WO2006009460A1 - A system and method for authenticating users in a payment system - Google Patents
A system and method for authenticating users in a payment system Download PDFInfo
- Publication number
- WO2006009460A1 WO2006009460A1 PCT/NO2005/000266 NO2005000266W WO2006009460A1 WO 2006009460 A1 WO2006009460 A1 WO 2006009460A1 NO 2005000266 W NO2005000266 W NO 2005000266W WO 2006009460 A1 WO2006009460 A1 WO 2006009460A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- transaction
- client
- authentication centre
- rfid
- authentication
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
Definitions
- the present invention relates to the use of RFID tags in payment systems.
- Radio frequency identification or RFID technologies use radio waves to automatically identify individual items.
- the most common applications are tracking goods in a supply chain, tracking assets, tracking packages at a distribution centre, security (including controlling access to buildings and networks) and payment systems that let customers pay for items without using cash.
- the system consists of a tag or transponder, which is made up of a microchip with an antenna attached to it, and an interrogator or reader.
- the reader sends out a radio signal that "couple" with the antenna on the RFID tag.
- the chip modulates the received signal, which is subsequently sent back to the reader.
- a serial number is stored on the chip that identifies a product, and perhaps also includes other information
- RFID systems are advantageous over other identification systems in that they do not require line of sight.
- RFID tags can be read as long as they are within range of a reader, irrespective of spatial arrangement.
- RFID tags may be used when buying bus or cinema tickets, tickets for football games, etc. By implementing RFID based access control in cinemas or football stadiums, users will get seamless access to the events in question without interaction with guard staff, ticket inspectors or gatekeepers. However, the use of RFID products in payment systems is challenging, in particular in respect to security issues. A payment RFID tag will be connected to the user's bank account, and if it is lost, a third party may buy a car using the rightful owner's money.
- the RFID system must include some sort of user authentication. As far as we know, no solution for direct authentication of users exists today. Currently users are authenticated by entering personal identification number (PIN) codes at external terminals, or by sending short message system
- SMS Session Management
- mobile phones These solutions are demanding with respect to user interaction, and prevent the technology from gaining ground as a means for identification and authentication.
- the inventive solution will now be described in detail with reference to the appended drawing, which shows a system for the authentication of a user, according to the present invention.
- the core of the invention is to introduce some sort of 2 step authentication - in which the user must accept the transaction with his/her mobile phone. This will greatly reduce the possibility of misuse.
- This solution is 5 different from common SMS commerce in that the transaction is initiated automatically and only requires a small degree of user interaction.
- the system is illustrated in the appended figure.
- the user possesses a mobile terminal 1 and an RFID tag.
- the presence of the RFID tag is detected by an RFID reader 2.
- the identification of the tag is sent to an authentication centre 3.
- the authentication centre is arranged to send an inquiry to the user' s mobile phone asking him/her to accept s the transaction. If the user accepts the transaction, by pressing an appropriate key, the transaction information is sent from the authentication centre to a transaction system 4.
- the arrows indicate the communication between the individual units involved in the transaction.
- the RFID tag In order to avoid the system being triggered each time a person enters a shop, the RFID tag should be of a short- range type, e.g. with an activation range of only some few centimetres. A customer can then bring the goods he wants to purchase to the till (cash register) . The cashier will s enter the cash value of the goods, whereupon the transaction is initiated by holding the RFID tag near to a RFID reader.
- the authentication centre 3 can be realized as a server running an authentication application.
- a 0 corresponding application can be installed at the mobile terminal. This is an application listening for arriving requests for acceptance of a transaction, and presents this to the user as a YES/NO option (dedicating YES and NO to specific keys on the keyboard, or to specific fields on a 5 touch sensitive screen) .
- the application on the mobile terminal may request the user to enter a 3 or 4 number code.
- the system could be realized using IP-communication (i.e GPRS) between the server and the client software on the mobile terminal.
- IP-communication i.e GPRS
- the inventive solution could also be realized as a SMS service.
- the authentication centre sends a SMS message to the client' s mobile terminal.
- the client can respond to the message by returning a message containing a Y, and thereby accept the transaction. This will require the client to touch 3 or 4 keys, at the most.
- the authentication centre can require the client to return a short number code. This could be a fixed number (PIN-code) or a number that is increased by 1 for each transaction, e.g. 10 for the first transaction, 11 for the next, etc. These measures will increase the security of the system.
- the system includes a mobile terminal 1, and an RFID tag at the customer side.
- the RFID tag should of course not be attached to the phone, in case the later is lost or stolen.
- An RFID reader 2 is communicating with the RFID tag over a wireless link 10.
- the RFID reader 2 is also in communication with an authentication centre 3 over a communication link 20.
- the authentication centre 3 communicates with the mobile terminal 1 over the public mobile telephone network 30, and is connected to a transaction system 4 via communication link 50.
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
NO20043052A NO20043052D0 (en) | 2004-07-16 | 2004-07-16 | Electronic payment system and procedure |
NO20043052 | 2004-07-16 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006009460A1 true WO2006009460A1 (en) | 2006-01-26 |
Family
ID=34972575
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/NO2005/000266 WO2006009460A1 (en) | 2004-07-16 | 2005-07-15 | A system and method for authenticating users in a payment system |
Country Status (2)
Country | Link |
---|---|
NO (1) | NO20043052D0 (en) |
WO (1) | WO2006009460A1 (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008074051A1 (en) * | 2006-12-19 | 2008-06-26 | Transurban Limited | Transaction system for use in authorising cashless transactions |
WO2009001366A1 (en) * | 2007-06-22 | 2008-12-31 | Ajay Adiseshann | Method and system for performing a monetary transaction through a mobile communication device |
WO2009087539A1 (en) | 2008-01-04 | 2009-07-16 | Logomotion, S.R.O. | Method and system of authenticity particularly at the payments, identifier of identity and/or approval |
EA013808B1 (en) * | 2009-02-09 | 2010-08-30 | Сергей Владимирович Скороходов | A method of payment of travelling and control of travel documents and an automated system for the implementation thereof |
WO2011004339A1 (en) | 2009-07-08 | 2011-01-13 | Logomotion, S.R.O. | Method and system of contactless authentication, and carrier of pin code |
EP2275982A1 (en) | 2009-07-16 | 2011-01-19 | Vodafone Holding GmbH | Querying a user of a mobile communication device |
US9054408B2 (en) | 2008-08-29 | 2015-06-09 | Logomotion, S.R.O. | Removable card for a contactless communication, its utilization and the method of production |
US9081997B2 (en) | 2008-10-15 | 2015-07-14 | Logomotion, S.R.O. | Method of communication with the POS terminal, the frequency converter for the post terminal |
US9098845B2 (en) | 2008-09-19 | 2015-08-04 | Logomotion, S.R.O. | Process of selling in electronic shop accessible from the mobile communication device |
US9456346B2 (en) | 2006-07-25 | 2016-09-27 | Virginia Innovation Science, Inc | Method and system for improving client server transmission over fading channel with wireless location and authentication technology via electromagnetic radiation |
US9723443B2 (en) | 2005-08-12 | 2017-08-01 | Virginia Innovation Sciences Inc. | System and method for providing locally applicable internet content with secure action requests and item condition alerts |
US10332087B2 (en) | 2009-05-03 | 2019-06-25 | Smk Corporation | POS payment terminal and a method of direct debit payment transaction using a mobile communication device, such as a mobile phone |
US11213773B2 (en) | 2017-03-06 | 2022-01-04 | Cummins Filtration Ip, Inc. | Genuine filter recognition with filter monitoring system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020181710A1 (en) * | 2000-02-27 | 2002-12-05 | Kfir Adam | Mobile transaction system and method |
US20040030601A1 (en) * | 2000-09-29 | 2004-02-12 | Pond Russell L. | Electronic payment methods for a mobile device |
-
2004
- 2004-07-16 NO NO20043052A patent/NO20043052D0/en unknown
-
2005
- 2005-07-15 WO PCT/NO2005/000266 patent/WO2006009460A1/en active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020181710A1 (en) * | 2000-02-27 | 2002-12-05 | Kfir Adam | Mobile transaction system and method |
US20040030601A1 (en) * | 2000-09-29 | 2004-02-12 | Pond Russell L. | Electronic payment methods for a mobile device |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9723443B2 (en) | 2005-08-12 | 2017-08-01 | Virginia Innovation Sciences Inc. | System and method for providing locally applicable internet content with secure action requests and item condition alerts |
US9456346B2 (en) | 2006-07-25 | 2016-09-27 | Virginia Innovation Science, Inc | Method and system for improving client server transmission over fading channel with wireless location and authentication technology via electromagnetic radiation |
WO2008074051A1 (en) * | 2006-12-19 | 2008-06-26 | Transurban Limited | Transaction system for use in authorising cashless transactions |
WO2009001366A1 (en) * | 2007-06-22 | 2008-12-31 | Ajay Adiseshann | Method and system for performing a monetary transaction through a mobile communication device |
WO2009087539A1 (en) | 2008-01-04 | 2009-07-16 | Logomotion, S.R.O. | Method and system of authenticity particularly at the payments, identifier of identity and/or approval |
US9054408B2 (en) | 2008-08-29 | 2015-06-09 | Logomotion, S.R.O. | Removable card for a contactless communication, its utilization and the method of production |
US9098845B2 (en) | 2008-09-19 | 2015-08-04 | Logomotion, S.R.O. | Process of selling in electronic shop accessible from the mobile communication device |
US9081997B2 (en) | 2008-10-15 | 2015-07-14 | Logomotion, S.R.O. | Method of communication with the POS terminal, the frequency converter for the post terminal |
EA013808B1 (en) * | 2009-02-09 | 2010-08-30 | Сергей Владимирович Скороходов | A method of payment of travelling and control of travel documents and an automated system for the implementation thereof |
US10332087B2 (en) | 2009-05-03 | 2019-06-25 | Smk Corporation | POS payment terminal and a method of direct debit payment transaction using a mobile communication device, such as a mobile phone |
WO2011004339A1 (en) | 2009-07-08 | 2011-01-13 | Logomotion, S.R.O. | Method and system of contactless authentication, and carrier of pin code |
EP2275982A1 (en) | 2009-07-16 | 2011-01-19 | Vodafone Holding GmbH | Querying a user of a mobile communication device |
US11213773B2 (en) | 2017-03-06 | 2022-01-04 | Cummins Filtration Ip, Inc. | Genuine filter recognition with filter monitoring system |
Also Published As
Publication number | Publication date |
---|---|
NO20043052D0 (en) | 2004-07-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2006009460A1 (en) | A system and method for authenticating users in a payment system | |
US10755271B2 (en) | Location based authentication | |
US11146561B2 (en) | Handling encoded information | |
US6612488B2 (en) | Method and system to prevent fraudulent payment in credit/debit card transactions, and terminals therefor | |
US8645280B2 (en) | Electronic credit card with fraud protection | |
US20070187482A1 (en) | Point of Sale Transaction Method and System | |
US20080077527A1 (en) | Method and System for a Purchase Transaction at a Remote Merchant Machine | |
CN101084516A (en) | Transaction system and method | |
JP2002176671A (en) | Mobile phone | |
CN1998032A (en) | Apparatus for identification, authorisation and/or notification | |
US10482692B2 (en) | Systems and methods for location-based automated authentication | |
WO2001088785A1 (en) | Electronic settlement system, settlement device, and terminal | |
CN107025552A (en) | A kind of self-service store's system and self-help shopping method | |
WO2001052205A1 (en) | A processing method and apparatus | |
GB2398159A (en) | Electronic payment authorisation using a mobile communications device | |
KR20000012607A (en) | certification system using radio communication device | |
KR20000049788A (en) | Personal ID automatic delivery and security by telecommunication system | |
US20050070330A1 (en) | Method of matching between a mobile phone and a personal card | |
WO2007071157A1 (en) | A recognition method for electronic payment and id authentication terminal and atm | |
CN103430199B (en) | Secure payment system using a mobile phone, and payment method using same | |
TW200303496A (en) | System and method for issuing card and processing blacklist using wireless communications | |
JP2001022869A (en) | Card transaction processing system | |
JP2002056338A (en) | Purchase price payment method and purchase price payment system | |
GB2491514A (en) | Handling encoded information and identifying user | |
JP2002183439A (en) | On-line checking method for commerce transaction party concerned, on-line communication method to commerce transaction party concerned, on-line acceptance information obtaining method, and system for them |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |