US20140289130A1 - Secure remotely configurable point of sale terminal - Google Patents

Secure remotely configurable point of sale terminal Download PDF

Info

Publication number
US20140289130A1
US20140289130A1 US14/224,461 US201414224461A US2014289130A1 US 20140289130 A1 US20140289130 A1 US 20140289130A1 US 201414224461 A US201414224461 A US 201414224461A US 2014289130 A1 US2014289130 A1 US 2014289130A1
Authority
US
United States
Prior art keywords
payment information
public key
pos terminal
key certificate
signed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14/224,461
Inventor
Risto Kalevi Savolainen
Patrick-Gilles Maillot
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
iAXEPT Ltd
Original Assignee
iAXEPT Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by iAXEPT Ltd filed Critical iAXEPT Ltd
Priority to US14/224,461 priority Critical patent/US20140289130A1/en
Publication of US20140289130A1 publication Critical patent/US20140289130A1/en
Priority to SG11201607921UA priority patent/SG11201607921UA/en
Priority to AU2015238048A priority patent/AU2015238048A1/en
Priority to MYPI2016703485A priority patent/MY186728A/en
Priority to SG10201808318VA priority patent/SG10201808318VA/en
Priority to CN202011235492.4A priority patent/CN112308555A/en
Priority to BR112016021876A priority patent/BR112016021876A2/en
Priority to EP15714898.2A priority patent/EP3123424A1/en
Priority to CN201580022312.5A priority patent/CN106462840A/en
Priority to KR1020167029719A priority patent/KR102574524B1/en
Priority to MX2016012331A priority patent/MX2016012331A/en
Priority to CA2943854A priority patent/CA2943854A1/en
Priority to JP2017501512A priority patent/JP6667498B2/en
Priority to PCT/GB2015/050869 priority patent/WO2015145131A1/en
Priority to US15/129,308 priority patent/US10922675B2/en
Priority to EA201691800A priority patent/EA201691800A1/en
Assigned to iAXEPT Ltd reassignment iAXEPT Ltd ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SAVOLAINEN, RISTO KALEVI
Priority to IL247965A priority patent/IL247965B/en
Priority to PH12016501884A priority patent/PH12016501884A1/en
Priority to AU2020260506A priority patent/AU2020260506A1/en
Priority to AU2023200221A priority patent/AU2023200221A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/202Interconnection or interaction of plural electronic cash registers [ECR] or to host computer, e.g. network details, transfer of information from host to ECR or from ECR to ECR
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3221Access to banking information through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3229Use of the SIM of a M-device as secure element
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]

Definitions

  • the invention relates to a Point-of-Sale (PoS) terminal with a data communication feature and a method thereof for configuring a secure, remotely and temporarily modified merchant profile of the PoS terminal.
  • PoS Point-of-Sale
  • the online card payment as described above is so called ‘card not present’ transaction, where the merchant can't verify the existence of the physical card at the moment of the transaction. Card not present transactions can be faked easily and the risk for the merchant is high and consequently the related transaction fee is high.
  • the card information can be stolen or otherwise fraudulent and can lead to financial losses of the merchant and/or of the consumer.
  • the information sent to the website could be misused for fraudulent transactions by anyone who have access to that information or by a ‘middle-man’ who can detect the information from the communication between the user and the web site. There are several ways this can be achieved.
  • Typical Point of Sale (PoS) terminals are configured to accept card payments into the merchant's own bank account. These PoS terminals are not suitable for online purchases where the consumer can buy from any online shop because of the payment would be directed to the bank account of the owner of the PoS terminal.
  • a method of remotely configuring a Point-of-Sale (PoS) terminal includes generating, at a merchant device, payment information based on a transaction input. The method also includes signing the generated payment information with a private key, and transmitting the signed payment information and a first public key certificate signed by a certificate authority to the PoS terminal for validation of the payment information at the PoS terminal using the first public key certificate.
  • the PoS terminal configures a terminal profile of the PoS terminal according to instructions received in the payment information from the merchant device when the payment information is validated at the PoS terminal.
  • a method of remotely configuring a Point-of-Sale (PoS) terminal includes receiving, at the PoS terminal, signed payment information signed with a private key and a public key certificate signed by a certificate authority. The method also includes validating, at the PoS terminal, the payment information using the public key certificate. The method further includes configuring, at the PoS terminal, a terminal profile of the PoS terminal according to instructions received in the payment information from a merchant device when the payment information is validated at the PoS terminal.
  • PoS Point-of-Sale
  • a method of remotely configuring a Point-of-Sale (PoS) terminal includes receiving, at the merchant device, a transaction input. The method also includes generating, at the merchant device, payment information based on the transaction input, and signing the generated payment information with a private key. The method additionally includes transmitting the signed payment information and a public key certificate signed by a certificate authority to the PoS terminal. The method includes validating, at the PoS terminal, the public key certificate using a public key certificate of the certificate authority, and validating, at the PoS terminal, the payment information using the certificate authority-signed public key certificate. The method also includes configuring, at the PoS terminal, a terminal profile of the PoS terminal according to instructions received in the payment information when the payment information is validated at the PoS terminal.
  • FIG. 1 is a schematic representation of a flow of transaction messages according to at least one embodiment
  • FIG. 2 is a schematic representation of a flow of transaction messages according to at least one embodiment
  • FIG. 3 is a schematic illustration of a transaction flow with an acquiring bank according to at least one embodiment
  • FIG. 4 is a schematic diagram of a merchant, an acquiring bank, and a certificate authority according to at least one embodiment
  • FIG. 5 is a schematic illustration of a transaction flow with a merchant according to at least one embodiment
  • FIG. 6 is a schematic diagram of a merchant and an acquiring bank according to at least one embodiment.
  • the present embodiments describes a PoS terminal with a data communication feature and a method for a secure, remotely and temporarily modified merchant profile of the PoS terminal, allowing such temporary merchant profile to be used for the duration of a specific transaction. While the temporary merchant profile is activated and in use, the PoS terminal acts as a remote PoS terminal of the merchant and it can only be used for a specified card payment, where the paid amount will be credited into the merchant's account as described in the temporary profile. Once the specific transaction has been completed, the temporary profile will be deleted and the default PoS terminal profile will be activated.
  • the buyer does not need to enter his/her payment card information anywhere.
  • the card information could be used for fraudulent transactions in many ways.
  • the invention is related to a Point of Sale terminal, and specifically to U.S. Patent App. No. U.S. 61/726,121, incorporated herein in its entirety, describing a Point of Sale terminal, which is implemented as software residing in a UICC/SIM card. It can use EMV or Public Key Infrastructure (PKI) type of security certificate based solution.
  • PKI Public Key Infrastructure
  • the present embodiments allow secure online payments using chip cards or a mobile wallet, a PoS terminal (which may reside in a secure chip card memory or in a mobile device) having a smart card reader or a proximity communication feature such as Near Field Communication (NFC) card reader interface and a network communication capability.
  • a PoS terminal which may reside in a secure chip card memory or in a mobile device
  • a proximity communication feature such as Near Field Communication (NFC) card reader interface and a network communication capability.
  • NFC Near Field Communication
  • the solution is using secured certificates based on Public Key Infrastructure (PKI).
  • PKI Public Key Infrastructure
  • the security key management chain integrity is a key element in creating and maintaining the high security level.
  • the first one is with a Merchant, Acquiring bank, Certificate Authority (‘CA’, for example a Card Scheme) and the Buyer.
  • the second scenario contains a Merchant, Certificate Authority (CA) and the Buyer.
  • the PoS terminal must be able to verify that the temporary profile it receives is valid and that it has not been altered. This can be achieved by using a PKI security solution inheriting the trust from a common CA. For this purpose, the CA's Public Key Certificate is distributed to the PoS Terminal typically at the time of manufacturing, but it could be done at a later stage.
  • the Buyer has already completed the online shopping, the complete Payment Info is therefore known, and user has selected the option to pay with a mobile device with a secured PoS terminal functionality and entered his/her mobile device number.
  • FIGS. 3 and 4 an embodiment of the present invention is illustrated in a transaction flow diagram and a schematic diagram.
  • the transaction flow diagram of FIG. 3 illustrates a transaction flow with an acquiring bank in which payment information is transmitted to the mobile PoS terminal.
  • the transaction flow diagram of FIG. 4 illustrates a schematic diagram illustrating security certificate issuance and configuring of the temporary PoS terminal profile with an acquiring bank.
  • the system includes a merchant, a certificate (or certification) authority, and an acquirer bank. In the embodiment including the acquirer bank, the following operations may occur:
  • FIGS. 5 and 6 an embodiment of the present invention is illustrated in a transaction flow diagram and a schematic diagram.
  • the transaction flow diagram of FIG. 5 illustrates a transaction flow with a merchant transmitting the payment information to a mobile PoS terminal.
  • the transaction flow diagram of FIG. 6 illustrates a schematic diagram illustrating security clearance issuance and configurating of a temporary PoS terminal profile without using an acquiring bank.
  • the system includes a merchant device and a certificate authority, without an acquiring bank. In the embodiment without the acquirer bank, the following operations may occur:
  • PoS terminal validates the Merchant's Public Key certificate using CA's Public Key certificate. 4. If the Merchant's certificate is valid, the PoS will use it to validate the PI. 5. If the PI is valid, the PoS will configure its terminal profile according to the instructions received in the PI for duration of one transaction. 6. The PoS presents the payment instructions to the user. 7. The user can accept the payment or reject it. 8. If accepted, the payment will be processed according to the relevant method. 9. When the payment processing has been completed, the PoS terminal will automatically reconfigure itself with the default terminal profile.
  • PI Payment Information
  • FIG. 1 illustrates transaction messages with an online consumer using a separate terminal for shopping and a mobile device for payment.
  • FIG. 2 illustrates transaction messages with an online consumer using a mobile device for shopping and for payment.
  • the user When ready to pay the products or services ( 1 ), the user can enter his/her mobile device number at the online merchant site ( 2 ) as the payment card number.
  • the merchant server will generate a Payment Invoice with all necessary information about the transaction, including but not limited to the merchant's PoS terminal profile, such as primary account number and other information, risk management information, payment processing information, information about accepted card type(s), a list of country codes where the mobile PoS terminal is allowed to perform the transaction, a list of country codes where the mobile PoS terminal is not allowed to perform the transaction, date and time of the purchase, name of the merchant and the amount as well as the user's mobile device number.
  • the Payment Invoice will be signed by the Merchant's own private key, which is signed by a trusted third party, like a bank, a payment card scheme, a Certificate Authority or similar, and sent to an Acquiring Bank ( 3 ) which will check the authentication and integrity of the Payment Invoice. If the Payment Invoice is valid, the CA will sign it with its own Private Key and send it to the secure PoS terminal application ( 4 ) at the user's mobile device or in the UICC/SIM card in the mobile device.
  • a trusted third party like a bank, a payment card scheme, a Certificate Authority or similar
  • the data transmission function can be performed by a trusted service manager or other trusted third party.
  • the transmission can use any available communication protocol, such as SMS, USSD, TCP/IP or CSD, which is supported by the used network and the mobile device and the UICC card which may reside in it.
  • a trusted third part like CA or a bank may hold a database linking the account number to a mobile device number.
  • the PoS terminal will receive the signed Payment Invoice and will check the integrity and authentication of the Payment Invoice using a Public Key of a CA, trusted third party or a payment card scheme, which resides in its secure memory.
  • the PoS terminal will determine its geographical location using for example available network information about in which country it resides and compare the location information with the list of allowed and banned country codes. If the current geographical location of the PoS terminal is not within the allowed locations or if it is in a banned location, the PoS terminal will cancel the transaction and the user and the bank may be informed.
  • the PoS terminal will use the information in the Payment Invoice to configure itself to act as if it were a PoS terminal belonging to the Merchant.
  • the Payment Invoice includes the amount to be paid as a fixed amount which can't be entered or otherwise modified by the user.
  • the user will be notified about the online pending transaction and asked for a permission to continue with the transaction.
  • the user can either cancel or accept the transaction ‘as is’, but the user cannot change the amount or any other settings or information related to the transaction.
  • the PoS terminal will display the amount, the name or other identification of the merchant and potentially other transaction related information and ask for the user's acceptance. If the transaction is accepted by the user, the PoS terminal will ask for a payment card to be presented in the card reader. In case of multiple cards or card readers, the PoS terminal will ask the user to select the card and card reader interface to be used.
  • the card reader can be integrated in the PoS terminal/mobile device or it can be an external card reader connected to it.
  • the card reader can be contact or contactless type.
  • the user may be asked to provide information he/she knows like a secret PIN code (or another authentication like a signature, picture, voice sample or a photo, etc).
  • the PIN code or other authentication information can be entered for example using the mobile device's user interface display, a keypad, a camera, a voice recognition feature, a character detection feature or a motion detection feature.
  • the transaction between the payment card and the PoS terminal can be for example an EMV standard transaction, a contactless payment transaction, a smart card transaction, an embedded payment card transaction, a credit or a debit card transaction, a transaction using an account for example at a network operator, a prepaid or a stored value or a purse card transaction.
  • the payment card can be a physically separate payment card or it can reside in the same UICC card or in the same mobile device as the PoS terminal.
  • the payment card can reside in a Mobile Wallet which is in the mobile device or in the UICC/SIM card.
  • the payment card can reside in the same Integrated Circuit (IC) as the PoS terminal or it can be in a separate IC.
  • IC Integrated Circuit
  • One or both of the ICs can be embedded in a UICC/SIM card or a mobile device.
  • the IC containing the payment card can be embedded in the mobile device and the IC containing the PoS terminal can be embedded in the UICC card, and vice versa.
  • UICC card can be a SIM card and/or a Secure Element.
  • a Mobile Wallet is used and it contains more than one payment card, the user can select which payment card he/she wants to use.
  • the payment transaction will be sent back to the Acquiring bank ( 6 ), which will check the validity of the transaction with the Issuing bank ( 7 - 8 ) and confirm the transaction status to PoS terminals and to the Online Merchant ( 9 ).
  • the Online Merchant can confirm the transaction status to the Consumer ( 10 ). If the transaction was completed successfully, the funds will be transferred to the Merchant's bank account.
  • the user may cancel the transaction or retry with the same or different payment card or card reader.
  • the present embodiments enable secure online purchases using a NFC compatible mobile device and a UICC card as a PoS terminal for both the merchant and the buyer.
  • the PoS terminal can be any network connected PoS terminal.
  • the Online Merchant server (the Seller's PoS terminal) can be also a software application or hardware implementation in a mobile device or a SIM card.
  • the Seller's PoS terminal application in the mobile device or in the SIM card could send its own terminal profile to the buyer's PoS terminal application to conduct a secure financial transaction to be routed from the Buyer's account to the Seller's account.
  • the PoS terminal application can hold a database of one or more street or other physical addresses.
  • the addresses can be used for example as an invoicing and/or delivery address for a remote purchase of goods.
  • the address can be combined with the information send to the acquiring bank and/or to the merchant.
  • the address information can be signed by the PoS terminal using its Private Key for authentication and encrypted by using the merchant's or acquiring bank's Public Key for security purposes.
  • the address database can have fixed addresses the user can't change and additional addresses the user can modify.
  • the addresses can be marked with various purposes, like ‘delivery address’, ‘invoicing address’, ‘home address’, ‘work address’, ‘PoS terminal holders address’ to name a few. If an address is included in the data sent to the acquiring bank and/or to the merchant and it has been marked as ‘delivery address’, the merchant shall use that address as the delivery address for the goods. If the address is marked as ‘invoicing address’ the merchant shall send the invoice related to the purchase to that address.
  • aspects of the present embodiment(s) can also be embodied as software configured to be used with a processor to cause the processor to perform operations, or can be embodied as hardware on one or more connected or unconnected devices.

Abstract

The embodiment(s) relate to a method of remotely configuring a Point-of-Sale (PoS) terminal. The method includes generating, at a merchant device, payment information based on a transaction input, signing the generated payment information with a private key, and transmitting the signed payment information and a public key certificate signed by a certificate authority to the PoS terminal for validation of the payment information at the PoS terminal using the public key certificate. The PoS terminal configures a terminal profile of the PoS terminal according to instructions received in the payment information from the merchant device when the payment information is validated at the PoS terminal.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This application is based on and claims priority to U.S. Provisional Patent App. No. 61/804,773, filed on Mar. 25, 2013 with the U.S. Patent Office, the contents of which priority application are hereby incorporated by reference in their entity.
    • BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The invention relates to a Point-of-Sale (PoS) terminal with a data communication feature and a method thereof for configuring a secure, remotely and temporarily modified merchant profile of the PoS terminal.
  • 2. Description of the Related Art
  • Online shops and merchants often accept credit and debit cards for a method of payment. The problem with the online card payments is that the user must enter the card information manually to the fields on the online shop site.
  • The online card payment as described above is so called ‘card not present’ transaction, where the merchant can't verify the existence of the physical card at the moment of the transaction. Card not present transactions can be faked easily and the risk for the merchant is high and consequently the related transaction fee is high.
  • There is no guarantee that the user is entering his/her own card information, i.e. the card information can be stolen or otherwise fraudulent and can lead to financial losses of the merchant and/or of the consumer. The information sent to the website could be misused for fraudulent transactions by anyone who have access to that information or by a ‘middle-man’ who can detect the information from the communication between the user and the web site. There are several ways this can be achieved.
  • Typical Point of Sale (PoS) terminals are configured to accept card payments into the merchant's own bank account. These PoS terminals are not suitable for online purchases where the consumer can buy from any online shop because of the payment would be directed to the bank account of the owner of the PoS terminal.
    • BRIEF SUMMARY OF THE INVENTION
  • In one or more embodiments, a method of remotely configuring a Point-of-Sale (PoS) terminal is provided. The method includes generating, at a merchant device, payment information based on a transaction input. The method also includes signing the generated payment information with a private key, and transmitting the signed payment information and a first public key certificate signed by a certificate authority to the PoS terminal for validation of the payment information at the PoS terminal using the first public key certificate. The PoS terminal configures a terminal profile of the PoS terminal according to instructions received in the payment information from the merchant device when the payment information is validated at the PoS terminal.
  • In one or more embodiments, a method of remotely configuring a Point-of-Sale (PoS) terminal is provided. The method includes receiving, at the PoS terminal, signed payment information signed with a private key and a public key certificate signed by a certificate authority. The method also includes validating, at the PoS terminal, the payment information using the public key certificate. The method further includes configuring, at the PoS terminal, a terminal profile of the PoS terminal according to instructions received in the payment information from a merchant device when the payment information is validated at the PoS terminal.
  • In one or more embodiments, a method of remotely configuring a Point-of-Sale (PoS) terminal is provided. The method includes receiving, at the merchant device, a transaction input. The method also includes generating, at the merchant device, payment information based on the transaction input, and signing the generated payment information with a private key. The method additionally includes transmitting the signed payment information and a public key certificate signed by a certificate authority to the PoS terminal. The method includes validating, at the PoS terminal, the public key certificate using a public key certificate of the certificate authority, and validating, at the PoS terminal, the payment information using the certificate authority-signed public key certificate. The method also includes configuring, at the PoS terminal, a terminal profile of the PoS terminal according to instructions received in the payment information when the payment information is validated at the PoS terminal.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Other objects and advantages of the present embodiments will become apparent from a study of the following specification when viewed in the light of the accompanying drawings, in which:
  • FIG. 1 is a schematic representation of a flow of transaction messages according to at least one embodiment;
  • FIG. 2 is a schematic representation of a flow of transaction messages according to at least one embodiment;
  • FIG. 3 is a schematic illustration of a transaction flow with an acquiring bank according to at least one embodiment;
  • FIG. 4 is a schematic diagram of a merchant, an acquiring bank, and a certificate authority according to at least one embodiment;
  • FIG. 5 is a schematic illustration of a transaction flow with a merchant according to at least one embodiment;
  • FIG. 6 is a schematic diagram of a merchant and an acquiring bank according to at least one embodiment.
    •  DETAILED DESCRIPTION OF THE INVENTION
  • Reference will now be made in detail to the preferred embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like reference numerals refer to like elements throughout.
  • The present embodiments describes a PoS terminal with a data communication feature and a method for a secure, remotely and temporarily modified merchant profile of the PoS terminal, allowing such temporary merchant profile to be used for the duration of a specific transaction. While the temporary merchant profile is activated and in use, the PoS terminal acts as a remote PoS terminal of the merchant and it can only be used for a specified card payment, where the paid amount will be credited into the merchant's account as described in the temporary profile. Once the specific transaction has been completed, the temporary profile will be deleted and the default PoS terminal profile will be activated.
  • The buyer does not need to enter his/her payment card information anywhere. The card information could be used for fraudulent transactions in many ways.
  • The invention is related to a Point of Sale terminal, and specifically to U.S. Patent App. No. U.S. 61/726,121, incorporated herein in its entirety, describing a Point of Sale terminal, which is implemented as software residing in a UICC/SIM card. It can use EMV or Public Key Infrastructure (PKI) type of security certificate based solution.
  • The present embodiments allow secure online payments using chip cards or a mobile wallet, a PoS terminal (which may reside in a secure chip card memory or in a mobile device) having a smart card reader or a proximity communication feature such as Near Field Communication (NFC) card reader interface and a network communication capability.
  • The solution is using secured certificates based on Public Key Infrastructure (PKI). The security key management chain integrity is a key element in creating and maintaining the high security level.
  • Security Management
  • There are several scenarios to manage the security. The first one is with a Merchant, Acquiring bank, Certificate Authority (‘CA’, for example a Card Scheme) and the Buyer. The second scenario contains a Merchant, Certificate Authority (CA) and the Buyer.
  • The PoS terminal must be able to verify that the temporary profile it receives is valid and that it has not been altered. This can be achieved by using a PKI security solution inheriting the trust from a common CA. For this purpose, the CA's Public Key Certificate is distributed to the PoS Terminal typically at the time of manufacturing, but it could be done at a later stage.
  • In both scenarios prior to the first step, the Buyer has already completed the online shopping, the complete Payment Info is therefore known, and user has selected the option to pay with a mobile device with a secured PoS terminal functionality and entered his/her mobile device number.
  • Turning now to FIGS. 3 and 4, an embodiment of the present invention is illustrated in a transaction flow diagram and a schematic diagram. The transaction flow diagram of FIG. 3 illustrates a transaction flow with an acquiring bank in which payment information is transmitted to the mobile PoS terminal. The transaction flow diagram of FIG. 4 illustrates a schematic diagram illustrating security certificate issuance and configuring of the temporary PoS terminal profile with an acquiring bank. The system includes a merchant, a certificate (or certification) authority, and an acquirer bank. In the embodiment including the acquirer bank, the following operations may occur:
  • 1. Merchant signs the Payment Information (PI) with its Private Key.
    2. Merchant sends the signed PI to an Acquiring Bank (AB).
    3. AB validates the PI with Merchants Public Key certificate.
    4. If the PI is valid, AB signs the PI with its own Private Key.
    5. AB sends the signed PI and AB's Public Key certificate signed by a CA to a PoS terminal.
    6. PoS terminal validates the AB's Public Key certificate using CA's Public Key certificate.
    7. If the AB's certificate is valid, the PoS will use it to validate the PI.
    8. If the PI is valid, the PoS will configure its terminal profile according to the instructions received in the PI for duration of one transaction.
    9. The PoS presents the payment instructions to the user.
    10. The user can accept the payment or reject it.
    11. If accepted, the payment will be processed according to the relevant method.
    12. When the payment processing has been completed, the PoS terminal will automatically reconfigure itself with the default terminal profile.
  • Turning to FIGS. 5 and 6, an embodiment of the present invention is illustrated in a transaction flow diagram and a schematic diagram. The transaction flow diagram of FIG. 5 illustrates a transaction flow with a merchant transmitting the payment information to a mobile PoS terminal. The transaction flow diagram of FIG. 6 illustrates a schematic diagram illustrating security clearance issuance and configurating of a temporary PoS terminal profile without using an acquiring bank. The system includes a merchant device and a certificate authority, without an acquiring bank. In the embodiment without the acquirer bank, the following operations may occur:
  • 1. Merchant signs the Payment Information (PI) with its Private Key.
    2. Merchant sends the signed PI and Merchant's Public Key certificate signed by a CA to a PoS terminal.
    3. PoS terminal validates the Merchant's Public Key certificate using CA's Public Key certificate.
    4. If the Merchant's certificate is valid, the PoS will use it to validate the PI.
    5. If the PI is valid, the PoS will configure its terminal profile according to the instructions received in the PI for duration of one transaction.
    6. The PoS presents the payment instructions to the user.
    7. The user can accept the payment or reject it.
    8. If accepted, the payment will be processed according to the relevant method.
    9. When the payment processing has been completed, the PoS terminal will automatically reconfigure itself with the default terminal profile.
  • There could be also other scenarios with the same level of security provided by an unbroken chain of security certificates.
  • The selection of these scenarios is invisible to the user. The main difference is in handling the data traffic to the mobile devices, in other words, whether the Merchants need to be able to manage the data communication between their system and various mobile devices, or will this complexity concentrated at and performed by the Acquiring Banks.
  • Transaction Message Flow
  • FIG. 1 illustrates transaction messages with an online consumer using a separate terminal for shopping and a mobile device for payment. FIG. 2 illustrates transaction messages with an online consumer using a mobile device for shopping and for payment.
  • When ready to pay the products or services (1), the user can enter his/her mobile device number at the online merchant site (2) as the payment card number. The merchant server will generate a Payment Invoice with all necessary information about the transaction, including but not limited to the merchant's PoS terminal profile, such as primary account number and other information, risk management information, payment processing information, information about accepted card type(s), a list of country codes where the mobile PoS terminal is allowed to perform the transaction, a list of country codes where the mobile PoS terminal is not allowed to perform the transaction, date and time of the purchase, name of the merchant and the amount as well as the user's mobile device number. The Payment Invoice will be signed by the Merchant's own private key, which is signed by a trusted third party, like a bank, a payment card scheme, a Certificate Authority or similar, and sent to an Acquiring Bank (3) which will check the authentication and integrity of the Payment Invoice. If the Payment Invoice is valid, the CA will sign it with its own Private Key and send it to the secure PoS terminal application (4) at the user's mobile device or in the UICC/SIM card in the mobile device.
  • The data transmission function can be performed by a trusted service manager or other trusted third party. The transmission can use any available communication protocol, such as SMS, USSD, TCP/IP or CSD, which is supported by the used network and the mobile device and the UICC card which may reside in it.
  • A trusted third part like CA or a bank may hold a database linking the account number to a mobile device number.
  • The PoS terminal will receive the signed Payment Invoice and will check the integrity and authentication of the Payment Invoice using a Public Key of a CA, trusted third party or a payment card scheme, which resides in its secure memory.
  • The PoS terminal will determine its geographical location using for example available network information about in which country it resides and compare the location information with the list of allowed and banned country codes. If the current geographical location of the PoS terminal is not within the allowed locations or if it is in a banned location, the PoS terminal will cancel the transaction and the user and the bank may be informed.
  • If the Payment Invoice is valid, the PoS terminal will use the information in the Payment Invoice to configure itself to act as if it were a PoS terminal belonging to the Merchant.
  • The Payment Invoice includes the amount to be paid as a fixed amount which can't be entered or otherwise modified by the user.
  • The user will be notified about the online pending transaction and asked for a permission to continue with the transaction. The user can either cancel or accept the transaction ‘as is’, but the user cannot change the amount or any other settings or information related to the transaction.
  • The PoS terminal will display the amount, the name or other identification of the merchant and potentially other transaction related information and ask for the user's acceptance. If the transaction is accepted by the user, the PoS terminal will ask for a payment card to be presented in the card reader. In case of multiple cards or card readers, the PoS terminal will ask the user to select the card and card reader interface to be used.
  • The card reader can be integrated in the PoS terminal/mobile device or it can be an external card reader connected to it. The card reader can be contact or contactless type.
  • Once the payment card is communicating with the card reader embedded in or connected to the mobile device (5) in order to complete the transaction, the user may be asked to provide information he/she knows like a secret PIN code (or another authentication like a signature, picture, voice sample or a photo, etc). The PIN code or other authentication information can be entered for example using the mobile device's user interface display, a keypad, a camera, a voice recognition feature, a character detection feature or a motion detection feature.
  • The transaction between the payment card and the PoS terminal can be for example an EMV standard transaction, a contactless payment transaction, a smart card transaction, an embedded payment card transaction, a credit or a debit card transaction, a transaction using an account for example at a network operator, a prepaid or a stored value or a purse card transaction.
  • The payment card can be a physically separate payment card or it can reside in the same UICC card or in the same mobile device as the PoS terminal. The payment card can reside in a Mobile Wallet which is in the mobile device or in the UICC/SIM card. The payment card can reside in the same Integrated Circuit (IC) as the PoS terminal or it can be in a separate IC. One or both of the ICs can be embedded in a UICC/SIM card or a mobile device. The IC containing the payment card can be embedded in the mobile device and the IC containing the PoS terminal can be embedded in the UICC card, and vice versa.
  • UICC card can be a SIM card and/or a Secure Element.
  • If a Mobile Wallet is used and it contains more than one payment card, the user can select which payment card he/she wants to use.
  • The payment transaction will be sent back to the Acquiring bank (6), which will check the validity of the transaction with the Issuing bank (7-8) and confirm the transaction status to PoS terminals and to the Online Merchant (9). The Online Merchant can confirm the transaction status to the Consumer (10). If the transaction was completed successfully, the funds will be transferred to the Merchant's bank account.
  • If the transaction was not approved, the user may cancel the transaction or retry with the same or different payment card or card reader.
  • Once the Payment Invoice has been processed and the transaction has been completed, the Merchant specific configuration and information will be deleted permanently and the default configuration of the user's PoS will be reconfigured.
  • The present embodiments enable secure online purchases using a NFC compatible mobile device and a UICC card as a PoS terminal for both the merchant and the buyer.
  • The PoS terminal can be any network connected PoS terminal.
  • The Online Merchant server (the Seller's PoS terminal) can be also a software application or hardware implementation in a mobile device or a SIM card. In this case, the Seller's PoS terminal application in the mobile device or in the SIM card could send its own terminal profile to the buyer's PoS terminal application to conduct a secure financial transaction to be routed from the Buyer's account to the Seller's account.
  • Address Database
  • The PoS terminal application can hold a database of one or more street or other physical addresses. The addresses can be used for example as an invoicing and/or delivery address for a remote purchase of goods. The address can be combined with the information send to the acquiring bank and/or to the merchant. The address information can be signed by the PoS terminal using its Private Key for authentication and encrypted by using the merchant's or acquiring bank's Public Key for security purposes.
  • The address database can have fixed addresses the user can't change and additional addresses the user can modify.
  • The addresses can be marked with various purposes, like ‘delivery address’, ‘invoicing address’, ‘home address’, ‘work address’, ‘PoS terminal holders address’ to name a few. If an address is included in the data sent to the acquiring bank and/or to the merchant and it has been marked as ‘delivery address’, the merchant shall use that address as the delivery address for the goods. If the address is marked as ‘invoicing address’ the merchant shall send the invoice related to the purchase to that address.
  • Aspects of the present embodiment(s) can also be embodied as software configured to be used with a processor to cause the processor to perform operations, or can be embodied as hardware on one or more connected or unconnected devices.
  • While in accordance with the provisions of the Patent Statutes the preferred forms and embodiments of the invention have been illustrated and described, it will be apparent to those skilled in the art that various changes may be made without deviating from the inventive concepts set forth above.

Claims (23)

What is claimed is:
1. A method of remotely configuring a Point-of-Sale (PoS) terminal, the method comprising:
generating, at a merchant device, payment information based on a transaction input;
signing the generated payment information with a private key; and
transmitting the signed payment information and a first public key certificate signed by a certificate authority to the PoS terminal for validation of the payment information at the PoS terminal using the first public key certificate,
wherein the PoS terminal configures a terminal profile of the PoS terminal according to instructions received in the payment information from the merchant device when the payment information is validated at the PoS terminal.
2. The method according to claim 1, further comprising encrypting the signed payment information and the first public key certificate before transmitting the signed payment information and the first public key certificate using a second public key certificate of one of the PoS terminal and an acquiring bank.
3. The method according to claim 1, wherein the first public key certificate is a public key certificate associated with the merchant device, and
the merchant device transmits the signed payment information and the merchant public key certificate to the PoS terminal.
4. The method according to claim 3, wherein the PoS terminal validates the merchant public key certificate using a public key certificate of the certificate authority.
5. The method according to claim 4, wherein the PoS terminal uses the merchant public key certificate to validate the payment information when the merchant public key certificate is validated.
6. The method according to claim 1, wherein the private key is a private key of the merchant device,
the signing the generated payment information with the private key comprises signing, by the merchant device, the generated payment information with the private key of the merchant device, and
the transmitting the signed payment information comprises transmitting the signed payment information directly from the merchant device to the PoS terminal.
7. The method according to claim 1, further comprising transmitting, by the merchant device, the signed payment information to an acquiring bank prior to the signed payment information being transmitted to the PoS terminal.
8. The method according to claim 7, wherein the first public key certificate is a public key certificate of the acquiring bank.
9. The method according to claim 8, further comprising validating, at the acquiring bank, the signed payment information with a public key certificate associated with the merchant device.
10. The method according to claim 9, wherein the private key is a private key of the acquiring bank, and
the signing the generated payment information with the private key comprises signing, by the acquiring bank, the payment information with the private key of the acquiring bank when the payment information is validated by the acquiring bank.
11. The method according to claim 10, wherein the transmitting the signed payment information and the public key certificate comprises transmitting, by the acquiring bank, the signed payment information and the acquiring bank public key certificate directly to the PoS terminal.
12. The method according to claim 11, wherein the PoS terminal validates the acquiring bank public key certificate using a public key certificate of the certificate authority.
13. The method according to claim 12, wherein the PoS terminal uses the acquiring bank public key certificate to validate the payment information when the acquiring bank public key certificate is validated.
14. The method according to claim 1, wherein the PoS terminal configures the terminal profile for one transaction based on the instructions received in the payment information.
15. A method of remotely configuring a Point-of-Sale (PoS) terminal, the method comprising:
receiving, at the PoS terminal, signed payment information signed with a private key and a public key certificate signed by a certificate authority;
validating, at the PoS terminal, the payment information using the public key certificate; and
configuring, at the PoS terminal, a terminal profile of the PoS terminal according to instructions received in the payment information from a merchant device when the payment information is validated at the PoS terminal.
16. The method according to claim 15, wherein the private key is a private key of the merchant device, the generated payment information being signed with the private key of the merchant device and being transmitted directly from the merchant device to the PoS terminal,
the public key certificate is a public key certificate associated with the merchant device, and
the validating the payment information comprises
validating the merchant public key certificate using a public key certificate of the certificate authority, the merchant public key certificate being received from the merchant device, and
validating the payment information using the merchant public key certificate when the merchant public key certificate is validated.
17. The method according to claim 15, wherein the signed payment information is validated with a public key certificate associated with the merchant device at an acquiring bank,
the private key is a private key of the acquiring bank, the payment information received at the PoS terminal being signed with the private key of the acquiring bank when the payment information is validated by the acquiring bank, and
the public key certificate received at the PoS terminal is a public key certificate of the acquiring bank received from the acquiring bank directly at the PoS terminal.
18. The method according to claim 17, wherein the validating the payment information comprises
validating the acquiring bank public key certificate using the public key certificate of the certificate authority, and
validating the payment information using the acquiring bank public key certificate when the acquiring bank public key certificate is validated.
19. The method according to claim 15, wherein the configuring the terminal profile comprises configuring the terminal profile for one transaction based on the instructions received in the payment information.
20. The method according to claim 15, further comprising automatically reconfiguring, by the PoS terminal, the terminal profile with a default terminal profile after payment processing is completed in accordance with payment instructions presented at the PoS terminal.
21. A method of remotely configuring a Point-of-Sale (PoS) terminal, the method comprising:
receiving, at the merchant device, a transaction input;
generating, at the merchant device, payment information based on the transaction input;
signing the generated payment information with a private key;
transmitting the signed payment information and a public key certificate signed by a certificate authority to the PoS terminal;
validating, at the PoS terminal, the public key certificate using a public key certificate of the certificate authority;
validating, at the PoS terminal, the payment information using the certificate authority-signed public key certificate; and
configuring, at the PoS terminal, a terminal profile of the PoS terminal according to instructions received in the payment information when the payment information is validated at the PoS terminal.
22. The method according to claim 21, wherein the signed payment information and the certificate authority-signed public key certificate are transmitted from the merchant device, the certificate authority-signed public key certificate being a public key certificate of the merchant device.
23. The method according to claim 21, wherein the signed payment information and the certificate authority-signed public key certificate are transmitted from the acquiring bank, the certificate authority-signed public key certificate being a public key certificate of the acquiring bank.
US14/224,461 2013-03-25 2014-03-25 Secure remotely configurable point of sale terminal Abandoned US20140289130A1 (en)

Priority Applications (20)

Application Number Priority Date Filing Date Title
US14/224,461 US20140289130A1 (en) 2013-03-25 2014-03-25 Secure remotely configurable point of sale terminal
EA201691800A EA201691800A1 (en) 2014-03-25 2015-03-24 SYSTEM AND METHOD FOR CARRYING OUT REMOTE TRANSACTIONS AND SALES POINT TERMINAL
MX2016012331A MX2016012331A (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal.
JP2017501512A JP6667498B2 (en) 2014-03-25 2015-03-24 Remote transaction system, method and POS terminal
MYPI2016703485A MY186728A (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
SG10201808318VA SG10201808318VA (en) 2014-03-25 2015-03-24 Remote Transaction System, Method and Point of Sale Terminal
CN202011235492.4A CN112308555A (en) 2014-03-25 2015-03-24 Remote transaction system, method and point-of-sale terminal
BR112016021876A BR112016021876A2 (en) 2014-03-25 2015-03-24 remote transaction system, method and point of sale
EP15714898.2A EP3123424A1 (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
CN201580022312.5A CN106462840A (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
KR1020167029719A KR102574524B1 (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
SG11201607921UA SG11201607921UA (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
CA2943854A CA2943854A1 (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
AU2015238048A AU2015238048A1 (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
PCT/GB2015/050869 WO2015145131A1 (en) 2014-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
US15/129,308 US10922675B2 (en) 2013-03-25 2015-03-24 Remote transaction system, method and point of sale terminal
IL247965A IL247965B (en) 2014-03-25 2016-09-21 Remote transaction system, method and point of sale terminal
PH12016501884A PH12016501884A1 (en) 2014-03-25 2016-09-23 Remote trasaction system, method and point of sale terminal
AU2020260506A AU2020260506A1 (en) 2014-03-25 2020-10-29 Remote transaction system, method and point of sale terminal
AU2023200221A AU2023200221A1 (en) 2014-03-25 2023-01-17 Remote transaction system, method and point of sale terminal

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201361804773P 2013-03-25 2013-03-25
US14/224,461 US20140289130A1 (en) 2013-03-25 2014-03-25 Secure remotely configurable point of sale terminal

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US15/129,308 Continuation US10922675B2 (en) 2013-03-25 2015-03-24 Remote transaction system, method and point of sale terminal

Publications (1)

Publication Number Publication Date
US20140289130A1 true US20140289130A1 (en) 2014-09-25

Family

ID=51569870

Family Applications (2)

Application Number Title Priority Date Filing Date
US14/224,461 Abandoned US20140289130A1 (en) 2013-03-25 2014-03-25 Secure remotely configurable point of sale terminal
US15/129,308 Active 2035-12-09 US10922675B2 (en) 2013-03-25 2015-03-24 Remote transaction system, method and point of sale terminal

Family Applications After (1)

Application Number Title Priority Date Filing Date
US15/129,308 Active 2035-12-09 US10922675B2 (en) 2013-03-25 2015-03-24 Remote transaction system, method and point of sale terminal

Country Status (1)

Country Link
US (2) US20140289130A1 (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104410641A (en) * 2014-12-10 2015-03-11 福建联迪商用设备有限公司 Security-controlled online activation method and device for POS terminals
WO2016082673A1 (en) * 2014-11-26 2016-06-02 中国银联股份有限公司 Method for verifying authenticity of terminal in electronic cash transaction
WO2016137304A1 (en) * 2015-02-27 2016-09-01 Samsung Electronics Co., Ltd. Trust-zone-based end-to-end security
US9613353B1 (en) * 2013-12-26 2017-04-04 Square, Inc. Passcode entry through motion sensing
US10229404B1 (en) * 2016-12-16 2019-03-12 Worldpay, Llc Systems and methods for network configurations of pin pads
US10373149B1 (en) 2012-11-12 2019-08-06 Square, Inc. Secure data entry using a card reader with minimal display and input capabilities having a display
WO2020091722A1 (en) * 2018-10-29 2020-05-07 Visa International Service Association Efficient authentic communication system and method
US10679212B2 (en) 2014-05-26 2020-06-09 The Toronto-Dominion Bank Post-manufacture configuration of pin-pad terminals
US10699274B2 (en) 2015-08-24 2020-06-30 Samsung Electronics Co., Ltd. Apparatus and method for secure electronic payment
US10846696B2 (en) 2015-08-24 2020-11-24 Samsung Electronics Co., Ltd. Apparatus and method for trusted execution environment based secure payment transactions
US11010741B1 (en) 2020-12-01 2021-05-18 Rockspoon, Inc. System and method for the automatic configuration of devices by remote communication with a server
US11107047B2 (en) 2015-02-27 2021-08-31 Samsung Electronics Co., Ltd. Electronic device providing electronic payment function and operating method thereof
US11129018B2 (en) 2015-02-27 2021-09-21 Samsung Electronics Co., Ltd. Payment means operation supporting method and electronic device for supporting the same
US11182769B2 (en) 2015-02-12 2021-11-23 Samsung Electronics Co., Ltd. Payment processing method and electronic device supporting the same
US11475428B2 (en) 2020-12-01 2022-10-18 Rockspoon, Inc. System and method for the automatic network configuration of devices by remote communication with a server

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5740033B1 (en) * 2014-06-10 2015-06-24 東芝テック株式会社 Information processing device, portable terminal device, and program
US11232448B2 (en) * 2015-06-30 2022-01-25 Worldpay, Llc Configurable transaction management controller and method thereof
WO2017012580A1 (en) * 2015-07-22 2017-01-26 天地融科技股份有限公司 Data processing method and apparatus, and pos machine transaction system
US11301897B2 (en) * 2018-04-11 2022-04-12 Intel Corporation Secure visual transactions for mobile devices
US11847635B2 (en) * 2018-07-24 2023-12-19 Royal Bank Of Canada Payment card with secure element and replenishable tokens
US20200058029A1 (en) * 2018-08-15 2020-02-20 Shopify Inc. Dynamically populated user interface feature
US20210287199A1 (en) * 2020-03-13 2021-09-16 Jpmorgan Chase Bank, N.A. Method and system for payment processing
CN111784347B (en) * 2020-07-31 2023-07-04 支付宝(杭州)信息技术有限公司 Resource transfer method and device
US20220318866A1 (en) * 2021-04-05 2022-10-06 Scott Orlinsky Payment system and method

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6240091B1 (en) * 1997-07-14 2001-05-29 Nokia Telecommunications Oy Implementation of access service
US6877093B1 (en) * 2000-06-06 2005-04-05 Commerciant, L.P. System and method for secure provisioning and configuration of a transaction processing device
US20060224470A1 (en) * 2003-07-02 2006-10-05 Lucia Garcia Ruano Digital mobile telephone transaction and payment system
US20080268811A1 (en) * 2007-04-27 2008-10-30 American Express Travel Related Services Co., Inc. Payment application download to mobile phone and phone personalization
US20080270302A1 (en) * 2007-04-27 2008-10-30 American Express Travel Related Services Co., Inc. User experience on mobile phone
US20100250437A1 (en) * 2007-11-07 2010-09-30 Thomas Anton Goeller System and method for multiparty billing of network services
US20120284193A1 (en) * 2011-05-02 2012-11-08 Vaduvur Bharghavan System and method for secure communication for cashless transactions
US20130226722A1 (en) * 2010-10-16 2013-08-29 Fucundo Barrera Switchable access device and methods
US20150025989A1 (en) * 2012-02-28 2015-01-22 John Henry Dunstan Remote configuration of a point-of-sale device

Family Cites Families (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7096193B1 (en) * 1999-05-21 2006-08-22 Servicemagic, Inc. Facilitating commerce among consumers and service providers by matching ready-to-act consumers and pre-qualified service providers
JP4453203B2 (en) * 2001-01-09 2010-04-21 セイコーエプソン株式会社 Device environment setting system, device environment setting processing method, and information recording medium
US20070106564A1 (en) * 2005-11-04 2007-05-10 Utiba Pte Ltd. Mobile phone as a point of sale (POS) device
US9047601B2 (en) 2006-09-24 2015-06-02 RFCyber Corpration Method and apparatus for settling payments using mobile devices
US20080114699A1 (en) * 2006-11-13 2008-05-15 Gong Yi Yuan System, hardware and method for mobile pos payment
US7814013B2 (en) * 2006-12-19 2010-10-12 Morsillo Leon N Electronic payment processing system
US20090063312A1 (en) * 2007-08-28 2009-03-05 Hurst Douglas J Method and System for Processing Secure Wireless Payment Transactions and for Providing a Virtual Terminal for Merchant Processing of Such Transactions
SK50862008A3 (en) * 2008-09-19 2010-06-07 Logomotion, S. R. O. System for electronic payment applications and method for payment authorization
US20100211495A1 (en) * 2009-02-13 2010-08-19 Bank Of America Corporation Systems, methods and computer program products for improving foreign currency exchange in a comprehensive payment hub system
CA2739858C (en) * 2009-05-03 2017-07-11 Logomotion, S.R.O. A payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction
US8321285B1 (en) * 2009-10-05 2012-11-27 Mocapay, Inc. Method and system for routing transactions to a mobile-commerce platform
US9324066B2 (en) * 2009-12-21 2016-04-26 Verizon Patent And Licensing Inc. Method and system for providing virtual credit card services
US9195982B2 (en) * 2010-02-04 2015-11-24 Rick N. Orr System and method for interfacing a client device with a point of sale system
US8751316B1 (en) * 2010-02-05 2014-06-10 Intuit Inc. Customer-controlled point-of-sale on a mobile device
US20110196782A1 (en) * 2010-02-05 2011-08-11 Bank Of America Corporation Transferring Funds Using Mobile Devices
US8380177B2 (en) * 2010-04-09 2013-02-19 Paydiant, Inc. Mobile phone payment processing methods and systems
US20120028609A1 (en) * 2010-07-27 2012-02-02 John Hruska Secure financial transaction system using a registered mobile device
US9596237B2 (en) * 2010-12-14 2017-03-14 Salt Technology, Inc. System and method for initiating transactions on a mobile device
US20120158528A1 (en) * 2010-12-21 2012-06-21 Ebay, Inc. Efficient transactions at a point of sale location
US20120203695A1 (en) * 2011-02-09 2012-08-09 American Express Travel Related Services Company, Inc. Systems and methods for facilitating secure transactions
US10580049B2 (en) * 2011-04-05 2020-03-03 Ingenico, Inc. System and method for incorporating one-time tokens, coupons, and reward systems into merchant point of sale checkout systems
US9053478B2 (en) * 2011-05-03 2015-06-09 Verifone, Inc. Mobile commerce system
US20120284130A1 (en) * 2011-05-05 2012-11-08 Ebay, Inc. Barcode checkout at point of sale
US8751317B2 (en) * 2011-05-12 2014-06-10 Koin, Inc. Enabling a merchant's storefront POS (point of sale) system to accept a payment transaction verified by SMS messaging with buyer's mobile phone
US8498900B1 (en) * 2011-07-25 2013-07-30 Dash Software, LLC Bar or restaurant check-in and payment systems and methods of their operation
US9026460B2 (en) * 2012-06-28 2015-05-05 Bank Of America Corporation Automatic activation of mobile payment mechanisms based on identified mobile payment types accepted by a merchant
US9898719B2 (en) * 2012-06-29 2018-02-20 Paypal, Inc. Systems, methods, and computer program products providing push payments
US9436940B2 (en) * 2012-07-09 2016-09-06 Maxim Integrated Products, Inc. Embedded secure element for authentication, storage and transaction within a mobile terminal
WO2014043278A1 (en) * 2012-09-11 2014-03-20 Visa International Service Association Cloud-based virtual wallet nfc apparatuses, methods and systems
WO2014059142A1 (en) * 2012-10-10 2014-04-17 Mastercard International Incorporated Methods and systems for conducting remote point of sale transactions
KR101807765B1 (en) * 2012-11-16 2017-12-11 주식회사 케이티 System and method for mobile payment
US20150310421A1 (en) * 2014-04-23 2015-10-29 Rfcyber Corporation Electronic payment transactions without POS terminals

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6240091B1 (en) * 1997-07-14 2001-05-29 Nokia Telecommunications Oy Implementation of access service
US6877093B1 (en) * 2000-06-06 2005-04-05 Commerciant, L.P. System and method for secure provisioning and configuration of a transaction processing device
US20060224470A1 (en) * 2003-07-02 2006-10-05 Lucia Garcia Ruano Digital mobile telephone transaction and payment system
US20080268811A1 (en) * 2007-04-27 2008-10-30 American Express Travel Related Services Co., Inc. Payment application download to mobile phone and phone personalization
US20080270302A1 (en) * 2007-04-27 2008-10-30 American Express Travel Related Services Co., Inc. User experience on mobile phone
US20100250437A1 (en) * 2007-11-07 2010-09-30 Thomas Anton Goeller System and method for multiparty billing of network services
US20130226722A1 (en) * 2010-10-16 2013-08-29 Fucundo Barrera Switchable access device and methods
US20120284193A1 (en) * 2011-05-02 2012-11-08 Vaduvur Bharghavan System and method for secure communication for cashless transactions
US20150025989A1 (en) * 2012-02-28 2015-01-22 John Henry Dunstan Remote configuration of a point-of-sale device

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10373149B1 (en) 2012-11-12 2019-08-06 Square, Inc. Secure data entry using a card reader with minimal display and input capabilities having a display
US9613353B1 (en) * 2013-12-26 2017-04-04 Square, Inc. Passcode entry through motion sensing
US10255593B1 (en) 2013-12-26 2019-04-09 Square, Inc. Passcode entry through motion sensing
US11416857B2 (en) 2014-05-26 2022-08-16 The Toronto-Dominion Bank Terminal configuration apparatus for the remote configuration of terminals
US11657392B2 (en) 2014-05-26 2023-05-23 The Toronto-Dominion Bank On-boarding server for remotely authorizing use of a terminal
US11636472B2 (en) 2014-05-26 2023-04-25 The Toronto-Dominion Bank Terminal configuration server for the remote configuration of terminals
US11562354B2 (en) 2014-05-26 2023-01-24 The Toronto-Dominion Bank Terminal configuration server for the remote configuration of terminals
US10679212B2 (en) 2014-05-26 2020-06-09 The Toronto-Dominion Bank Post-manufacture configuration of pin-pad terminals
WO2016082673A1 (en) * 2014-11-26 2016-06-02 中国银联股份有限公司 Method for verifying authenticity of terminal in electronic cash transaction
CN104410641A (en) * 2014-12-10 2015-03-11 福建联迪商用设备有限公司 Security-controlled online activation method and device for POS terminals
US11182769B2 (en) 2015-02-12 2021-11-23 Samsung Electronics Co., Ltd. Payment processing method and electronic device supporting the same
US10193700B2 (en) * 2015-02-27 2019-01-29 Samsung Electronics Co., Ltd. Trust-zone-based end-to-end security
WO2016137304A1 (en) * 2015-02-27 2016-09-01 Samsung Electronics Co., Ltd. Trust-zone-based end-to-end security
US11107047B2 (en) 2015-02-27 2021-08-31 Samsung Electronics Co., Ltd. Electronic device providing electronic payment function and operating method thereof
US11129018B2 (en) 2015-02-27 2021-09-21 Samsung Electronics Co., Ltd. Payment means operation supporting method and electronic device for supporting the same
US10846696B2 (en) 2015-08-24 2020-11-24 Samsung Electronics Co., Ltd. Apparatus and method for trusted execution environment based secure payment transactions
US10699274B2 (en) 2015-08-24 2020-06-30 Samsung Electronics Co., Ltd. Apparatus and method for secure electronic payment
US20220147964A1 (en) * 2016-12-16 2022-05-12 Worldpay, Llc Systems and methods for network configurations of pin pads
US11270282B2 (en) * 2016-12-16 2022-03-08 Worldpay, Llc Systems and methods for network configurations of pin pads
US20190147427A1 (en) * 2016-12-16 2019-05-16 Worldpay, Llc Systems and methods for network configurations of pin pads
US10229404B1 (en) * 2016-12-16 2019-03-12 Worldpay, Llc Systems and methods for network configurations of pin pads
US11836694B2 (en) * 2016-12-16 2023-12-05 Worldpay, Llc Systems and methods for network configurations of PIN pads
EP3874677A4 (en) * 2018-10-29 2021-11-10 Visa International Service Association Efficient authentic communication system and method
CN112970225A (en) * 2018-10-29 2021-06-15 维萨国际服务协会 Efficient trusted communications system and method
WO2020091722A1 (en) * 2018-10-29 2020-05-07 Visa International Service Association Efficient authentic communication system and method
US11956349B2 (en) 2018-10-29 2024-04-09 Visa International Service Association Efficient authentic communication system and method
US11282058B1 (en) 2020-12-01 2022-03-22 Rockspoon, Inc. System and method for the automatic configuration of devices by remote communication with a server
US11010741B1 (en) 2020-12-01 2021-05-18 Rockspoon, Inc. System and method for the automatic configuration of devices by remote communication with a server
US11475428B2 (en) 2020-12-01 2022-10-18 Rockspoon, Inc. System and method for the automatic network configuration of devices by remote communication with a server
US11488131B2 (en) 2020-12-01 2022-11-01 Rockspoon, Inc. System and method for the automatic configuration of devices by remote communication with a server

Also Published As

Publication number Publication date
US20170178116A1 (en) 2017-06-22
US10922675B2 (en) 2021-02-16

Similar Documents

Publication Publication Date Title
US20140289130A1 (en) Secure remotely configurable point of sale terminal
US11587067B2 (en) Digital wallet system and method
CN109328445B (en) Unique token authentication verification value
US11195168B2 (en) Online transaction system
US20190356489A1 (en) Method and system for access token processing
KR101807779B1 (en) Systems, methods and devices for transacting
CN115907763A (en) Providing payment credentials to a consumer
KR101161778B1 (en) System for paying pos using near field communication
AU2023200221A1 (en) Remote transaction system, method and point of sale terminal
AU2015308090B2 (en) System and method for electronic payments
KR101092657B1 (en) Mobile card payment system and method thereof
US20240073022A1 (en) Virtual access credential interaction system and method
US20160267444A1 (en) Payments through Virtualization of a Physical Point of Sale (POS) Terminal and Money Transfer Using Mobile Device
CN114207578A (en) Mobile application integration
EP4020360A1 (en) Secure contactless credential exchange
US20210019732A1 (en) Online transaction system
CN112136302B (en) Mobile network operator authentication protocol
US20240104530A1 (en) Data processing utilizing a digital tag
WO2023043589A1 (en) Multiple interaction processing
EA041883B1 (en) SYSTEM AND METHOD FOR CONDUCTING REMOTE TRANSACTIONS USING POINT OF SALE PAYMENT TERMINAL

Legal Events

Date Code Title Description
AS Assignment

Owner name: IAXEPT LTD, UNITED KINGDOM

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SAVOLAINEN, RISTO KALEVI;REEL/FRAME:037056/0121

Effective date: 20151026

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION