WO2005086593A2 - Inter-operable, multi-operator, multi-bank, multi-merchant mobile payment method and a system therefor - Google Patents
Inter-operable, multi-operator, multi-bank, multi-merchant mobile payment method and a system therefor Download PDFInfo
- Publication number
- WO2005086593A2 WO2005086593A2 PCT/IN2005/000038 IN2005000038W WO2005086593A2 WO 2005086593 A2 WO2005086593 A2 WO 2005086593A2 IN 2005000038 W IN2005000038 W IN 2005000038W WO 2005086593 A2 WO2005086593 A2 WO 2005086593A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- mobile phone
- mobile
- bank
- inter
- operable
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/042—Payment circuits characterized in that the payment protocol involves at least one cheque
- G06Q20/0425—Payment circuits characterized in that the payment protocol involves at least one cheque the cheque being electronic only
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/18—Payment architectures involving self-service terminals [SST], vending machines, kiosks or multimedia terminals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/223—Payment schemes or models based on the use of peer-to-peer networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3227—Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
Definitions
- This invention relates to an Inter-operable Multi-operator, Multi-bank, Multi-merchant Mobile Payment System.
- This invention makes the mobile phone, a debit/credit instrument for payment as well as an instrument to carry out payment terminal functions.
- the debit/credit card(s) on the mobile phone could be used to carry out payment transactions with another mobile phone, a regular Point-of-Sale terminal, an ATM, a Vending Machine or Internet.
- the existing financial transaction systems involve use of physical currency, debit and credit cards based on Magnetic Stripe technology.
- the Magnetic Stripe debit/credit card based transactions are inherently prone to security violations given to the fact that Magnetic Stripes can be easily read and duplicated.
- the existing smartcard based transaction systems are secure, but mandate use of an expensive Point-of-Sale Terminal to carry out a financial transaction, be it a stored value transaction or an online/offline debit/credit transaction.
- the secure and more reliable alternative lies in use of a mobile phone, which offers computational capabilities and guarantees security with cryptographic support in the phone/SIM operating system.
- Europay Mastercard Visa (EMV) and Common Electronic Purse Scheme (CEPS) standards provide means for development of interoperabe payment scheme.
- A.Little. World is implementing a new interoperable payment brand in India and abroad known as mCheque.
- mCheque platform provides a secure all-purpose debit/credit payment system on mobile phones.
- the proposed solution enables the consumer (hereby referred to as 'payer' or 'customer') to carry out financial transactions from his/her Mobile Phone with debit/credit cards configured on the Mobile Phone and helps the merchant (hereby referred to as 'payee' or 'merchant') to use a hosted Nirtual Terminal service, while the mobile phone of the merchant is used as the payment terminal.
- the payer can use the debit/credit card(s) configured on the Mobile Phone to engage in a payment transaction with the payee application on the regular Point-of-Sale Terminal, Vending Machine, Internet or ATM.
- PKI Public Key Infrastructure
- Mobile Phones will have the capability of a universally usable digital ID (to be issued as an X.509 certificate by a Certification Authority) for digitally signing transactions for non-repudiation.
- RSA is the preferred standard for security implementation for PKI applications of mCheque.
- the application download and personalization of the mobile phone can be done both over-the-counter (OTC) and over-the-air (OTA).
- OTC over-the-counter
- OTA over-the-air
- the complete application functionality for the customer's payment card will be provided on the phone.
- the application functionality for the merchant's terminal will be provided at the back-end as a Nirtual Terminal, with the phone used for confirmation of the transaction (transaction receipt).
- the ready availability of communications network; the display screen; and the large memory on the phone to store and view transaction records helps enhance the Bank's product value for the customer and makes this the most user friendly and versatile payment instrument the customer will ever use.
- the mobile phone can be used both as a credit and debit cards at the same time multiple debit/credit accounts from different banks can be configured on the same mobile phone without any security compromise. A single PIN for all accounts will simplify banking and payment for the customer.
- US Patent No. 6,612,488 describes a method of payment using credit cards using a portable communication terminal such as a cellular phone. However, this method does not avoid the use of the credit card or debit card.
- the portable communication terminal is used to only identify the purchaser to avoid fraudulent use of the cards.
- US Patent No. 6, 678, 664 issued to CheckFree Corporation suggests cashless transactions, e.g. purchases of goods and services without making cash payments at the time of purchase, by transmitting, preferably from a point of purchase, information identifying the purchaser of a product without identifying a payment account for the purchaser, the point of purchase being, for example, a register within a retail store or a server at an internet site.
- the primary object of the present invention is to provide an inter-operable, multi- operator, multi-bank, multi-merchant, mobile payment method and system.
- a regular mobile phone is used as a bank-account linked debit/credit payment instrument to pay any merchant with a regular mobile phone, without customisation of phone hardware.
- the merchant does not need a regular payment terminal.
- the merchant terminal can be a regular Point-of-Sale terminal, vending machine, Internet or ATM.
- a regular mobile phone as an EMN-based payment instrument linked to a debit or credit account in a Bank, to pay any merchant who has a mobile phone or an on-line EMN capable terminal.
- the merchant does not need a regular payment terminal.
- EMN security is fully implemented for this product.
- the ready availability of a communications network; the display screen on the mobile; and the large memory on the phone to store and view transaction records helps enhance the product value for the customer and makes this the most user friendly and versatile payment instrument the customer will ever use.
- the mobile phone can be used both as a credit and debit cards at the same time. Multiple debit/credit accounts from different banks can be configured on the same mobile phone without any security compromise. A single PIN for all accounts will simplify banking and payment for the customer.
- SIM Subscriber Identification Chip
- R-UIM Subscriber Identification Chip module
- the application is developed without need to customize either the phone hardware or software.
- the only change is made to the SIM/R-UIM software through the use of the SIM Application Toolkit or a script using existing SIM/R- UIM browsing environment.
- the application is developed on the phone. As a result, nearly the entire base of mobile phones can be used as cards and terminals without extra investment required in cards or terminals.
- the payment application for debit/credit card on payer's mobile phone and the merchant terminal on payee's mobile phone use security mechanisms prescribed by EMN.
- the application download and personalization of the mobile phone will be done both over-the-counter (OTC) and over-the-air (OTA).
- OTC over-the-counter
- OTA over-the-air
- the complete application functionality for the customer's payment card will be provided on the phone.
- the application functionality for the merchant's terminal will be provided at the back-end, with the phone or a connected PoS terminal being used for confirmation of the transaction (transaction receipt).
- the EMN handler solution will be used to provide an effective intermediary solution to banks that have not yet upgraded their back-end infrastructure to EMV. This applies both to the debit/credit card issuance, transaction authorization and merchant acquiring systems of the bank.
- the transactions will be cleared and settled domestically through the inter-bank switch for domestic transactions or an international settlement agency for cross-border transactions.
- Security Key management will be provided by the scheme operator or the domestic banking regulator for both Symmetric Keys based on 3-DES or AES and Asymmetric Keys based on RSA.
- Funds flow is handled entirely through the banking system, using proven EMV security with the added layer of GSM/CDMA security for secure communications.
- the mCheque Platform in its true sense Of 'Interoperability' is intended to support existing systems and technologies used by mobile operators, mobile phones, transaction systems and banks.
- i Providing printed payment receipt using a mobile phone, wherever possible without making any change on the mobile phone hardware using an external receipt printer.
- j Payment over Internet using debit/credit card on mobile phone.
- k ATM cash-withdrawal using bank card on mobile phone. 1. Person-to-person transfer of payment or funds transfer using mobile phone both domestic and international.
- m Use of Public Key Infrastructure on mobile phones for transactions requiring non- repudiation.
- n Maintaining and managing loyalty pools and coupons on mobile phone.
- This invention thus provides a multi-bank interoperable payment system using mobile phone as debit/credit card which comprises the steps of: (i) establishing connectivity with multiple mobile operators, issuing banks and acquiring banks participating in the "interoperable mCheque system" and inter-bank clearing 8c settlement systems, both domestic and international, via the mCheque back-end system/issuance system; (ii) establishing a link with mutual authentication and trust using standard security mechanism between mCheque issuance system, participating bank and the mobile operator.
- a third party Certification Authority can provide certificates to establish mutual authentication and trust between different systems.
- (iii) providing transaction security which is dependent on the bank's security domain defined on the mobile phone.
- the mobile network is used as a transport and the system does not necessarily depend on the security provided by the mobile network to guarantee transaction security. However, the security provided by the mobile network is treated as a complementary measure.
- Application Provisioning Step-1 loading of payment application containing the basic menus, transaction logic, application security keys and application configuration data; on the target mobile phone of payer/payee using the over-the-air system of the mobile operator;
- Application Provisioning ' Step-2 loading of a conventional Track-2 data provided by the participating bank with EMV security keys and risk management parameters on the target mobile phone of payer using the over-the-air system of the mobile operator;
- Application Provisioning Step-3 (optional): loading of a digital certificate on the target mobile phone of payer/payee using the over- the-air system of the mobile operator requiring non-repudiation; and (vii) establishing a link between the PIN number allotted to the customer and a common mCheque PIN.
- the system takes care of post-issuance activities including blocking/unblocking of debit/credit card, creation/deletion of debit/credit cards, update loyalty pool, loyalty redemption, offering of loyalty coupons, blocking/vmblocking/resetting of PIN, key version control, application version control, restoration of debit/credit accounts and loyalty details for a lost/stolen mobile phone.
- Fig. 1 illustrates the mCheque transaction flow
- Fig. 2 illustrates the mCheque transaction system
- Fig. 3 illustrates the mCheque Card Issuance/Merchant Configuration System
- Fig.4 illustrates the mCheque Digital Certificate System.
- Fig. 1 The use of mobile phone as a debit or credit card involves the following five steps, which is illustrated in Fig. 1.
- Payee Mobile sends a message through mobile network to mCheque back-end with Payer Mobile Number, Transaction Amount and a Random Number.
- mCheque back-end sends a message through mobile network to Payer Mobile with Random Number, Request for Payment and Merchant Details.
- Payer Mobile sends a message to mCheque back-end through mobile network with EMV Cryptogram.
- mCheque back-end through mobile network sends a message to Payee Mobile with Transaction Receipt .
- mCheque back-end through mobile network sends a message to Payer Mobile with Transaction Receipt .
- VTAS mCheque Virtual Terminal Application Server
- Customer Mobile Phone receives the message-2 and displays a confirmation message consisting of Merchant Name, Transaction Amount and Merchant Id. Up on confirmation by the customer, a PIN entry is requested. 2. Up on successful PIN entry, the Customer Mobile Phone generates an Application Request Cryptogram (ARQC) as per EMV specifications using the Card Risk Management Parameters, Random Number, Card Master Key (of the key index assigned for the application in the card security domain). 3. Customer Mobile Phone sends the transaction data with the ARQC to mCheque VTAS.
- ARQC Application Request Cryptogram
- Message-4 Transaction Receipt Message Terminating on Merchant 1.
- mCheque VTAS sends the transaction online for authorization of funds 2.
- mCheque VTAS After receiving transaction authorization from the Issuing Bank of the Debit/Credit Card on Customer's Mobile Phone, mCheque VTAS sends a Payment Receipt to the Merchant. 3.
- mCheque VTAS After confirmation of Receipt delivery, mCheque VTAS issues a Transaction Certificate to the online authorization system of Issuing Bank (denoting completion of transaction) .
- Message-5 Transaction Receipt Message Terminating on Customer Mobile Phone 1.
- mCheque VTAS sends a Payment Receipt to the Customer Mobile Phone.
- the present invention provides a transaction system (refer Fig. 2 and 3) which comprises of an unique mCheque virtual terminal capable of handling communications from mobile phones of the payer and payee and also ensure security of the transaction, said server having means for customer database and merchant data base, means for providing hardware security, means for storing the digital certificates and application software for life cycle management of payer/payee application.
- the process of obtaining a Digital certificate is illustrated in Fig. 4.
- the mobile phone of the user or purchaser through the personalization system of mCheque issuance system will send in the necessary request to the certification authority and after processing the request, the certification authority will forward the required certificate through to the personalization system of mCheque issuance system back to the mobile phone of the payer/payee.
- VTAS Nirtual Terminal Application Server
- VTAS is a secure cluster of virtual EMV terminals, security systems, loyalty systems, bank/operator interfaces running on a High- Availability platform. All mCheque messages originating from the merchant as well as the customer mobile are routed to the VTAS Server. VTAS spawns one instance of Virtual Terminal Application per Merchant Terminal registered in the mCheque system. USAT Interpreter: Application Gateway to interpret and perform application codec (encoding/decoding) functions for data flow between VTAS and Mobile phone. EMV Handler:
- the mCheque EMV Handler performs secure authorization of BMV Application Request Cryptogram (ARQC) generated by the chip card EMV application (debit/credit card) on the customer's mobile phone and generates an EMV Application Response Cryptogram (ARPC).
- ARQC BMV Application Request Cryptogram
- the EMV Handler filters EMV specific data from the financial transaction message and the transaction is sent to the Issuing Bank for funds authorization as if it were a regular magnetic stripe transaction authorization request.
- the EMV Handler therefore provides an effective intermediary Issuing and Acquiring solution for Banks to work with chip cards based on EMV security without having to upgrade their back-end systems to EMV. In case an Issuing Bank is capable of handing EMV transactions directly, the transactions will be directly passed through for authorization by the Bank's EMV Switch.
- the EMV handler system uses a Hardware Security Module compliant to FIPS-140-2 and PKCS#11 standards to carry, out all security operations.
- Remote Personalization System The mCheque Remote Personalization System provides secure personalization of EMV based secure Debit/Credit cards, Loyalty Pools, Coupons on Mobile phone of mobile phones Over-the-Air (OTA).
- the Remote Personalization System also uses the OTA bridge for personalization as well as application updates (such as update of EMV risk parameters). Multiple accounts can be handled on a single Mobile phone by this system.
- the remote personalization system uses a Hardware Security Module to carry out security operations.
- OTA Bridge The mCheque Remote Personalization System provides secure personalization of EMV based secure Debit/Credit cards, Loyalty Pools, Coupons on Mobile phone of mobile phones Over-the-Air (OTA).
- the Remote Personalization System also uses the OTA bridge for personalization as well as application updates (such as update of EMV risk parameters). Multiple accounts can be handled on a single Mobile phone by this system.
- the remote personalization system uses a Hardware Security Module to carry out security operations.
- the mCheque USSD-IP Gateway provides exchange of Unstructured Supplementary Service Data (USSD) messages between the Mobile Station and the IP-based backend of mCheque Payment Platform.
- the mCheque USSD-IP Gateway is co-located with the Master Switching Centre (MSC) of the Mobile Operator through an SS7 (Signaling System 7) link.
- MSC Master Switching Centre
- Host system to switch financial transactions between Switches of participating banks in ISO 8583/XML formats. This system is also used to log the clearing data provided as input to the central Clearing and Settlement Host.
- This system is used process the data that passes through the Transaction Switch to create logs for daily reconciliation to be performed either through a Clearing and Settlements Bank or an automated system.
- the Clearing and Settlement Institution will be given summaries for net settlements between participating Banks and each participating bank will be given detailed logs of all transactions performed by its customers.
- Management Information System of mCheque Payment Platform includes reporting, logging and audit trail of transactional and operational data for all participating entities in the system, including merchants, customers, issuing banks, acquiring banks, mobile operators and personalization system.
- ATM Module :
- PKI based non-repudiable digital-ID and signatures on mobile phone Ideal for all kind of Government payments and transactions. Secure and convenient payment for Internet purchases (unique new method with highest level of security and convenience). ⁇ Instant, anywhere, anytime payment of utility bills; insurance premiums; mobile phone bills; pre-paid top-ups. Payment to vending machines (snacks, beverages, etc.). Cash withdrawal at ATM machines with subscription based access to large number of ATMs in arrangement with banks. ⁇ Loyalty points-pool-on-mobile phone for accumulating rewards from different merchants. Instant over-the-counter redemption.
- the applications are developed without need to customize either the mobile phone hardware. As a result, the entire base of mobile phones available can be used as debit/credit cards and payment terminals without any significant extra investment.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Finance (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
Abstract
This invention relates to an inter-operable Multi-operator, Multi-bank, Multi-merchant Mobile Payment System. This invention makes the mobile phone a debit/credit instrument for payment as well as an instrument to carry out payment terminal functions. The debit/credit card(s) on the mobile phone could be used to carry out payment transactions with another mobile phone, a regular Point-of-Sale terminal, an ATM, a Vending Machine or Internet.
Description
AN INTER-OPERABLE MULTI-OPERATOR, MULTI-BANK, MULTI- MERCHANT MOBILE PAYMENT METHOD AND A SYSTEM THEREFOR.
This invention relates to an Inter-operable Multi-operator, Multi-bank, Multi-merchant Mobile Payment System. This invention makes the mobile phone, a debit/credit instrument for payment as well as an instrument to carry out payment terminal functions. The debit/credit card(s) on the mobile phone could be used to carry out payment transactions with another mobile phone, a regular Point-of-Sale terminal, an ATM, a Vending Machine or Internet.
Introduction:
The existing financial transaction systems involve use of physical currency, debit and credit cards based on Magnetic Stripe technology. The Magnetic Stripe debit/credit card based transactions are inherently prone to security violations given to the fact that Magnetic Stripes can be easily read and duplicated. Also, there are disadvantages in terms of physical damage to the Magnetic Stripe after some swipes on a physical merchant terminal. The existing smartcard based transaction systems are secure, but mandate use of an expensive Point-of-Sale Terminal to carry out a financial transaction, be it a stored value transaction or an online/offline debit/credit transaction.
The secure and more reliable alternative lies in use of a mobile phone, which offers computational capabilities and guarantees security with cryptographic support in the phone/SIM operating system.
Europay Mastercard Visa (EMV) and Common Electronic Purse Scheme (CEPS) standards provide means for development of interoperabe payment scheme. In this context A.Little. World is implementing a new interoperable payment brand in India and abroad known as mCheque. mCheque platform provides a secure all-purpose debit/credit payment system on mobile phones.
The proposed solution enables the consumer (hereby referred to as 'payer' or 'customer') to carry out financial transactions from his/her Mobile Phone with debit/credit cards configured on the Mobile Phone and helps the merchant (hereby referred to as 'payee' or 'merchant') to use a hosted Nirtual Terminal service, while the mobile phone of the merchant is used as the payment terminal. However the payer can use the debit/credit card(s) configured on the Mobile Phone to engage in a payment transaction with the payee application on the regular Point-of-Sale Terminal, Vending Machine, Internet or ATM.
Large-scale use of mobile-to-mobile payment between customers and merchants - using any mobile phone as an EMN debit/credit payment instrument issued by a Bank, to pay any merchant who has another mobile phone. No additional terminal infrastructure apart from mobile phone is required by Bank or by merchants. No compromises made on transaction security.
Funds flow will be handled entirely through the banks, using proven EMN security with the added layer of mobile network security for secure communications. The EMN handler will provide an effective intermediary solution to the Bank without need for the Bank having to upgrade its back-end infrastructure to EMN.
Public Key Infrastructure (PKI) will be used for non-repudiation in specific application areas. Mobile Phones will have the capability of a universally usable digital ID (to be issued as an X.509 certificate by a Certification Authority) for digitally signing transactions for non-repudiation. RSA is the preferred standard for security implementation for PKI applications of mCheque.
The application download and personalization of the mobile phone can be done both over-the-counter (OTC) and over-the-air (OTA). The complete application functionality for the customer's payment card will be provided on the phone. The application functionality for the merchant's terminal will be provided at the back-end as a Nirtual Terminal, with the phone used for confirmation of the transaction (transaction receipt).
The ready availability of communications network; the display screen; and the large memory on the phone to store and view transaction records helps enhance the Bank's product value for the customer and makes this the most user friendly and versatile payment instrument the customer will ever use. The mobile phone can be used both as a credit and debit cards at the same time multiple debit/credit accounts from different banks can be configured on the same mobile phone without any security compromise. A single PIN for all accounts will simplify banking and payment for the customer.
PRIOR ART: There are known instances of various forms of payment mechanisms using mobile devices, such as Singapore Patent Publication No. 86428 using a payment center backend without use of real debit/credit card and involving a bank in the transaction.
US Patent No. 6,612,488 describes a method of payment using credit cards using a portable communication terminal such as a cellular phone. However, this method does not avoid the use of the credit card or debit card. The portable communication terminal is used to only identify the purchaser to avoid fraudulent use of the cards.
US Patent No. 6, 678, 664 issued to CheckFree Corporation suggests cashless transactions, e.g. purchases of goods and services without making cash payments at the time of purchase, by transmitting, preferably from a point of purchase, information identifying the purchaser of a product without identifying a payment account for the purchaser, the point of purchase being, for example, a register within a retail store or a server at an internet site.
Though the aforesaid US patent suggests the use of personal identification information such as purchaser's name, address and drivers license or passport number or any other identification code, this process of identification is little cumbersome and yet requires some document to be carried by the purchaser. Further, the transaction cannot be completed by using a wireless communication device and also it does not offer a virtual terminal to the seller. In other words, the seller is required to have a terminal, a scanner or other similar means to transmit the personal identification details to the bank or to the payment operator.
Objects of The Invention:
• The primary object of the present invention is to provide an inter-operable, multi- operator, multi-bank, multi-merchant, mobile payment method and system. • In the proposed payment method/system, a regular mobile phone is used as a bank-account linked debit/credit payment instrument to pay any merchant with a regular mobile phone, without customisation of phone hardware. The merchant does not need a regular payment terminal. However, the merchant terminal can be a regular Point-of-Sale terminal, vending machine, Internet or ATM.
• Genuine 'card present' transactions using debit/credit cards configured on the mobile phone.
• EMN Handler solution enabling banks to participate in the secure debit/credit card based transactions without having to migrate to EMN.
The following is the scope of the mCheque payment method/system:
Use a regular mobile phone as an EMN-based payment instrument linked to a debit or credit account in a Bank, to pay any merchant who has a mobile phone or an on-line EMN capable terminal. The merchant does not need a regular payment terminal. EMN security is fully implemented for this product.
The ready availability of a communications network; the display screen on the mobile; and the large memory on the phone to store and view transaction records helps enhance the product value for the customer and makes this the most user friendly and versatile payment instrument the customer will ever use. The mobile phone can be used both as a credit and debit cards at the same time. Multiple debit/credit accounts from different banks can be configured on the same mobile phone without any security compromise. A single PIN for all accounts will simplify banking and payment for the customer.
In case of availability of a Subscriber Identification Chip module on the phone (SIM for GSM and R-UIM for CDMA), the application is developed without need to customize either the phone hardware or software. The only change is made to the SIM/R-UIM software through the use of the SIM Application Toolkit or a script using existing SIM/R- UIM browsing environment. In case of phones without having a Subscriber Identification Chip module, the application is developed on the phone. As a result, nearly the entire base of mobile phones can be used as cards and terminals without extra investment required in cards or terminals. The payment application for debit/credit card on payer's mobile phone and the merchant terminal on payee's mobile phone use security mechanisms prescribed by EMN.
The application download and personalization of the mobile phone will be done both over-the-counter (OTC) and over-the-air (OTA). The complete application functionality for the customer's payment card will be provided on the phone. The application functionality for the merchant's terminal will be provided at the back-end, with the phone or a connected PoS terminal being used for confirmation of the transaction (transaction receipt).
The EMN handler solution will be used to provide an effective intermediary solution to banks that have not yet upgraded their back-end infrastructure to EMV. This applies both to the debit/credit card issuance, transaction authorization and merchant acquiring systems of the bank.
The transactions will be cleared and settled domestically through the inter-bank switch for domestic transactions or an international settlement agency for cross-border transactions. Security Key management will be provided by the scheme operator or the domestic banking regulator for both Symmetric Keys based on 3-DES or AES and Asymmetric Keys based on RSA.
Multiple mobile operators and multiple issuer and acquiring banks can be part of the system. Funds flow is handled entirely through the banking system, using proven EMV security with the added layer of GSM/CDMA security for secure communications.
The mCheque Platform in its true sense Of 'Interoperability' is intended to support existing systems and technologies used by mobile operators, mobile phones, transaction systems and banks.
The following are the unique features of the present invention: a. Use of mobile phone as a debit/credit card. b. Use of mobile phone as a merchant terminal. c. Use of mobile phone to have multiple debit/credit cards d. Use of mobile phone to store Track-2 data of a debit/credit card. e. Responsibility of Authentication of mobile debit/credit card transaction lies with the bank and not with mobile operator. f. Provisioning of debit/credit card on mobile phone without a contact interface using OTA interface. g. Provisioning of digital certificate on mobile phone without a contact interface using OTA interface, h. EMV Handler: Authorization of transaction security on behalf of banks. Ability to handle EMV Transactions in a multibank interoperable environment without enforcing the banks to change their existing infrastructure.
i. Providing printed payment receipt using a mobile phone, wherever possible without making any change on the mobile phone hardware using an external receipt printer. j . Payment over Internet using debit/credit card on mobile phone. k. ATM cash-withdrawal using bank card on mobile phone. 1. Person-to-person transfer of payment or funds transfer using mobile phone both domestic and international. m. Use of Public Key Infrastructure on mobile phones for transactions requiring non- repudiation. n. Maintaining and managing loyalty pools and coupons on mobile phone.
This invention thus provides a multi-bank interoperable payment system using mobile phone as debit/credit card which comprises the steps of: (i) establishing connectivity with multiple mobile operators, issuing banks and acquiring banks participating in the "interoperable mCheque system" and inter-bank clearing 8c settlement systems, both domestic and international, via the mCheque back-end system/issuance system; (ii) establishing a link with mutual authentication and trust using standard security mechanism between mCheque issuance system, participating bank and the mobile operator. A third party Certification Authority can provide certificates to establish mutual authentication and trust between different systems. (iii) providing transaction security which is dependent on the bank's security domain defined on the mobile phone. The mobile network is used as a transport and the system does not necessarily depend on the security provided by the mobile network to guarantee transaction security. However, the security provided by the mobile network is treated as a complementary measure. (iv) Application Provisioning Step-1: loading of payment application containing the basic menus, transaction logic, application security keys
and application configuration data; on the target mobile phone of payer/payee using the over-the-air system of the mobile operator; (v) Application Provisioning' Step-2: loading of a conventional Track-2 data provided by the participating bank with EMV security keys and risk management parameters on the target mobile phone of payer using the over-the-air system of the mobile operator; and (vi) Application Provisioning Step-3 (optional): loading of a digital certificate on the target mobile phone of payer/payee using the over- the-air system of the mobile operator requiring non-repudiation; and (vii) establishing a link between the PIN number allotted to the customer and a common mCheque PIN.
The system takes care of post-issuance activities including blocking/unblocking of debit/credit card, creation/deletion of debit/credit cards, update loyalty pool, loyalty redemption, offering of loyalty coupons, blocking/vmblocking/resetting of PIN, key version control, application version control, restoration of debit/credit accounts and loyalty details for a lost/stolen mobile phone.
This invention will now be described with reference to the accompanying drawings, wherein:
Fig. 1 illustrates the mCheque transaction flow;
Fig. 2 illustrates the mCheque transaction system;
Fig. 3 illustrates the mCheque Card Issuance/Merchant Configuration System; and
Fig.4 illustrates the mCheque Digital Certificate System.
The use of mobile phone as a debit or credit card involves the following five steps, which is illustrated in Fig. 1.
1. Payee Mobile sends a message through mobile network to mCheque back-end with Payer Mobile Number, Transaction Amount and a Random Number.
2. mCheque back-end sends a message through mobile network to Payer Mobile with Random Number, Request for Payment and Merchant Details. 3. Payer Mobile sends a message to mCheque back-end through mobile network with EMV Cryptogram. 4. mCheque back-end through mobile network sends a message to Payee Mobile with Transaction Receipt . 5. mCheque back-end through mobile network sends a message to Payer Mobile with Transaction Receipt .
Message-1: Payment Request Message Originating from Merchant
1. Merchant enters the Amount of Transaction, Customer's ID (generally customer's mobile number or a proxy number similar to the mobile number assigned by mCheque) and Merchant PIN using mCheque menus. 2. mCheque Application on Merchant device generates a Random Number (to be used as the seed for the Application Request Cryptogram to be generated on Customer's Mobile Phone for EMV transaction) and signs the transaction data. 3. The Merchant Mobile Phone initiates a session with the mCheque Server and sends the signed data.
Message-2: Confirmation Request Message Terminating on Customer Mobile
1. The signed message from Merchant reaches mCheque Virtual Terminal Application Server (VTAS), which verifies the signature and adds EMV specific terminal risk management parameters and Merchant's Name to the original transaction attributes provided by the merchant. 2. mCheque VTAS initiates a session with Customer Mobile Phone.
Message-3: Confirmation Response Message Originating from Customer Mobile
1. Customer Mobile Phone receives the message-2 and displays a confirmation message consisting of Merchant Name, Transaction Amount and Merchant Id. Up on confirmation by the customer, a PIN entry is requested. 2. Up on successful PIN entry, the Customer Mobile Phone generates an Application Request Cryptogram (ARQC) as per EMV specifications using the Card Risk Management Parameters, Random Number, Card Master Key (of the key index assigned for the application in the card security domain). 3. Customer Mobile Phone sends the transaction data with the ARQC to mCheque VTAS.
Message-4: Transaction Receipt Message Terminating on Merchant 1. mCheque VTAS sends the transaction online for authorization of funds 2. After receiving transaction authorization from the Issuing Bank of the Debit/Credit Card on Customer's Mobile Phone, mCheque VTAS sends a Payment Receipt to the Merchant. 3. After confirmation of Receipt delivery, mCheque VTAS issues a Transaction Certificate to the online authorization system of Issuing Bank (denoting completion of transaction) .
Message-5: Transaction Receipt Message Terminating on Customer Mobile Phone 1. After receiving transaction authorization from the Issuing Bank of the Debit/Credit Card on Customer's Mobile Phone, mCheque VTAS sends a Payment Receipt to the Customer Mobile Phone.
To achieve the above, the present invention provides a transaction system (refer Fig. 2 and 3) which comprises of an unique mCheque virtual terminal capable of handling communications from mobile phones of the payer and payee and also ensure security of the transaction, said server having means for customer database and merchant data base, means for providing hardware security, means for storing the digital certificates and application software for life cycle management of payer/payee application.
The process of obtaining a Digital certificate is illustrated in Fig. 4. The mobile phone of the user or purchaser through the personalization system of mCheque issuance system will send in the necessary request to the certification authority and after processing the request, the certification authority will forward the required certificate through to the personalization system of mCheque issuance system back to the mobile phone of the payer/payee.
The following middleware and application systems constitute the mCheque technology platform:
Backend and Middleware Modules: Nirtual Terminal Application Server (VTAS):
VTAS is a secure cluster of virtual EMV terminals, security systems, loyalty systems, bank/operator interfaces running on a High- Availability platform. All mCheque messages originating from the merchant as well as the customer mobile are routed to the VTAS Server. VTAS spawns one instance of Virtual Terminal Application per Merchant Terminal registered in the mCheque system. USAT Interpreter: Application Gateway to interpret and perform application codec (encoding/decoding) functions for data flow between VTAS and Mobile phone.
EMV Handler:
The mCheque EMV Handler performs secure authorization of BMV Application Request Cryptogram (ARQC) generated by the chip card EMV application (debit/credit card) on the customer's mobile phone and generates an EMV Application Response Cryptogram (ARPC). The EMV Handler filters EMV specific data from the financial transaction message and the transaction is sent to the Issuing Bank for funds authorization as if it were a regular magnetic stripe transaction authorization request. The EMV Handler therefore provides an effective intermediary Issuing and Acquiring solution for Banks to work with chip cards based on EMV security without having to upgrade their back-end systems to EMV. In case an Issuing Bank is capable of handing EMV transactions directly, the transactions will be directly passed through for authorization by the Bank's EMV Switch. The EMV handler system uses a Hardware Security Module compliant to FIPS-140-2 and PKCS#11 standards to carry, out all security operations.
• Remote Personalization System: The mCheque Remote Personalization System provides secure personalization of EMV based secure Debit/Credit cards, Loyalty Pools, Coupons on Mobile phone of mobile phones Over-the-Air (OTA). The Remote Personalization System also uses the OTA bridge for personalization as well as application updates (such as update of EMV risk parameters). Multiple accounts can be handled on a single Mobile phone by this system. The remote personalization system uses a Hardware Security Module to carry out security operations. OTA Bridge:
Application system providing a secure transport of personalization and transaction data between the mCheque Application Backend (VTAS) and the Network Gateway of mobile operators (USSD Center/SMS Center) for. all Over-the-Air application operations on payer/payee mobile phones. The OTA Bridge also takes care of security requirements of the mobile operator.
USSD-IP Gateway:
Network gateway providing exchange of Unstructured Supplementary Service Data (USSD) messages between the Mobile Station and the IP-based backend of mCheque Payment Platform. The mCheque USSD-IP Gateway is co-located with the Master Switching Centre (MSC) of the Mobile Operator through an SS7 (Signaling System 7) link.
• Transaction Switch:
Host system to switch financial transactions between Switches of participating banks in ISO 8583/XML formats. This system is also used to log the clearing data provided as input to the central Clearing and Settlement Host.
• Clearing and Settlements Host:
This system is used process the data that passes through the Transaction Switch to create logs for daily reconciliation to be performed either through a Clearing and Settlements Bank or an automated system. The Clearing and Settlement Institution will be given summaries for net settlements between participating Banks and each participating bank will be given detailed logs of all transactions performed by its customers.
• MIS and Reporting Tools:
Management Information System of mCheque Payment Platform includes reporting, logging and audit trail of transactional and operational data for all participating entities in the system, including merchants, customers, issuing banks, acquiring banks, mobile operators and personalization system. ATM Module:
An application specification will be provided for enhancement of the ATM customer screen to be able to accept ATM cash withdrawal transactions using mCheque. This requires collaboration with ATM vendors and the respective Banks.
Applications
■ Over-the-counter debit/credit payment for small, large and very large amounts. PIN based debit/credit using secure EMV based technology on any mobile phone. More versatile than debit/credit cards. Display screen, PIN pad and storage add tremendously to usability, convenience and control. Multiple cards/accounts can be issued by multiple banks on one mobile. Only one PIN to remember - common PIN for all cards/accounts. Transaction amount limits and daily limits can be managed on mobile phone. ■ Common rewards points pool across all cards/accounts. Small value transactions feasible in both credit and debit mode. Transaction details stored on mobile phone. Balance enquiry. Full audit and traceability. ■ Unique new method to receive payments: eliminates need of cheque-book. PKI based non-repudiable digital-ID and signatures on mobile phone. Ideal for all kind of Government payments and transactions. Secure and convenient payment for Internet purchases (unique new method with highest level of security and convenience). ■ Instant, anywhere, anytime payment of utility bills; insurance premiums; mobile phone bills; pre-paid top-ups. Payment to vending machines (snacks, beverages, etc.). Cash withdrawal at ATM machines with subscription based access to large number of ATMs in arrangement with banks. ■ Loyalty points-pool-on-mobile phone for accumulating rewards from different merchants. Instant over-the-counter redemption.
The applications are developed without need to customize either the mobile phone hardware. As a result, the entire base of mobile phones available can be used as debit/credit cards and payment terminals without any significant extra investment.
Claims
1. An inter-operable, multi-operator, multi-bank, multi-merchant mobile payment method using mobile phone as debit/credit card comprising the steps of: a. establishing connectivity with each mobile operator, issuing bank and acquiring bank participating in the "interoperable mCheque system" and in any inter-bank clearing & settlement systems, via the mCheque back-end system/issuance system; b. establishing a link with mutual authentication and trust using standard security mechanism between mCheque issuance system, participating bank and the mobile operator; c. providing transaction security which is dependent on the bank's security domain defined on the mobile phone; d. loading of payment application containing the basic menus, transaction logic, application security elements and application configuration data; e. loading of at least one conventional Track-2 data provided by the participating bank of the payer, EMV security elements and risk management parameters on the target mobile phone using the over-the-air system of the mobile operator; and f. optional loading of digital certificate on the target mobile phone using the over- the-air system of the mobile operator to support applications requiring non- repudiation; and g. establishing a link between the PIN number allotted to the customer and the common mCheque PIN.
2. An inter-operable mobile payment method as claimed in claim 1, wherein the loading of payment application is carried out using application provisioning step- 1.
3. An inter-operable mobile payment method as claimed in claim 1, wherein the loading of Track-2 data provided by the participating bank is carried out using application provisioning step-2.
4. An inter-operable mobile payment method as claimed in claim 1, wherein the optional loading of the digital certificate on the target mobile phone using the over- the-air system of the mobile operator to support applications requiring non- repudiation is carried out using application provisioning step-3.
5. An inter-operable mobile payment method as claimed in claim 1, wherein multiple debit/credit card Track-2 data are loaded on the mobile phone.
6. An inter-operable mobile payment method as claimed in claim 1, including an EMV handler for handling EMV Transactions in a multi-bank interoperable environment.
7. An inter-operable mobile payment method as claimed in claim 1, including software for maintaining and managing loyalty pools and coupons on mobile phone.
8. An inter-operable, multi-operator, multi-bank, multi-merchant mobile payment system using mobile phone as debit/credit card comprising of; a. mCheque back-end system/issuance system comprising means for establishing connectivity with each mobile operator and issuing bank participating in the "interoperable mCheque system" and in any inter-bank clearing and settlement systems; b. Means for establishing a link with mutual authentication and trust using standard security mechanism between mCheque issuance system, participating bank and the mobile operator; c. Means for providing transaction security which is dependent on the bank's security domain defined on the mobile phone; d. Application provisioning software I to enable loading of payment application containing the basic menus, transaction logic and application configuration data; e. Application provisioning software II to enable loading of at least one conventional Track-2 data provided by the participating bank on the target mobile phone using the over-the-air system of the mobile operator; f. Application provisioning software III for optional loading of digital certificate on the target mobile phone using the over-the-air system of the mobile operator to support applications requiring non-repudiation; and g. Means for establishing a link between the PIN number allotted to the payer and the common mCheque PIN.
9. An inter-operable mobile payment system as claimed in claim 7, wherein multiple debit/credit Card Track-2 data are loaded in the mobile phone.
10. An inter-operable mobile payment system as claimed in claim 7, including an EMV handler for handling EMV Transactions in a multi-bank interoperable environment.
11. An inter-operable mobile payment system as claimed in claim 7, including software for maintaining and managing loyalty pools and coupons on mobile phone.
12. An inter-operable mobile payment system as claimed in claim 7, wherein the mobile phone of user is used as debit/credit card.
13. An inter-operable mobile payment system as claimed in claim 7, wherein the mobile phone of the merchant is used as merchant terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP05747247A EP1828998A2 (en) | 2004-02-05 | 2005-02-04 | Inter-operable, multi-operator, multi-bank, multi-merchant mobile payment method and a system therefor |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| IN165DE2004 | 2004-02-05 | ||
| IN165/DEL/2004 | 2004-02-05 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO2005086593A2 true WO2005086593A2 (en) | 2005-09-22 |
| WO2005086593A3 WO2005086593A3 (en) | 2006-07-06 |
Family
ID=34976031
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/IN2005/000038 WO2005086593A2 (en) | 2004-02-05 | 2005-02-04 | Inter-operable, multi-operator, multi-bank, multi-merchant mobile payment method and a system therefor |
Country Status (2)
| Country | Link |
|---|---|
| EP (1) | EP1828998A2 (en) |
| WO (1) | WO2005086593A2 (en) |
Cited By (40)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008030307A2 (en) | 2006-09-01 | 2008-03-13 | Vivotech Inc. | Methods, systems and computer program products for over the air (ota) provisioning of soft cards on devices with wireless communications capabilities |
| EP1955265A1 (en) * | 2005-11-04 | 2008-08-13 | Utiba Pte Ltd | Mobile phone as a point of sale (pos) device |
| EP2204008A1 (en) * | 2007-10-16 | 2010-07-07 | Nokia Corporation | Credential provisioning |
| EP2266335A1 (en) * | 2008-04-02 | 2010-12-29 | Global 1 Enterprises, Inc. | Transaction server configured to authorize payment transactions using mobile telephone devices |
| WO2011067460A1 (en) * | 2009-12-01 | 2011-06-09 | Vaeaenaenen Mikko | Method and means for controlling payment setup |
| WO2011137493A1 (en) * | 2010-05-05 | 2011-11-10 | Miller, Neil | Remittance system and method |
| EP2396754A2 (en) * | 2009-02-14 | 2011-12-21 | Net2Text Limited | Secure payment and billing method using mobile phone number or account |
| US8121945B2 (en) * | 2006-07-06 | 2012-02-21 | Firethorn Mobile, Inc. | Methods and systems for payment method selection by a payee in a mobile environment |
| US8145568B2 (en) * | 2006-07-06 | 2012-03-27 | Firethorn Mobile, Inc. | Methods and systems for indicating a payment in a mobile environment |
| US20120078783A1 (en) * | 2008-11-28 | 2012-03-29 | Harex Infotech Inc. | Method, apparatus, and system for enabling purchaser to direct payment approval, settlement, and membership subscription using mobile communication terminal |
| US8160959B2 (en) * | 2006-07-06 | 2012-04-17 | Firethorn Mobile, Inc. | Methods and systems for payment transactions in a mobile environment |
| EP2462567A2 (en) * | 2009-05-03 | 2012-06-13 | Logomotion, s.r.o. | A payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction |
| WO2012143911A1 (en) * | 2011-04-22 | 2012-10-26 | Logomotion, S.R.O. | The method of cashless person-to-person money transfer of using a mobile phone |
| AP2639A (en) * | 2005-11-04 | 2013-04-11 | Utiba Pte Ltd | Mobile phone as a point of sale (POS) device |
| US8467766B2 (en) | 2006-07-06 | 2013-06-18 | Qualcomm Incorporated | Methods and systems for managing payment sources in a mobile environment |
| EP2388744A3 (en) * | 2010-05-21 | 2013-07-10 | Intel Corporation | Method and device for conducting trusted remote payment transactions |
| US8489067B2 (en) | 2006-07-06 | 2013-07-16 | Qualcomm Incorporated | Methods and systems for distribution of a mobile wallet for a mobile device |
| US8510220B2 (en) | 2006-07-06 | 2013-08-13 | Qualcomm Incorporated | Methods and systems for viewing aggregated payment obligations in a mobile environment |
| US8620299B2 (en) | 2008-08-12 | 2013-12-31 | Mastercard International Incorporated | Methods, systems and computer readable media for electronically delivering a prepaid card to a mobile device |
| US20140129430A1 (en) * | 2005-10-06 | 2014-05-08 | C-Sam, Inc. | Expert engine tier for adapting transaction-specific user requirements and transaction record handling |
| WO2015055120A1 (en) * | 2013-10-18 | 2015-04-23 | 中国银联股份有限公司 | Device for secure information exchange |
| JP2016501499A (en) * | 2012-12-26 | 2016-01-18 | シナンカード カンパニー リミテッド | Mobile credit card issuance processing method |
| EP3067848A1 (en) * | 2015-03-09 | 2016-09-14 | Gemalto Sa | Method and first and second server for transferring voucher data |
| US9530289B2 (en) | 2013-07-11 | 2016-12-27 | Scvngr, Inc. | Payment processing with automatic no-touch mode selection |
| US9697512B2 (en) | 2001-01-19 | 2017-07-04 | Mastercard Mobile Transactions Solutions, Inc. | Facilitating a secure transaction over a direct secure transaction portal |
| US9767452B2 (en) | 2011-11-03 | 2017-09-19 | Mastercard International Incorporated | Methods, systems, and computer readable media for provisioning and utilizing an aggregated soft card on a mobile device |
| US9886691B2 (en) | 2005-10-06 | 2018-02-06 | Mastercard Mobile Transactions Solutions, Inc. | Deploying an issuer-specific widget to a secure wallet container on a client device |
| US9892386B2 (en) | 2011-06-03 | 2018-02-13 | Mozido, Inc. | Monetary transaction system |
| US9911114B2 (en) | 2006-07-06 | 2018-03-06 | Qualcomm Incorporated | Methods and systems for making a payment via a stored value card in a mobile environment |
| US10026076B2 (en) | 2008-10-06 | 2018-07-17 | Mastercard International Incorporated | Systems, methods, and computer readable media for payment and non-payment virtual card transfer between mobile devices |
| WO2019000060A1 (en) * | 2017-06-26 | 2019-01-03 | Da Silva Diego Sant Ana | System and method for identification and provision of access to a data operator, provision of information, user authentication, equivalent operator selection, establishment of communication via an authentication and communication protocol, and transmission of data and instructions to the equivalent operator |
| US10438196B2 (en) | 2011-11-21 | 2019-10-08 | Mozido, Inc. | Using a mobile wallet infrastructure to support multiple mobile wallet providers |
| US10510055B2 (en) | 2007-10-31 | 2019-12-17 | Mastercard Mobile Transactions Solutions, Inc. | Ensuring secure access by a service provider to one of a plurality of mobile electronic wallets |
| US10937022B2 (en) * | 2012-02-23 | 2021-03-02 | XRomb Inc. | System and method for processing payment during an electronic commerce transaction |
| US10992817B2 (en) | 2009-03-18 | 2021-04-27 | Mastercard International Incorporated | Methods, systems and computer readable media for selecting and delivering electronic value certificates using a mobile device |
| US11132691B2 (en) | 2009-12-16 | 2021-09-28 | Visa International Service Association | Merchant alerts incorporating receipt data |
| US11195163B2 (en) | 2006-09-01 | 2021-12-07 | Mastercard International Incorporated | Methods, systems and computer readable media for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities |
| US20220101298A1 (en) * | 2008-09-22 | 2022-03-31 | Visa International Service Association | Method of performing transactions with contactless payment devices using pre-tap and two-tap operations |
| US11481754B2 (en) | 2012-07-13 | 2022-10-25 | Scvngr, Inc. | Secure payment method and system |
| US12062044B2 (en) | 2013-09-10 | 2024-08-13 | The Toronto-Dominion Bank | System and method for authorizing a financial transaction |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100030651A1 (en) * | 2005-11-04 | 2010-02-04 | Richard Victor Matotek | Mobile phone as a point of sale (POS) device |
| US8429048B2 (en) | 2009-12-28 | 2013-04-23 | Visa International Service Association | System and method for processing payment transaction receipts |
| US9208488B2 (en) | 2011-11-21 | 2015-12-08 | Mozido, Inc. | Using a mobile wallet infrastructure to support multiple mobile wallet providers |
| EP3028227B1 (en) | 2013-07-29 | 2020-03-18 | ExxonMobil Research and Engineering Company | System and method to purchase and dispense fuel and other products using a mobile device with improved user experience |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1998034203A1 (en) * | 1997-01-30 | 1998-08-06 | Qualcomm Incorporated | Method and apparatus for performing financial transactions using a mobile communication unit |
| WO2000049585A1 (en) * | 1999-02-19 | 2000-08-24 | France Telecom | Telepayment method and system for implementing said method |
| WO2002069085A2 (en) * | 2001-02-21 | 2002-09-06 | Citibank, N.A. | Method and system for electronic commerce using a mobile communication system |
| WO2003049364A1 (en) * | 2001-12-04 | 2003-06-12 | Conceptm Company Limited | System and method for facilitating electronic financial transactions using a mobile telecommunication device |
| WO2003052544A2 (en) * | 2001-12-19 | 2003-06-26 | Harexinfotech Inc. | System and method for issuing card and processing blacklist using wireless communications |
| WO2003067530A2 (en) * | 2002-02-07 | 2003-08-14 | Enigma Software Rt. | Architecture of simplified hardware requirements for bank card payment transactions in a large group of clients, transaction terminal unit, extended function sim card, and methods for individualisation and performing transaction |
-
2005
- 2005-02-04 EP EP05747247A patent/EP1828998A2/en not_active Withdrawn
- 2005-02-04 WO PCT/IN2005/000038 patent/WO2005086593A2/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1998034203A1 (en) * | 1997-01-30 | 1998-08-06 | Qualcomm Incorporated | Method and apparatus for performing financial transactions using a mobile communication unit |
| WO2000049585A1 (en) * | 1999-02-19 | 2000-08-24 | France Telecom | Telepayment method and system for implementing said method |
| WO2002069085A2 (en) * | 2001-02-21 | 2002-09-06 | Citibank, N.A. | Method and system for electronic commerce using a mobile communication system |
| WO2003049364A1 (en) * | 2001-12-04 | 2003-06-12 | Conceptm Company Limited | System and method for facilitating electronic financial transactions using a mobile telecommunication device |
| WO2003052544A2 (en) * | 2001-12-19 | 2003-06-26 | Harexinfotech Inc. | System and method for issuing card and processing blacklist using wireless communications |
| WO2003067530A2 (en) * | 2002-02-07 | 2003-08-14 | Enigma Software Rt. | Architecture of simplified hardware requirements for bank card payment transactions in a large group of clients, transaction terminal unit, extended function sim card, and methods for individualisation and performing transaction |
Cited By (77)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9697512B2 (en) | 2001-01-19 | 2017-07-04 | Mastercard Mobile Transactions Solutions, Inc. | Facilitating a secure transaction over a direct secure transaction portal |
| US9886691B2 (en) | 2005-10-06 | 2018-02-06 | Mastercard Mobile Transactions Solutions, Inc. | Deploying an issuer-specific widget to a secure wallet container on a client device |
| US20140129430A1 (en) * | 2005-10-06 | 2014-05-08 | C-Sam, Inc. | Expert engine tier for adapting transaction-specific user requirements and transaction record handling |
| US9626675B2 (en) | 2005-10-06 | 2017-04-18 | Mastercard Mobile Transaction Solutions, Inc. | Updating a widget that was deployed to a secure wallet container on a mobile device |
| US10269011B2 (en) | 2005-10-06 | 2019-04-23 | Mastercard Mobile Transactions Solutions, Inc. | Configuring a plurality of security isolated wallet containers on a single mobile device |
| US10176476B2 (en) | 2005-10-06 | 2019-01-08 | Mastercard Mobile Transactions Solutions, Inc. | Secure ecosystem infrastructure enabling multiple types of electronic wallets in an ecosystem of issuers, service providers, and acquires of instruments |
| US10096025B2 (en) * | 2005-10-06 | 2018-10-09 | Mastercard Mobile Transactions Solutions, Inc. | Expert engine tier for adapting transaction-specific user requirements and transaction record handling |
| US10032160B2 (en) | 2005-10-06 | 2018-07-24 | Mastercard Mobile Transactions Solutions, Inc. | Isolating distinct service provider widgets within a wallet container |
| US10026079B2 (en) | 2005-10-06 | 2018-07-17 | Mastercard Mobile Transactions Solutions, Inc. | Selecting ecosystem features for inclusion in operational tiers of a multi-domain ecosystem platform for secure personalized transactions |
| CN105321064B (en) * | 2005-11-04 | 2019-12-31 | 乌蒂巴私人有限公司 | System and method for using wireless communication device as point of sale device |
| US10296886B2 (en) | 2005-11-04 | 2019-05-21 | Utiba PTE, Ltd. | Mobile phone as point of sale (POS) device |
| EP1955265A4 (en) * | 2005-11-04 | 2011-01-12 | Utiba Pte Ltd | Mobile phone as a point of sale (pos) device |
| CN105321064A (en) * | 2005-11-04 | 2016-02-10 | 乌蒂巴私人有限公司 | System using wireless communication device as point-of-sale device, and method thereof |
| EP1955265A1 (en) * | 2005-11-04 | 2008-08-13 | Utiba Pte Ltd | Mobile phone as a point of sale (pos) device |
| AP2639A (en) * | 2005-11-04 | 2013-04-11 | Utiba Pte Ltd | Mobile phone as a point of sale (POS) device |
| US8467766B2 (en) | 2006-07-06 | 2013-06-18 | Qualcomm Incorporated | Methods and systems for managing payment sources in a mobile environment |
| US8121945B2 (en) * | 2006-07-06 | 2012-02-21 | Firethorn Mobile, Inc. | Methods and systems for payment method selection by a payee in a mobile environment |
| US9911114B2 (en) | 2006-07-06 | 2018-03-06 | Qualcomm Incorporated | Methods and systems for making a payment via a stored value card in a mobile environment |
| US8145568B2 (en) * | 2006-07-06 | 2012-03-27 | Firethorn Mobile, Inc. | Methods and systems for indicating a payment in a mobile environment |
| US8160959B2 (en) * | 2006-07-06 | 2012-04-17 | Firethorn Mobile, Inc. | Methods and systems for payment transactions in a mobile environment |
| US8510220B2 (en) | 2006-07-06 | 2013-08-13 | Qualcomm Incorporated | Methods and systems for viewing aggregated payment obligations in a mobile environment |
| US8489067B2 (en) | 2006-07-06 | 2013-07-16 | Qualcomm Incorporated | Methods and systems for distribution of a mobile wallet for a mobile device |
| EP2062219A2 (en) * | 2006-09-01 | 2009-05-27 | Vivotech, Inc. | Methods, systems and computer program products for over the air (ota) provisioning of soft cards on devices with wireless communications capabilities |
| US11195163B2 (en) | 2006-09-01 | 2021-12-07 | Mastercard International Incorporated | Methods, systems and computer readable media for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities |
| EP2062219B1 (en) * | 2006-09-01 | 2015-07-15 | Mastercard International Incorporated | Methods, systems and computer program products for over the air (ota) provisioning of soft cards on devices with wireless communications capabilities |
| EP2937829A1 (en) | 2006-09-01 | 2015-10-28 | Mastercard International Incorporated | Methods, systems and computer program products for over the air (ota) provisioning of soft cards on devices with wireless communications capabilities |
| WO2008030307A2 (en) | 2006-09-01 | 2008-03-13 | Vivotech Inc. | Methods, systems and computer program products for over the air (ota) provisioning of soft cards on devices with wireless communications capabilities |
| EP2204008A4 (en) * | 2007-10-16 | 2014-03-12 | Nokia Corp | Credential provisioning |
| US8724819B2 (en) | 2007-10-16 | 2014-05-13 | Nokia Corporation | Credential provisioning |
| EP2204008A1 (en) * | 2007-10-16 | 2010-07-07 | Nokia Corporation | Credential provisioning |
| EP3522580A1 (en) * | 2007-10-16 | 2019-08-07 | Nokia Technologies Oy | Credential provisioning |
| US10558963B2 (en) | 2007-10-31 | 2020-02-11 | Mastercard Mobile Transactions Solutions, Inc. | Shareable widget interface to mobile wallet functions |
| US10510055B2 (en) | 2007-10-31 | 2019-12-17 | Mastercard Mobile Transactions Solutions, Inc. | Ensuring secure access by a service provider to one of a plurality of mobile electronic wallets |
| US10546284B2 (en) | 2007-10-31 | 2020-01-28 | Mastercard Mobile Transactions Solutions, Inc. | Mobile wallet as provider of services consumed by service provider applications |
| US10546283B2 (en) | 2007-10-31 | 2020-01-28 | Mastercard Mobile Transactions Solutions, Inc. | Mobile wallet as a consumer of services from a service provider |
| US8301500B2 (en) | 2008-04-02 | 2012-10-30 | Global 1 Enterprises | Ghosting payment account data in a mobile telephone payment transaction system |
| EP2266332A1 (en) * | 2008-04-02 | 2010-12-29 | Global 1 Enterprises, Inc. | Ghosting payment account data in a mobile telephone payment transaction system |
| EP2266087A2 (en) * | 2008-04-02 | 2010-12-29 | Global 1 Enterprises, Inc. | Mobile telephone transaction systems and methods |
| EP2266087A4 (en) * | 2008-04-02 | 2012-02-29 | Global 1 Entpr Inc | Mobile telephone transaction systems and methods |
| EP2266335A4 (en) * | 2008-04-02 | 2012-02-29 | Global 1 Entpr Inc | Transaction server configured to authorize payment transactions using mobile telephone devices |
| EP2266332A4 (en) * | 2008-04-02 | 2012-02-29 | Global 1 Entpr Inc | Ghosting payment account data in a mobile telephone payment transaction system |
| EP2266335A1 (en) * | 2008-04-02 | 2010-12-29 | Global 1 Enterprises, Inc. | Transaction server configured to authorize payment transactions using mobile telephone devices |
| US8620299B2 (en) | 2008-08-12 | 2013-12-31 | Mastercard International Incorporated | Methods, systems and computer readable media for electronically delivering a prepaid card to a mobile device |
| US12086777B2 (en) * | 2008-09-22 | 2024-09-10 | Visa International Service Association | Method of performing transactions with contactless payment devices using pre-tap and two-tap operations |
| US20220101298A1 (en) * | 2008-09-22 | 2022-03-31 | Visa International Service Association | Method of performing transactions with contactless payment devices using pre-tap and two-tap operations |
| US10026076B2 (en) | 2008-10-06 | 2018-07-17 | Mastercard International Incorporated | Systems, methods, and computer readable media for payment and non-payment virtual card transfer between mobile devices |
| US20120078783A1 (en) * | 2008-11-28 | 2012-03-29 | Harex Infotech Inc. | Method, apparatus, and system for enabling purchaser to direct payment approval, settlement, and membership subscription using mobile communication terminal |
| EP2396754A2 (en) * | 2009-02-14 | 2011-12-21 | Net2Text Limited | Secure payment and billing method using mobile phone number or account |
| EP3667588A1 (en) * | 2009-02-14 | 2020-06-17 | Net2Text Limited | Secure payment and billing method using mobile phone number or account |
| US11232428B2 (en) | 2009-02-14 | 2022-01-25 | Boloro Global Limited | System for securing user information by employing phone number and personal identification number |
| EP3447702A1 (en) * | 2009-02-14 | 2019-02-27 | Net2Text Limited | Secure payment and billing method using mobile phone number or account |
| EP2396754A4 (en) * | 2009-02-14 | 2014-08-27 | Net2Text Ltd | Secure payment and billing method using mobile phone number or account |
| US10992817B2 (en) | 2009-03-18 | 2021-04-27 | Mastercard International Incorporated | Methods, systems and computer readable media for selecting and delivering electronic value certificates using a mobile device |
| EP2462567A2 (en) * | 2009-05-03 | 2012-06-13 | Logomotion, s.r.o. | A payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction |
| WO2011067460A1 (en) * | 2009-12-01 | 2011-06-09 | Vaeaenaenen Mikko | Method and means for controlling payment setup |
| US11132691B2 (en) | 2009-12-16 | 2021-09-28 | Visa International Service Association | Merchant alerts incorporating receipt data |
| WO2011137493A1 (en) * | 2010-05-05 | 2011-11-10 | Miller, Neil | Remittance system and method |
| US11935030B2 (en) | 2010-05-21 | 2024-03-19 | Intel Corporation | Method and device for conducting trusted remote payment transactions |
| EP2388744A3 (en) * | 2010-05-21 | 2013-07-10 | Intel Corporation | Method and device for conducting trusted remote payment transactions |
| US9665864B2 (en) | 2010-05-21 | 2017-05-30 | Intel Corporation | Method and device for conducting trusted remote payment transactions |
| WO2012143911A1 (en) * | 2011-04-22 | 2012-10-26 | Logomotion, S.R.O. | The method of cashless person-to-person money transfer of using a mobile phone |
| US9892386B2 (en) | 2011-06-03 | 2018-02-13 | Mozido, Inc. | Monetary transaction system |
| US11120413B2 (en) | 2011-06-03 | 2021-09-14 | Fintiv, Inc. | Monetary transaction system |
| US11295281B2 (en) | 2011-06-03 | 2022-04-05 | Fintiv, Inc. | Monetary transaction system |
| US9767452B2 (en) | 2011-11-03 | 2017-09-19 | Mastercard International Incorporated | Methods, systems, and computer readable media for provisioning and utilizing an aggregated soft card on a mobile device |
| US10546290B2 (en) | 2011-11-03 | 2020-01-28 | Mastercard International Incorporated | Methods, systems, and computer readable media for provisioning and utilizing an aggregated soft card on a mobile device |
| US10438196B2 (en) | 2011-11-21 | 2019-10-08 | Mozido, Inc. | Using a mobile wallet infrastructure to support multiple mobile wallet providers |
| US11468434B2 (en) | 2011-11-21 | 2022-10-11 | Fintiv, Inc. | Using a mobile wallet infrastructure to support multiple mobile wallet providers |
| US10937022B2 (en) * | 2012-02-23 | 2021-03-02 | XRomb Inc. | System and method for processing payment during an electronic commerce transaction |
| US20210256507A1 (en) * | 2012-02-23 | 2021-08-19 | XRomb Inc. | System and method for processing payment during an electronic commerce transaction |
| US11481754B2 (en) | 2012-07-13 | 2022-10-25 | Scvngr, Inc. | Secure payment method and system |
| JP2016501499A (en) * | 2012-12-26 | 2016-01-18 | シナンカード カンパニー リミテッド | Mobile credit card issuance processing method |
| US9530289B2 (en) | 2013-07-11 | 2016-12-27 | Scvngr, Inc. | Payment processing with automatic no-touch mode selection |
| US12062044B2 (en) | 2013-09-10 | 2024-08-13 | The Toronto-Dominion Bank | System and method for authorizing a financial transaction |
| WO2015055120A1 (en) * | 2013-10-18 | 2015-04-23 | 中国银联股份有限公司 | Device for secure information exchange |
| EP3067848A1 (en) * | 2015-03-09 | 2016-09-14 | Gemalto Sa | Method and first and second server for transferring voucher data |
| WO2019000060A1 (en) * | 2017-06-26 | 2019-01-03 | Da Silva Diego Sant Ana | System and method for identification and provision of access to a data operator, provision of information, user authentication, equivalent operator selection, establishment of communication via an authentication and communication protocol, and transmission of data and instructions to the equivalent operator |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2005086593A3 (en) | 2006-07-06 |
| EP1828998A2 (en) | 2007-09-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2005086593A2 (en) | Inter-operable, multi-operator, multi-bank, multi-merchant mobile payment method and a system therefor | |
| CN109313756B (en) | Transaction flow and transaction processing for bridged payment systems | |
| US9292870B2 (en) | System and method for point of service payment acceptance via wireless communication | |
| KR101668872B1 (en) | Techniques for authorization of usage of a payment device | |
| AU2009243159B2 (en) | Portable device including alterable indicator | |
| US20140372300A1 (en) | Smart card electronic wallet system | |
| AU2009279757B2 (en) | Application currency code for dynamic currency conversion transactions with contactless consumer transaction payment device | |
| US8267312B2 (en) | M-commerce virtual cash system, method, and apparatus | |
| US20150058145A1 (en) | Universal check-out system for Mobile Payment Applications/Platforms | |
| US20140081785A1 (en) | Telematic payment card | |
| US20150039455A1 (en) | Universal Interface Card Swipe Terminal Point of Sale System With Multiple Mobile Wallets/Payment Applications | |
| US20070288371A1 (en) | Personal electronic payment system and related method | |
| CN111066044A (en) | Digital support service for merchant QR codes | |
| AU2009201444A1 (en) | Payment apparatus and method | |
| EP2742474A2 (en) | Methods and systems for activating an electronic payments infrastructure | |
| EP3818681A1 (en) | Real time interaction processing system and method | |
| Saxena et al. | MMPS: a versatile mobile-to-mobile payment system | |
| AU2017206203B2 (en) | Application currency code for dynamic currency conversion transactions with contactless consumer transaction payment device | |
| WO2015195217A1 (en) | Universal check-out system for mobile payment applications/platforms | |
| WO2012042277A1 (en) | Transaction systems and methods | |
| TW201828179A (en) | Method of using mobile device to perform sensing-type bank card payment capable of performing a sensing-type point-to-point data transmission by using a bank card and a mobile device without a card reader or a POS machine | |
| GB2493331A (en) | Transaction Systems and Methods | |
| EP3471036A1 (en) | Process for financial transactions | |
| EP2710565A1 (en) | Telematic payment card | |
| AU2012203642A1 (en) | M-commerce virtual cash system, method, and apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| DPEN | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101) | ||
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| WWE | Wipo information: entry into national phase |
Ref document number: 2005747247 Country of ref document: EP |
|
| WWP | Wipo information: published in national office |
Ref document number: 2005747247 Country of ref document: EP |