WO2017118923A1 - Procédés et dispositifs permettant une authentification d'une carte de paiement électronique au moyen de jetons électroniques - Google Patents

Procédés et dispositifs permettant une authentification d'une carte de paiement électronique au moyen de jetons électroniques Download PDF

Info

Publication number
WO2017118923A1
WO2017118923A1 PCT/IB2017/050016 IB2017050016W WO2017118923A1 WO 2017118923 A1 WO2017118923 A1 WO 2017118923A1 IB 2017050016 W IB2017050016 W IB 2017050016W WO 2017118923 A1 WO2017118923 A1 WO 2017118923A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic
payment card
electronic payment
communication link
token
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/IB2017/050016
Other languages
English (en)
Inventor
Manish Kumar Jain
Gaurav Goyal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
COMVIVA TECHNOLOGIES Ltd
Comviva Tech Ltd
Original Assignee
COMVIVA TECHNOLOGIES Ltd
Comviva Tech Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by COMVIVA TECHNOLOGIES Ltd, Comviva Tech Ltd filed Critical COMVIVA TECHNOLOGIES Ltd
Publication of WO2017118923A1 publication Critical patent/WO2017118923A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3672Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes initialising or reloading thereof
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the invention generally relates to financial transaction authentication. More particularly, the invention relates to authentication of a contactless card.
  • proximity based payment or contactless payment has gained wide popularity in addition to Europay, MasterCard, and Visa (EMV) based payments.
  • Example of such contactless payment includes near filed communication (NFC) based payments and radio frequency identification (RFID) based payments.
  • NFC near filed communication
  • RFID radio frequency identification
  • cards such as credit card or debit card have secure elements or chips and are dipped into a reading device.
  • authentication information such PIN is provided onto the card-reading device.
  • a reader device reads information from the card having the secure element when the card is in close proximity with the reader device over short-range wireless communication.
  • the cards can be read without a physical contact between the reader device and the contactless card, sharing of confidential authentication information such PIN and CVV number is not required during a transaction.
  • the information from card having the secure element (hereinafter referred to as electronic payment card) can be stolen using a malicious hardware/software component in the reader device.
  • the reader device is authenticated prior to reading information from the electronic payment card.
  • such authentication fails to prevent unauthorized transactions if the electronic payment card is stolen or lost.
  • such unauthorized transactions are identified after the unauthorized transactions are processed completely and successfully. Consequently, a user of the electronic payment card is left with very few options such as hot-listing the card and destroying the electronic payment card.
  • a one-time password is generated during the transaction and sent to a mobile device associated with the electronic payment card.
  • OTP is provided to the reader device.
  • the transaction is completed only if the OTP sent to the mobile device matches with the OTP provided to the reader device.
  • this technique fails when the mobile phone is cloned.
  • a set of OTPs are generated by a server and transmitted to the electronic payment card via the mobile device associated with the electronic payment card.
  • the set of OTPs are then stored in the electronic payment card and used during authentication process.
  • the set of OTPs fail to prevent unauthorized transactions if the electronic payment card is stolen.
  • token in form of a QR code is generated by a server and transmitted to the mobile device prior to transaction. During transaction, the token is transmitted to a merchant reader device and the transaction is completed if the token matches with the generated token.
  • such technique fails if the mobile phone is cloned.
  • a server maintains a mapping of the electronic payment card and dynamic security code, and sends a first security code to the mobile device.
  • the first security code present in the mobile device is provided.
  • the first security code is replaced with a second security code.
  • the second security code is then sent to the mobile device for authenticating subsequent transaction.
  • the second security code is sent when the mobile device is within a predefined range with the electronic payment card.
  • the server continually attempts to send the second security code until the second security code is successfully sent.
  • the server attempts to send the second security code only once. However, in this technique, such security code is visible and the chances of stealing the security code is high.
  • the present invention as embodied and broadly described herein, provides for enhancing security of electronic payment card in a payment network.
  • electronic payment card requests for an electronic token or e-token from a mobile device via a first communication link.
  • the electronic payment card can be chip card or smart card having a secure element or chip.
  • the first communication link is a proximity based communication link available between the mobile device and the electronic payment card.
  • the request can be provided via various methods such as tapping the electronic payment card on the mobile device, touching the electronic payment card on the mobile device, and sweeping the electronic payment card over the mobile device.
  • the mobile device upon receiving the request, transmits the request to a server via a second communication link.
  • the second communication link is one of a data communication link and a non-data communication link available between the mobile device and the server.
  • the server Upon receiving the request, the server generates an electronic token including time period indicating validity of the electronic token and transmits to the mobile device via the second communication link.
  • the server saves a copy of the electronic token including the time period in a database.
  • the mobile device then further transmits the electronic token to the electronic payment card via the second communication link such that the electronic payment card is authenticated based on a validity of the electronic token.
  • the mobile device upon receiving the request, the mobile device generates an electronic token including time period indicating validity of the electronic token. The mobile device then transmits the electronic token including the time period to the electronic payment card via the first communication link. In addition, the mobile device saves a copy of the electronic token including the time period in a memory. In yet another embodiment, the mobile device transmits a copy of the electronic token including the time period to the server via the second communication link. The server then stores the copy of the electronic token including the time period in the database.
  • the server receives the stored electronic token from the electronic payment card.
  • the server authenticates the electronic payment card by comparing with a copy of the electronic token associated with the electronic payment card.
  • the server obtains the copy of the electronic token corresponding to the electronic payment card from a database.
  • the server obtains the copy of the electronic token corresponding to the electronic payment card from the mobile device associated with the electronic payment card.
  • the server authenticates the electronic payment card based on at least one of: validity of the copy of electronic token; comparison of the electronic token in the second request with the copy of electronic token; and time period indicated in the copy of electronic token.
  • the advantages of the invention include, but not limited to, enhanced security of the electronic payment cards by saving an electronic token, which is valid for a limited period, in the electronic payment card.
  • an electronic token which is valid for a limited period
  • the security of the electronic payment card is greatly increased. This eliminates the chances of unauthorized transactions with the electronic payment card since an invalid token will prevent the completion of the transaction.
  • the electronic token is transmitted only upon receiving the request from the electronic payment card when the electronic payment card is in close proximity with the mobile device. The request can be received via various methods such as by way of tapping the electronic payment card on the mobile device, touching the electronic payment card on the mobile device and sweeping the electronic payment card over the mobile device. This further eliminates the chances of stealing the electronic token using a malicious device or software as the electronic payment card has to be in close proximity with the mobile device for receiving the electronic token.
  • two-step security verification is provided during a transaction. Accordingly, in the first step verification, a determination is made if an electronic token is received from the electronic payment card. The transaction is prevented if the electronic token is not received. However, if the electronic token is received, second step verification is performed. In second step verification, a copy of electronic token associated with the electronic payment card is obtained. The transaction is allowed if the copy of electronic token is valid or time period indicated in the copy of electronic token is current with respect to the electronic token or the received electronic token matches with the copy of electronic token. As such, the security of the electronic payment card is greatly enhanced.
  • FIGS la & lb illustrate an exemplary method implemented by a server for communicating electronic token to an electronic payment card, in accordance with an embodiment of present invention.
  • FIG. 2 illustrates an exemplary method implemented by a mobile device for communicating electronic token to an electronic payment card, in accordance with an embodiment of present invention.
  • FIGS. 3a & 3b illustrate an exemplary method implemented by a mobile device for communicating electronic token to an electronic payment card, in accordance with another embodiment of present invention.
  • Figure 4 illustrates an exemplary server communicating electronic token to an electronic payment card, in accordance with an embodiment of present invention.
  • Figure 5 illustrates an exemplary mobile device communicating electronic token to an electronic payment card, in accordance with an embodiment of present invention.
  • Figure 6 schematically illustrates an exemplary payment networked environment that implements a mobile device and a server for communicating electronic token to an electronic payment card, in accordance with an embodiment of the present invention.
  • Figure 7 illustrates a flow diagram for communicating electronic token to an electronic payment card by a server, in accordance with an embodiment of present invention.
  • Figure 8 illustrates a flow diagram for communicating electronic token to an electronic payment card by a mobile device, in accordance with an embodiment of present invention.
  • Figure 9 illustrates a flow diagram for authentication of an electronic payment card in respect of a transaction, in accordance with an embodiment of present invention.
  • one or more particular features and/or elements described in connection with one or more embodiments may be found in one embodiment, or may be found in more than one embodiment, or may be found in all embodiments, or may be found in no embodiments.
  • one or more features and/or elements may be described herein in the context of only a single embodiment, or alternatively in the context of more than one embodiment, or further alternatively in the context of all embodiments, the features and/or elements may instead be provided separately or in any appropriate combination or not at all.
  • any features and/or elements described in the context of separate embodiments may alternatively be realized as existing together in the context of a single embodiment.
  • FIGs la & lb illustrate an exemplary method (100) implemented by a server for communicating electronic token to an electronic payment card, in accordance with an embodiment of present invention.
  • a first request for an electronic token is received from a mobile device associated with the electronic payment card via a first communication link.
  • the first request is received in response to a prior request for electronic token received from the electronic payment card by the mobile device via a second communication link when the electronic payment card is in close proximity with the mobile device.
  • an electronic token including a time period indicating a validity of the electronic token is generated.
  • the electronic token is associated with the electronic payment card, wherein the electronic token is adapted to be stored in a memory of the electronic payment card.
  • the electronic token is transmitted to the mobile device via the first communication.
  • the electronic token is further transmitted to the electronic payment card by the mobile device via the second communication link and is saved in the memory of the electronic payment card, such that the electronic payment card is authenticated based on a validity of the electronic token.
  • the electronic payment card is one of: a credit card, a debit card, an automated teller machine (ATM) card, a fleet card, stored-value card, prepaid card, and a gift card.
  • ATM automated teller machine
  • the first communication link is independent of the second communication link, the first communication link being one of a data communication link and a non-data communication link available between the mobile device and the server, and the second communication link being a proximity based communication link available between the mobile device and the electronic payment card.
  • the first request is received via an application available in a memory of the mobile device over the first communication link.
  • the prior request for electronic token is received from the electronic payment card by the application via the second communication link.
  • the electronic token is an encrypted key of configurable length.
  • a copy of the electronic token associated with the electronic payment card is stored in a database.
  • a second request to authenticate the electronic payment card in respect of a transaction initiated using the electronic payment card is received from a designated intermediary device.
  • step (107) availability of an electronic token in the second request is determined.
  • the electronic token is being sent by the electronic payment card to the designated intermediary device.
  • step (108) upon determination, a copy of an electronic token associated with the electronic payment card is obtained.
  • a response to the mobile device associated with the electronic payment card and the designated intermediary device is transmitted based on at least one of: validity of the copy of electronic token; comparison of the electronic token in the second request with the copy of electronic token; and time period indicated in the copy of electronic token.
  • the copy of the electronic token associated with the electronic payment card is obtained from a database, the database being adapted to store the copy of the electronic token.
  • FIG. 1 illustrates an exemplary method (200) implemented by a mobile device for communicating electronic token to an electronic payment card, in accordance with an embodiment of present invention.
  • a first request for an electronic token from an electronic payment card associated with the mobile device is received via a first communication link. The first request is received in when the electronic payment card is in close proximity with the mobile device.
  • an electronic token including a time period indicating a validity of the electronic token is generated.
  • the electronic token is associated with the electronic payment card, wherein the electronic token is adapted to be stored in a memory of the electronic payment card.
  • the electronic token is transmitted to the electronic payment card via the first communication link such that electronic token is stored in the memory of the electronic payment card.
  • a copy of the electronic token is transmitted to a server via a second communication link, such that the server based on a validity of the electronic token authenticates the electronic payment card.
  • the electronic payment card is one of: a credit card, a debit card, an automated teller machine (ATM) card, a fleet card, stored-value card, prepaid card, and a gift card.
  • ATM automated teller machine
  • the first request is received through an application available in the memory of the mobile device via the first communication link.
  • the first communication link is independent of the second communication link, the first communication link being a proximity based communication link available between the mobile device and the electronic payment card, and the second communication link being one of a data communication link and a non-data communication link available between the mobile device and the server.
  • the electronic token is a encrypted key of configurable length.
  • response from the server is received through the application via the second communication link based on at least one of: validity of the copy of electronic token; comparison of an electronic token received in the second request with the copy of electronic token, the electronic token being sent by the electronic payment card to the server; and time period indicated in the copy of electronic token.
  • FIGS 3a & 3b illustrate an exemplary method (300) implemented by a mobile device for communicating electronic token to an electronic payment card, in accordance with another embodiment of present invention.
  • a first request for an electronic token is received from the electronic payment card associated with the mobile device via a first communication link.
  • the first request is received in when the electronic payment card is in close proximity with the mobile device.
  • the electronic token including a time period indicating a validity of the electronic token is generated.
  • the electronic token is associated with the electronic payment card, wherein the electronic token is adapted to be stored in a memory of the electronic payment card.
  • a copy of the electronic token associated with the electronic payment card is stored in a memory.
  • the electronic token is transmitted to the electronic payment card via the first communication link such that electronic token is stored in the memory of the electronic payment card, wherein the electronic payment card is authenticated based on a validity of the electronic token.
  • the first request is received through an application available in the memory of the mobile device via the first communication link.
  • a second request for an electronic token associated with the electronic payment card is received from a server through an application via a second communication link.
  • the second request corresponding to authentication of the electronic payment card in respect of a transaction initiated using the electronic payment card.
  • a copy of the electronic token associated with the electronic payment card is fetched from a memory.
  • the copy of the electronic token associated with the electronic payment card is transmitted to the server through the application via the second communication link.
  • a response is received from the server based on at least one of: validity of the copy of electronic token; comparison of an electronic token received in the second request with the copy of electronic token, the electronic token being sent by the electronic payment card to the server; and time period indicated in the copy of electronic token.
  • the response is received through the application via the second communication link.
  • the first communication link is independent of the second communication link, the first communication link being a proximity based communication link available between the mobile device and the electronic payment card, and the second communication link being one of a data communication link and a non-data communication link available between the mobile device and the server.
  • FIG 4 illustrates an exemplary server (400) communicating electronic token to an electronic payment card, in accordance with an embodiment of present invention.
  • the server (400) is capable of implementing the methods as described with reference to preceding Figures la and lb.
  • the server (400) comprises a first receiving unit (401) adapted to receive, in respect of the electronic payment card, a first request for an electronic token from a mobile device associated with the electronic payment card via a first communication link.
  • the first request is received in response to a prior request for electronic token received from the electronic payment card by the mobile device via a second communication link when the electronic payment card is in close proximity with the mobile device.
  • the first communication link is independent of the second communication link.
  • the first communication link is one of a data communication link and a non-data communication link available between the mobile device and the server.
  • the second communication link being a proximity based communication link available between the mobile device and the electronic payment card.
  • the electronic payment card is one of: a credit card, a debit card, an automated teller machine (ATM) card, a fleet card, stored-value card, prepaid card, and a gift card.
  • the server (400) further comprises a processing unit (402) coupled to the first receiving unit (401) and adapted to generate an electronic token including a time period indicating a validity of the electronic token.
  • the electronic token is an encrypted key of configurable length.
  • the processing unit (402) is further adapted to associate the electronic token with the electronic payment card, wherein the electronic token is adapted to be stored in a memory of the electronic payment card.
  • the processing unit (402) is further adapted to stores a copy of the electronic token associated with the electronic payment card in a database (404) communicatively coupled to the server (400).
  • the server (400) further comprises a transmitting unit (403) coupled to the processing unit (402).
  • the transmitting unit (403) is adapted to transmit the electronic token to the mobile device via the first communication link.
  • the electronic token is then further transmitted to the electronic payment card by the mobile device via the second communication link and is saved in the memory of the electronic payment card, such that the electronic payment card is authenticated based on a validity of the electronic token.
  • the server (400) further comprises a second receiving unit (405) coupled to the processing unit (402).
  • the second receiving unit (405) is adapted to receive, from a designated intermediary device, a second request to authenticate the electronic payment card in respect of a transaction initiated using the electronic payment card.
  • the server (400) further comprises an analysis unit (406) coupled to the second receiving unit (405).
  • the analysis unit (406) is adapted to determine availability of an electronic token in the second request, the electronic token being sent by the electronic payment card to the designated intermediary device. Upon determining, the analysis unit (406) is further adapted to obtain a copy of an electronic token associated with the electronic payment card.
  • the analysis unit (406) obtains a copy of the electronic token associated with the electronic payment card from the database (404), which stores the copy of the electronic token Thereafter, the analysis unit (406) is further adapted to transmit a response to the mobile device associated with the electronic payment card and the designated intermediary device.
  • the analysis unit (406) provides the response based on at least one of: validity of the copy of electronic token; comparison of the electronic token in the second request with the copy of electronic token; and time period indicated in the copy of electronic token. Accordingly, the server (400) further comprises a message generating unit (407) adapted to generate the response based on the validation.
  • the analysis unit (406) is further adapted to set the copy of electronic token as invalid for further request to authenticate the electronic payment card in respect of one or more further transactions initiated using the electronic payment card.
  • the server (400) may include a memory (408) adapted to store the outputs of each of the previously mentioned units.
  • the server (400) may include a bus system (not shown in the figure) for enabling communication between the various units, and communication interface (not shown in the figure) and network interface unit (not shown in the figure) for receiving inputs over one or more different networks. Further, it would be understood that in one embodiment the above-mentioned functions of various units can be performed by a single unit.
  • the processing unit (402) may include various hardware modules/units/components or software modules or a combination of hardware and software modules as necessary for implementing the invention. Further, the analysis unit (406) may be implemented using hardware components or software components or combination of both. In one embodiment, the analysis unit (406) and the processing unit (402 may form a single unit/module.
  • server (400) Although specific hardware components have been depicted in reference to the server (400), it is to be understood that the server (400) and the various components therein may include other hardware components and/or software components as known in the art for performing necessary functions.
  • Figure 5 illustrates an exemplary mobile device (500) communicating electronic token to an electronic payment card, in accordance with an embodiment of present invention.
  • the mobile device (500) is capable of implementing the methods as described with reference to preceding Figures 2, 3 a, and 3b
  • the mobile device (500) comprises a first receiving unit (501) adapted to receive a first request for an electronic token from an electronic payment card associated with the mobile device (500) via a first communication link.
  • the first request is received when the electronic payment card is in close proximity with the mobile device.
  • the first communication link is a proximity based communication link available between the mobile device and the electronic payment card.
  • the electronic payment card is one of: a credit card, a debit card, an automated teller machine (ATM) card, a fleet card, stored- value card, prepaid card, and a gift card.
  • ATM automated teller machine
  • the mobile device (500) further comprises a processing unit (502) coupled to the first receiving unit (501).
  • the processing unit (502) is adapted to generate an electronic token including a time period indicating a validity of the electronic token.
  • the processing unit (502) is further adapted to associate the electronic token with the electronic payment card, wherein the electronic token is adapted to be stored in a memory of the electronic payment card.
  • the electronic token is an encrypted key of configurable length.
  • the mobile device (500) further comprises a transmitting unit (503) coupled to the processing unit (502).
  • the transmitting unit (503) is adapted to transmit the electronic token to the electronic payment card via the first communication link such that electronic token is stored in the memory of the electronic payment card (605). Further, the transmitting unit (503) is adapted to transmit a copy of the electronic token to a server via a second communication link, such that the server based on a validity of the electronic token authenticates the electronic payment card.
  • the first communication link is independent of the second communication link.
  • the first communication link is a proximity based communication link available between the mobile device and the electronic payment card.
  • the second communication link is one of a data communication link and a non-data communication link available between the mobile device (500) and the server.
  • the mobile device (500) further includes a memory (504).
  • the memory (504) includes an application (505) adapted to receive the first request from the electronic payment card via the first communication link.
  • the mobile device (500) further includes a second receiving unit (506) adapted to receive response from the server.
  • the server provides the response based on at least one of: validity of the copy of electronic token; comparison of an electronic token received in the second request with the copy of electronic token, the electronic token being sent by the electronic payment card to the server; and time period indicated in the copy of electronic token.
  • the second receiving unit (506) is adapted to receive the response through the application (505) via the second communication link.
  • the processing unit (502) upon generating the electronic token, stores a copy of the electronic token (507) in the memory (504).
  • the transmitting unit (503) excludes transmitting the copy of the electronic token to the server via the second communication link.
  • the transmitting unit (503) only transmits the electronic token to the electronic payment card after the processing unit (502) generates the electronic token.
  • the second receiving unit (506) is further adapted to receive, through the application (505) via the second communication link, a second request for an electronic token associated with the electronic payment card from a server.
  • the second request corresponding to authentication of the electronic payment card in respect of a transaction initiated using the electronic payment card.
  • the processing unit (502) fetches a copy of the electronic token (507) associated with the electronic payment card from the memory (504).
  • the transmitting unit (503) is further adapted to transmit, through the application (505) via the second communication link, the copy of the electronic token associated with the electronic payment card to the server. Thereafter, the second receiving unit (506) receives response from the server.
  • the server provides the response based on at least one of: validity of the copy of electronic token; comparison of an electronic token received in the second request with the copy of electronic token, the electronic token being sent by the electronic payment card to the server; and time period indicated in the copy of electronic token.
  • the second receiving unit (506) receives the response through the application (505) via the second communication link.
  • FIG. 6 schematically illustrates an exemplary payment networked environment (600) that implements the mobile device (500) and the server (400) for communicating electronic token to an electronic payment card, in accordance with an embodiment of the present invention.
  • the payment networked environment (600) includes a plurality of issuer systems (601-1, 601-2, ...601-N), (hereinafter referred to as issuer system (601) indicating one issuer system and issuer systems (601) indicating a plurality of issuer systems) corresponding to plurality of issuers such as banks and merchants.
  • issuer system 601 indicating one issuer system
  • issuer systems 601 indicating a plurality of issuer systems
  • the issuers among various other services, issue one or more electronic payment cards to a user for conducting financial transactions such as purchase transactions and banking transactions.
  • Examples of the issuer systems (601) include systems employed by banks and merchants.
  • the issuer systems (601) are communicatively coupled with the server (400) over a network (602).
  • the issuer systems (601) are registered with the server (400).
  • Examples of the network (602) include wireless network, wired network, and cloud based network.
  • the network environment (600) includes a plurality of point of transaction (POT) systems (603-1, 603-2, ...603-N), (hereinafter referred to as POT system (603) indicating one POT system and POT systems (603) indicating a plurality of POT systems).
  • POT system (603) enables the user to perform financial transactions using the one or more electronic payment cards issued to the user by the issuers. Examples of the POT system (603) include point of sale (POS) systems and automated teller machines (ATMs), where the user engages in a financial transaction.
  • the POT systems (603) are communicatively coupled with issuer systems (601) over the network (602). Further, the POT systems (603) may be coupled with other systems (not shown in the figure) such as inventory systems, catalogue systems, customer relationship management (CRM) system, and bill processing systems, as well as third party systems over the network (602).
  • CCM customer relationship management
  • the server (400) is coupled with the mobile device (500) over a first communication link (604).
  • Examples of the first communication link (604) include data communication link and non-data communication link.
  • the server (400) provides various services to users for managing their financial equipment such as electronic payment cards.
  • Examples of the electronic payment cards include a credit card, a debit card, an automated teller machine (ATM) card, a fleet card, stored-value card, prepaid card, and a gift card.
  • One such service includes authentication of electronic payment cards to enhance their security.
  • a user registers with the server (400) via the application (505) installed in the mobile device (500). In one example, the user downloads the application (505) from the server (400) onto the mobile device (500).
  • the application (505) is preinstalled on the mobile device (500) at the time of manufacturing.
  • the registration of the user includes registration of a mobile number or Mobile Station International Subscriber Directory Number (MSISDN) of the mobile device (500) with the server (400) along with details of the user such as name and address.
  • MSISDN Mobile Station International Subscriber Directory Number
  • the server (400) stores the details in the database (404).
  • the server (400) may perform validation of the user during registration.
  • the validation may be performed using methods known in the art, such as transmitting one-time password (OTP), captcha, and requesting for other user-details.
  • OTP one-time password
  • captcha captcha
  • requesting for other user-details e.g., requesting for other user-details.
  • OTP one-time password
  • an encryption technique is agreed between the server (400) and mobile device (500). Accordingly, details of the encryption technique are saved with the application (505).
  • the user Upon registering with the server (400), the user registers one or more electronic payment cards (605-1, 605-2, ...605-N) (hereinafter referred to as electronic payment card (605) indicating one electronic payment card and electronic payment cards (605) indicating a plurality of electronic payment cards) with the server (400) via the application (505).
  • electronic payment card (605) indicating one electronic payment card
  • the association of the one or more electronic payment cards (605) may include providing details of the associated electronic payment card (605) and the corresponding issuer issuing the associated electronic payment card (605). Thereafter the association is performed as known in the art.
  • the association includes mapping the details of the associated electronic payment card (605) with the corresponding issuer and the MSISDN of the mobile device (500).
  • the MSISDN of the mobile device (500) is same as registered with the issuer of the electronic payment card (605).
  • the server (400) then stores the details of the associated electronic payment cards
  • a flag is set to indicate the association of the electronic payment cards (605).
  • the server (400) shares association details with the issuer systems (601) of the corresponding issuers. The association details are indicative that the server (400) will perform authentication of the associated electronic payment cards (605).
  • the server (400) shares information regarding the setting of the flag for each of the associated electronic payment cards (605) with the issuer systems (601) of the corresponding issuer of the associated electronic payment card (605).
  • the issuer systems (601) save the association details in a database (not shown in the figure).
  • the issuer system (601) saves a list of associated electronic payment cards (605) along with the flag details in the database.
  • the issuer system (601) sends a validation request to the server (400) based on the association details, as will be described in subsequent Figures and paragraphs.
  • the electronic payment card (605) includes a secure element (606), such as a chip, embedded within the electronic payment card (605).
  • the electronic payment card (605) can be a chip card or a smart card.
  • the secure element (606) is adapted to use short range wireless communication for secure data communication. Examples of the short range wireless include, but not limited to, Wireless Fidelity (Wi-Fi), Near Field Communication (NFC), Bluetooth, Bluetooth Low Energy (BLE), Zigbee, Wi-Fi Direct (WFD), and Ultra Wideband (UWB).
  • the secure element (606) includes various components (not shown in the figure) such as a power supply module, short range wireless communication module, memory module, a processing unit, and a communication bus system.
  • the memory module stores details of the electronic payment card (605) such as account number, user identification details, user verification number, account balance information, and transaction record information.
  • the short range wireless communication module is a NFC sensor, which may further include a transceiver module and an antenna module. The short range wireless communication sensor enables communication of such data when the electronic payment card (605) is in proximity with short range wireless communication enabled devices.
  • the mobile device (500) and the electronic payment card (605) are communicatively coupled with each other via a second communication link (607).
  • the second communication link (606) is a proximity based communication link, and therefore is independent of the first communication link (604) available between the mobile deice (500) and the server (400).
  • Examples of the proximity based communication link include, but not limited to, Wireless Fidelity (Wi-Fi), Near Field Communication (NFC), Bluetooth, Bluetooth Low Energy (BLE), Zigbee, Wi-Fi Direct (WFD), and Ultra Wideband (UWB).
  • the mobile device (500) includes an electronic payment module (not shown in the figure), which is adapted to use proximity based communication protocols for secure data communication.
  • the electronic payment module is pre-installed in the mobile device (500) by a manufacturer of the mobile device (500).
  • the electronic payment module is adapted to communicate with the secure element (606) of the electronic payment card (605) via the second communication link (607) when the electronic payment card (605) is in close proximity to the mobile device (400).
  • the communication with the secure element (606) is enabled when the electronic payment card (605) and the mobile device (500) are within a predefined range.
  • the electronic payment module can be implemented with the first receiving unit (501) for receiving input and can also be implemented with the transmitting unit (503) for transmitting output via the a second communication link (607).
  • the electronic payment card (605) interacts with the POT system (603) when a financial transaction is initiated using the electronic payment card (605) by the user. Examples of the transaction include banking transaction at ATM and purchase transaction at POS system.
  • the electronic payment card (605) interacts with the POT system (603) via the second communication link (607).
  • the secure element (606) transmits details of the electronic payment card (605) such as card number, card validity period, and issuer name, to the POT system (603) via the second communication link (607).
  • the electronic payment card (605) interacts with the POT system (603) by way of physical contact such as inserting or dipping the electronic payment card (605) interacts in the POT system (603).
  • Figure 7 illustrates the operations (700) performed by the server (400) to transmit an electronic token to the electronic payment card (605), in accordance with an embodiment of present invention.
  • the user sends a request for an electronic token to the mobile device (500).
  • the user sends the request through the electronic payment card (605) via the second communication link (607) when the electronic payment card (605) is in close proximity to the mobile device.
  • the user can tap the electronic payment card (605) on the mobile device (500).
  • the user can sweep the electronic payment card (605) on the mobile device (500).
  • the user can touch the electronic payment card (605) on the mobile device (500).
  • the secure element (606) of the electronic payment card (605) communicates with the first receiving unit (501) over the second communication link (607) and transmits the request via to electronic payment module.
  • the request includes an identifier indicating generation of electronic token and details of the electronic payment card (605) such as card number.
  • the electronic payment module forwards the request to the application (505) based on the identifier.
  • the second receiving unit (506) sends the request to the server (400) through the application (505) via the first communication link (604).
  • the request includes details of the electronic payment card (605) such as card number and mobile number.
  • the first receiving unit (401) of the server (400) receives the request.
  • the processing unit (402) Upon receiving the request, the processing unit (402) generates an electronic token.
  • the electronic token is generated using techniques known in the art.
  • the electronic token is an encrypted key of configurable length. In one aspect, the length is changed periodically to enhance the security. Further, the key includes alphanumerical characters and is generated using methods known in the art.
  • the key is encrypted using the encryption technique pre- agreed with the mobile de vice (500).
  • the electronic token includes a time period indicating a validity of the electronic token.
  • the time period is predetermined and is of very short duration comprising of few seconds. In an example, the predetermined duration is 20 seconds.
  • the time period is determined from the time of generation of the electronic token. Thus, the electronic token gets invalidated upon expiry of the time period.
  • the processing unit (402) Upon generating the electronic token, the processing unit (402) associates the electronic token with the electronic payment card (605). In an example, the processing unit (402) associates the electronic token by mapping the electronic token with the card number as received in the request from the application (505).
  • the processing unit (402) saves a copy of the electronic token in the database (404) along with the association details.
  • the transmitting unit (403) transmits the generated electronic token including the time period to the mobile device (500) via the first communication link (604).
  • the application (505) transmits the generated electronic token to the electronic payment card (605).
  • the second receiving unit (506) receives the generated electronic token through the application (505) via the first communication link (604).
  • the application (505) transmits the generated electronic token to the contactless module.
  • the transmitting unit (503) then transmits the generated electronic token including the time period to the electronic payment card (605) via the second communication link (607).
  • the secure element (606) stores the generated electronic token including the time period in the memory.
  • Figure 8 illustrates the operations (800) performed by the mobile device (500) to transmit an electronic token to the electronic payment card (605), in accordance with another embodiment of present invention.
  • the user sends a request for an electronic token to the mobile device (500).
  • the user sends the request through the electronic payment card (605) via the second communication link (607) when the electronic payment card (605) is in close proximity to the mobile device.
  • the user can tap the electronic payment card (605) on the mobile device (500).
  • the user can sweep the electronic payment card (605) on the mobile device (500).
  • the user can touch the electronic payment card (605) on the mobile device (500).
  • the secure element (606) of the electronic payment card (605) communicates with the first receiving unit (501) over the second communication link (607) and transmits the request to the electronic payment module.
  • the request includes an identifier indicating generation of electronic token and details of the electronic payment card (605) such as card number. As would be understood, at a given time, one electronic payment card can be used to send the request for the electronic token.
  • the electronic payment module (608) forwards the request to the application (505) based on the identifier.
  • the processing unit (502) generates an electronic token via the application (505).
  • the electronic token is generated using techniques known in the art.
  • the electronic token is an encrypted key of configurable length.
  • the length is pre-stored in the application (505) during the registration process of the mobile device (500) with the server (400).
  • the length is changed periodically to enhance the security.
  • the server (400) periodically transmits the length to the mobile device (500) periodically.
  • the key includes alphanumerical characters and is generated using methods known in the art.
  • the key is encrypted using the encryption technique pre-agreed with the mobile device (500).
  • the electronic token includes a time period indicating a validity of the electronic token.
  • the time period is predetermined and is of very short duration comprising of few seconds. In an example, the predetermined duration is 20 seconds.
  • the time period is determined from the time of generation of the electronic token. Thus, the electronic token gets invalidated upon expiry of the time period.
  • the processing unit (502) Upon generating the electronic token, the processing unit (502) associates the electronic token with the electronic payment card (605). In an example, the processing unit (502) associates the electronic token by mapping the electronic token with the card number as received in the request.
  • the application (505) transmits the generated electronic token to the electronic payment module for transmitting to the electronic payment card (605). As such, the transmitting unit (503) transmits the generated electronic token including the time period to the electronic payment card (605) via the second communication link (607).
  • the secure element (606) Upon receiving the generated electronic token including the time period, stores the generated electronic token including the time period in the memory.
  • the transmitting unit (503) further transmits a copy of the electronic token to the server (400) through the application (505) via the first communication link (604).
  • the transmitting unit (503) also transmits the association details along with the copy of the electronic token.
  • the server (400) saves the copy of the electronic token in the database (404) along with the association details.
  • the processing unit (502) upon generating the electronic token, stores a copy of the electronic token (507) in the memory (504).
  • the transmitting unit (503) excludes transmitting the copy of the electronic token to the server (400) via the first communication link (604).
  • the security of the electronic payment card (605) is greatly increased. This eliminates the chances of unauthorized transactions with the electronic payment card (605) since an invalid token will prevent the completion of the transaction.
  • the electronic token is transmitted only upon receiving the request from the electronic payment card when the electronic payment card is in close proximity with the by the mobile device. This further eliminates the chances of stealing the electronic token using a malicious device or software.
  • FIG 9 illustrates the operations performed by the server (400) during a transaction initiated by an electronic payment card, in accordance with an embodiment of present invention.
  • the secure element (606) of the electronic payment card (605) transmits details of the electronic payment card (605) to the POT system (603) when a financial transaction is initiated using the electronic payment card (605) by the user.
  • the secure element (606) transmits the details via the second communication link (607).
  • the electronic payment card (605) interacts with the POT system (603) by way of physical contact such as inserting or dipping the electronic payment card (605) interacts in the POT system (603). Examples of the transaction include banking transaction at ATM and purchase transaction at POS system.
  • the secure element transmits the electronic token along with the details of the electronic payment card (605).
  • the POT system (603) transmits a validation request to the issuer system (601).
  • the validation request includes authentication credentials of the POT system (603), transaction information, and card identifier data indicating details about the electronic payment card (605).
  • the POT system (603) may also transmit authentication credentials such as PIN and Password associated with the electronic payment card and known only to the user. Further, if the electronic token is received from the electronic payment card (605), the validation request includes the received electronic token.
  • the issuer system (601) determines if the electronic payment card (605) is one of the associated electronic payment cards (605). In an example, the issuer system (601) retrieves the list of associated electronic payment cards (605) along with flag details from a database and determines if the electronic payment card is one of the associated electronic payment cards (605) based on the flag details. If the flag is set, the electronic payment card (605) is determined as the associated electronic payment card for which the server (400) performs the authentication. Thereafter, the issuer system (601), acting as a designated intermediary device, forwards the validation request to the server (400).
  • the electronic payment card (605) is determined as not being one of the associated electronic payment cards. Consequently, the issuer system (601) will not send the validation request to the server (400). Thereafter, the issuer system
  • the issuer system (601) performs validation of the electronic payment card (605) in a manner as known in the art.
  • the issuer system (601) validates the authentication credentials received along with the validation request.
  • the analysis unit (406) determines availability of an electronic token in the validation request. If the electronic token is not available in the validation request, the analysis unit (406) prevents the completion of the transaction. Accordingly, the message generating unit (407) generates a failure message indicative of the invalid authentication of the electronic payment card (605) in respect of the transaction. In addition to the failure message, the message generating unit (407) generates an alert message for the user. The alert message indicates details about the transaction and invalid authentication of the electronic payment card (605) in respect of the transaction.
  • the transmitting unit (403) of the server (400) transmits the failure message to the designated intermediary device, i.e., issuer system (601) over the network
  • the issuer system (601) Upon receiving the failure message, the issuer system (601) prevents the processing of the transaction as known in the art. In examples, the banking transaction at ATM and purchase transaction at POS system are prevented from completion.
  • the issuer system (601) transmits a transaction unsuccessful message to the POT system (603).
  • the POT system (603) may display an appropriate message on a display unit (not shown in the figure) of the POT system (603).
  • the issuer system (601) transmits a transaction unsuccessful message to the user as known in the art. In an example, the issuer system (601) transmits the transaction unsuccessful message to the mobile device (500).
  • the transmitting unit (403) of the server (400) transmits the alert message to the mobile device (500) via the first communication link (604).
  • the second receiving unit (506) receives the alert message through the application (505) and displays on a display unit (not shown in the figure) of the mobile device (500). Examples of the alert message include SMS message, USSD message, and a flash message.
  • step 904 the availability of the electronic token is determined in the validation request, then the process flows to step 908 in Figure 9b.
  • the analysis unit (406) upon receiving the validation request, obtains a copy of electronic token associated with the electronic payment card (605). Accordingly, in one embodiment, at step 908-1, the analysis unit (406) may obtain the copy of electronic token from the database (404) based on the details of the electronic payment card (605).
  • the analysis unit (406) may obtain the copy of electronic token from the mobile device (500) associated with the electronic payment card (605) at the time of transaction. In such embodiment, the copy of electronic token is unavailable in the database (404). As such, the analysis unit (406) may transmit a request to the application (505) via the first communication link (604) for the copy of electronic token associated with the electronic payment card (605). The request includes details of the electronic payment card (605) such as card number. Upon receiving the request for copy of electronic token from the server (400), the processing unit (502) fetches the copy of electronic token from the memory (504) based on the details of the electronic payment card (605) received in the request.
  • the processing unit (502) Upon fetching, the processing unit (502) transmits the copy of electronic token through the application (505) via the first communication link (604).
  • the analysis unit (406) authenticates the electronic payment card (605) based on various criteria, as described below.
  • the various criteria includes, but not limited to, validity of the copy of electronic token, comparison of the electronic token in the second request with the copy of electronic token, and time period indicated in the copy of electronic token.
  • the analysis unit (406) may authenticate either on one of the criteria or on all of the criteria. Accordingly, the analysis unit (406) determines the validity of the copy of the electronic token.
  • the copy of electronic token is marked as invalid by the analysis unit (406) if a validation request has been received previously or time period indicated in the copy of electronic token is expired.
  • the analysis unit (406) sets the copy of electronic token as invalid for further request to authenticate the electronic payment card (605) in respect of one or more further transactions initiated using the electronic payment card (605).
  • the copy of electronic token is marked as valid by the analysis unit (406) if a validation request has not been received previously or time period indicated in the copy of electronic token is current. If the copy of electronic token is invalid, the analysis unit (406) prevents the completion of the transaction. If the copy of electronic token is valid, the analysis unit (406) allows the completion of the transaction.
  • the analysis unit (406) compares the electronic token received in the validation request with the copy of electronic token. If the received electronic token does not match with the copy of electronic token, the analysis unit (406) prevents the completion of the transaction. If the received electronic token matches the copy of electronic token, the analysis unit (406) allows the completion of the transaction.
  • the analysis unit (406) determines if the time period indicated in the received electronic token is expired from the time of generating the electronic token. If the time period has expired with respect to the time of generating the electronic token, the analysis unit (406) prevents the completion of the transaction. If the time period is current with respect to the time of generating the electronic token, the analysis unit (406) allows the completion of the transaction.
  • the transmitting unit (403) transmits a success message to the designated intermediary device, i.e., issuer system (601). Accordingly, the message generating unit (407) generates a success message indicative of authentication of the electronic payment card and the transmitting unit (403) transmits the success message to the issuer system (601) over the network (602).
  • the designated intermediary device i.e., issuer system (601).
  • the message generating unit (407) generates a success message indicative of authentication of the electronic payment card and the transmitting unit (403) transmits the success message to the issuer system (601) over the network (602).
  • the issuer system (601) upon receiving the success message, successfully processes and completes the transaction.
  • the banking transaction at ATM and purchase transaction at POS system are successfully completed.
  • the completion of the transaction is further based on transaction value.
  • the issuer system (601) completes the transaction based on the transaction value message received from the server (400). In an example, if the transaction value message indicates that the value of the transaction is below the specified cash limit value/credit limit value, the transaction is completed. In an example, if the transaction value message indicates that the value of the transaction is above the specified cash limit value/credit limit value, the transaction is not completed.
  • the issuer system (400) completes the transaction based on the cash limit value/credit limit value specified by the user. Further, upon completing the transaction, the issuer system (601) transmits a transaction successful message POT system (603), as known in the art. Upon receiving the transaction successful message, the POT system (603) may generate a paper bill having transaction information and payment information.
  • the issuer system (601) transmits a transaction successful message to the user as known in the art.
  • the issuer system (601) transmits the transaction successful message to the mobile device (500).
  • the transmitting unit (403) of the server (400) transmits a success message to the mobile device (500) via the first communication link (604).
  • the second receiving unit (506) receives the success message through the application (505) and displays on a display unit (not shown in the figure) of the mobile device (500).
  • the alert message include SMS message, USSD message, and a flash message.
  • step 909 the analysis unit (406) does not authenticate the electronic payment card (605), then the process flows to step 913.
  • the transmitting unit (403) of the server (400) transmits a failure message to the designated intermediary device, i.e., issuer system (601) over the network (602). Accordingly, the message generating unit (407) generates the failure message indicative of the invalid authentication of the electronic payment card in respect of the transaction.
  • the issuer system (601) prevents the processing of the transaction as known in the art. In examples, the banking transaction at ATM and purchase transaction at POS system are prevented from completion.
  • the issuer system (601) transmits a transaction unsuccessful message to the POT system (603).
  • the POT system (603) may display an appropriate message on a display unit (not shown in the figure) of the POT system (603).
  • the issuer system (601) transmits a transaction unsuccessful message to the user as known in the art.
  • the issuer system (601) transmits the transaction unsuccessful message to the mobile device (500).
  • the transmitting unit (403) of the server (400) transmits an alert message to the mobile device (500) via the first communication link (604). Accordingly, the message generating unit (407) generates the alert message indicating details about the transaction and invalid authentication of the electronic payment card (605) in respect of the transaction.
  • the second receiving unit (506) of the mobile device (500) receives the alert message through the application (505) and displays on a display unit of the mobile device (500).
  • Examples of the alert message include SMS message, USSD message, and a flash message.
  • the transaction is allowed only if the electronic payment card (605) transmits a valid electronic token. This eliminates the chances of unauthorized transactions with the electronic payment card (605) since an invalid token will prevent the completion of the transaction. Further, the electronic token is generated for each transaction and is valid for a limited time period. This eliminates use of same electronic token for subsequent transactions. As such, the security of the electronic payment card is greatly enhanced as two-step security verification is provided.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention se rapporte à un procédé et à un système permettant une authentification d'une carte de paiement électronique au moyen de jetons électroniques dans un réseau de paiement. Un dispositif mobile associé à la carte de paiement électronique reçoit une demande de jeton électronique lorsque la carte de paiement électronique se trouve à proximité du dispositif mobile. Selon un mode de réalisation, le dispositif mobile transmet la demande à un serveur destiné à générer le jeton électronique. Suite à la génération du jeton électronique, le serveur transmet le jeton électronique au dispositif mobile. Selon un autre mode de réalisation, le dispositif mobile génère le jeton électronique. Le dispositif mobile transmet ensuite le jeton électronique à la carte de paiement électronique pour être stocké dans une mémoire de la carte de paiement électronique de telle sorte que la carte de paiement électronique soit authentifiée sur la base d'une validité du jeton électronique.
PCT/IB2017/050016 2016-01-04 2017-01-04 Procédés et dispositifs permettant une authentification d'une carte de paiement électronique au moyen de jetons électroniques Ceased WO2017118923A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN201611000234 2016-01-04
IN201611000234 2016-01-04

Publications (1)

Publication Number Publication Date
WO2017118923A1 true WO2017118923A1 (fr) 2017-07-13

Family

ID=59273451

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2017/050016 Ceased WO2017118923A1 (fr) 2016-01-04 2017-01-04 Procédés et dispositifs permettant une authentification d'une carte de paiement électronique au moyen de jetons électroniques

Country Status (1)

Country Link
WO (1) WO2017118923A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019022846A1 (fr) * 2017-07-25 2019-01-31 Mastercard International Incorporated Système et procédé de fourniture de jeton de paiement à un dispositif accessoire de paiement
US11349833B2 (en) 2020-03-21 2022-05-31 Kyndryl, Inc. Multi-factor authentication utilizing device pairing
US11823161B2 (en) 2016-04-13 2023-11-21 Mastercard International Incorporated System and method for peer-to-peer assistance in provisioning payment tokens to mobile devices
US11972433B2 (en) 2016-04-13 2024-04-30 Mastercard International Incorporated System and method for provisioning payment token to payment accessory device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120290376A1 (en) * 2011-05-09 2012-11-15 Intuit Inc. Processing electronic payment involving mobile communication device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120290376A1 (en) * 2011-05-09 2012-11-15 Intuit Inc. Processing electronic payment involving mobile communication device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11823161B2 (en) 2016-04-13 2023-11-21 Mastercard International Incorporated System and method for peer-to-peer assistance in provisioning payment tokens to mobile devices
US11972433B2 (en) 2016-04-13 2024-04-30 Mastercard International Incorporated System and method for provisioning payment token to payment accessory device
US12282908B2 (en) 2016-04-13 2025-04-22 Mastercard International Incorporated System and method for peer-to-peer assistance in provisioning payment tokens to mobile devices
WO2019022846A1 (fr) * 2017-07-25 2019-01-31 Mastercard International Incorporated Système et procédé de fourniture de jeton de paiement à un dispositif accessoire de paiement
US11349833B2 (en) 2020-03-21 2022-05-31 Kyndryl, Inc. Multi-factor authentication utilizing device pairing

Similar Documents

Publication Publication Date Title
US12567057B2 (en) Devices and methods for selective contactless communication
JP7345509B2 (ja) 安全な読み取り専用の認証のためのシステム及び方法
US10922675B2 (en) Remote transaction system, method and point of sale terminal
US8630907B2 (en) Secure transactions using a point of sale device
CN114365449A (zh) 具有消息转换的预配方法及系统
EP3043306A1 (fr) Système pour l'authentification pratique de personne à l'aide d'un terminal de communication mobile et d'une carte bancaire réelle et procédé associé
US20150242844A1 (en) System and method for secure remote access and remote payment using a mobile device and a powered display card
KR20140125449A (ko) 거래 프로세싱 시스템 및 방법
EP3123424B1 (fr) Système de transaction à distance, procédé et terminal de point de vente
CN118300876A (zh) 从非接触式装置发起的预配
WO2017033118A1 (fr) Procédé et système permettant d'améliorer la sécurité d'une carte sans contact
WO2017118923A1 (fr) Procédés et dispositifs permettant une authentification d'une carte de paiement électronique au moyen de jetons électroniques
US12597022B2 (en) System, method, and computer program product for authenticating a transaction based on behavioral biometric data
US20240086500A1 (en) Remote creation of virtual credential bound to physical location
EP3776417A1 (fr) Système de transaction électronique
CN116097686A (zh) 安全元件与移动设备的安全端到端配对
HK40120918A (zh) 用於安全只读认证的系统和方法
HK40048471B (zh) 用於安全只读认证的系统和方法
HK40048471A (en) Systems and methods for secure read-only authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17735898

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17735898

Country of ref document: EP

Kind code of ref document: A1