AU2011200063B1 - Systems and methods of securely carrying out transactions - Google Patents
Systems and methods of securely carrying out transactions Download PDFInfo
- Publication number
- AU2011200063B1 AU2011200063B1 AU2011200063A AU2011200063A AU2011200063B1 AU 2011200063 B1 AU2011200063 B1 AU 2011200063B1 AU 2011200063 A AU2011200063 A AU 2011200063A AU 2011200063 A AU2011200063 A AU 2011200063A AU 2011200063 B1 AU2011200063 B1 AU 2011200063B1
- Authority
- AU
- Australia
- Prior art keywords
- authentication unit
- information
- transaction terminal
- account
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/206—Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3226—Use of secure elements separate from M-devices
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Described herein are systems and methods for securely carrying out a transaction. One aspect of the invention provides a system for securely carrying out a transaction between a transaction terminal (200) and a target device (202), such as a mobile phone or personal digital assistant (PDA). Device (202) is incorporates a wireless communication device for communicating with transaction terminal (200). Device (202) is configured for establishing an encrypted wireless communication link (204) with the transaction terminal (200) when the device (202) is within a predetermined range of the transaction terminal (202). Once the phone (202) is linked with the transaction terminal (200) through the communication link (204), a secure transaction is carried out. (FIG. 2)
Description
AUSTRALIA PATENTS ACT 1990 COMPLETE SPECIFICATION FOR A STANDARD PATENT ORIGINAL Name of Applicant: Nokuta Pty Ltd Actual Inventors: Hans Klieber and Frank Klieber Address for Service is: SHELSTON IP 60 Margaret Street Telephone No: (02) 9777 1111 SYDNEY NSW 2000 Facsimile No. (02) 9241 4666 CCN: 3710000352 Attorney Code: SW Invention Title: SYSTEMS AND METHODS OF SECURELY CARRYING OUT TRANSACTIONS Details of Associated Provisional Application No. 2010904591 dated 14 Oct 2010 The following statement is a full description of this invention, including the best method of performing it known to me/us: File: 68657AUP00 2 SYSTEMS AND METHODS OF SECURELY CARRYING OUT TRANSACTIONS FIELD OF THE INVENTION [001] The present invention relates to systems and methods for linking two or more devices for transferring encoded information. [002] Embodiments of the invention have been particularly developed for linking a personal device such as a mobile phone to a payment processing system to effect secure payment for a transaction. While some embodiments will be described herein with particular reference to that application, it will be appreciated that the invention is not limited to such a field of use, and is applicable in broader contexts. BACKGROUND [0031 Any discussion of the background art throughout the specification should in no way be considered as an admission that such art is widely known or forms part of common general knowledge in the field. [0041 The functionality of mobile phones has increased significantly in the past decade, allowing users to carry out a number of different daily functions to simplify their lives. This increase in functionality has resulted in many people carrying their mobile phones with them almost anywhere they go. 10051 Independently, significant developments have been made to improve the speed and security of credit card transactions at points of sale. For example, EMV (Europay, MasterCard and VISA) is a global electronic transaction standard for inter-operation of integrated circuit cards (IC cards or "chip cards") and IC card capable point of sale (POS) terminals and automated teller machines (ATMs), for authenticating credit, debit and similar monetary transactions. Further, systems such as PayPassTM and Visa payWave T M allow transactions to be carried out wirelessly without user authentication during the transaction. [0061 However, to date there is no common means for combining these two everyday items. Specifically, no software Applications (Apps) or integrated hardware exist for carrying out credit, debit or similar transactions at points of sale 3 through mobile phones and similar electronic devices (Smart Phones, iPads, iPods, MP3 Players etc.). SUMMARY OF THE INVENTION [007] It is an object of the present invention to overcome or ameliorate at least one of the disadvantages of the prior art, or to provide a useful alternative. [008] According to a first aspect of the present invention there is provided a method for securely carrying out a transaction, said method including the steps of: (a) establishing an encrypted wireless communication link between a target device and a transaction terminal, wherein said target device is within a predetermined range of said transaction terminal; (b) accessing an authentication unit within said target device to retrieve account and authentication information in response to a request from said transaction terminal; and (c) securely transferring said account and authentication information between said target device and said transaction terminal to carry out a secure transaction, wherein said account and authentication information is initially uploaded to said authentication unit by inserting a special and unique data storage card into said target device that communicates securely with said authentication unit. 10091 The target device is preferably one of a mobile phone, personal digital assistant (PDA), a personal computer, an under-skin chip-unit or a wristwatch. More preferably the target device is a mobile phone. In one embodiment the authentication unit is preferably selectively removable from the target device. [0010] The data storage card can preferably only be used to transfer data once. The insertion can also be substituted by waving the card in front of the authentication unit or by decoding a photo of a 2 D code. [0011] The authentication unit is preferably configured to store account and authentication information indicative of one or more bank accounts or credit card accounts, each account information being initially uploaded to the authentication unit by a unique data storage card. [0012] The step of accessing the authentication unit preferably includes the sub-steps of: 4 (i) the target device prompting a user for a password to access the information from the authentication unit; and (ii) based on the user entering a correct password, providing access to the information through the authentication unit. [00131 The encrypted communication link is preferably established through a wireless communication protocol selected from Near Field Communication, Bluetooth, 2D codes, Cyber codes, Wi-Fi or Radio-Frequency Identification (RFID). [0014] According to a second aspect of the present invention there is provided a system for securely carrying out a transaction, the system including: (a) a transaction terminal; (b) a target device configured for establishing an encrypted wireless communication link with said transaction terminal when said target device is within a predetermined range of said transaction terminal; (c) an authentication unit integrated into said target device for securely storing account and authentication information, and providing access to said information in response to a request from said transaction terminal thereby to securely transfer said account and authentication information between said target device and said transaction terminal to carry out a secure transaction; and (d) a unique data storage card releasably insertable into said target device to securely transfer said account and authentication information to said authentication unit. [00151 The data storage card can preferably only be used to transfer data once. [00161 In response to a request from the transaction terminal, the target device preferably prompts a user to enter a password to access the information from the authentication unit, and based on the user entering a correct password, the authentication unit provides access to the information for transfer to the transaction terminal through the encrypted wireless communication link. [00171 According to a third aspect of the present invention there is provided a device for securely carrying out a transaction, the device including a processor; a database; an interface to receive user input; a display to output information visually; 5 a wireless communication device for establishing an encrypted wireless communication link with a transaction terminal when said device is within a predetermined range of said transaction terminal; an authentication unit for securely storing account and authentication information, and providing access to said information in response to a request from said transaction terminal thereby to securely transfer said information between said device and said transaction terminal to carry out a secure transaction; and a port configured to receive a unique data storage card to securely transfer said account and authentication information to said authentication unit. . [0018] The device is preferably one of a mobile phone, personal digital assistant (PDA), a personal computer, under-skin chip-unit or a wristwatch. More preferably the device is a mobile phone. [0019] The data storage card can preferably only be used to transfer data once. [00201 In response to a request from the transaction terminal, the device preferably prompts a user to enter a password through the interface to access the information from the authentication unit, and, based on the user entering a correct password, the authentication unit preferably provides access to the information for transfer to the transaction terminal through the encrypted wireless communication link. 100211 Reference throughout this specification to "one embodiment", "some embodiments" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrases "in one embodiment", "in some embodiments" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment, but may refer to separate embodiments in each instance. Furthermore, the particular features, structures or characteristics may be combined in any suitable manner, as would be apparent to one of ordinary skill in the art from this disclosure, in one or more embodiments.
6 [0022] As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner. [00231 In the claims below and the description herein, any one of the terms comprising, comprised of or which comprises is an open term that means including at least the elements/features that follow, but not excluding others. Thus, the term comprising, when used in the claims, should not be interpreted as being limitative to the means or elements or steps listed thereafter. For example, the scope of the expression a device comprising A and B should not be limited to devices consisting only of elements A and B. Any one of the terms including or which includes or that includes as used herein is also an open term that also means including at least the elements/features that follow the term, but not excluding others. Thus, including is synonymous with and means comprising. BRIEF DESCRIPTION OF THE DRAWINGS [0024] Preferred embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings in which: 100251 FIG. 1 is a flow chart outlining a method of securely carrying out a transaction according to one embodiment of the invention; FIG. 2 is a schematic diagram of a mobile phone communicating wirelessly with a transaction terminal; FIG. 3 is a perspective drawing of a mobile phone according to one embodiment of the invention; FIG. 4 is a perspective drawing of a personal digital assistant (PDA) according to another embodiment of the invention; FIG. 5 is a system level block diagram of one embodiment of the invention; FIG. 6 is a schematic system level block diagram of another embodiment of the invention; 7 FIG. 7 is a schematic system level block diagram of a further alternative embodiment of the invention; FIG. 8 is a schematic diagram of a data storage card according to one embodiment of the invention; FIG. 9A is an illustration of a set of user instructions for initially uploading account ant authentication information to the authentication unit from a data card; and FIG. 9B is an illustration of a set of instructions for using the invention to carry out a secure transaction. DETAILED DESCRIPTION [00261 Described herein are systems and methods for securely carrying out a transaction. With reference to Figure 1 of the drawings, one aspect of the present invention provides a method for securely carrying out a transaction. At step 100 an encrypted wireless communication link is established between a target device, such as a mobile phone, and a transaction terminal, wherein the target device is within a predetermined range of the transaction terminal. At step 102 an authentication unit within the mobile phone is accessed to retrieve account and authentication information in response to a request from the transaction terminal. At step 104 the account and authentication information is securely transferred between the mobile phone and the transaction terminal to carry out a secure transaction. [00271 In one embodiment, to initially upload the transaction and authentication information to the authentication unit within the phone, a unique data storage card is inserted into the mobile phone at step I OOA. This card communicates securely with the authentication unit and uploads the account and authentication information to the authentication unit at step 100B. [00281 Referring to Figures 2 to 6, another aspect of the invention provides a system for securely carrying out a transaction between a transaction terminal 200 and a target device 202. As shown in Figure 3, in one embodiment the target device 202 is a mobile phone. In the alternative embodiment shown in Figure 4, target device 202 is a personal digital assistant (PDA). It will be appreciated that in alternative embodiments the target device 202 is any one of a range of devices capable of incorporating a wireless communication device for communicating with a 8 transaction terminal 200, including personal computers or smart wristwatches. However, for the purposes of describing the invention, target device 202 will be hereinafter described as a mobile phone. [00291 Referring to Figure 2, mobile phone 202 is configured for establishing an encrypted wireless communication link 204 with the transaction terminal 200 when the target device is within a predetermined range of the transaction terminal. For example, in the case of Bluetooth communication the mobile phone 202 and transaction terminal 200 need to be within several metres of each other to communicate wirelessly. In the case of Near Field communication, phone 202 and terminal 200 need to be within a distance of about 10cm from each other. Once phone 202 is linked with transaction terminal 200 through the communication link 204, a secure transaction can be carried out. [00301 Referring specifically to Figures 5 to 7, mobile phone 202 includes an authentication unit 206 integrated for securely storing account and authentication information, and providing access to the information in response to a request from the transaction terminal 200. Unit 206 is any processor or chip with embedded integrated circuits. In one embodiment unit 206 includes memory, micro-processor components and dedicated security logic. Secure transfer of the account and authentication information between mobile phone 202 and transaction terminal 200 facilitates a secure transaction, which may be carried out in a known manner using existing systems of financial institutions. Authentication unit 206 may be a self powered device or may source power from the battery (not shown) of mobile phone 202. 100311 Authentication unit 206 is configured to store account and authentication information indicative of one or more bank accounts or credit card accounts. In one embodiment, this information is the same or similar information to that contained on plastic cards to facilitate the sharing of a common numbering scheme. The prefix, called the Bank Identification Number, is the sequence of digits at the beginning of the number that determine the bank to which a number belongs. These are, at the time, the first six digits. The next nine digits are the individual account number, and the final digit is a validity check code. In addition the information may also include 9 issue and expiration dates, as well as extra codes such as issue numbers and security codes. 100321 Figures 5 to 7 depict three alternative embodiments of how authentication unit 206 is implemented into mobile phone 202. Referring to Figure 5, in one embodiment, authentication unit 206 is a permanently connected independent hardware unit within mobile phone 202 such as a stand-alone IC chip or microprocessor chip. In this embodiment, authentication unit 206 is configured to communicate with a central processing unit 208 of mobile phone 202 to facilitate the transaction. For example, in an embodiment using a smart phone, an application is available for receiving user input and displaying information regarding the transaction in process. In a particular example, phone 202 is configured to display the account balance when the transaction is completed. In one embodiment the balance is automatically erased after a short period of time, e.g. 10 seconds, so that thieves cannot look up a user's balances on a stolen phone. 10033] Referring to Figure 6, in an alternative embodiment authentication unit 206 is implemented as software integrated into the central processing unit 208 of mobile phone 202 and the transaction procedure is fully software implemented through the existing hardware of mobile phone 202. For example, in this embodiment, the account and authentication information is securely stored in a database 216 and selectively accessed through an application or App available on the phone. 100341 Referring to Figure 7, a further alternative embodiment, authentication unit 206 is itself a removable card that is inserted and removed from mobile phone 202 through port 212. Once inserted, authentication unit 206 communicates with the central processing unit 208 of mobile phone 202. In future it is envisaged that new Nanoscale devices/Microchip Processors or Quantum Devices using quantum mechanical phenomena will come onto the market. In the embodiment of Figure 7, these devices can be easily incorporated into an authentication unit 206 that can be implemented into a mobile phone 202. 100351 Authentication unit 206 includes non-volatile memory, such as a hard disk (optical disc, magnetic tape holographic memory, motherboard and such) or a solid state device, for storing the account and authentication information. Non volatile memory such as EEPROM, NVM or flash memory can be used, each having its own 10 benefits and draw backs. For instance NVB is a solid-state chip that maintains stored data without any external power source. Its capacity is substantially larger than that of an EEPROM. [00361 Mobile phone 202 is any conventional mobile phone, cell phone or smart phone having a wireless communication device 210. In one embodiment, wireless device 210 is a Bluetooth antenna. However, in other embodiments wireless device 210 is a Wi-Fi antenna, passive or active radio frequency identification (RFID) device, Near Field Communication device or other wireless transmitting/receiving device. In other embodiments, 2D codes or Cyber codes are used. Mobile phone 202 also includes conventional features such as an interface 214 in the form of a keypad or a touch screen to receive user input, a display 216 to output information visually, a database 216 in the form of a memory device, and a SIM card reader 218 to receive conventional SIM cards. [00371 In one embodiment, in response to a request from transaction terminal 200, mobile phone 202 prompts a user to enter a password, through user input 216 and display 216, to access the information from authentication unit 206. If the entered password is correct, authentication unit 206 provides access to the information for transferral to transaction terminal 200 through the encrypted wireless communication link 204. Preferably, mobile phone 202 displays notifications throughout the authorization and transaction procedure on display 216 to keep the user updated on progress. 100381 Referring to Figures 3 to 7, mobile phone 202 includes a port 212 adapted to receive a unique data storage card 218 or, in the case of the embodiment of Figure 7, to receive removable authentication unit 206. Port 212 is preferably located on one outer face of phone 202. However, in alternative embodiments, port 212 is located beneath a removable protective panel, such as adjacent the battery of phone 202. [00391 With reference to Figure 8, in one embodiment, card 218 is in the form of a subscriber identity module (SIM) card having an integrated circuit 220 mounted therein. In other embodiments, card 218 is a portable USB memory device or other type of data card or unit. Card 218 is releasably insertable into mobile phone 202 to securely transfer account and authentication information to authentication unit 206.
S1I Card 218 may be a self-powered active device or may be a passive device sourcing power from mobile phone 202. [0040] In one embodiment each data storage card 218 preferably holds a unique serial number 222 assigned to it by the issuing institution. In one embodiment this number is a 128-bit security code used to authenticate unit 206 on a network. Serial number 222 is preferably also stored on a database on the issuers' network and is preferably initially concealed behind a scratch panel 224 for security purposes. Panel 224 can be removed by the user prior to use. 100411 In one specific embodiment, card 218 contains its unique serial number 220, internationally unique number of the mobile user, security authentication and ciphering information, temporary information related to the local network, a list of the services the user has access to and two passwords (PIN for usual use and PUK for unlocking). 100421 In one embodiment, card 218 has a length of about 25 mm and a width of about 15 mm, and has a truncated or chamfered corner 226 to prevent mis-insertion. In an alternative embodiment, card 218 has a size known as the 3FF or micro-SIM, which has dimensions of 15 mm by 12 mm. In a further alternative embodiment, card 218 is approximately the same size but a different shape to conventional phone SIM cards to prevent mix-up of the slots. Cards 218 are preferably supplied as a full- sized card with the smaller card held in place by a few plastic links; it can easily be broken off to be used in a device that uses the smaller SIM. 100431 In one embodiment, as a security measure data storage card 218 incorporates volatile memory ensuring it can only be used to transfer data once. In other embodiments, data storage card 218 includes non-volatile memory and can be used multiple times. In some embodiments, card 218 includes an access password that must be entered before the account and authentication information can be transferred to the authentication unit 206 in the mobile phone 202. [00441 In one embodiment, each data storage card 218 contains account information relating to a single account, which is issued by a bank, Credit Card Company or other financial institution and initially uploaded to authentication unit 206 by inserting card 218 into port 212. Authentication unit 206 is configured to store account and authentication information for multiple accounts, each of which is 12 uploaded by individual storage cards 218. In this manner, to store account and authentication information relating to two separate accounts, two data storage cards are inserted into port 212 in succession. This embodiment of the invention allows, for example, information relating to many credit cards, debit cards, healthcare cards, membership cards etc. to be maintained on authentication unit 206 of phone 202. 10045] In each of the embodiments shown in Figures 5 to 7, the phone manufacturer is required to manufacture phones having port 212 for receiving data storage cards 218. The ports are preferably prepared to allow the insertion from the outside without removing the battery. The phone manufacturer may also provide the internal software which allows pairing (linking) of the central processing unit 208 with the authentication unit 206, security of the chip and destruction of the chip's information if illegally removed. [00461 In a further alternative embodiment, authentication unit 206 is implemented as software integrated into the central processing unit 208 of mobile phone 202 (as in Figure 6) and the account and authentication information is uploaded to authentication unit 206 by wireless communication to phone 202. For example, a financial institution might offer a secure wireless link to phone 202 in order to upload the account and authentication information to authentication unit 206 for future secure wireless transactions. In this embodiment no hardware modifications need to be made to phone 202. The only necessary modifications are software related and can be implemented after manufacture of the phone. For example, software for controlling authentication unit 206 may be provided by a downloadable or installable application for phone 202. EXAMPLE IMPLEMENTA TION OF THE INVENTION [00471 Initially, a financial institution issues a data storage card 218 to a user, say through the mail. That institution may optionally provide one or more activation number, PIN or telephone PIN which is preferably sent to the user by separate means to card 218 to ensure safety. Further, access to the specific account and authentication information on authentication unit 206 may be made through a call, e mail or the like to the issuing institution.
13 100481 The user then inserts card 218 into port 212 of phone 202 and the account information contained on the card is read onto the authentication unit. Alternatively, the account information is transferred to the authentication unit 206 by waving the card in front of the authentication unit or by decoding a photo of a 2 D code.At the same time the user may be required to enter a Personal Identification Number (PIN) into mobile phone 202. Following this the account and authentication information is encrypted for later verification of transactions. In the case of card 218 having volatile memory, the account and authentication information is erased from card 218, which cannot be used again. Card 218 can then be safely discarded. If the mobile phone 202 is lost or stolen, the codes can be blocked by the card issuer, similar to how stolen credit cards are blocked today. [00491 The user may also be required to download and install software to access the authentication unit 206 from the phone 202. However, in some embodiments, this software is pre-installed on phone 202. 100501 In an alternative embodiment, use of card 218 can be negated by initially activating authentication unit 206 wirelessly. For example, a user brings phone 202 into a financial institution having a wireless network. The user can connect to that wireless network to activate or sync the authentication unit 206 with the user's account from that institution. In a particular example, a 2-D input code may be transmitted to phone 202 through the wireless network from the financial institution. Correct inputting of this code syncs the account information with the authentication unit 206. Alternatively, a user may be sent an activation code through e-mail. 100511 In another alternative embodiment, account and authentication information can be uploaded to authentication unit simply by bringing card 218 into a predetermined proximity with phone 202, which reads the account information wirelessly in the same manner as a card chip reader. [00521 In a further alternative embodiment, authentication unit 206 may be authenticated using a mobile tagging process. For example, a credit card company or financial institution sends a user a two dimensional barcode image which can be captured with a camera implemented into phone 202. Processing or rendering of the barcode image using appropriate software reveals a unique code to be input for activation of a specific account for use with the authentication unit 206.
14 100531 The mobile phone 202 including the authentication unit 206 can then used in an encrypted wireless network or link at a point of sale transaction terminal 200 without leaving the control of the user. For example, the phone can be used by swiping it past a transaction terminal 200 or placing it within a predetermined proximity to transaction terminal 200, such as a POS terminal or ATM, to pay for goods and or receive money from the ATM. In one embodiment the issuing bank or merchant establishes for terminal 200 a local hotspot or allows ad-hoc mode wireless contact by swiping the phone close to the terminal. 100541 In an alternative embodiment the transaction makes use of a secure system such as PayPal for increased security. In some embodiments, additional security measures such as a fingerprint scan or eye scan may be implemented for authenticating a transaction. 100551 In a further alternative embodiment, authentication unit 206 communicates wirelessly with a local card chip reader attached to a personal computer, say by USB connection. In this embodiment, the user can authenticate online transactions simply by bringing phone 202 into proximity with the card chip reader device. 100561 In some embodiments, phone 202 prompts the user for a password or similar security measure. Additionally the merchant terminal may request a different code or signature. In these embodiments, the PIN or password is simply typed into phone 202 to verify the transaction. [00571 Figure 9 shows an example set of instructions for initially uploading account and authentication information to authentication unit 206 from a data access card 218 and how to use the paired device at a transaction terminal 200 to carry out a secure transaction. [00581 To move the card to a new or different phone or device, the card issuer sends a new one-use-only chip. This way there is only one device at any one time that works with the transactions of one specific account/card. A large number of different accounts/cards can be individually read into the authentication unit 206, just as people carry any number of credit cards in their wallets today. Individual account and authentication information stored on the authentication unit can also be deleted if an account is closed. In the case where information indicative of multiple accounts 15 are stored on unit 206, phone 202 prompts the user to select the desired account for which the transaction is to be carried out. [00591 As a security measure, all accounts or account information entered into the authentication unit 206 can be simultaneously blocked through one call to a central security centre in the case of theft. [00601 In an alternative embodiment, phones are capable of communicating between each other to transmit and receive payments between users. In this manner, two users can bring their phones into close proximity and securely transfer money to one another through linked bank accounts. 100611 In alternative embodiments, the invention can provide additional functionality to transfer information via phone 202 using e-mail, SMS, MMS or future similar systems such as quantum, nano or optic devices. Once paired or linked with phone 202, all data are available on the phone without the need to provide additional input. 100621 It will be appreciated by persons skilled in the art that numerous variations and/or modifications may be made to the invention as shown in the specific embodiments without departing from the spirit or scope of the invention as broadly described. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive. For example, functionality may be added or deleted from the block diagrams and operations may be interchanged among functional blocks. Steps may be added or deleted to methods described within the scope of the present invention. CONCLUSIONS 100631 It will be appreciated that the disclosure above provides various significant systems and methods for carrying out a secure transaction. 100641 The present invention provides for integrating and pairing a target device, such as a mobile phone or PDA, with a transaction authentication unit to provide easy payments, transactions or access to money through the target device in a secure and convenient way. The required information to carry out a secure transaction is sent to a merchant's transaction terminal by phone or computer by using a simple application and/or entering a password number. Since the authorisation number 16 (such as a credit card number) does not need to be typed or remembered, it can be made from a larger number of digits or even mixes of numbers and letters to increase security. [00651 The inventor envisions such a system to essentially replace plastic cards such as credit/debit cards. Using the present invention, a secure transaction can take place without the user temporarily surrendering their credit card to an unknown sales person. 100661 The present invention acts as an electronic verification system integratable into a mobile phone or other electronic device (target device) to establish communication between the target device and a transaction terminal. The invention combines the two commonly used items of mobile phones/computers and plastic credit/debit cards to provide ease of carrying both as one. The main benefits to the customer are convenience and increased security. [00671 The present invention also adds convenience to the merchant, as they can verify in a few seconds whether the transaction is valid and the user has sufficient credit or debit to cover the purchase. 100681 Implementation of the present invention would ultimately allow credit card companies and financial institutions to remove the magnetic strip from cards. There appears to be a drive away from using these strips likely due to their tendency to malfunction. DEFINITIONS 100691 Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as "processing," "computing," "calculating," "determining", analysing" or the like, refer to the action and/or processes of a computer or computing system, or similar electronic computing device, that manipulate and/or transform data represented as physical, such as electronic, quantities into other data similarly represented as physical quantities. 10070] In a similar manner, the term "processor" may refer to any device or portion of a device that processes electronic data, e.g., from registers and/or memory to transform that electronic data into other electronic data that, e.g., may be stored in 17 registers and/or memory. A "computer" or a "computing machine" or a "computing platform" may include one or more processors. 100711 The methodologies described herein are, in one embodiment, performable by one or more processors that accept computer-readable (also called machine-readable) code containing a set of instructions that when executed by one or more of the processors carry out at least one of the methods described herein. Any processor capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken are included. Thus, one example is a typical processing system that includes one or more processors. Each processor may include one or more of a CPU, a graphics processing unit, and a programmable DSP unit. The processing system further may include a memory subsystem including main RAM and/or a static RAM, and/or ROM. A bus subsystem may be included for communicating between the components. The processing system further may be a distributed processing system with processors interconnected by a network. If the processing system requires a display, such a display may be included, e.g., a liquid crystal display (LCD) or a cathode ray tube (CRT) display. If manual data entry is required, the processing system also includes an input device such as one or more of an alphanumeric input unit such as a keyboard, a pointing control device such as a mouse, and so forth. [00721 The term memory unit as used herein, if clear from the context and unless explicitly stated otherwise, also encompasses a storage system such as a disk drive unit. The processing system in some configurations may include a sound output device, and a network interface device. The memory subsystem thus includes a computer-readable carrier medium that carries computer-readable code (e.g., software) including a set of instructions to cause performing, when executed by one or more processors, one of more of the methods described herein. Note that when the method includes several elements, e.g., several steps, no ordering of such elements is implied, unless specifically stated. The software may reside in the hard disk, or may also reside, completely or at least partially, within the RAM and/or within the processor during execution thereof by the computer system. Thus, the memory and the processor also constitute computer-readable carrier medium carrying computer-readable code.
18 [00731 Furthermore, a computer-readable carrier medium may form, or be included in a computer program product. 100741 In alternative embodiments, the one or more processors operate as a standalone device or may be connected, e.g., networked to other processor(s), in a networked deployment, the one or more processors may operate in the capacity of a server or a user machine in server-user network environment, or as a peer machine in a peer-to-peer or distributed network environment. The one or more processors may form a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a network router, switch or bridge, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine. [00751 Note that while some diagrams only show a single processor and a single memory that carries the computer-readable code, those in the art will understand that many of the components described above are included, but not explicitly shown or described in order not to obscure the inventive aspect. For example, while only a single machine is illustrated, the term "machine" shall also be taken to include any collection of machines that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein. [00761 Thus, one embodiment of each of the methods described herein is in the form of a computer-readable carrier medium carrying a set of instructions, e.g., a computer program that is for execution on one or more processors, e.g., one or more processors that are part of web server arrangement. Thus, as will be appreciated by those skilled in the art, embodiments of the present invention may be embodied as a method, an apparatus such as a special purpose apparatus, an apparatus such as a data processing system, or a computer-readable carrier medium, e.g., a computer program product. The computer-readable carrier medium carries computer readable code including a set of instructions that when executed on one or more processors cause the processor or processors to implement a method. Accordingly, aspects of the present invention may take the form of a method, an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of carrier medium (e.g., a computer program product on a computer-readable 19 storage medium) carrying computer-readable program code embodied in the medium. [0077] The software may further be transmitted or received over a network via a network interface device. While the carrier medium is shown in an exemplary embodiment to be a single medium, the term "carrier medium" should be taken to include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) that store the one or more sets of instructions. The term "carrier medium" shall also be taken to include any medium that is capable of storing, encoding or carrying a set of instructions for execution by one or more of the processors and that cause the one or more processors to perform any one or more of the methodologies of the present invention. A carrier medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media. Non-volatile media includes, for example, optical, magnetic disks, and magneto-optical disks. Volatile media includes dynamic memory, such as main memory. Transmission media includes coaxial cables, copper wire and fiber optics, including the wires that comprise a bus subsystem. Transmission media may also take the form of acoustic or light waves, such as those generated during radio wave and infrared data communications. For example, the term "carrier medium" shall accordingly be taken to included, but not be limited to, solid-state memories, a computer product embodied in optical and magnetic media; a medium bearing a propagated signal detectable by at least one processor of one or more processors and representing a set of instructions that, when executed, implement a method; a carrier wave bearing a propagated signal detectable by at least one processor of the one or more processors and representing the set of instructions a propagated signal and representing the set of instructions; and a transmission medium in a network bearing a propagated signal detectable by at least one processor of the one or more processors and representing the set of instructions. 100781 It will be understood that the steps of methods discussed are performed in one embodiment by an appropriate processor (or processors) of a processing (i.e., computer) system executing instructions (computer-readable code) stored in storage. It will also be understood that the invention is not limited to any particular implementation or programming technique and that the invention may be implemented using any appropriate techniques for implementing the functionality 20 described herein. The invention is not limited to any particular programming language or operating system. 100791 It should be appreciated that in the above description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, FIG., or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention. [00801 Furthermore, while some embodiments described herein include some but not other features included in other embodiments, combinations of features of different embodiments are meant to be within the scope of the invention, and form different embodiments, as would be understood by those skilled in the art. For example, in the following claims, any of the claimed embodiments can be used in any combination. [0081] Furthermore, some of the embodiments are described herein as a method or combination of elements of a method that can be implemented by a processor of a computer system or by other means of carrying out the function. Thus, a processor with the necessary instructions for carrying out such a method or element of a method forms a means for carrying out the method or element of a method. Furthermore, an element described herein of an apparatus embodiment is an example of a means for carrying out the function performed by the element for the purpose of carrying out the invention. 100821 In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In other instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Claims (22)
1. A method for securely carrying out a transaction, said method including the steps of: (a) establishing an encrypted wireless communication link between a target device and a transaction terminal, wherein said target device is within a predetermined range of said transaction terminal; (b) accessing an authentication unit within said target device to retrieve account and authentication information in response to a request from said transaction terminal; (c) securely transferring said account and authentication information between said target device and said transaction terminal to carry out a secure transaction, wherein said account and authentication information is initially uploaded to said authentication unit by inserting a special and unique data storage card into said target device that communicates securely with said authentication unit.
2. A method according to claim I wherein said data storage card can only be used to transfer data once.
3. A method according to claim I wherein said target device is one of a mobile phone, personal digital assistant (PDA), a personal computer, an under-skin chip-unit or a wristwatch.
4. A method according to any one of the preceding claims wherein said authentication unit is selectively removable from said target device.
5. A method according to claim 1 or claim 2 wherein said authentication unit is configured to store account and authentication information indicative of one or more bank accounts or credit card accounts, each said account information being initially uploaded to said authentication unit by said unique data storage card.
6. A method according to any one of the preceding claims wherein the step of accessing said authentication unit includes the sub-steps of (i) said target device prompting a user for a password to access said information from said authentication unit; and 22 (ii) based on said user entering a correct password, providing access to said information through said authentication unit.
7. A method according to any one of the preceding claims wherein said encrypted communication link is established through a wireless communication protocol selected from Near Field Communication, Bluetooth, 2D codes, Cyber codes, Wi-Fi or Radio Frequency Identification (RFID).
8. A system for securely carrying out a transaction, the system including: (a) a transaction terminal; (b) a target device configured for establishing an encrypted wireless communication link with said transaction terminal when said target device is within a predetermined range of said transaction terminal; (c) an authentication unit integrated into said target device for securely storing account and authentication information, and providing access to said information in response to a request from said transaction terminal thereby to securely transfer said account and authentication information between said target device and said transaction terminal to carry out a secure transaction; and (d) a unique data storage card releasably insertable into said target device to securely transfer said account and authentication information to said authentication unit.
9. A system according to claim 8 wherein said data storage card can only be used to transfer data once.
10. A system according to claim 8 or claim 9 wherein said target device is one of a mobile phone, personal digital assistant (PDA), a personal computer, an under-skin chip unit or a wristwatch.
11. A system according to any one of claims 8 to 10 wherein said authentication unit is selectively removable from said target device. 23
12. A system according to claim 8 or claim 9 wherein said authentication unit is configured to store account and authentication information indicative of one or more bank accounts or credit card accounts, each said account information being initially uploaded to said authentication unit by a unique data storage card.
13. A system according to any one of claims 8 to 12, wherein: in response to a request from said transaction terminal, said target device prompts a user to enter a password to access said information from said authentication unit; and based on said user entering a correct password, said authentication unit provides access to said information for transfer to said transaction terminal through said encrypted wireless communication link.
14. A system according to any one of claims 8 to 13 wherein said encrypted communication link is established through a wireless communication protocol selected from Near Field Communication, Bluetooth, Wi-Fi or Radio-Frequency Identification (RFID).
15. A device for securely carrying out a transaction, the device including a processor; a database; an interface to receive user input; a display to output information visually; a wireless communication device for establishing an encrypted wireless communication link with a transaction terminal when said device is within a predetermined range of said transaction terminal; an authentication unit for securely storing account and authentication information, and providing access to said information in response to a request from said transaction terminal thereby to securely transfer said information between said device and said transaction terminal to carry out a secure transaction; and a port configured to receive a unique data storage card to securely transfer said account and authentication information to said authentication unit. 24
16. A device according to claim 15 wherein said data storage card can only be used to transfer data once.
17. A device according to claim 15 wherein said device is one of a mobile phone, personal digital assistant (PDA), a personal computer, an under-skin chip-unit or a wristwatch.
18. A device according to any one of claims 15 to 17 wherein said authentication unit is selectively removable from said device.
19. A device according to any one of claims 15 to 18 wherein said authentication unit is configured to store account and authentication information indicative of one or more bank accounts or credit card accounts, each said account information being initially uploaded to said authentication unit by a unique data storage card.
20. A device according to any one of claims 15 to 19 wherein: in response to a request from said transaction terminal, said device prompts a user to enter a password through said interface to access said information from said authentication unit; and based on said user entering a correct password, said authentication unit provides access to said information for transfer to said transaction terminal through said encrypted wireless communication link.
21. A device according to any one of claims 15 to 20 wherein said encrypted communication link is established through a wireless communication protocol selected from Near Field Communication, Bluetooth, Wi-Fi or Radio-Frequency Identification (RFID).
22. A method, system or device for securely carrying out a transaction substantially as herein described with reference to any one of the embodiments of the invention illustrated in the accompanying drawings and/or examples.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2011200063A AU2011200063B1 (en) | 2010-10-14 | 2011-01-07 | Systems and methods of securely carrying out transactions |
| PCT/AU2011/001302 WO2012048373A1 (en) | 2010-10-14 | 2011-10-13 | Systems and methods of securely carrying out transactions |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2010904591A AU2010904591A0 (en) | 2010-10-14 | Novel method of integrating (linking) one or more special purpose designed devices with a target device - enabling easy and secure financial transactions | |
| AU2010904591 | 2010-10-14 | ||
| AU2011200063A AU2011200063B1 (en) | 2010-10-14 | 2011-01-07 | Systems and methods of securely carrying out transactions |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| AU2011200063B1 true AU2011200063B1 (en) | 2011-06-23 |
Family
ID=45398560
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU2011200063A Ceased AU2011200063B1 (en) | 2010-10-14 | 2011-01-07 | Systems and methods of securely carrying out transactions |
Country Status (2)
| Country | Link |
|---|---|
| AU (1) | AU2011200063B1 (en) |
| WO (1) | WO2012048373A1 (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2014154129A1 (en) * | 2013-03-26 | 2014-10-02 | Shao Tong | Two-time near distance connection secure payment device, method, and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003017128A1 (en) * | 2001-08-13 | 2003-02-27 | Exclaim Enterprises, Inc. | Method and apparatus for electronic data sharing |
| US20030055785A1 (en) * | 2001-09-20 | 2003-03-20 | International Business Machines Corporation | System and method for electronic wallet transactions |
| US7707113B1 (en) * | 2007-09-28 | 2010-04-27 | Sprint Communications Company L.P. | Method and system for setting levels of electronic wallet security |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5991749A (en) * | 1996-09-11 | 1999-11-23 | Morrill, Jr.; Paul H. | Wireless telephony for collecting tolls, conducting financial transactions, and authorizing other activities |
| JP5301463B2 (en) * | 2007-01-09 | 2013-09-25 | ビザ ユー.エス.エー.インコーポレイテッド | Mobile phone payment process including threshold indicator |
| US20100049615A1 (en) * | 2008-01-24 | 2010-02-25 | Qualcomm Incorporated | Mobile commerce authentication and authorization system |
| US8523053B2 (en) * | 2008-09-03 | 2013-09-03 | First Data Corporation | Enabling consumer choice on contactless transactions when using a dual-branded payment instrument |
-
2011
- 2011-01-07 AU AU2011200063A patent/AU2011200063B1/en not_active Ceased
- 2011-10-13 WO PCT/AU2011/001302 patent/WO2012048373A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003017128A1 (en) * | 2001-08-13 | 2003-02-27 | Exclaim Enterprises, Inc. | Method and apparatus for electronic data sharing |
| US20030055785A1 (en) * | 2001-09-20 | 2003-03-20 | International Business Machines Corporation | System and method for electronic wallet transactions |
| US7707113B1 (en) * | 2007-09-28 | 2010-04-27 | Sprint Communications Company L.P. | Method and system for setting levels of electronic wallet security |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2012048373A1 (en) | 2012-04-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| RU2659024C2 (en) | System and method of safe downloading, storage and transmission of data from magnetic strips in the device working with the mobile wallet system | |
| US9195983B2 (en) | System and method for a secure cardholder load and storage device | |
| US9473295B2 (en) | Virtual transportation point of sale | |
| US9251513B2 (en) | Stand-alone secure PIN entry device for enabling EMV card transactions with separate card reader | |
| EP2038227B1 (en) | System and method for activating telephone-based payment instrument | |
| US10147086B2 (en) | Digital wallet device for virtual wallet | |
| US9317018B2 (en) | Portable e-wallet and universal card | |
| US20080126260A1 (en) | Point Of Sale Transaction Device With Magnetic Stripe Emulator And Biometric Authentication | |
| US20140164154A1 (en) | Payment initiation and acceptance system | |
| CA2667306A1 (en) | Point 0f sale transaction device with magnetic stripe emulator and biometric authentication | |
| CN105593886A (en) | Method and apparatus for performing local transactions | |
| AU2013289925B2 (en) | Virtual transportation point of sale | |
| US20140089169A1 (en) | System and Method of Processing Payment Transactions via Mobile Devices | |
| WO2013116817A1 (en) | System and method for a secure cardholder load and storage device | |
| US20190378115A1 (en) | Electronic payment apparatus | |
| US11507941B2 (en) | Methods for conducting electronic payment transactions with scannable codes | |
| AU2011200063B1 (en) | Systems and methods of securely carrying out transactions | |
| KR20190007196A (en) | Apparatus and methods for providing card activation control and digital wallet exchange using card owner's identity verification | |
| US20230087051A1 (en) | Methods for conducting electronic payment transactions with scannable codes | |
| EP2873024B1 (en) | Virtual transportation point of sale | |
| KR20080114651A (en) | Prepaid Card Charging System | |
| KR101199093B1 (en) | Method and System for Paying Giro using Code Image | |
| Pourghomi et al. | Cloud-based NFC Mobile Payments | |
| HK40008789A (en) | Electronic payment apparatus | |
| WO2018185787A1 (en) | A system and method of usage of a smart card for cashless transaction |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FGA | Letters patent sealed or granted (standard patent) | ||
| MK14 | Patent ceased section 143(a) (annual fees not paid) or expired |