巴西专利BR112013000494B1 method, unit of payments and system for conducting payments with electronic credits

专利PDF首页>>巴西专利

专利附录

专利说明

权利要求

类似技术

同族专利

引用文献

法律状态

优先权

专利摘要:
SYSTEM FOR SECURE PAYMENT THROUGH A WIRELESS COMMUNICATION NETWORK. The present invention relates to a method of conducting secure electronic credit payments to a payment processor using a credit payments unit, comprising a smart card, a portable card reader device and a mobile phone, and a payment server. payments. The method is based on the use of a unique reader key on the card reader device to encrypt all confidential smart card information communicated to the payment server, and is therefore able to use an insecure mobile phone to communicate with the payment server. The payment server then completes the transaction with the payments made over a secure line.
公开号:BR112013000494B1
申请号:R112013000494-0
申请日:2010-10-26
公开日:2020-10-27
发明作者:Stefan Lund
申请人:Paypal, Inc；
IPC主号:

专利说明:

Technical Field
[0001] The invention relates generally to the field of secure electronic credit transactions and, more particularly, to a method and system for secure credit card payments over the Internet using a portable card reader device and a mobile device, such as a mobile phone. Background
[0002] Every day an incredible number of credit card payments are made worldwide, and the number of payments is steadily increasing. Most credit card payments are made in stores using a point of sale (POS) terminal where a person inserts or passes their credit card and identifies themselves with a personal identification number (PIN), or on the Internet using a computer where the person enters their credit card details and in some cases also a security code. However, using a credit card to make payments at a POS terminal or on the Internet has the risk of having your credit card information hijacked and used without consent. In recent years, there have been many reports of fake or hacked POS terminals used in restaurants and stores where customer credit card information has been hijacked. Theft of credit card information on the Internet is often accomplished using everything from advanced eavesdropping programs to falsifying web sites designed for legitimate use, but for the sole purpose of hijacking credit card information. Another disadvantage of current credit card payment systems is that it is almost impossible to make a direct payment from person to person.
[0003] A much safer and easier way to make payments would be to have your own POS terminal with which the person could carry out all your transactions. Unfortunately, a POS terminal is very expensive to buy and use and the person would have to pay a fee for each transaction, it is also very bulky for the person to carry and so in reality only a business establishment can own one. Thus, a way to make secure payments with credit cards in stores, on the Internet and from person to person that is cheap, easy to manage and portable is very much desired. Summary of the Invention
[0004] With the foregoing description in mind, then, one aspect of the present invention is to provide a way for a private person or business to easily and securely make secure payments with credit cards that seeks to mitigate, alleviate or eliminate one or more deficiencies previously identified in the technique and disadvantages separately or in any combination.
[0005] As will be described in more detail below by means of aspects of the present invention, a way for a private person or business to easily and securely perform secure credit card payments is to use a portable card reader device together with a mobile phone communicating with a payment server in accordance with the following aspects of the present invention.
[0006] A first aspect of the present invention concerns a method of conducting electronic credit payments to a payment processor using a credit payments unit, comprising a smart card, a card reader device and a mobile phone, and a server of payments, wherein said method comprises initializing said unit of payments with credits when establishing communication between said smart card and said card reader device, and establishing communication between said card reader device and said mobile phone, establishing communication between said credit payment unit and said payment server using said mobile phone, communicating a reader serial number stored in said card reader device via said mobile phone to said payment server, deriving a key reader, used in said card reader device to encrypt information, in said data server and payments based on said communicated reader serial number and a reader master key stored on said payment server, reading, on said card reader device, smart card information from said smart card, and encrypting said card information smart using said reader key, receiving payment details entered by user and a subscription entered by user on said mobile phone, communicating, using said mobile phone, said smart card information encrypted by said card reader device, said payment details and said signature for said payment server, decrypt and verify said smart card information on said payment server, and communicate said payment details from said payment server to said payment maker, and complete thus an electronic credit payment.
[0007] The method in which said communication between said smart card and said card reader device can be further encrypted using said reader key in said card reader device.
[0008] The method in which said communication between said payment unit with credits and said payment server using said mobile phone can be further encrypted using the Transport Layer Security protocol or the Sockets Layer protocol. Safety.
[0009] The method in which said signature entered by user can additionally be a graphic image of said signature of user introduced in a display on said mobile phone.
[00010] The method in which said communication of said payment details from said payment server to said payment agent can be additionally encrypted.
[00011] The method may additionally comprise receiving, on said payment server, a confirmation from said payment holder that said payment with electronic credit has been completed.
[00012] The method may additionally comprise generating a receipt of said payment with electronic credit on said payment server, sending said receipt to said unit of payments with credits and displaying said receipt on said mobile phone.
[00013] The method may additionally comprise storing said receipt and said signature in a record.
[00014] The method in which said payment with electronic credit may additionally be in accordance with an EMV payment system specification.
[00015] A second aspect of the present invention concerns a credit payment unit adapted to communicate with a payment server to make payments with electronic credits, comprising a smart card containing smart card information, a card reader device containing a unique reader serial number and a unique reader key, wherein said card reader device is adapted to read said smart card information and to encrypt said smart card information using said reader key; and a mobile phone adapted to communicate with said payment server, wherein said mobile phone is further adapted to read said reader serial number and said encrypted smart card information, wherein said mobile phone is further adapted to receive payment details entered per user and a subscription entered per user, and wherein said mobile phone is further adapted to communicate said reader serial number, encrypted smart card information, payment details and subscription to said payment server. payments to complete a secure credit payment.
[00016] The credit payment unit in which said mobile phone can be further adapted to receive a receipt from said payment server and to display said receipt on a display on said mobile phone.
[00017] The credit payment unit in which said mobile phone can be additionally adapted to receive said payment details entered via a touch sensitive display.
[00018] A third aspect of the present invention relates to a system for conducting payments with electronic credits to a payment payer using a credit payment unit according to the second aspect previously exposed of the present invention, and in which the system is adapted to perform the above method according to the first aspect of the present invention. Brief Description of Drawings
[00019] Objectives, resources and additional advantages of the present invention will appear from the detailed description below of some modalities of the invention, in which some modalities of the invention will be described in more detail with reference to the attached drawings, in which: Figure 1a shows a smart card, a card reader device and a mobile phone that can be mounted in a unit capable of making secure payment with credits; figure 1b shows a secure credit payment unit, comprising a mobile phone, a card reader and a smart card, assembled and ready to make credit payments, according to an embodiment of the present invention; Figure 1c shows a secure credit payment unit, comprising a mobile phone, a card reader and a smart card, assembled and ready to make credit payments, where the card reader device is communicating wirelessly with the mobile phone, according to an embodiment of the present invention; figure 1d shows a dedicated card reader device, such as, for example, a mobile phone, ready to make payments with credits, according to an embodiment of the present invention; figure 1e shows a secure credit payment unit, comprising a mobile phone and a smart card, ready to make credit payments, where the wireless card reader device inside the mobile phone is communicating wirelessly with the smart card, according to an embodiment of the present invention; figure 2 shows a scheme of a secure payment system with credits, according to an embodiment of the present invention; figure 3 shows a flowchart of the process of configuring the hardware and software of the credit payment system, according to an embodiment of the present invention; and figure 4 shows a flow chart of the secure credit payment process, according to an embodiment of the present invention. Detailed Description
[00020] Modalities of the present invention will be described more fully below with reference to the accompanying drawings, in which modalities of the invention are shown. This invention, however, can be incorporated in many different forms and should not be construed as limited to the modalities set out in this document. Instead, these modalities are provided so that this disclosure is perfect and complete, and carries the entire scope of the invention to those skilled in the art. Like reference symbols refer to like elements throughout the drawings.
[00021] Modalities of the present invention will be exemplified using a mobile communication device such as a mobile phone. However, it should be noted that the invention as such is equally applicable to electronic devices that have wired and / or wireless radio capabilities. Examples of such devices, for example, can be any type of mobile phone, laptops (such as standard netbooks, ultraportables and laptops), handheld computers, PDAs, computer gaming devices, accessories for mobile phones, etc. However, for the sake of clarity and simplicity, the modalities outlined in this specification are exemplified only with mobile phones and related to them.
[00022] Figure 1a shows the individual parts that, in one embodiment of the present invention, together form a device 100, hereinafter referred to as a secure credit payment unit, which constitutes a small portable terminal that can be used to make secure payments with smart card credits over a wireless communication network. The first part is a mobile phone 101 comprising a housing, a display area 102, and devices 103 for navigating between items displayed in the display area 102 and entering text and numbers into the mobile phone. Display area 102, which is preferably touch sensitive, can comprise one or more status indication areas and / or programmable key bars. Display area 102, and the items displayed therein, can be operable using navigation devices 103 or by touching it with a pen-like object or one with a finger. The mobile phone 101 can also comprise other elements normally present in such devices such as a speaker, a microphone, a camera, a photo sensor (for example, ambient light), an infrared (IR) light sensor, an emitting diode infrared light (IR LED), processing devices, memory devices, one or more accelerometers, a vibration device, an AM / FM radio transmitter and receiver, a digital audio broadcast transmitter and receiver, a GPS device, a Bluetooth device, a WiFi device, a near-field communication device, an antenna module and a communication interface 104 for external units. External units connected to the mobile phone 101 via the communication interface 104 can be controlled by applications running on the mobile phone and / or using resources on the mobile phone (such as the transceiver) according to their own discretion without the need or involvement of any applications mediators on the mobile phone.
[00023] The second part of the secure credit payment unit 100 is a card reader device 106. The card reader device 106 can be equipped with an interface 105 to connect to another device such as a mobile phone 101. A interface can be a typical communication interface (for example, iPhone connector) used in the mobile communication industry, or it can be a special interface used in combination with the modalities of the present invention. The card reader device 106 can be connected to the mobile phone 101 directly, using its communication interface 105, when it is physically connected to the corresponding mobile phone communication interface 104, or it can be connected via an adapter between the interface of communication 104 of mobile phone 101 and communication interface 105 of card reader device 106. The card reader device in some variants of the embodiment can also be connected to mobile phone 101 using a wire.
[00024] The card reader device may comprise a smart card reader slot 107 where a smart card can be inserted entirely (completely), or in part (only a part). The smart card reader slot 107 may or may not be provided with a protective closure.
[00025] The card reader device 106 in a variant of the embodiment can also comprise a common magnetic tape reader with a reader opening, through which a credit card can be slid to be read.
[00026] The card reader device 106 may comprise all or some of a card reader for reading and / or writing information on a microchip embedded in a smart card and / or reading and / or writing information on a magnetic tape on a card credit cards, special hardware units for decryption / encryption of information read and written to the microchip and magnetic tape, hardware and software to communicate with external devices such as a mobile phone, and / or hardware and software performing decryption and encryption of all incoming and outgoing communication with external units. The encryption / decryption performed by the card reader device 106 meets all the requirements of worldwide security standards for online transfer of credit card details.
[00027] The card reader device 106 in a variant of the modality can also comprise a touch screen where a user can enter information such as his signature, PIN code, recording acts and / or other personal identification information. The card reader device 106 can also be fitted with other input devices or sensors capable of recording biometric data such as when reading fingerprints, scanning a retina, recording and analyzing the person's voice, recording and analyzing the person's facial features, detect movement patterns in three dimensions, detect a person's recording rate, and detect a person's dynamic signature.
[00028] The card reader device 106 can also be tamper-proof so that the circuits and software within the card reader device are destroyed in addition to recovery if the card reader device is disassembled in any way with or without force.
[00029] The third part of the secure credit payment unit 100 is a smart card 108. A smart card, a chip card, or an integrated circuit card is defined to be any type of pocket or credit card with a embedded integrated circuit or built-in microchip 109. Smart cards 108 often comprise microprocessor components and a volatile or non-volatile memory, or both, and can retain information (such as credit card information, card number, personal details with cardholder, account number or numbers, payment server addresses, etc.) and are programmed to perform certain specific operations and / or to run applications stored in its memory. A smart card 108 can also provide strong security authentication for a single system entry and may include specialized cryptographic hardware that uses algorithms such as Triple DES, RSA and DSA. A smart card in general is capable of containing more information than a magnetic stripe card and it can be prepared and programmed for different tasks. Some cards may contain programming and data to support multiple applications and some may be updated to add new applications after they are issued. Smart cards can be designed to be inserted into a smart card slot 107 and read by a card reader device 106, or to be read from a distance using near field communication techniques. We will not go into any further details regarding the construction or functionality of smart cards since it is not crucial to understand the different modalities, and their variants, of the present invention. However, detailed information can be obtained, for example, from the ISO 7816 smart card standard.
[00030] The three parts, i.e., the mobile phone 101, the card reader device 106 and the smart card 108, in figure 1a can be placed together to form a secure payment unit with credits 110 as shown in figure 1b . The communication interface of the card reader device 113 can be physically pushed into the mobile phone 111 and the smart card 114 can then be inserted into the card slot in the card reader device 113, thus forming a single unit 110 capable of making payment insurance with credits.
[00031] In an embodiment of the present invention, the mobile phone 111 acts only as a transceiver and does not contain or process any information for or from the card reader device 113. In a variant the mobile phone may have software that processes part of the information from the card reader device 106 and / or a remote part such as a server communicating with the mobile phone 101. However, the mobile phone 111 in a variant can be used to obtain user identification information using the secure credit payment unit 110. An example of identification information that can be obtained can be, for example, the user's signature engraved with a pen 116 (or something similar) on touchscreen display area 112 of the mobile phone 111.0 user can also be guided to enter (for example, drag on the touchscreen) certain patterns, enter username and password, address, birthplace, social security number or similar information. Biometric information (such as appearance, voice, fingerprint, etc.) in a modality can also be entered via the mobile phone and used in a unique way or together with the user's signature to identify the user.
[00032] Figure 1c shows a variant of a secure payment unit with credits where the card reader device 122 is not physically connected to the mobile phone 120. In this variant the smart card 123 is inserted into the card slot of the card reader device 122 which communicates via a wireless link 121 (or optionally via a wire) with the mobile phone 120. Wireless communication 121 between the card reader device 122 and the mobile phone 120 in a variant of the modality can be encrypted, using standard encryption algorithms, to eliminate eavesdropping.
[00033] Figure 1d also shows another variant of a secure credit payment unit where the card reader device is built into the mobile phone 130 (in this case a touch type mobile phone) and the smart card 131 is inserted directly on the mobile phone 130, or the mobile phone 130 has a standard built in card reader and hardware and / or software within the mobile phone 130 perform, together with the standard card reader, the card reader device functions.
[00034] Figure 1e also shows another variant of a secure credit payment unit where the card reader device is built into the mobile phone 140 and the mobile phone communicates with microchip 142 on the smart card 143 via a wireless link 141. Wireless communication between microchip 142 and mobile phone 140 can be encrypted or not. Also in another embodiment, microchip 142 can communicate via wireless link 141 with a card reader device (not shown) connected to mobile phone 140.
[00035] Figure 2 shows a block diagram of a system for making secure payment with credit 200 using a secure payment unit with credit 201 comprising a mobile phone 204, a card reader device 202 and a smart card, as described in detail in combination with figures 1a to 1e.
[00036] Card reader device 202 has been programmed (either hardware or software, or both) with a unique card reader device key (hereinafter referred to as a reader key, RK) and a unique reader serial number ( hereinafter referred to as reader serial number, RSN) at the time of manufacture or after being manufactured by the card issuer. As discussed in combination with Figure 1a, the card reader device 202 can be made tamper-proof so that it is impossible to have illegal access to RK without destroying the card reader device.
[00037] A payment procedure can be initiated by activating the card reader device 202 by connecting it to the mobile device 204 and thus automatically or manually starting a dedicated software application on the mobile device 204. The payment procedure in a variant can be initiated by inserting a smart card into the card reader device 202 that has already been connected to the mobile phone 204. The software application, when started, will then configure the communication between the mobile phone 204 and the card reader 202, and in a variant also with the smart card 203.
[00038] The mobile phone 204 then establishes communication with a payment server 208, which can be owned and maintained by any one of the credit card issuer, the card reader device manufacturer (if not the same company) , a company that owns the card reader device, or a bank. Communication between the mobile phone 204 and the payment server 208 is encrypted using, for example, standard encryption protocols such as the Security Transport Layer (TLS), the Security Sockets Layer (SSL) or some other encryption method appropriate.
[00039] When secure communication has been established between the mobile phone 204 and the payment server 208 (using TLS, SSL or some other encryption method), the card reader device 202 transmits its unique RSN in plain text, or encrypted ( by the card reader device) if enhanced security is required, via the mobile phone 204 now acting only as a communication port or transceiver relaying information between the card reader device 202 and the payment server 208. On the payment server 208, a card identification software application 210 derives, in cooperation with a security module 212, the unique RK of the card reader device based on the received RSN and a Reader Master Key (RMK) stored in the security module 212 ( which can be done in hardware or in software or both). In this way the payment server is able to decrypt RK encrypted information sent by the card reader device during the payment process. The RMK can be issued by the card manufacturer, the card reader device manufacturer or the card reader device owner company. Security module 212 can be included as a unit on payment server 208 (as illustrated by dotted box 211 enclosing both security module 212 and payment server 208) or it can be a standalone server 212 communicating with the payment server using encryption.
[00040] When the RK is derived a confirmation can be sent or not to the payment unit with credits 201. All information exchanged between the card reader device 202 and the payment server 211 and / or the security module 212 is then encrypted using the RK. In this way, no confidential information arriving from the card reader device (or from the payment server 208 and / or the security module 212) can be accessed or revealed by the mobile phone 204 or any external entity listening illegally to the communication between 206, the mobile phone 204 and security module 212 (i.e., wired or wireless communication over a network such as the Internet 206) since it is encrypted using the RK. In this way, a usual and unsecured mobile phone can be used to execute a secure credit payment transaction without jeopardizing any confidential card information.
[00041] The information transmitted wirelessly and over the Internet 206 by the card reader device 202 is both encrypted with RK and with a standard encryption protocol, such as TSL or SSL, used in the communication between the mobile phone 204 and the payment server 208. However, the information entered in the mobile phone 204 and communicated to the payment server 211 is encrypted using only a standard encryption protocol, such as TSL, SSL or any other suitable encryption protocol.
[00042] When a cardholder wishes to make a payment, the smart card information stored on smart card 203 (in a memory on the smart card microchip) is read and processed by the card reader device 202. This processing may or may not include decryption (and / or encryption) of the information communicated between the smart card 203 and the card reader device 202.
[00043] In an embodiment of the present invention the cardholder is then asked to enter payment details which, for example, can be details regarding the recipient of the payment, the amount to be paid, personal details (such as address, social security number place of birth, etc.), from which account to withdraw money, whether a receipt and / or confirmation of the transaction is desired or not, etc. Then the cardholder is asked to contract the transaction when recording his signature on the touchscreen of the mobile phone (or the card reader device). Payment information containing the encrypted RK smart card information, the graphic signature and payment details is then sent, using a standard encryption protocol such as TSL or SSL, together with the RK encrypted information by the smart card 203, from the reader device card 202 to payment server 208.
[00044] In a variant, biometric information has to be entered together with signature or instead of it on the mobile phone 204 or on the card reader device 202.
[00045] Payment server 208 and security module 212 then decrypt the encrypted smart card information RK in the payment information received and the card identification software on the payment server identifies the smart card information, payment details and the cardholder's graphic signature. In this way, the payment server 211 can verify that the payment information is connected to a legitimate and valid smart card 203. Payment details and / or the cardholder's graphic signature can then be communicated via the security module 212, for a payment server 214 via a security module 216. In the same way as with payment server 208 and security module 212, security module 216 and payment server 214 can be realized as units standalone or embedded in the same server (as illustrated by the dotted box 217 closing both the security module 216 and the payment processor 214). When the payment server 214 receives the payment details and / or the cardholder's graphic signature and accepts them, a message can be sent to the payment server 211 where a payment receipt can be generated and sent to the mobile phone 204 to alert the user that transactions have been completed. The message may contain information regarding the completion of the transaction and / or the cardholder's graphic signature. The payment receipt can also be stored in a 218 register together (or not) with the cardholder's graphic signature. In a variant, the payment receipt can instead be generated on the payment server 214 and sent to payment server 208 which relays it to a record 218 (together or not with the cardholder's graphic signature) and also to mobile phone 204 to alert the user that transactions have been completed.
[00046] The payment processor server 217 usually belongs to a bank, a credit company or a credit institute that is managing the account of the person or company for which payment is made.
[00047] Communication between security modules 212 and 216 is usually encrypted using some standard strong encryption method.
[00048] An optional collector 215 can be located between payment server 211 and payment server 217. A typical collector 215 can be, for example, a bank, a credit company or a credit institute handling payment transactions for the user making the payment or for the payment maker receiving the payment. Collector 215 can then authorize all transactions and payment instructions between the two servers 211, 217. Communication between servers 211 and 217 is usually encrypted using some standard strong encryption method.
[00049] A registry or a 218 database saves all, or some (depending on local laws and regulations), transactions made in the secure payment system with 200 credits in conjunction or not with the cardholder's graphic signature.
[00050] In an embodiment of the present invention, payment server 208 is responsible for saving and using transaction information made in the secure payment system with credits 200 in register 218. The server with the register can be placed in the vicinity of the payment server payments 211 (in a variant it can be incorporated into the payment server 211) or it can be placed in another geographic location. Communication between register 218 and payment server 208 is preferably encrypted using some standard strong encryption method.
[00051] Optionally, for this reason the dotted lines, the other servers 215, 217 or parts 204, 220 can be authorized to store and / or to access registration information stored in register 218. For example, the user making the payment you can later access, via Internet 206, register 218 and view receipts from previous transactions.
[00052] The information in register 218 in some variants can be used to track purchase behavior and provide offers to the user based on the type of recent purchases. It can also be used for additional security, for example, by being able to provide an alarm, by combining registration data with the GPS, cell ID or WiFi positioning output of the mobile device, when payments are made from certain geographical locations or when buying behavior changes. It can also be a connection application used for accounting purposes by another party 220 such as a company, providing comprehensive output directly to a balance sheet.
[00053] All communication with register 218 can be encrypted or unencrypted depending on the type of information that is going to be communicated.
[00054] Any user interaction in the payment procedure can happen on the touchscreen display of the card reader device 206 (or alternatively on a touchscreen display on the card reader device 202). The user can enter required payment details in the payment process via the mobile phone keypad and / or the touchscreen on the mobile phone 204. It is completely safe to use the mobile phone to enter and receive information about the payment process. payment since all confidential smart card information is encrypted by RK.
[00055] Wireless data communication through the Internet 206 can be enabled by using GSM, UMTS, CDMA, WiFi or any other communication standard suitable for data transmission to a mobile communication terminal. Communication can also be a mixture of wireless and wired communication in which a base station receives wireless transmission and retransmits it over the wire using traditional wired Internet infrastructure.
[00056] Figure 3 shows a flowchart 300 describing the process of configuring the secure payment unit with credits in more detail. The configuration process starts at 302 when the card reader device is connected (wirelessly or wired) to the mobile phone. Optionally, the payment process starts at 302 when a smart card is placed in the card reader device (already connected to the mobile phone). In the next step 304, communication between the card reader device and the mobile device is established (that is, determined how to communicate with each other). The card reader and the mobile device detect each other and determine if and how devices can communicate securely with each other. If communication between the card reader device and the mobile device is feasible, communication between the devices can be established at 306. If a communication cannot be established at 306 because of incompatibilities, failures or for security reasons an error message 308 is sent to the user operating the secure payment unit with credits.
[00057] When communication has been established between the card reader device and the mobile phone at 304, the payments software on the mobile phone starts and begins to configure communication with the card reader device and also to establish communication with a payment server in 312 over a wireless or wired link. The payment server with which communication is to be established can be determined by the user from a list of trusted servers, or it can be predefined in the hardware or firmware of the card reader device, or can be predefined in the payments software installed on the mobile phone, or it can be extracted from the smart card's microchip memory. When establishing communication with the payment server, the exclusive RSN is transmitted to the payment server. The payment server then derives the exclusive RK that is used (as described in detail in combination with figure 2) throughout the payment process to ensure that confidential smart card information in the payment process is safe and guaranteed. If the RK cannot be derived or if the RSN is flawed or blacklisted, an error message at 308 is communicated to the user operating the secure payment unit with credits.
[00058] In a variant, the required payment software is, during the establishment of communication between the card reader device and the mobile device at 304, transferred (from the card reader device or from an external server such as the payment server ) and run and / or installed on the mobile device.
[00059] When communication has been established with the payment server in 312, the user of the secure payment unit with credits must identify himself. The identification process in 314 can be in the form of entering your signature on the touch sensitive display of the mobile phone, entering username and password in the payments software running on the mobile device or it can be in the form of identifying biometric data (information of eye / retina via mobile device camera, speech recognition via mobile device microphone, or fingerprint identification through a fingerprint reader built into the mobile device or card reader device). The credentials collected at 314, in a variant of the present invention, can be verified by the payment server when communication with the payment server has been established.
[00060] If credential checks are confirmed in 316 the unit is ready to perform a secure payment with credit, and the departure process is completed. If credentials are not confirmed at 316 an error message at 318 is sent to the user operating the secure payment unit with credits. The user can then be prompted to enter their credentials again, and if the signature, username or password is not confirmed, and / or if the user is "blacklisted" on the payment server a "payment permission message" denied "can be sent to the user.
[00061] Figure 4 shows a flowchart 400 describing the process of executing a secure payment with credit. A secure credit payment can be initiated after the process of configuring the secure credit payments unit described in flowchart 300 in figure 3 has been successfully completed. Alternatively, secure credit payment can be initiated at the same time as the process of setting up the secure credit payment system (for example, during one, some or all of steps 310 to 320) as described in flowchart 300 in figure 3 runs.
[00062] Secure payment with credit is a credit transaction between two parties, that is, user 1 who will receive payment and user 2 who will pay user 1. In some cases several users may be involved in the payment procedure. payment, but in the following example illustrating the present invention only the case where two parties are involved in the transaction is described in detail. However, those skilled in the art can easily see that the secure credit card payment process can be extended equally to include several parts. A user can be a private person, legal person or transaction equipment belonging to a private person or legal person.
[00063] The secure credit payment process 400 starts when user 2, who will pay user 1, inserts a smart card into the card reader device. The card reader device accesses and reads the microchip containing smart card information such as card number, account number, or any other identification and / or credit card information.
[00064] The card reader device will then start communicating with the payment server to verify the smart card information. If the smart card information is not confirmed by the payment server at 404, an error message at 406 is presented to user 2 (and / or user 1 if available). If the smart card information is confirmed by the payment server then user 2 is instructed to enter, in the mobile phone payments software, at 408 the amount that is to be transferred to the payment server, which in this case would be the server managing the user's bank account 1.
[00065] User 2 will then be prompted to enter their personal details in 410 related to the purchase. Personal details can be one or more of your address, phone number, alias, e-mail address, personal number (social security number), or other personal identification number. Alternatively, the required information can be stored on the card reader device, on the mobile device or on the server and provided automatically (or when requested by the user).
[00066] User 2 will then be prompted to enter his signature at 412 or some type of card verification code to approve the payment order. This is the same procedure as when a person signs the paper bill when making a payment using a POS terminal. The approved information is then communicated to the payment server in 414 (or alternatively to the payment server) for verification and processing of the transaction in 416.
[00067] The personal details entered in 408 can be verified and approved in 418 by the payment server or by the payment server. If personal details are not approved in 418, then user 2 will be prompted with an error message in 420 and returned to the step of "entering personal details" 410 in the process, or optionally the secure credit card payment process 400 will be finished.
[00068] If personal details are approved in 418, the next step is to verify and approve in 422 the signature introduced in 412. This is done by the payment server or the payment server. If the signature is not approved in 422, user 2 will be prompted with an error message 424 and returned to the step of "entering signature" 412 in the process, or optionally to the step of "entering personal details" 410, or even in another variant the secure credit card payment process 400 can be terminated. In a variant, only the existence of a signature is verified and stored on the payment server or in a transaction log for future verification needs.
[00069] When user 2's credentials have been verified, the amount to be paid is sent to the payment server by the payment server. The payment can also be sent from a legal person or from a server instructed by the payment server to perform the payment.
[00070] The amount paid is verified at 428 by the payment maker and / or the payment server. If the amount paid is too low and / or too high, user 2 will be guided by an error message at 430 and optionally returned to the "enter amount" step 408. If the amount paid is correct at 428, the amount is removed from user 2's smart card or user 2's bank account (optionally connected to the credit card) by the payment server or payment server. The amount paid is transferred by the payment server to user 1 based on the account entry provided by the payment server and / or by user 2 to the payment server.
[00071] In the next step 434, a receipt is generated and distributed to one or more of user 1, user 2, the payment server or a payment server. The receipt can be distributed via, for example, SMS, e-mail, published on a website or alternatively via regular mail, based on entering details in 410 and / or account settings / information stored on the payment server . Optionally, the receipt is stored on a server in a registry, with or without the signature in 412, to which different parties may have access and be able to view the receipt and / or transfer it.
[00072] The transaction information can be stored in a records file, with or without the signature in 412, containing transaction history where information such as the amount transferred, from whom to whom, time of transaction, type of credit card used, photo of the buyer and / or seller, the location where the transaction was completed, hardware ID of the mobile device, unique serial key for the card reader device, and other identifying information can be stored.
[00073] The information that is transferred in 414 to the payment server can be encrypted entirely or partially using the RK and transferred over the Internet via a wireless or wired connection. The information can also be communicated via an owner dial connection, directly to the payment server where the dial connection uses standard secure communication protocols.
[00074] The information stored in the transaction at 436 can be used alternatively to provide cash withdrawal lists that can be sent to user 1 via regular mail, or alternatively via electronic mail or text messages.
[00075] The stored transaction information at 436 can be used alternatively to display purchase information on a network page where users or an external entity can log into the system using the username and password used in the payment software on the mobile device .
[00076] Some of the steps shown in the flowcharts in figures 3 and 4 can be omitted or rearranged in different modalities of the present invention. Also, extra blocks further clarifying the processes discussed in combination with figures 3 and 4 can be inserted in the flow chart to better describe modalities of the present invention.
[00077] The present invention, as described above, can be applied to existing payment systems on the market without having to change, modify or bypass the payment system specifications. An example of a payment system in which the present invention can be applied is the EMV payment system. EMV is a payment system specification for smart cards that was developed jointly by the companies Europay International, Mastercard International and Visa International, for this reason the name. One of the purposes with EMV was to create a more secure payment system than the traditional magnetic stripe credit card payment system. The EMV specification has two levels of security, the EMV Level 1 and the EMV Level 2.
[00078] Level EMV 1 covers the electrical and physical interfaces, and the data transmission between the terminal and the card. EMV Level 2 covers the set of functions that provide all the necessary processing logic and data that are required to process a smart card application in order to perform an EMV transaction. A POS terminal must go through an extensive EMVCo (http://www.emvco.com) defined level 1 and level 2 approval processes, which require that each terminal undergo a laboratory-type test and approval before can be used for EMV transactions. This is one of the factors that make POS terminals very expensive for a private person and very bulky in their designs (because of tamper-proof security measures). EMVCo also requires that approval be renewed at set intervals to maintain compliance. For more information regarding the EMV specification, the reader should refer to EMV 2000 Books from EMVCo.
[00079] POS terminals approved for EMV on the market currently carry out both EMV Level 1 and Level 2 security measures at the POS terminal. When applying the present invention to the EMV standard, the EMV Level 1 and Level 2 can be separated and still maintain the same safety standard or an even higher one. For example, in figure 2 EMV Level 1 security measures are enforced on the card reader device while EMV Level 2 security measures are enforced on the payment server. In this way it becomes possible to manufacture a small, low-cost card reader device, which is approved by EMVCo and which can be used together with a regular mobile phone, which does not need to be approved by EMVCo since it acts only as a transceiver for information. In this way the present invention makes it possible to manufacture a small, low-cost, easy-to-use and secure unit with which a user is able to make secure payments with credit cards in stores, on the Internet and from person to person.
[00080] An important difference between the payment method described earlier in the present invention and an usual Internet payment transaction is that the credit card, in this case the smart card, must be made available online to the payment server during the payment process. full payment, thus making the payment process in the present invention much more secure than a usual Internet payment transaction where the (physical) credit card does not need to be available in any way (only credit card information such as number and in some cases a code must be made available).
[00081] The terminology used in this document is only for the purpose of describing particular modalities and is not proposed to be a limitation of the invention. As used in this document, the singular forms "one", "one", "o" and "a" are intended to include plural forms equally, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises", "comprising", "includes" and / or "including" when used in this document specify the presence of reported resources, integers, steps, operations, elements, and / or components, but do not preclude the presence or addition of one or more other resources, integers, steps, operations, elements, components and / or groups thereof.
[00082] Unless otherwise defined, all terms (including technical and scientific terms) used in this document have the same meanings as commonly understood by a person of ordinary knowledge in the technique to which this invention belongs. It will be further understood that terms used in this document should be interpreted as having a meaning that is consistent with its meaning in the context of this specification and the relevant technique and will not be interpreted in an idealized or excessively formal sense unless expressly so defined in this document. .
[00083] The foregoing described the principles, preferred modalities and modes of operation of the present invention. However, the invention should be considered as illustrative rather than restrictive, and not as being limited to the particular modalities discussed above. The different features of the various embodiments of the invention can be combined into combinations other than those described explicitly. Therefore, it should be understood that variations can be made in these modalities by those skilled in the art without departing from the scope of the present invention as defined by the following claims.

权利要求:
Claims (11)
[0001]
1. Method for making electronic credit payments to a payment acquirer using a credit payment unit (100, 201) and a payment server (208), said credit payment unit (100, 201) comprising a card smart card (108, 203), a card reader device (106, 202) comprising electrical and physical interfaces necessary to attend EMV level 1 and a cell phone (101, 204), and said payment server (208) comprising logic processing and the data necessary to process a smart card application in order to execute an EMV transaction complying with EMV level 2, said method characterized by the fact that it comprises: - initializing the said credit payment unit (100, 201) establishing communication between said smart card (108, 203) and said card reader device (106, 202), and establishing communication between said card reader device (106, 202) and the said cell phone (101, 204) and starting a payment software on the cell phone (101, 204) that starts to establish communication with the card reader device (106, 202) and also establish communication over the Internet with the payment server ( 208) via wireless or wired link; - said card reader device (106, 202) communicating a reader serial number stored in said card reader device (106, 202) via said mobile phone (101,204) to said payment server (208); - said payment server (208) deriving a reader key based on said communicated reader serial number and a reader master key stored on said payment server (208), said reader key being used on said reader device card (106, 202) and on said payment server (208) to encrypt all the following information exchanged between said card reader device (106, 202) and said payment server (208) during the entire payment; - said card reader device (106, 202) reading the smart card information from said smart card (108, 203), and encrypting the smart card information using said reader key; - communicating, using said mobile phone (101, 204), said encrypted information from the smart card of said card reader device (106, 202) to said payment server (208); - decrypt and verify said smart card information on said payment server (208); and only if the payment server (208) has verified the smart card information, the said cell phone (101, 204) will receive payment details entered by the user and a subscription inserted by the user; - communicate, using the cell phone (101, 204), the payment details and the subscription to the payment server (208); and - communicating said payment details from said payment server (208) to said acquirer and thereby completing an EMV-compliant electronic credit payment.
[0002]
2. Method according to claim 1, characterized in that said communication between said smart card and said card reader device (106, 202) is encrypted using said reader key on said card reader device (106, 202).
[0003]
3. Method according to either claim 1 or 2, characterized by the fact that said communication between said credit payment unit (100, 201) and said payment server (208) using said cell phone ( 102, 204) is encrypted using the Transport Layer Security protocol or the Secure Sockets Layer protocol.
[0004]
4. Method according to any one of claims 1 to 3, characterized by the fact that the said signature inserted by the user is a graphic image of the user's signature inserted on a screen on said mobile phone (101,204).
[0005]
Method according to any one of claims 1 to 4, characterized in that said communication of said payment details from said payment server (208) to said payment acquirer is encrypted.
[0006]
6. Method according to any one of claims 1 to 5, characterized by the fact that it further comprises: - receiving, on said payment server (208), a confirmation from said payment acquirer that said electronic credit payment it was finished.
[0007]
Method according to any one of claims 1 to 6, characterized by the fact that it further comprises: - generating a receipt for said electronic credit payment on said payment server (208); - communicate said receipt to said credit payment unit (100, 201); and - displaying said receipt on said cell phone (101, 204).
[0008]
8. Method, according to claim 7, characterized by the fact that it also comprises: - storing said receipt and said signature in a record.
[0009]
9. System that makes electronic credit payments to a payment acquirer, said system characterized by the fact that it comprises the use of a payment unit (100, 201) and a payment server (208), said payment unit (100, 201) adapted to communicate with the payment server (208) to make electronic credit payments, the credit payment unit (100, 201) comprising a smart card device (108, 203), a card reader device card (106, 202) and a cell phone (101,204), - wherein said smart card (108, 203) contains information about smart cards; - wherein said card reader device (106, 202) contains a unique reader serial number, a unique reader key and the electrical and physical interfaces necessary to meet EMV level 1, said reader key being used in said card reader device (106, 202) and on said payment server (208) for all information exchanged between said card reader device (106, 202) and said payment server (208) during the entire payment; - wherein said payment server (208) has processing logic and data necessary to process a smart card application to carry out an EMV transaction that meets EMV level 2, said payment server (208) being adapted to derive a reader key based on said communicated reader serial number and a master reader key stored on said payment server (208), said reader key being used on said card reader device (106, 202) and on said payment server (208) to encrypt all information exchanged between said card reader device (106, 202) and said payment server (208) during the entire payment and - on which said cell phone (101, 204) is adapted to: initialize said credit payment unit (100, 204) establishing communication between said smart card (108, 203) and said card reader device (106 , 202) and establishing communication (304) between said card reader device (106, 202) and said cell phone (101, 204) and initiating payment software (310) on the cell phone (101, 204) that begins to configure communication with the card reader device (106, 202) and also establishing communication (312) with the payment server (208) over the internet via wireless or wired link; communicating said encrypted information from the smart card of the card reader device (106, 202) to the payment server (208); for decrypting and verifying said smart card information on said payment server (208); and only if the payment server (208) has verified the smart card information (101, 204), the said cell phone will receive payment details entered by the user (408) and a subscription entered by the user (412); communicate, using the cell phone (101, 204), said payment details and said subscription to the payment server (208); and wherein the payment server (208) is further adapted to communicate said payment details from said server to the payment acquirer and thereby complete an EMV-compliant electronic credit payment.
[0010]
10. Credit payment unit (100, 201) as defined in claim 9, characterized by the fact that said mobile phone (101, 204) is adapted to receive a receipt from said payment server (208) and to display the said receipt a display on said mobile phone (101,204).
[0011]
11. Credit payment unit (100, 201), according to claim 9 or 10, characterized by the fact that said cell phone (101, 204) is adapted to receive said payment details entered through a touch-sensitive display.

类似技术:

公开号 | 公开日 | 专利标题

BR112013000494B1|2020-10-27|method, unit of payments and system for conducting payments with electronic credits

US9674705B2|2017-06-06|Method and system for secure peer-to-peer mobile communications

US9904800B2|2018-02-27|Portable e-wallet and universal card

US9218598B2|2015-12-22|Portable e-wallet and universal card

US9218557B2|2015-12-22|Portable e-wallet and universal card

US9177241B2|2015-11-03|Portable e-wallet and universal card

US9129199B2|2015-09-08|Portable E-wallet and universal card

WO2013112839A1|2013-08-01|Portable e-wallet and universal card

EP3140796B1|2021-05-05|Establishment of a secure session between a card reader and a mobile device

US20160098698A1|2016-04-07|Methods for enabling mobile payments

TW201544984A|2015-12-01|Self-authenticating chips

EP3811562A1|2021-04-28|Method, computer program product and apparatus for creating, registering, and verifying digitally sealed assets

US20220014390A1|2022-01-13|Method, computer program product and apparatus for creating, registering, and verifying digitally sealed assets

同族专利:

公开号 | 公开日

WO2012004395A1|2012-01-12|

DK2561490T3|2014-09-08|

US20130144792A1|2013-06-06|

EP2559012A1|2013-02-20|

US20150186866A1|2015-07-02|

AU2010357028A1|2013-02-28|

PT2561490E|2014-09-10|

EP2763109A1|2014-08-06|

PL2559012T3|2014-11-28|

MX2013000279A|2013-08-21|

US20130173475A1|2013-07-04|

US8983873B2|2015-03-17|

BR112013000507A2|2016-05-17|

PT2559012E|2014-09-18|

AU2011275691B8|2014-08-14|

AU2011275691A1|2013-02-21|

PL2561490T3|2014-12-31|

EP2559012B1|2014-06-18|

ES2502341T3|2014-10-03|

SG186959A1|2013-02-28|

BR112013000494A2|2016-05-31|

DK2559012T3|2014-09-01|

SG186958A1|2013-02-28|

AU2011275691A8|2014-08-14|

AU2011275691B2|2014-08-07|

US10275758B2|2019-04-30|

ES2498893T3|2014-09-25|

US9251513B2|2016-02-02|

WO2012003892A1|2012-01-12|

MX2013000278A|2013-04-11|

EP2561490A1|2013-02-27|

AU2010357028B2|2014-10-02|

EP2561490B1|2014-07-02|

引用文献:

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

US6098053A|1998-01-28|2000-08-01|Citibank, N.A.|System and method for performing an electronic financial transaction|

GB0017044D0|2000-07-11|2000-08-30|Newt Limited|Improvements relating to electronic transactions|

JP2002163584A|2000-11-24|2002-06-07|Fujitsu Ltd|Method for card settlement using portable information terminal and its system|

US20040058705A1|2001-12-21|2004-03-25|Russell Morgan|Secure point-of-sale cellular telephone docking module system|

US7003316B1|2002-02-22|2006-02-21|Virtual Fonlink, Inc.|System and method for wireless transactions|

US20040104268A1|2002-07-30|2004-06-03|Bailey Kenneth Stephen|Plug in credit card reader module for wireless cellular phone verifications|

JP4102800B2|2002-08-16|2008-06-18|富士通株式会社|Transaction terminal apparatus and transaction terminal control method|

US7309012B2|2004-09-07|2007-12-18|Semtek Innovative Solutions, Inc.|Secure magnetic stripe reader for handheld computing and method of using same|

US20060064391A1|2004-09-20|2006-03-23|Andrew Petrov|System and method for a secure transaction module|

EP1710758A1|2005-04-04|2006-10-11|Research In Motion Limited|Portable smart card reader having secure wireless communications capability|

US9123042B2|2006-10-17|2015-09-01|Verifone, Inc.|Pin block replacement|

WO2008063877A2|2006-11-06|2008-05-29|Magtek, Inc.|Card authentication system|

US7673799B2|2007-01-26|2010-03-09|Magtek, Inc.|Card reader for use with web based transactions|

JP4631935B2|2008-06-06|2011-02-23|ソニー株式会社|Information processing apparatus, information processing method, program, and communication system|

US8370640B2|2008-12-01|2013-02-05|Research In Motion Limited|Simplified multi-factor authentication|

US20100174653A1|2009-01-07|2010-07-08|Tian Weicheng|Secure method and device of financial transaction|US9582795B2|2002-02-05|2017-02-28|Square, Inc.|Methods of transmitting information from efficient encryption card readers to mobile devices|

US9324100B2|2002-02-05|2016-04-26|Square, Inc.|Card reader with asymmetric spring|

US9916581B2|2002-02-05|2018-03-13|Square, Inc.|Back end of payment system associated with financial transactions using card readers coupled to mobile devices|

US9286635B2|2002-02-05|2016-03-15|Square, Inc.|Method of transmitting information from efficient communication protocol card readers to mobile devices|

US8612352B2|2010-10-13|2013-12-17|Square, Inc.|Decoding systems with a decoding engine running on a mobile device and coupled to a payment system that includes identifying information of second parties qualified to conduct business with the payment system|

US9373114B2|2011-02-25|2016-06-21|Diebold Self-Service Systems Division Of Diebold, Incorporated|Automated teller machine with an encrypting card reader and an encrypting pin pad|

US20090159704A1|2007-12-24|2009-06-25|Dynamics Inc.|Cards and devices with magnetic emulators and magnetic read-head detectors|

MX2012004397A|2009-10-13|2012-08-15|Square Inc|Systems and methods for financial transaction through miniaturized card reader.|

US8573486B2|2010-10-13|2013-11-05|Square, Inc.|Systems and methods for financial transaction through miniaturized card reader with confirmation of payment sent to buyer|

EP2426652A1|2010-09-06|2012-03-07|Gemalto SA|Simplified method for customising a smart card and associated device|

EP2649777B1|2010-12-07|2019-04-24|Ingenico Group|Electronic payment device|

US8783566B1|2011-06-14|2014-07-22|Norman J. Drew|Electronic registration kiosk for managing individual healthcare information and services|

US8670800B2|2011-06-15|2014-03-11|Tct Mobile International Limited|Removable baseband chipset|

US9832649B1|2011-10-12|2017-11-28|Technology Business Management, Limted|Secure ID authentication|

GB2498326B|2011-10-12|2016-04-20|Technology Business Man Ltd|ID Authentication|

US8788348B2|2011-12-20|2014-07-22|Wikipad, Inc.|Combination game controller and point of sale input device|

KR20130082890A|2011-12-22|2013-07-22|삼성전자주식회사|Payment apparatas and method using for a portable terminal in a broadcast receiver|

AU2013207817B2|2012-01-13|2016-04-28|Ebay Inc.|Systems, methods, and computer program products providing payment in cooperation with EMV card readers|

CN104145297B|2012-02-07|2016-08-17|伊兹特商户服务公司|Radial personal identification number verification|

WO2014051961A2|2012-09-27|2014-04-03|Ebay Inc.|System and methods for secure entry of a personal identification number |

US9390256B2|2012-03-06|2016-07-12|Paypal, Inc.|System and methods for secure entry of a personal identification number |

US9083532B2|2012-03-06|2015-07-14|Ebay Inc.|Physiological response PIN entry|

CN104145284A|2012-03-07|2014-11-12|索尼公司|Payment processing system, payment terminal, communication device, payment server and payment processing method|

US8924292B1|2012-04-25|2014-12-30|Wells Fargo Bank, N.A.|System and method for a mobile wallet|

US10192217B1|2012-04-25|2019-01-29|Wells Fargo Bank, N.A.|System and method for receipt tracking in a mobile wallet|

US10235668B1|2012-04-25|2019-03-19|Wells Fargo Bank, N.A.|System and method for a mobile wallet|

WO2013170880A1|2012-05-14|2013-11-21|Izettle Merchant Services Ab|Method and system for identity and know your customer verification through credit card transactions in combination with internet based social data|

US10515363B2|2012-06-12|2019-12-24|Square, Inc.|Software PIN entry|

US9058172B2|2012-07-02|2015-06-16|Square, Inc.|Method for conserving power using a wireless card reader|

GB201212878D0|2012-07-20|2012-09-05|Pike Justin|Authentication method and system|

FR2993694B1|2012-07-23|2014-08-29|4G Secure|SECURING A TRANSACTION USING A BANK CARD READING MODULE CONNECTED TO A TERMINAL.|

EP2885932A4|2012-08-16|2016-04-27|Schlage Lock Co Llc|Operation communication system|

JP2014048414A|2012-08-30|2014-03-17|Sony Corp|Information processing device, information processing system, information processing method and program|

US20140089205A1|2012-09-21|2014-03-27|Shashi Kapur|System and Method of Processing PIN-BasedPayment Transactions Via Mobile Devices|

CN103679083A|2012-09-25|2014-03-26|神讯电脑有限公司|Electronic device|

US10475024B1|2012-10-15|2019-11-12|Square, Inc.|Secure smart card transactions|

US9189225B2|2012-10-16|2015-11-17|Imprivata, Inc.|Secure, non-disruptive firmware updating|

US10235692B2|2012-10-17|2019-03-19|Groupon, Inc.|Consumer presence based deal offers|

US20140108247A1|2012-10-17|2014-04-17|Groupon, Inc.|Peer-To-Peer Payment Processing|

US10373149B1|2012-11-12|2019-08-06|Square, Inc.|Secure data entry using a card reader with minimal display and input capabilities having a display|

GB2508015A|2012-11-19|2014-05-21|Mastercard International Inc|Method and apparatus for secure card transactions|

EP2733654A1|2012-11-20|2014-05-21|Nagravision S.A.|Electronic payment method, system and device for securely exchanging payment information|

DE202012104705U1|2012-12-04|2013-01-07|Paschalis Papagrigoriou|Chip card reader with a space-saving and combined user-related data input and output|

WO2014092615A1|2012-12-12|2014-06-19|Izettle Merchant Services Ab|Dual card reader for mobile device|

DE102013000967B4|2013-01-22|2016-01-07|Ngoc-Khanh Le|Procedure for authorizing an electronic transaction|

GB2510585A|2013-02-07|2014-08-13|Powa Technologies Ltd|A data-processing system having a reduced-form card reader|

US20140229375A1|2013-02-11|2014-08-14|Groupon, Inc.|Consumer device payment token management|

US9047599B1|2013-03-05|2015-06-02|Marvell International Ltd.|Method and apparatus for wirelessly processing a financial transaction using a wireless payment card reader|

US9312949B1|2013-03-05|2016-04-12|Square, Inc.|Pairing techniques for a wireless card reader|

US9852409B2|2013-03-11|2017-12-26|Groupon, Inc.|Consumer device based point-of-sale|

US9576286B1|2013-03-11|2017-02-21|Groupon, Inc.|Consumer device based point-of-sale|

US20140358794A1|2013-06-04|2014-12-04|Ncr Corporation|Techniques for credit card processing|

US10535066B2|2013-06-17|2020-01-14|Paypal, Inc.|Systems and methods for securing pins during EMV chip and pin payments|

US8770478B2|2013-07-11|2014-07-08|Scvngr, Inc.|Payment processing with automatic no-touch mode selection|

US8620790B2|2013-07-11|2013-12-31|Scvngr|Systems and methods for dynamic transaction-payment routing|

CN103426084A|2013-07-24|2013-12-04|牟大同|Electronic payment system and remote-based or near-field-based payment method|

EP2838203A3|2013-08-16|2015-06-03|iZettle Merchant Services AB|Dynamic decoding of communication between card reader and portable device|

US9773240B1|2013-09-13|2017-09-26|Square, Inc.|Fake sensor input for passcode entry security|

US9928493B2|2013-09-27|2018-03-27|Groupon, Inc.|Systems and methods for providing consumer facing point-of-sale interfaces|

US9558491B2|2013-09-30|2017-01-31|Square, Inc.|Scrambling passcode entry interface|

US9613356B2|2013-09-30|2017-04-04|Square, Inc.|Secure passcode entry user interface|

KR101616847B1|2013-09-30|2016-04-29|정혜진|System for providing card settlement service using smart device and method thereof|

US9928501B1|2013-10-09|2018-03-27|Square, Inc.|Secure passcode entry docking station|

CN104639503B|2013-11-11|2017-12-19|国际商业机器公司|A kind of methods, devices and systems for being used to protect sensitive information|

EP2874421A1|2013-11-13|2015-05-20|Gemalto SA|System and method for securing communications between a card reader device and a remote server|

CN104636916A|2013-11-15|2015-05-20|腾讯科技（深圳）有限公司|Mobile payment method and system and related equipment|

EP2876592A1|2013-11-21|2015-05-27|Gemalto SA|Method to operate a contactless mobile device as a low cost secured point-of-sale|

EP2884470A1|2013-12-11|2015-06-17|Panasonic Intellectual Property Management Co., Ltd.|Mobile payment terminal device|

US9230254B1|2013-12-19|2016-01-05|Amazon Technologies, Inc.|Credit card reader authenticator|

US9613353B1|2013-12-26|2017-04-04|Square, Inc.|Passcode entry through motion sensing|

US10438187B2|2014-05-08|2019-10-08|Square, Inc.|Establishment of a secure session between a card reader and a mobile device|

CA2948481A1|2014-05-08|2015-11-12|Square, Inc.|Establishment of a secure session between a card reader and a mobile device|

US8990121B1|2014-05-08|2015-03-24|Square, Inc.|Establishment of a secure session between a card reader and a mobile device|

EP2950229B1|2014-05-28|2018-09-12|Nxp B.V.|Method for facilitating transactions, computer program product and mobile device|

US10783515B2|2014-06-19|2020-09-22|IroFit Technologies Oy|Method and system for conducting wireless electronic credit card transactions|

US9760740B1|2014-06-23|2017-09-12|Square, Inc.|Terminal case with integrated dual reader stack|

FR3023640B1|2014-07-10|2016-08-12|Roam Data Inc|METHOD FOR MANAGING TRANSACTION, SERVER, COMPUTER PROGRAM PRODUCT AND CORRESPONDING STORAGE MEDIUM|

US20160048700A1|2014-08-14|2016-02-18|Nagravision S.A.|Securing personal information|

NO337261B1|2014-09-23|2016-02-29|Bubblmee As|Vending Machine|

WO2016064053A1|2014-10-23|2016-04-28| 맑은 생각|Online payment system and payment method using same|

EP3016342B1|2014-10-30|2019-03-06|Nxp B.V.|Mobile device, method for facilitating a transaction, computer program, article of manufacture|

US10753982B2|2014-12-09|2020-08-25|Square, Inc.|Monitoring battery health of a battery used in a device|

US20180018661A1|2015-01-27|2018-01-18|Ent. Services Development Corporation Lp|Virtual point of sale|

GB201507047D0|2015-04-24|2015-06-10|Visa Europe Ltd|Method of retaining transaction context|

US10182328B1|2015-05-23|2019-01-15|Square, Inc.|Point of saledevice responsive to detected interference with antenna|

US9936337B2|2015-05-23|2018-04-03|Square, Inc.|Tuning a NFC antenna of a device|

US10318952B1|2015-05-23|2019-06-11|Square, Inc.|NFC base station and passive transmitter device|

GB201520741D0|2015-05-27|2016-01-06|Mypinpad Ltd And Licentia Group Ltd|Authentication methods and systems|

US20170004475A1|2015-06-30|2017-01-05|Square, Inc.|Pairing A Payment Object Reader With A Point-Of-Sale Terminal|

US10242357B1|2015-06-30|2019-03-26|Square, Inc.|Configuration of a payment object reader|

CN105184557B|2015-08-14|2019-01-01|中国联合网络通信集团有限公司|Payment authentication method and system|

GB2541469B|2015-08-17|2019-10-30|Dan Ram|Method and system for preventing unauthorized computer processing|

US20170068960A1|2015-09-08|2017-03-09|Sk Planet Co., Ltd.|Web based payment service providing apparatus, method, system, and non-transitory computer readable storage medium storing computer program recorded thereon|

US9519901B1|2015-09-16|2016-12-13|Square, Inc.|Biometric payment technology|

US11087315B2|2015-09-24|2021-08-10|Square, Inc.|Server-assisted pairing for wireless communications|

US10068210B2|2015-09-25|2018-09-04|Everi Payments Inc.|Casino cash system, apparatus and method utilizing integrated circuit cards|

US10496968B2|2015-09-25|2019-12-03|Everi Payments Inc.|Financial terminal that automatically reconfigures into different financial processing terminal types|

FR3045876A1|2015-12-17|2017-06-23|Abc Smart Card|METHOD FOR PRODUCING A CHALLENGE WORD, ELECTRONIC DEVICE, PERIPHERAL DEVICE AND SYSTEM IMPLEMENTING SAID METHOD|

US10628811B2|2016-03-15|2020-04-21|Square, Inc.|System-based detection of card sharing and fraud|

US10410200B2|2016-03-15|2019-09-10|Square, Inc.|Cloud-based generation of receipts using transaction information|

US10366383B2|2016-03-31|2019-07-30|Square, Inc.|Combined reliable and unreliable data transmission|

US10636019B1|2016-03-31|2020-04-28|Square, Inc.|Interactive gratuity platform|

US9542678B1|2016-03-31|2017-01-10|Square, Inc.|Exclusive bonding of wireless devices|

EP3455813A4|2016-05-13|2019-11-06|Moneris Solutions Corporation|Apparatus and method for payment processing|

FR3053146B1|2016-06-27|2020-09-11|Youtransactor|PROCESS FOR IMPLEMENTING AN ELECTRONIC TRANSACTION BY A BANK CARD READER, AND BY A MOBILE POINT OF SALE|

US10803461B2|2016-09-30|2020-10-13|Square, Inc.|Fraud detection in portable payment readers|

US9940612B1|2016-09-30|2018-04-10|Square, Inc.|Fraud detection in portable payment readers|

US10062074B1|2016-11-30|2018-08-28|Square, Inc.|System for improving card on file transactions|

EP3340149A1|2016-12-22|2018-06-27|Mastercard International Incorporated|Methods and systems for validating an interaction|

US10373146B2|2016-12-29|2019-08-06|Capital One Services, Llc|Smart card NFC secure money transfer|

US10997583B1|2018-08-31|2021-05-04|Square, Inc.|Temporarily provisioning card on file payment functionality to proximate merchants|

US10878402B1|2018-08-31|2020-12-29|Square, Inc.|Temporarily provisioning payment functionality to alternate payment instrument|

US10326797B1|2018-10-03|2019-06-18|Clover Network, Inc|Provisioning a secure connection using a pre-shared key|

US10878405B2|2018-12-06|2020-12-29|Shopify Inc.|Smart redundant pairing of a card reader|

RU2723459C1|2019-07-30|2020-06-11|Публичное Акционерное Общество "Сбербанк России" |Method and system for payment for services|

US11216800B2|2019-09-09|2022-01-04|Paypal, Inc.|Device for facilitation of payments|

US11210658B2|2020-05-12|2021-12-28|iCoin Technology, Inc.|Constructing a distributed ledger transaction on a cold hardware wallet|

法律状态:
2019-01-08| B06F| Objections, documents and/or translations needed after an examination request according [chapter 6.6 patent gazette]|

2019-08-13| B06U| Preliminary requirement: requests with searches performed by other patent offices: procedure suspended [chapter 6.21 patent gazette]|

2020-02-18| B06A| Patent application procedure suspended [chapter 6.1 patent gazette]|

2020-05-26| B09A| Decision: intention to grant [chapter 9.1 patent gazette]|

2020-06-09| B25A| Requested transfer of rights approved|Owner name: PAYPAL, INC. (US) |

2020-10-27| B16A| Patent or certificate of addition of invention granted [chapter 16.1 patent gazette]|Free format text: PRAZO DE VALIDADE: 10 (DEZ) ANOS CONTADOS A PARTIR DE 27/10/2020, OBSERVADAS AS CONDICOES LEGAIS. |

优先权:

申请号 | 申请日 | 专利标题

US36291210P| true| 2010-07-09|2010-07-09|

US61/362,912|2010-07-09|

PCT/EP2010/066186|WO2012003892A1|2010-07-09|2010-10-26|System for secure payment over a wireless communication network|

[返回顶部]