payment capability.
In this approach, the first device establishes from the plurality of kernels a plurality' of possible applications for processing the interaction at the second device. The first device obtains from the kernels such information as is needed for all the plurality of possible applications to enable the second device to ran each possible application to perform the interaction.
The first device then provides a message to the second device identifying the plurality of possible applications and the information needed for all the plurality of possible applications;
A choice of application from the possible applications is made at the second device and interaction data is produced the chosen application at the second device. The choice of application and the interaction data is then provided by the second device to the first device for processing by said one of the kernels adapted to support that application.
The first device then obtains an interaction result for processing by the discrete processing system from said one of the plurality of kernels. In the case of a payment system, this may be an authorisation request for a transaction.
A specific implementation of this approach in the context of the system shown in Figures 1 and 2 is shown in Figure 3. Note that for the purposes of this transaction flow, the terminal 7 is considered to be a discrete entity to the wireless entry point 21 , as are the kernels 22. Similarly, the consumer device 11 is considered discretely from the payment applications 23 that it hosts - in practice, relevant activity at the consumer device 11 is at the w'allet application 25. Exemplary message formats are provided further below, as is an exemplary flow within a specific kernel 22.
A new' transaction is initiated at the terminal 7. The terminal 7 sends an initiate Jx message 3100 to the wireless EP 21, with the amount, the amount other and the transaction type. Note that the currency is fixed and knowm by the different wireless kernels. “Amount other” is used to indicate a cashback payment - if there is no cashback as part of the transaction, it will have a value of zero.
The EP will then do the same with each kernel. For example, the exchanges with kernel 1 may be as follows:
The EP sends 3110 the pre-process message with the amount, the amount other and the transaction type to kernel 1.
Kernel 1 responds 3120 with the pre-process response message with the kernel ID - in this case, 1 - and a list of product data. The list of product data contains, for all AIDs supported by the kernel and eligible for the transaction, kernel proprietary data. The kernel proprietary data corresponding to AID(x) will be used by the payment application 1 on the cardholder device, if the cardholder chooses to process the transaction with this AID(x) and this kernel 1.
The same is done for each kernel.
The wireless EP 21 then gathers the responses 3130 from all the kernels to prepare a transact message. The EP sends 3140 the transact message with the list of pre-process responses from the kernels 22 to the terminal 7.
The terminal 7 then sends 3210 the transact message with the list of pre-process responses from the kernels 22 to the w'aliet 25. The cardholder 1 then chooses 3220 the AID and the kernel ID that will be used for the transaction. This may be done directly through a user interface, may follow a pre-established default selection, or may take place according to a process that includes other factors relevant to the immediate transaction - this selection is not directly relevant to the present disclosure, and so is not discussed further here. In the example shown in Figure 3, this sel ecti on leads to the choice of payment application 1.
The w'allet 25 sends 3230 a prepare Jx data message to the chosen payment application (here, payment application 1). This message contains the product data corresponding to the selected AID and kernel ID.
The payment application 1 prepares 3240 transaction data for the transaction, and responds wdth a transaction data message to the wallet 25, this message containing the transaction outcome and kernel proprietary' data.
The wallet sends 3250 a transact response message to the terminal 7, this message containing the transaction outcome, the selected kernel ID, the selected AID and the kernel proprietary data prepared by the payment application 23. Assuming the transaction has not been declined, the terminal 7 then sends 3310 a prepare authorization data message to the EP 21 containing the amount, the transaction type, the selected kernel ID, the selected AID and the kernel proprietary data as prepared by the payment application 23. The EP 21 sends 3320 this prepare authorization data message to the selected kernel (kernel 1 in the diagram).
The kernel responds 3330 to the EP 21 with an authorization data message containing the outcome of processing at the kernel and kernel proprietary data. Exemplary kernel processing will be discussed further below. The EP 21 forwards 3340 the authorization data message to die terminal 7. Assuming the transaction has not been declined, the terminal then proceeds with authorization 3350 in a conventional manner.
The transaction flow indicated here is a minimal version, and it can be added to in other embodiments - for example, change of card by the consumer, change of transaction type, or modification of amount for a tip - but the skilled person will appreciate how these flows could be provided. For example, with further standardisation, other data (such as currency code, transaction type and so on) may become standardised across kernels and may also be sent as part of a standard message rather than only in proprietary data. In the embodiment described in detail here, the parameters exchanged between the entities may be specified in JSON format - this may be used between the wireless EP 21 and the terminal 7, and also between the terminal 7 and the consumer device 11 (wallet 25). Generally, if the terminal cannot process the transaction according to the flow, the transaction should be aborted, and no message sent to the wireless EP.
Exemplary descriptions of each message are provided at the end of this description. A description of the operation of an exemplary kernel now follows, with reference to Figures 4 and 5A to 5C.
Exemplary Kernel Operation
The kernel processes two messages received from the EP:
• pre-process
• prepare authorization data Processing of the pre-process message requires the building of a list of all AIDs eligible for the transaction, along with the associated data for each AID that will be used by the payment application if that AID is selected.
Processing of the prepare authorization data message requires:
• Verifying that certain requirements are fulfilled
• Deciding whether to decline the transaction or not
• If the transaction is not declined, building a transaction record that can be used to prepare an online authorization.
The pre-process message and its processing will be described in more detail with reference to Figure 4. The parameters of the message are set out further below in the section on messages associated with the terminal and the entry point (as message 8). Figure 4 provides a flow diagram for the processing of the message.
First of all, the following parameters are retrieved 410 from the message:
• Amount
• Amount Other
• Transaction Type
• Transaction Date
Of these, Transaction Date is stored 420 for later prepare authorization data message processing. The Unpredictable Number is then generated 430 - this may be according to any existing EMV technique - and also stored 440 for later prepare authorization data message processing. All the AIDs in the database are then inspected in an inspection loop - after determining 450 whether there is another AID in supported and whether that AID supports the relevant transaction type key 460 in the database, product data is built 470 using any positive AID/ transaction type combination. Product data is built according to the following plan:
Figure imgf000015_0001
The specifics of kernel proprietary data are not of relevance to the present disclosure and is not discussed further here. After the product data has been constructed, the pre-process response message is built 480 in the following format:
Figure imgf000016_0001
This is a list of all the product data for all the AIDs that are usable (it is possible that this will be empty if no AIDs are usable).
This pre ^process response message is then sent 490 to the entry point. The prepare authorization data message and its processing will be described in more detail with reference to Figures 5 A to 5C. The parameters are set out further below in the section on messages associated with the terminal and the entry point (as message 12). Figures 5A to 5C provide a flow diagram for the processing of the message. As shown in Figure 5 A, the following parameters are retrieved 510 from the message:
• amount
• amount other
• transaction type · AID
• Kernel proprietary data
It is determined if an AID is supported 520. If the AID received is not supported, then an authorization data message is built 530 to indicate this as follows:
Figure imgf000016_0002
This message is sent 540 to the entry point, ending the process. Flowever, if the AID is supported, the next step is to determine 550 whether the transaction type is supported. If not, again an appropriate authorization data message is built 560 to indicate this as follows:
Figure imgf000017_0001
The message to be sent to the entry point 570 takes the same format as before, but with a different outcome value as shown above.
The next check 580 is for whether any mandatory data is missing in data recovered from kernel proprietary data. If any of this data is missing, an authorization data message is built 590 as follows:
Figure imgf000017_0002
The message to be sent to the entry point 600 takes the same format as before, but with the outcome value as shown above.
The next step is to establish 610 that the card has actually requested authorization of the transaction, which it does with an ARQC cryptogram under EMV standards - this is one of a group of application cryptograms that can be produced by the card, and is the one specifically used for a transaction which a card has accepted and wishes to be authorized. If there is no ARQC cryptogram, an authorization data message is built 620 as follows:
Figure imgf000017_0003
The message to be sent to the entry point 630 takes the same format as before, but with the outcome value as shown above.
Following this, a risk management strategy for the transaction is established 640. It is then established 650 whether there has been cardholder verification appropriate to the transaction. If this fails, an authorisation message is built 660 as follows:
Figure imgf000018_0001
On failure, the message to be sent to the entry point 670 takes the same format as before, but with the outcome value as shown above. However, if this stage is passed, a positive authorization data message can then built 680 as follows:
Figure imgf000018_0002
This message is then sent to the entry point 690 and can be used as a basis for the subsequent authorization request.
Exemplary Messages and Parameters
Parameters for messages sent to and from the terminal and the wireless entry point will be described below.
1. Terminal - initiate tx message to wireless EP
Figure imgf000018_0003
2. Terminal - transact message from wireless EP
Figure imgf000019_0001
In processing, the transaction is aborted if the status is not “OK”, or if there is not at least one AID in the list. The transact message is then prepared and sent to the consumer device.
3. Terminal - transact message to consumer device
Figure imgf000019_0002
Figure imgf000020_0001
4. Terminal - transact response message from consumer device
Figure imgf000020_0002
Figure imgf000021_0001
In processing, the transaction is aborted if the transaction outcome is not AUTHORIZE ONLINE. After this process, the prepare authorization data message is sent to the wireless EP. 5. Terminal — prepare authorization data message to the wireless
EP
Figure imgf000021_0002
6 Terminal - authorization data message from the wireless EP
Figure imgf000021_0003
Figure imgf000022_0001
In processing, the transaction is aborted if the outcome is not “AUTHORIZE ONLINE”.
7. Wireless entry point - initiate Jx message from the terminal Message parameters are described in message 1 above. In processing, the format and values of the parameters are verified.
In case of error, the transact message is sent to the terminal with the following parameter:
Figure imgf000022_0002
If there is no error, the pre-process message is prepared and sent to each kernel.
8. Wireless entry point - pre-process message to the kernels
Figure imgf000023_0001
9. Wireless entry point - pre-process response from the kernels
Figure imgf000023_0002
When all kernels have responded, all the responses are gathered to build the transact message and send it to the terminal . The value of the Status in the transact message is “OK”.
10. Wireless entry point - transact message to the terminal
Message parameters are described in message 2 above.
11. Wireless entry point - prepare authorization data message from the terminal
Message parameters are described in message 5 above. In processing, the format and values of the parameters need to be verified, with a format error handled in the same way as for message 7. If there is no format error, it is necessary to verify that the kernel ID is supported - the following message is sent on failure.
Figure imgf000024_0001
If the kernel ID is supported, the prepare authorization _data message is prepared and sent to the selected kernel.
12. Wireless entry point - prepare authorization data message to the kernel.
Figure imgf000024_0002
13. Wireless entry point - authorization data from the kernel
Figure imgf000024_0003
In processing, the authorization data message is prepared with Status value “OK” and sent to the terminal.
14. Wireless entry' point - authorization data to the terminal
The message parameters are as for message 6. Data Dictionary
A brief dictionary of terms used above follows - predominantly, these terms are standard EMV terminology, and EMV specifications are a secondary reference.
AID - Specific application identifier. Amount - Authorized amount of the transaction.
Amount other - Secondary amount associated with the transaction representing a cash back amount.
Application Cryptogram - Cryptogram returned by the Card.
Contactless AID - Application identifier for application used for a contactless transaction.
Contactless application label - The application label that was used for a contactless transaction.
Currency - ISO 4217 code for the currency.
Currency Exponent - Number of fractional digits (base 10) in the currency provided by the terminal.
Kernel ID - Identifies the kernel.
Transaction Date - coding YYMMDD
Transaction type - “PURCHASE” or “PURCHASE CASHBACK”.
Unpredictable Number - Contains a Kernel challenge
(random) to be used by the Card consumer device to ensure the variability and uniqueness to the generation of a cryptogram. Four-party Model
Figure 6 is a block diagram of a typical four-party model or four-party payment transaction scheme. The diagram illustrates the entities present in the model and the interactions occurring between entities operating in a card scheme.
Normally, card schemes - payment networks linked to payment cards - are based on one of two models: a three-party model or a four-party model (adopted by the present applicant). For the purposes of this document, the four-party model is described in further detail below.
The four-party model may be used as a basis for the transaction network. For each transaction, the model comprises four entity types: cardholder 110, merchant 120, issuer 130 and acquirer 140. In this model, the cardholder 110 purchases goods or services from the merchant 120. The issuer 130 is the bank or any other financial institution that issued the card to the cardholder 110. The acquirer 140 provides services for card processing to the merchant 120.
The model also comprises a central switch 150 - interactions between the issuer 130 and the acquirer 140 are routed via the switch 150. The switch 150 enables a merchant 120 associated with one particular bank acquirer 140 to accept payment transactions from a cardholder 110 associated with a different bank issuer 130.
A typical transaction between the entities in the four-party model can be divided into two main stages: authorisation and settlement. The cardholder 110 initiates a purchase of a good or service from the merchant 120 using their card. Details of the card and the transaction are sent to the issuer 130 via the acquirer 140 and the switch 150 to authorise the transaction. Should the transaction be considered abnormal by the issuer 130, the cardholder 110 may be required to undergo an additional verification process to verify their identity and the details of the transaction. Once the additional verification process is complete the transaction is authorised.
On completion of the transaction between the cardholder 110 and the merchant 120, the transaction details are submitted by the merchant 120 to the acquirer 140 for settlement.
The transaction details are then routed to the relevant issuer 130 by the acquirer 140 via the switch 150. Upon receipt of these transaction details, the issuer 130 provides the settlement funds to the switch 150, which in turn forwards these funds to the merchant 120 via the acquirer 140.
Separately, the issuer 130 and the cardholder 110 settle the payment amount between them. In return, a service fee is paid to the acquirer 140 by the merchant 120 for each transaction, and an interchange fee is paid to the issuer 130 by the acquirer 140 in return for the settlement of funds.
In practical implementations of a four-party system model, the roles of a specific party may involve multiple elements acting together. This is typically the case in implementations that have developed beyond a contact-based interaction between a customer card and a merchant terminal to digital implementations using proxy or virtual cards on user computing devices such as a smart phone.
Many modifications may be made to the above examples without departing from the scope of the present disclosure as defined in the accompanying claims.

Claims

1. A method of performing an interaction over a wireless communication network between a first device and a second device for processing by a discrete processing system according to a set of protocols, wherein the interaction may be processed by a plurality of kernels on the first device and a plurality of applications on the second device, wherein: the first device establishes from the plurality of kernels a plurality of possible applications for processing the interaction at the second device, the first device obtaining from the kernels information needed for all the plurality of possible applications to enable the second device to run each possible application to perform the interaction; the first device providing a message to the second device identify ing the plurality of possible applications and the information needed for all the plurality of possible applications; the first device receiving from the second device a choice of application from the possible applications and interaction data from the chosen application at the second device for processing by said one of the kernels adapted to support that application; the first device obtaining an interaction result for processing by the discrete processing system from said one of the plurality of kernels.
2. The method of claim 1 , wherein the communications to and from the second device are mediated through a wireless entry point, wherein the kernels communicate only with the wireless entry point.
3. The method of claim 1 or claim 2, wherein the interaction is a transaction between a merchant represented by the first device and a consumer represented by the second device acting as a payment device, wherein the discrete processing system is a payment processing network, and the interaction result is a request to authorize the transaction.
4. The method of claim 3, wherein each of the plurality of kernels is adapted to provide merchant processing of a transaction performed with one or more payment applications, wherein a payment application is used for processing of a transaction on a payment device.
5. The method of claim 4, wherein establishing from the plurality of kernel s a plurality of possible applications comprises for at least one kernel determining and identifying allowable payment application and transaction type combinations, and also comprises providing from that kernel the said combinations together with transaction and merchant information needed by the payment application of each said combination for processing the transaction.
6. The method of claim 5, further comprising said at least one kernel generating an unpredictable number and providing the unpredictable number with said combinations and said information.
7. The method of any of claims 4 to 6, wherein the interaction data received from the second device comprises transaction data including an application cryptogram, wherein the interaction result includes a request to authorize the transaction including the application cryptogram.
8. The method of claim 7, wherein the interaction data further comprises a cardholder verification strategy and result, and wherein the kernel processing the interaction data determines whether the cardholder verification strategy and result allows a legitimate request for authorization of the transaction.
9. A computing device comprising a processor, a memory', and a wireless communication means, wherein the computing device is programmed to perform the method of any of claims 1 to 8.
10. The computing device of claim 9, wherein the computing device is a merchant point-of-sale terminal programmed to perform the method of any of claims 3 to 8.
11. A method of performing an interaction over a wireless communication network between a first device and a second device for processing by a discrete processing system according to a set of protocol s, wherein the interaction may be processed by a plurality of kernels on the first device and a plurality of applications on the second device, wherein: the second device receives a message from the first device identifying a plurality of possible applications for processing the interaction at the second device and the information needed for all the plurality of possible applications to enable the second device to run each possible application to perform the interaction; selecting one of the plurality of possible applications at the second device; at the second device, running said one of the plurality of possibl e applications using the information for that possible application from the message received from the first device to produce interaction data for the interaction; and sending to the first device a response message comprising a choice of application from the possible applications and interaction data from the chosen application for processing by said one of the kernels adapted to support that application.
12. The method of claim 11, wherein the interaction is a transaction between a merchant represented by the first device and a consumer represented by the second device acting as a payment device, wherein the discrete processing system is a payment processing network, and the response message is sent to enable the first device to request authorization of the transaction through the payment processing network.
13. The method of claim 12, wherein receiving the message from the first device comprises receiving a message identifying allowable payment application and transaction type combinations supported by the first device, together with for the said combinations transaction and merchant information needed by the payment application of each said combination for processing the transaction.
14. The method of claim 13, wherein the possible applications for processing the interaction are payment applications, and wherein selecting one of the plurality of possible applications comprises selecting a payment application for processing the transaction and providing the transaction and merchant information provided in the message to the payment application for processing of the transaction at the second device.
15. The method of claim 14, further comprising determining a cardholder verification strategy and, if required by the cardholder verification strategy, performing a cardholder verification action for inclusion in the processing of the transaction.
16. The method of claim 14 or claim 15, wherein processing of the transaction by the selected payment application comprises determining whether to complete the transaction and providing an application cryptogram to enable authorisation of the transaction through the payment processing system.
17. A computing device comprising a processor, a memory, and a wireless communication means, wherein the computing device is programmed to perform the method of any of claims 11 to 16.
18. The computing device of claim 17, wherein the computing device is a payment device programmed to perform the method of any of claims 12 to 16.
19. The computing device of claim 18, wherein the computing device is a handheld computing device.
20. The computing device of claim 19, wherein the computing device is a mobile telephone handset.
21. The computing device of any of claims 18 to 20, wherein the payment device comprises a wallet application for interaction with merchant devices and for management of payment cards associated with the cardholder, and a plurality of payment applications accessible to the wallet application.
PCT/US2022/027583 2021-06-10 2022-05-04 Wireless terminal apparatus and method WO2022260782A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP22725080.0A EP4352679A1 (en) 2021-06-10 2022-05-04 Wireless terminal apparatus and method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB2108281.3 2021-06-10
GBGB2108281.3A GB202108281D0 (en) 2021-06-10 2021-06-10 Wireless terminal apparatus and method

Publications (1)

Publication Number Publication Date
WO2022260782A1 true WO2022260782A1 (en) 2022-12-15

Family

ID=76954584

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2022/027583 WO2022260782A1 (en) 2021-06-10 2022-05-04 Wireless terminal apparatus and method

Country Status (3)

Country Link
EP (1) EP4352679A1 (en)
GB (1) GB202108281D0 (en)
WO (1) WO2022260782A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090112766A1 (en) * 2007-10-25 2009-04-30 Ayman Hammad Device including multiple payment applications
US20130060959A1 (en) * 2011-09-02 2013-03-07 Ebay Inc. Secure elements broker (seb) for application communication channel selector optimization
EP3509027A1 (en) * 2016-08-31 2019-07-10 FeliCa Networks, Inc. Wireless communication device and payment system
EP3648034A1 (en) * 2018-10-29 2020-05-06 MasterCard International Incorporated Non-default payment application selection during emv-compliant payment transaction method
WO2020132476A1 (en) * 2018-12-21 2020-06-25 Square, Inc. Point of sale (pos) systems and methods with dynamic kernel selection

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090112766A1 (en) * 2007-10-25 2009-04-30 Ayman Hammad Device including multiple payment applications
US20130060959A1 (en) * 2011-09-02 2013-03-07 Ebay Inc. Secure elements broker (seb) for application communication channel selector optimization
EP3509027A1 (en) * 2016-08-31 2019-07-10 FeliCa Networks, Inc. Wireless communication device and payment system
EP3648034A1 (en) * 2018-10-29 2020-05-06 MasterCard International Incorporated Non-default payment application selection during emv-compliant payment transaction method
WO2020132476A1 (en) * 2018-12-21 2020-06-25 Square, Inc. Point of sale (pos) systems and methods with dynamic kernel selection

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
"Card Payments Roadmap in the United States: How Will EMV Impact the Future Payments Infrastructure?", 1 September 2012 (2012-09-01), XP055065063, Retrieved from the Internet <URL:http://web.archive.org/web/20121021010658/http://www.smartcardalliance.org/resources/pdf/Payments_Roadmap_in_the_US_091512.pdf> [retrieved on 20130603] *
EMV: "EMV Contactless Specifications for Payment Systems Book B Entry Point Specification; Version 2.1", 21 March 2011 (2011-03-21), pages 1 - 50, XP055533500, Retrieved from the Internet <URL:https://www.emvco.com/wp-content/uploads/documents/B_Entry_Point_Specification_v2_1_March2011_20110406011840641.pdf> *
EMVCO: "EMV Contactless Specifications for Payment Systems (Drafts V2.10) Book A: Architecture and General Requirements", vol. 2,1 ; Contactless, 29 March 2021 (2021-03-29), pages 1 - 119, XP061054870, Retrieved from the Internet <URL:https://www.emvco.com/wp-content/uploads/documents/EMV-Contactless-Book-A-Architecture-and-General-Rqmts-v2.10.pdf> [retrieved on 20210624] *
EMVCO: "Next Generation Kernel System Architecture Overview", vol. 1 ; 2nd Gen, 16 September 2014 (2014-09-16), pages 1 - 65, XP061034272, Retrieved from the Internet <URL:https://www.emvco.com/wp-content/uploads/documents/EMV-Next-Gen-Architecture-Overview-v1.0_201409160406534.pdf> [retrieved on 20170619] *
VAN DEN BREEKEL JORDI ET AL: "EMV in a nutshell", TECHNICAL REPORT, 29 June 2016 (2016-06-29), pages 1 - 37, XP055885192, Retrieved from the Internet <URL:https://web.archive.org/web/20180403164121if_/http://www.cs.ru.nl:80/~erikpoll/papers/EMVtechreport.pdf> [retrieved on 20220130] *

Also Published As

Publication number Publication date
GB202108281D0 (en) 2021-07-28
EP4352679A1 (en) 2024-04-17

Similar Documents

Publication Publication Date Title
US11593790B2 (en) Fault tolerant token based transaction systems
US9978059B2 (en) Systems, apparatus and methods for mobile companion prepaid card
US11726841B2 (en) Adapter for providing unified transaction interface
US20140310183A1 (en) Embedded acceptance system
US20140164243A1 (en) Dynamic Account Identifier With Return Real Account Identifier
US10840975B2 (en) Enhanced device interaction
CN108027925B (en) Card-free payment method and system using two-dimensional code
US11423134B2 (en) System and method employing reduced time device processing
AU2007234789A1 (en) Methods and systems for enhanced consumer payment
US20150262166A1 (en) Real-Time Portable Device Update
US20230222475A1 (en) Rules engine for communication round trips optimization of kernel-in-cloud payment transaction
WO2019246462A1 (en) Systems and methods for processing purchase transactions using a mobile device
US20200320507A1 (en) Transaction selection mechanism
US20200311727A1 (en) Hybrid processing for access device transactions
EP4352679A1 (en) Wireless terminal apparatus and method
US20200273038A1 (en) Transaction system data management
AU2008329649B2 (en) Control system arrangements and methods for disparate network systems
EP3471036A1 (en) Process for financial transactions
CN115879942A (en) Method and system for processing upgrade of request
CN115023720A (en) Online system for using currency at an access device
OA17553A (en) Systems, apparatus and methods for mobile companion prepaid card.

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22725080

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2022725080

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2022725080

Country of ref document: EP

Effective date: 20240110