WO2014162113A2 - Système de communication sécurisée - Google Patents

Système de communication sécurisée Download PDF

Info

Publication number
WO2014162113A2
WO2014162113A2 PCT/GB2014/051000 GB2014051000W WO2014162113A2 WO 2014162113 A2 WO2014162113 A2 WO 2014162113A2 GB 2014051000 W GB2014051000 W GB 2014051000W WO 2014162113 A2 WO2014162113 A2 WO 2014162113A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
information
party
communication
information identifying
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/GB2014/051000
Other languages
English (en)
Other versions
WO2014162113A3 (fr
Inventor
Andrew William Smith
Mark Earl SEDDON
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CLOUDZYNC Ltd
Original Assignee
CLOUDZYNC Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CLOUDZYNC Ltd filed Critical CLOUDZYNC Ltd
Publication of WO2014162113A2 publication Critical patent/WO2014162113A2/fr
Anticipated expiration legal-status Critical
Publication of WO2014162113A3 publication Critical patent/WO2014162113A3/fr
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce

Definitions

  • a loyalty card is a card associated with a loyalty account. Whenever a consumer that has such a loyalty card makes a purchase at a store having a loyalty scheme with which the card is associated, the consumer's loyalty card is read by a card reader and based on information obtained by the card reader identifying the card and the purchase made, l loyalty points are added to the loyalty account associated with loyalty card. Stores will then often provide vouchers to the consumer associated with the loyalty card, the value of such vouchers depending on the number of points obtained.
  • the financial transaction may be cancelled.
  • An item of the information identifying the device being used by the third party or an item of information identifying the third party using the device may be used as an encryption key for producing the encrypted fingerprint.
  • a PIN code associated with the third party may be used as the encryption key.
  • the communication may comprise information identifying a second user to which the communication is directed.
  • a system is described herein that provides a mechanism for secure communications between two or more parties.
  • the system has various applications, but the system shall initially be described with reference to an exemplary embodiment in which the secure communications system is used for processing of a financial transaction taking place between a user or a consumer and a merchant.
  • the real-time detection checks the validity of both parties, their data, their identifying devices and the authentication of the actual users in the transaction. In addition, the real-time detection checks against the capability of that user to complete the financial transaction, for example by analysing geographic location information.
  • the device must be unique, i.e. there must not be a replicated device on the system.
  • the user must register their loyalty scheme number for a merchant's loyalty scheme in their account on the service provider system 101.
  • the user may perform this by inputting the data via a registered user device.
  • the user could scan a loyalty card using a registered user device.
  • the user account can store electronic vouchers.
  • the user account can be considered an electronic wallet, which has not only a financial account for payments, but also stores vouchers.
  • a copy of the warranty certificate is sent to both the third party server 104 and the user device 102.
  • the warranty can then be stored in the user device 102 by the mobile app, which allows the warranty to be easily accessed at any time.
  • the warranty process is then complete.
  • Another application of the workflow functionality is delivery tracking. If a consumer purchases a product to be delivered, it is common for there to be information available for tracking such a product. When the consumer purchases a product to be delivered, a workflow with a third party delivery company can be set-up to "pull" tracking data into the workflow.
  • the local monitoring system issues basic web requests to the service provider system and monitors the length of time it takes to receive a response.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Finance (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention concerne un procédé, un appareil et un support lisible par un ordinateur permettant d'assurer une communication sécurisée entre une pluralité de parties. Le procédé comprend les étapes consistant à : recevoir, au niveau d'un système d'autorisation, une première communication provenant d'une première partie, la première communication comprenant des informations identifiant une seconde partie à laquelle la première communication est destinée; vérifier, au niveau du système d'autorisation, une identité de la première partie; quand l'identité de la première partie est vérifiée, envoyer, depuis le système d'autorisation, une deuxième communication à la seconde partie en fonction de la première communication; recevoir, au niveau du système d'autorisation, une troisième communication provenant de la seconde partie et délivrée en réponse à la deuxième communication; et vérifier une identité de la seconde partie en réponse à la réception de la troisième communication.
PCT/GB2014/051000 2013-04-03 2014-03-28 Système de communication sécurisée Ceased WO2014162113A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1306016.5A GB2512613A (en) 2013-04-03 2013-04-03 Secure communications system
GB1306016.5 2013-04-03

Publications (2)

Publication Number Publication Date
WO2014162113A2 true WO2014162113A2 (fr) 2014-10-09
WO2014162113A3 WO2014162113A3 (fr) 2015-11-19

Family

ID=48445201

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2014/051000 Ceased WO2014162113A2 (fr) 2013-04-03 2014-03-28 Système de communication sécurisée

Country Status (2)

Country Link
GB (1) GB2512613A (fr)
WO (1) WO2014162113A2 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230085031A1 (en) * 2021-09-16 2023-03-16 Visa International Service Association System, method, and computer program product for secure payment device data storage and access

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12125054B2 (en) 2018-09-25 2024-10-22 Valideck International Corporation System, devices, and methods for acquiring and verifying online information

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5903721A (en) * 1997-03-13 1999-05-11 cha|Technologies Services, Inc. Method and system for secure online transaction processing
JP2002518749A (ja) * 1998-06-19 2002-06-25 プロトックス リミテッド 照合支払いシステム
US8296228B1 (en) * 1999-11-22 2012-10-23 Harry Thomas Kloor Dual transaction authorization system and method
US8087064B1 (en) * 2000-08-31 2011-12-27 Verizon Communications Inc. Security extensions using at least a portion of layer 2 information or bits in the place of layer 2 information
US8260723B2 (en) * 2000-12-01 2012-09-04 Carrott Richard F Transactional security over a network
US20020073027A1 (en) * 2000-12-11 2002-06-13 Hui Helen Shan-Shan Mobile payment system
CA2353308A1 (fr) * 2001-07-18 2003-01-18 Oliver, Jakel Systeme et methode d'execution de transactions electroniques
WO2004047407A1 (fr) * 2002-11-18 2004-06-03 Trusted Network Technologies, Inc. Systemes et dispositifs utilisant des donnees d'identification lors des communications reseau
US8028325B2 (en) * 2005-08-08 2011-09-27 AOL, Inc. Invocation of a third party's service
EP2002388A4 (fr) * 2005-08-22 2012-12-05 Xchange Inc G Procede de paiement d'achats sans liquide ni carte mais par telephone portable
US20070237144A1 (en) * 2006-03-30 2007-10-11 Avaya Technology Llc Transporting authentication information in RTP
US20080120707A1 (en) * 2006-11-22 2008-05-22 Alexander Ramia Systems and methods for authenticating a device by a centralized data server
CA2694926A1 (fr) * 2007-07-13 2009-01-22 Killswitch Systems Inc. Systeme de transactions financieres dote d'une protection contre la fraude fondee sur le positionnement
KR101511805B1 (ko) * 2007-09-11 2015-04-13 엘지전자 주식회사 보안 서명 방법, 보안 인증 방법 및 iptv 시스템
US7979899B2 (en) * 2008-06-02 2011-07-12 Microsoft Corporation Trusted device-specific authentication
CA2778717A1 (fr) * 2009-10-23 2011-04-28 Payment Transaction Services, Inc., D/B/A Capturecode Procede et systeme de traitement de transaction
US20130024366A1 (en) * 2011-07-21 2013-01-24 Ebay, Inc. Merchant initiated payment using consumer device
AU2011213908A1 (en) * 2011-08-26 2013-03-14 The Carapace Limited Improvements in or related to purchasing and/or performing financial transactions using a mobile phone

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230085031A1 (en) * 2021-09-16 2023-03-16 Visa International Service Association System, method, and computer program product for secure payment device data storage and access
US11922407B2 (en) * 2021-09-16 2024-03-05 Visa International Service Association System, method, and computer program product for secure payment device data storage and access

Also Published As

Publication number Publication date
GB201306016D0 (en) 2013-05-15
WO2014162113A3 (fr) 2015-11-19
GB2512613A (en) 2014-10-08

Similar Documents

Publication Publication Date Title
US12045806B1 (en) Sending secure proxy elements with mobile wallets
US12373815B2 (en) Systems and methods for secure communications utilizing gateway servers
US12074974B2 (en) Method and system for access token processing
US11763275B2 (en) System and method for cryptocurrency point of sale
CN109074578B (zh) 用于执行推送交易的系统和方法
US9852479B2 (en) Mechanism for reputation feedback based on real time interaction
US8856043B2 (en) Method and system for managing data and enabling payment transactions between multiple entities
US11580524B2 (en) Automated digital method and system of providing or sharing access
US20170236113A1 (en) Authentication systems and methods using location matching
US20170200155A1 (en) Generating and sending encrypted payment data messages between computing devices to effect a transfer of funds
US20120028612A1 (en) Method and system for verifying an identification of a person
WO2015107442A1 (fr) Systèmes et procédés d'émission de cartes de paiement mobile par réseau de communication mobile et dispositifs connectés à internet
JP2013105490A (ja) セルフサービス端末装置トランザクション
CN112308555B (zh) 远程交易系统、方法和销售点终端
EP3616111B1 (fr) Système et procédé permettant de générer des justificatifs d'accès
US20150154584A1 (en) System to enable electronic payments with mobile telephones without risk of any fraud
CN114787845A (zh) 利用密码的计划交互
US20200294045A1 (en) Interaction processing system and method
WO2014162113A2 (fr) Système de communication sécurisée
GB2512616A (en) Resource control system
WO2014162114A1 (fr) Système de traitement de contenu
WO2014162116A1 (fr) Canal de communication sécurisé
KR101596434B1 (ko) 결제정보 분리를 이용한 온라인 전자금융거래 인증방법
WO2014162115A1 (fr) Système d'acheminement de communications
Bosamia et al. Past to present overview of mobile wallet payments architectures to compare and identify overall participants

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14716377

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14716377

Country of ref document: EP

Kind code of ref document: A2