WO2013011043A1 - Système mobile pour transactions financières - Google Patents

Système mobile pour transactions financières Download PDF

Info

Publication number
WO2013011043A1
WO2013011043A1 PCT/EP2012/064040 EP2012064040W WO2013011043A1 WO 2013011043 A1 WO2013011043 A1 WO 2013011043A1 EP 2012064040 W EP2012064040 W EP 2012064040W WO 2013011043 A1 WO2013011043 A1 WO 2013011043A1
Authority
WO
WIPO (PCT)
Prior art keywords
execution
authorization device
authorization
payment
signal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2012/064040
Other languages
German (de)
English (en)
Inventor
Andreas Roth
Christian Roth
Christian BEUSCHEL
Jürgen WUNDERLE
Thomas STADELMANN
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
QMT GbR
Original Assignee
QMT GbR
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by QMT GbR filed Critical QMT GbR
Publication of WO2013011043A1 publication Critical patent/WO2013011043A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device

Definitions

  • the present invention relates to a system comprising distributed, functionally cooperating devices and a corresponding method for location-independent and multi-vendor initiation of a transaction, for example a payment transaction from a donor to a money receiver, and more particularly relates to a system and method for executing a provided control command ,
  • the invention further relates to a data memory for storing corresponding method steps, or a computer-readable medium with control commands for carrying out precisely this method.
  • a secure connection with a service provider can be established in accordance with conventional methods.
  • an implementation of such an authentication mechanism is typically cumbersome and possibly error prone. If a user wants to make use of a sensitive service from his mobile terminal, he expects a system in accordance with the intended purpose to do so with as little technical effort as possible and with simple operation.
  • mobile terminals must support special, secure protocols, special software must be installable, and / or other physical hardware components must be available for authentication.
  • a particularly sensitive control command may be, for example, initiating a financial transaction.
  • a donor requests, for example by means of a mobile terminal, a technical device of a payment service provider to credit an account of a money receiver a certain amount.
  • a technical device of a payment service provider to credit an account of a money receiver a certain amount.
  • a plurality of payment systems which rely on retrieving money from a known account, addressed sending of money and / or a payment means, i. Prepaid, a voucher or a voucher.
  • a payment means i. Prepaid, a voucher or a voucher.
  • here are direct debit by account holder, account number and bank code, use of a credit card, billing by mobile phone bill, billing by means of an identification number in the form of a mobile phone number or a customer number, a transfer of money, a use of cash or a cash card as a payment system and other procedures known by third parties.
  • the transaction system "Paypal” is known. This mobile payment system is based on an application, also called app, for smartphones. In doing so, it is necessary for both donors and payees to register with appropriate services, i. submit personal information before they can carry out such transactions.
  • Google Wallet Another conventional method is known as "Google Wallet", which implements existing card systems in the form of a corresponding application.
  • the virtual cards can communicate via the so-called “near field communication”. This can replace a magnetic strip or a chip of a payment card.
  • CA 2 457 263 A describes a method for authorizing a purchase transaction with the steps of: generating a unique transaction identification code, receiving a confirmation from a service station and authorizing a transaction upon corresponding the received acknowledgment code with the unique transaction identification code.
  • WO 2008 083 022 A1 describes a method and a system for carrying out an initiation of a financial transaction by means of a mobile telephone.
  • the lender initiates a transaction by sending a payment request message from a mobile phone specifying the payee and the payment amount.
  • payees are identified by means of clear aliases.
  • EP 1 229 467 A1 describes a payment system with a mobile device, whereby payment transactions are carried out and a cash register transmits a payment request wirelessly to a mobile device of a customer, who checks the payment request, if positive produces a payment instruction from it, transmits it to a payment center, the payment center checks the payment order, in the case of a positive result the payment center of the cash register sends a payment confirmation, the cash register checks the payment confirmation and, if the result is positive, this is indicated or the goods to be paid are released.
  • EP 1 450 322 A1 describes a payment method between a mobile subscriber and a provider, wherein the mobile subscriber has a first portable personal identification module which is intended for identification in a mobile radio network, wherein said identification module is bound to at least one money account, wherein at least said money account has an expense limit, whereby a payment transaction for which said spending limit is insufficient is made by means of a second attached money account linked to a second idfification module.
  • SIM cards are used to identify a subscriber. Under this identity several cash accounts or payment service providers can be subsumed. Depending on the payment system, however, different problems arise. The person who is in the role of the sponsor when making a payment does not want to disclose his or her data to the recipient, if possible. Cash or voucher systems have the
  • a system for executing a control command, based on a provided initialization signal, which comprises a first authorization device, a second authorization device and an execution device, wherein the embodiments
  • the first authorization device At the request of the first authorization device, the latter is set up to provide an initialization signal which is transmitted from the first authorization device to the second authorization device, bypassing the execution device.
  • the second authorization device is set up to generate a request signal and to send it via the execution device to the first authorization device and the execution device is adapted to execute a control command based on the request signal in response to an acknowledgment of the request signal by the first authorization device.
  • the provided system comprises a plurality of functionally cooperating components, for example the first authorization device, the second authorization device and the execution device.
  • the first authorization device and the second authorization device may, for example, be present as a mobile terminal, such as a mobile telephone or a portable computer, or may be present as a stationary computer, ie a corresponding desktop computer together with the associated peripherals.
  • the execution device may be provided as a specialized hardware component. It is also possible to integrate the execution device in a special reader or a payment component or to connect them. In particular, it may be advantageous to design the execution device as a server. However, it is also possible to provide the first authorization device, the second authorization device and the execution device in the form of control commands.
  • the components of the provided system can communicate with each other by means of messages or signals.
  • messages can be structured in accordance with specific file formats and, in addition to user data, have further metadata, such as identification data or address data.
  • Signals include any type of electrical signal, which signals may also model messages, or cause messages to generate certain signals.
  • the components described may preferably be set up in such a way that they initiate the execution of further control commands and / or execute them themselves. That's the way it works be advantageous to establish a secure connection between individual components and / or perform a mutual authentication. Furthermore, it may be necessary to exchange network protocol-typical information and / or to transmit confirmations of completed transactions.
  • the execution device is preferably set up to provide the initialization signal on request of the first authorization device.
  • the first authorization device transmits a request message or a request signal to the execution device.
  • the execution device then generates an initialization signal, which may comprise at least parts of the request message or of the request signal and / or may comprise information which is generated as a function of at least part of the request message or of the request signal.
  • the request message or the request signal has parameters with which at least part of the initialization signal is calculated.
  • the initialization signal is transmitted from the first authorization device to the second authorization device.
  • the second authorization device is preferably set up to generate a request signal as a function of the transmitted initialization signal and to transmit this via the execution device to the first authorization device.
  • the second authorization device is further preferably configured to generate a request signal and to transmit this via the execution device to the first authorization device.
  • the second authorization device reads out data from a data memory assigned to it and generates the request signal as a function of the transmitted initialization signal and further data that has been read out.
  • the first authorization device can be a transmission of the request signal from the execution device to the first authorization device. However, it may also be a direct transfer, ie without using the execution device, from the second authorization device to the first authorization device.
  • the execution device modifies at least parts of the request signal, so that only a part of the original request signal is transmitted to the first authorization device.
  • the execution device may be advantageous for the execution device to add further data to the request signal and thus to transmit a changed request signal to the first authorization device.
  • the first authorization device is preferably suitable for confirming the request signal. Confirmation may include comparing the request signal with further data, for example data which is read out of a data memory assigned to the first authorization device.
  • the first authorization device is adapted to output data from a data memory, compare it according to a provided functionality with the received request signal and to calculate a value depending on the result of the comparison. This value may provide information that allows one to determine whether at least portions of the request signal match read data, and / or determine a degree to which the received request signal matches a read value.
  • the result of the confirmation is transmitted to the execution device, which executes the control command or not depending on an evaluation of the same result.
  • the execution device may preferably be set up to execute the control command itself or at least to initiate execution of this control command.
  • the execution device does not execute the control command, but causes it to be executed by another executing unit.
  • a further message exchange can be performed. For example, it is possible to transmit status information from at least one of the above-described components to at least one further of the above-described components and / or to store a corresponding message in a data memory.
  • system logs, message logs, and / or status information in a data store.
  • an exports of the control command trigger further interactions between at least two of the above-described components.
  • the first authorization device and the second authorization device respectively communicate with the execution device by means of a secure connection of a communication network.
  • the first authorization device and the second authorization device are preferably designed in such a way that mutual authentication with respect to the execution device is possible.
  • the initialization signal preferably has a provided value and a random value.
  • the initialization signal can have parameters which, for example, make a process uniquely identifiable and in which the initialization signal metadata and user data can be coded.
  • the initialization signal is generated exactly once within a provided period of time.
  • the signal is uniquely identifiable and thus it can be determined whether a message or a signal is sent multiple times. Furthermore, the initialization signal can thus have a unique certification stamp, on the basis of which further security mechanisms can be implemented.
  • a group of transmission components is provided for transmitting the initialization signal, the group comprising: an air interface, a wired interface, a keyboard, a cradle device, a sensor, a transmitter, a receiver, an imaging device and an image processing device.
  • the request signal has at least a part of the initialization signal and / or at least one further control signal parameter.
  • the request signal can be unambiguously assigned to the initialization signal, parameters can be read from the initialization signal and inserted into the request signal and, in addition, further control command signal parameters, which can describe how a control command is to be executed, be provided.
  • At least one of a group of components is provided to confirm the request signal, the group comprising: an air interface, a wired interface, a keyboard, a cradle, a sensor, a transmitter, a receiver , an imaging device and an image processing device.
  • the first authorization device is arranged to confirm the request signal for providing at least one information of a group of information, the group comprising: a key, a PIN, a password, a numeric string, an alphanumeric string chain, biometric feature, security feature and acknowledgment information.
  • the execution device executes a control command based on the request signal upon a positive confirmation of the request signal and / or causes it to be executed.
  • the execution device has a plurality of execution devices which are set up to exchange at least one information among a group of information, the group comprising: authentication information, confirmation information, request information, status information, a control signal , a control command, a parameter, a message, a numeric string, an alphanumeric string, a PIN and a password.
  • individual execution devices are designed in such a way that mutual authentication can be carried out and / or individual execution devices communicate with one another by means of a secure connection of a communication network.
  • a distributed system according to the present invention can operate message exchange tap-proof and tamper-proof.
  • at least one of the devices is configured as one of a group of devices, comprising: a mobile terminal, a mobile phone, a tablet, a portable computer, a cash register, a cash register system Automat and a server. This has the advantage that conventional hardware components can be used.
  • the system is designed as a payment system, and / or the initialization signal is present as a payment code, and / or a value provided by the initialization signal identifies a payment service provider, and / or one provided by the initialization signal Value identifies a transaction within a limited time period, and / or the execution device uniquely identifies the first authorization device within a limited time window based on a parameter of the initialization signal, and / or the first authorization device exists as a payment service provider technical device and / or the second authorization device is present as a technical device of a payee, and / or the execution device exists as a technical device of a payment service provider.
  • the system is designed as a payment system, and / or the control command signal is present as a payment code, and / or the value provided in the control command signal identifies a payment service provider and / or the control command signal parameter points purchase information, and / or the control command exists as a transaction command, and / or the first authorization device is present as a technical device of a payee, and / or the second auto-trigger device is present as a technical device of a payee, and / or the execution device is present as a technical device of a payment service provider, and / or the first authorization device exists as a control command module, and / or the second authorization device is present as a control command module, and / or the execution device li proposes as a control command module.
  • This has the advantage that the proposed system can be operated as a financial transaction system and embedded in existing infrastructures.
  • the object is likewise achieved by a method for executing a control command based on a request signal based on an initialization signal, wherein upon request of a first authorization device, this device is provided by means of an execution device with an initialization signal which the first authorization device bypasses the execution device a second authorization device is transmitted; the second authorization device generates a request signal which has at least a part of the initialization signal and transmits it via the execution device to the first authorization device; and a provided control command is executed in response to an acknowledgment of the request signal by the first authorization device from the execution device.
  • the method for executing a control command based on a request signal based on an initialization signal is thus a method for executing a control command in response to a request signal and an initialization signal.
  • Basing therefore describes that the control command is executed after specifying an embodiment of a request signal and / or an initialization signal or an embodiment of a request look-up and / or an initialization message.
  • the default may be that the signals or messages provide parameters that influence the execution of the control command.
  • messages or signals may be used as input parameters for such a control command. Based on this, it can also mean that the control command is executed only in the presence of at least part of such a signal or such a message. Furthermore, it is possible to select the control command based on the message or the signal.
  • a method and a system are proposed, which make it possible to execute a provided control command safely or to cause the execution.
  • a transaction system is proposed which can replace existing ones. It provides privacy for the user as the paying user remains completely anonymous to the payee. This allows, for example, the safe, anonymous spontaneous purchase of virtual goods such as music, movies, books, apps and the like.
  • the System is designed so that service providers can implement this by means of suitable interfaces. Thus, money may be transferred from a user of a payment service provider to a user of another payment service provider using the proposed invention.
  • Figure 1 is a block diagram of a system for executing a control command
  • FIG. 2 shows an activity diagram of a method for executing a control command
  • FIG. 3 a detailed activity diagram of a method for carrying out a
  • Figure 4 is a block diagram of a system for executing a control command
  • FIG. 5 a detailed activity diagram of a method for carrying out a
  • FIG. 6 shows a detailed activity diagram of a method for carrying out a
  • Figure 1 is a block diagram of a system S for executing a control command according to an embodiment of the present invention from a provided initialization signal, the system S comprising a first authorization device A, a second authorization device C and an execution device B, the execution device B being arranged; upon request of the first authorization device A of these an initialisation signal, which is transmitted from the first authorization device A, bypassing the execution device B to the second authorization device C.
  • the second authorization device C is set up to generate an interrogation signal and to transmit this via the execution device B to the first authorization device A; and the execution device B is configured to execute a control command based on the request signal in response to an acknowledgment of the request signal by the first authorization device A.
  • a request of the first authorization device A takes place by means of the data channel AB.
  • Providing an initialization signal is carried out according to the present embodiment of the first authorization device A to the execution device B by means of the data channel BA.
  • the first authorization device A transmits the initialization signal bypassing the execution device B to the second authorization provision C by means of the data channel AC.
  • the second authorization device C generates the request signal and transmits it via the execution device B to the first authorization device A by means of the data ka na Is CB and BA.
  • the first authorization device transmits an acknowledgment of the request signal by means of the data channel AB.
  • the above-described data channels can be implemented at least partially wired and / or wirelessly.
  • FIG. 2 shows in an activity diagram a method for executing a control command according to an embodiment of the present invention.
  • an authorization device A this is provided by means of an execution device B an initialization signal, which is transmitted from the first authorization device A, bypassing the execution device B, to a second authorization device C.
  • the second authorization preparation C generates a request signal. which has at least a part of the initialization signal and which is transmitted via the execution device B to the first authorization device A 101.
  • a provided control command is executed 102 in response to an acknowledgment of the request signal by the first authorization device A from the execution device B.
  • FIG. 3 is a detailed activity diagram showing a method of executing a control command according to an embodiment of the present invention.
  • This is on request 200 of a first authorization device A, which by means of an execution device B provides an initialization signal 201, which is transmitted by the first authorization device A, bypassing the execution device B, to a second auto-negotiation device C 202; the second authorization device C generates 203 a request signal having at least a portion of the initialization signal and transmits 204 to the first authorization device A via the device B.
  • a provisioned control command is executed in response to an acknowledgment 205 of the request signal the first authorization device A is executed 206 by the execution device B.
  • the execution of the control command is confirmed to the first authorization device 207 and the second authorization device 208.
  • authentications are possible.
  • the present Figure 4 shows in a block diagram two interacting components D and E as part of a system for executing a control command according to an embodiment of the present invention.
  • a user purchases a good or service from a mobile terminal D
  • component D may exist as a first authorization device and component E as a second authorization device.
  • the component D may also be in the form of a mobile telephone
  • the component E may be in the form of a mobile telephone, a vending machine, a website or a cash register system.
  • FIG. 4 does not show a configuration device, since from the point of view of the user, this only performs a transaction management in the background. Based on this scenario, the invention is explained in more detail with reference to the following sequence:
  • a user has shopped and wants to pay. For this purpose, he uses his mobile phone, so component D. On the device D control commands are executed according to the present invention. The user taps a "Pay" button and receives a unique payment code from his bank. This is done by means of a barcode scanner Cash register system, in this case component E passed. By means of the code that transmits
  • POS system E a payment request to a bank. This forwards the request to him. He confirms the payment with a PIN. The bank makes the payment. The cash register system E and the user of component D each receive a payment confirmation.
  • the process is performed as follows.
  • a shop operates a POS system
  • POS system a customer operates a smartphone.
  • Both devices, POS system and smartphone are registered with a bank and need to authenticate themselves. This allows the use of strong encryption.
  • the customer presses a "Pay" button, the device announces its willingness to pay to the bank and the bank assigns the payment code.
  • the user transmits the payment code to the cash register system, for example by barcode.
  • the POS system sends the payment request to the bank.
  • the bank passes on the payment request to the customer. This confirms the payment with his PIN.
  • the bank executes the payment and sends both partners a payment confirmation.
  • the payment code will be given by the bank for exactly one payment and will only be valid for a few minutes. The user thus expresses his willingness to pay, and the bill reaches the right user. The code also hides the identity of the paying user, making it anonymous. This system makes unauthorized payment requests impossible.
  • the method proceeds as follows.
  • the mobile phone authenticates to the bank.
  • This code is unique, at least within a certain time unit, for example the next 72 hours.
  • the user can display this code as a bar code for a cash register system, for example, or as a QR code, for example, he can be read with a mobile phone camera or in numbers so that he can enter it by hand when, for example, on the Internet buys.
  • the POS system sends the payment request to the bank.
  • the bank forwards this payment request to the user.
  • a separate account in the following Qick Money Transaction account, short QMT account, are established.
  • QMT may also designate the system according to the invention for executing a control command.
  • a customer has a bank account and a QMT account.
  • the QMT account has a low credit balance.
  • this QMT credit determines the credit limit, for example: 100 € credit means 200 € credit limit in 10 days.
  • the QMT service provider collects money from the customer by direct debit.
  • the QMT service provider transfers money to the customers by bank transfer. In this case, a certain inertia is built in, ie a time delay of providing funds to give the payment service providers a security cushion.
  • the payment service providers reconcile your bank accounts on the basis of the shifts on the QMT accounts daily by bank transfer.
  • the money receiver sends the payment request containing a field "minimum age”. If the age of the lender is below the minimum age, the transaction will be rejected. Both users are informed about the age limit violation.
  • an electronic receipt can be used.
  • the payment request contains two fields, “receipt” and “receipt validity”.
  • "Receipt” contains an HTTPS URI such as:
  • FIGS. 5 and 6 each show in a detailed activity diagram a method for executing a control command according to an embodiment of the present invention. First, the technical components employed in the method for executing a control command according to an embodiment of the present invention will be discussed.
  • the payer in short ZL, transfers the means of payment to another participant.
  • the payee, ZE for short receives payment from another participant.
  • the payment service provider, ZDL for short executes the cash transfer.
  • the first and / or the second authorization device may be present as an end user terminal. This device end user terminal is able to establish an encrypted authenticated connection to a system of the ZDL using a defined protocol over a network.
  • the payment-performing ZL has in the present embodiment on the first authorization device A, the payee ZE has the second
  • Execution device B For the authentication of the end-user terminal relative to the ZDL and vice versa, a signature method is used.
  • a signature method is used as concrete examples of devices constituting an end user terminal as described herein.
  • the signature method is capable of optically displaying a defined code or transmitting it electronically to another end user terminal. It can optically detect this code, for example, by electronic means, receive by radio or receive it by a manual input.
  • An end user terminal can be:
  • ZE function may include a ZE function and a ZL function
  • a cash register system is in the possession of the shopkeeper; Only authorized employees who have authenticated themselves by means of a suitable procedure on this system have access to this.
  • the execution device can be present as a payment service provider system, in short ZDLS.
  • the ZDL (ZDLS) system can be programmed using a defined protocol
  • Network to receive an encrypted connection It authenticates to the end user terminal and uniquely identifies the end user terminal. It uniquely assigns an end user terminal to a registered user and accepts requests from it. Furthermore, it is able to perform a transaction between an end user, which is coupled to the own system, and the end user of another ZDL, in that each ZDL acts as a transaction partner on behalf of its end user vis-à-vis the respective other ZDL. However, the necessary data for the execution of the transaction of the final participants are passed.
  • a flow of a payment transaction according to an embodiment of the method for executing a control command according to the present invention may be described as follows. In preparatory method steps, optional authentication steps 50, 51 are advantageous.
  • a participant ie the ZL, for example the customer in a shop, has to express his willingness to pay to his ZDL by means of his end user terminal, for example his suitably equipped mobile phone 52.
  • the ZDL generates a code, for example the payment code, which consists of a predefined value and a random value.
  • the predefined part of the code identifies the ZDL.
  • the payment code is only valid for a limited period of time, for example 10 minutes.
  • the same payment code can be issued only once within a larger time frame, for example 30 days.
  • the system of the ZDL stores the assignment of the payment code to the end user terminal of the ZL and transmits 53 the code to the end user terminal of the ZL.
  • the end user terminal of the ZL brings the code in human and / or
  • Machine-readable form for display or 54 transmits this directly, for example by radio or infrared, to the end user terminal of the ZE.
  • the end-user terminal of the ZE for example the point-of-sale system of the store, receives the code via sensors, for example a bar code scanner, electronic transmission methods or manual input. It generates a payment request, ZA for short, from the data already present, which are entered before the transaction or transmitted by another system, via the monetary demand of the CPU and the payment code, and transmits 55 of these to its ZDL.
  • the further procedure is as follows:
  • the system of the ZDL assigns the payment request to the end user terminal of the ZL and sends it the payment request.
  • the payment request is checked and can be changed if necessary.
  • the ZL is informed by its end user terminal of the content of the payment request, for example by displaying it on a display.
  • the ZL confirms the transaction by entering a secret known only to it, such as PIN or password, at its end user terminal.
  • the confirmation of the transaction is communicated 57 to the end user terminal of the ZL to the system of its ZDL.
  • the system of the ZDL leads the
  • FIG. 58 Transaction of FIG. 58 and sends 59A, 59B, respectively, an acknowledgment of the transaction to the end user terminals of the ZL and the CPU.
  • the transaction is in hindsight by the
  • ZL and ZE are registered at different ZDL, for example B1 and B2, the further sequence is as described in FIG.
  • Method steps according to reference numbers 60 to 64 and 66 are analogous to reference numerals 50 to 55 application.
  • method steps according to reference numbers 68, 69, 611, 612 and 613 are used analogously to the method steps according to reference numbers 56, 57, 58, 59A and 59B.
  • the system of the ZDL assigns the payment request to the ZDL of the ZL.
  • the system of the ZDL of the ZE builds on a data network, for example the Internet, leased line or telephone network, an encrypted connection to the system of the ZDL of the ZL. When connecting, both systems authenticate to each other.
  • the ZDLS of the CPU sends 67 a copy of the payment request to ZDLS of the ZL.
  • the payment request is checked and can be changed if necessary.
  • the ZDLS of the ZL assigns the payment request to the
  • the ZL End user terminal of the ZL and sends him the payment request.
  • the payment request is checked and can be changed if necessary.
  • the ZL is powered by his
  • End User Terminal informed about the content of the payment request, for example by displaying on a display.
  • the ZL confirms 69 the transaction by entering a secret known only to it, for example PIN or password, at its end user terminal.
  • the confirmation of the transaction is sent to the end user terminal of the ZL to the system of its ZDL.
  • ZDL B1 610 sends a payment confirmation to B2.
  • the systems of the ZDL execute the transaction 6 1 and send 612, 613 an acknowledgment of the transaction to the end user terminals of the ZL or the ZE, respectively.
  • the ZE receives credits from his ZDL credited.
  • the ZDL of the ZE receives the means of payment from the ZDL of the ZL.
  • the ZDL of the ZL posts the means of payment directly from the account of the ZL.
  • the transaction can be uniquely identified by the combination of the payment code and the time stamp. All postings that affect this transaction are linked to this information by the ZDLS.
  • Application software for these systems is usually sourced from so-called app stores. The operators check all offered programs for safety.
  • the data of the end user terminal application are also stored in encrypted form. To encrypt and decrypt the data functions / data of the SIM card and / or another hardware component are used, which a third party can not dispose of.
  • the end user terminal application stores several keys. At least one serves to authenticate the system of the ZDL. At least one more will be used to authenticate the end user terminal to the ZDLS. A key is called
  • One-time key for the next session used as ⁇ the connection to the ZDLS.
  • a key is always created for the next session and stored on the end user terminal.
  • At least one key is stored as a user secret mask, for example PIN.
  • the user secret is encrypted with the mask and checked in this form by the ZDLS.
  • the user secret is not transmitted directly and is not stored on the device. Further security aspects arise directly from the payment procedure:
  • ZE and ZL are both known to the ZDL.
  • a transaction must be initiated by the ZL. It communicates directly and exclusively with the ZDL.
  • a payment request can not be submitted without a valid payment code. It is highly unlikely to guess one successfully without attracting attention because the ratio of valid keys to invalid keys is always at least x thousand to one.
  • the ZL remains anonymous to the ZE.
  • the ZE can neither identify the ZL, nor unsolicited further payment request addressed to this.
  • Further safeguards can be implemented on the ZDL system.
  • credit limits, transaction limits and algorithms for detecting irregularities can be implemented.
  • the average person skilled in the art will recognize how the above-described safety mechanisms in the respective embodiments of the proposed system for executing a control command or the method for executing a control command

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

La présente invention concerne un système (S) ainsi qu'un procédé correspondant permettant d'autoriser ou d'exécuter une transaction, par exemple une transaction financière entre un donneur et un récepteur de fonds, indépendamment du lieu et du fournisseur, et concerne en particulier un procédé pour exécuter une instruction de commande prévue. On utilise pour cela en particulier un protocole d'exécution qui peut être appliqué à l'aide d'équipements informatiques classiques. La présente invention peut être mise en œuvre dans le cadre de transactions monétaires et d'opérations de paiement électroniques.
PCT/EP2012/064040 2011-07-18 2012-07-18 Système mobile pour transactions financières Ceased WO2013011043A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE201110079317 DE102011079317A1 (de) 2011-07-18 2011-07-18 Mobiles system für finanztransaktionen
DE102011079317.8 2011-07-18

Publications (1)

Publication Number Publication Date
WO2013011043A1 true WO2013011043A1 (fr) 2013-01-24

Family

ID=46639461

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2012/064040 Ceased WO2013011043A1 (fr) 2011-07-18 2012-07-18 Système mobile pour transactions financières

Country Status (2)

Country Link
DE (1) DE102011079317A1 (fr)
WO (1) WO2013011043A1 (fr)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102013110369A1 (de) * 2013-09-19 2015-03-19 Deutsche Post Ag Verfahren zum Bezahlen an einem Verkaufsautomaten mit einem mobilen Endgerät
DE202015105766U1 (de) 2015-10-29 2015-11-11 Rainer Wegmann Wertkarte und zugehöriges Wertkartensystem
DE102016005662A1 (de) 2016-05-11 2017-11-16 eFonds AG System zur Abwicklung von Finanztransaktionen
DE202016002994U1 (de) 2016-05-11 2016-06-10 eFonds Solutions AG System zur Abwicklung von Finanztransaktionen
AT521646A1 (de) * 2018-08-24 2020-03-15 Res Industrial Systems Engineering Rise Forschungs Entwicklungs Und Grossprojektberatung Gmbh System zum Verarbeiten von Anfragen mobiler Geräte

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1229467A1 (fr) 2001-02-06 2002-08-07 Wincor Nixdorf GmbH & Co KG Système de paiement comportant un dispositif mobile
CA2457263A1 (fr) 2003-02-11 2004-08-11 Bahram Seyed Zahir Azami Systeme facilitant les transactions d'achat par reseau sans fil
EP1450322A1 (fr) 2003-02-21 2004-08-25 Swisscom Mobile AG Méthode et système de paiement
WO2008083022A1 (fr) 2006-12-26 2008-07-10 Visa U.S.A. Inc. Système de paiement mobile et procédé d'utilisation d'alias
WO2009017754A1 (fr) * 2007-07-30 2009-02-05 Ebay Inc. Procédé et système pour un financement dynamique
WO2009070114A1 (fr) * 2007-11-30 2009-06-04 Skycash Sp.Z O.O. Serveur d'émetteur de chèques et système commercial d'un système de paiements de proximité

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102007023003A1 (de) * 2007-05-15 2008-11-20 Norbert Hildebrandt Verfahren zum mobilen Bezahlen sowie Computerprogrammprodukt

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1229467A1 (fr) 2001-02-06 2002-08-07 Wincor Nixdorf GmbH & Co KG Système de paiement comportant un dispositif mobile
CA2457263A1 (fr) 2003-02-11 2004-08-11 Bahram Seyed Zahir Azami Systeme facilitant les transactions d'achat par reseau sans fil
EP1450322A1 (fr) 2003-02-21 2004-08-25 Swisscom Mobile AG Méthode et système de paiement
WO2008083022A1 (fr) 2006-12-26 2008-07-10 Visa U.S.A. Inc. Système de paiement mobile et procédé d'utilisation d'alias
WO2009017754A1 (fr) * 2007-07-30 2009-02-05 Ebay Inc. Procédé et système pour un financement dynamique
WO2009070114A1 (fr) * 2007-11-30 2009-06-04 Skycash Sp.Z O.O. Serveur d'émetteur de chèques et système commercial d'un système de paiements de proximité

Also Published As

Publication number Publication date
DE102011079317A1 (de) 2013-01-24

Similar Documents

Publication Publication Date Title
AT512070B1 (de) Verfahren und vorrichtung zum durchführen von bargeldlosen zahlungen
DE102013104499A1 (de) Sichere Zahlungen mit nicht vertrauenswürdigen Vorrichtungen
EP2528045A1 (fr) Procédé et ordinateur de service ainsi que système d'authentification sans carte
DE102011116489A1 (de) Mobiles Endgerät, Transaktionsterminal und Verfahren zur Durchführung einer Transaktion an einem Transaktionsterminal mittels eines mobilen Endgeräts
EP2817758B1 (fr) Procédé de paiement informatisé
EP2724304A1 (fr) Procédé et dispositif pour effectuer des paiements scripturaux
EP3246865A1 (fr) Procédé et système de transmission de données de transaction par l'intermédiaire d'un réseau de données public
WO2013011043A1 (fr) Système mobile pour transactions financières
EP3014539A1 (fr) Procédé de transaction électronique et système informatique
EP1665184A1 (fr) Procede pour effectuer une transaction electronique
EP3014540A1 (fr) Procédé de transaction électronique et système informatique
WO2013093026A1 (fr) Procédé pour effectuer des paiements authentifiés
EP3319003A1 (fr) Procédé et système d'authentification d'un appareil de télécommunication mobile sur un système informatique de service et appareil de télécommunication mobile
EP3428866A2 (fr) Dispositif de transmission et de traitement de données et procédé de transmission et de traitement de données destinés au paiement d'une marchandise ou d'un service
EP1437668B1 (fr) Procédé pour le paiement de marchandises ou de services sans argent liquide au moyen d'un terminal radio mobile
EP2916252A1 (fr) Procédé de transaction électronique et système informatique
DE102010036037A1 (de) Verfahren zur Durchführung bargeldioser Zahlungstransaktionen und Transaktionsystem zur Durchführung des Verfahrens
DE102011051461B4 (de) Verfahren und System zur sicheren Identifizierung für das Durchführen einer Transaktion an einem Selbstbedienungs-Terminal
EP2696319B1 (fr) Procédé d'autorisation d'une transaction
EP2820600A1 (fr) Libération de transaction authentifiée
EP1274971A2 (fr) Procede de paiement securise de livraisons et de services dans des reseaux ouverts
DE102013000967B4 (de) Verfahren zur Autorisierung einer elektronischen Transaktion
DE10229619A1 (de) Verfahren zur Durchführung eines Zahlungsvorganges
DE102012101091B4 (de) Verfahren und Vorrichtung zur Abwicklung bargeldloser Zahlungstransaktionen
EP3198546A1 (fr) Procédé de transaction

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12743935

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: FESTSTELLUNG EINES RECHTSVERLUSTS NACH REGEL 112(1) EPUE (EPA FORM 1205N VOM 16/05/2014)

122 Ep: pct application non-entry in european phase

Ref document number: 12743935

Country of ref document: EP

Kind code of ref document: A1