[go: up one dir, main page]

EP2430620A1 - Contactless payment device, method of contactless top-up of electronic money on a payment device - Google Patents

Contactless payment device, method of contactless top-up of electronic money on a payment device

Info

Publication number
EP2430620A1
EP2430620A1 EP10730522A EP10730522A EP2430620A1 EP 2430620 A1 EP2430620 A1 EP 2430620A1 EP 10730522 A EP10730522 A EP 10730522A EP 10730522 A EP10730522 A EP 10730522A EP 2430620 A1 EP2430620 A1 EP 2430620A1
Authority
EP
European Patent Office
Prior art keywords
payment
memory card
mobile communication
cryptogram
card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP10730522A
Other languages
German (de)
French (fr)
Inventor
Miroslav Florek
Michal Masaryk
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SMK Corp
Original Assignee
Logomotion sro
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from SK500272009A external-priority patent/SK288717B6/en
Priority claimed from SK50016-2010A external-priority patent/SK500162010A3/en
Application filed by Logomotion sro filed Critical Logomotion sro
Publication of EP2430620A1 publication Critical patent/EP2430620A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • G06Q20/3263Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3229Use of the SIM of a M-device as secure element
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/349Rechargeable cards
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Definitions

  • the invention refers to a payment device located in the mobile communication device, such as a mobile phone in the form of a pre-paid card.
  • the invention also described the process of electronic money top-up on the payment device located in the mobile communication device, while the security standard, especially the one according to the EMV (Europay MasterCard Visa) rules remains preserved.
  • the topped-up electronic money is used for contactless payment transactions realized over the mobile communication device.
  • the solution ties up to the previous patent filing SK PP00032-2009 from May 3 rd , 2009.
  • Some pre-paid money systems e.g. as the one according to the CN101013489A use the mobile phone for the data flow, requests for payment hand over and for the management of contactless transaction in total.
  • the electronic money itself the data on the amount of electronic cash, is however not stored within the mobile communication device.
  • pre-paid cards into which the electronic money, so basically the data on the current credit amount are inserted using contactless devices.
  • the communication between the top-up terminal and the card is in case of EMV standard realized over encrypted messages, where ARQC (Authorization Request Cryptogram) is generated and then it is waited for the ARPC (Authorization Response Cryptogram) response with a corresponding command, a script. While waiting, the card remains in contact with the terminal. The interruption of the connection between the card and the terminal would cause a creation of a new, different ARQC on the card, by which the termination of a regular top-up of already prepared money would be disabled.
  • ARQC Authorization Request Cryptogram
  • the subject matter of the invention The deficiencies mention are to a large extent eliminated by the cashless payment device with pre-paid credit containing a block for storage of current credit amount according to this invention, the subject matter of which is based on the fact that this block is located on the secure element in the removable memory card.
  • the removable memory card is located in the mobile communication device, where the secure element is interconnected with the microcontroller to run the top-up application.
  • the microcontroller was a part of an independent hardware, to which the pre-paid card was connected in a contact way to realize the electronic money top-up process.
  • This hardware was usually a payment terminal, which had a common payment terminal application for contactless payments with a money top-up subsystem on the card.
  • the microcontroller over which the top-up application was run, was not held by the user.
  • the new configuration solves the limitations of the current state and it considerably increases application possibilities of the removable memory card.
  • the unit for the creation of the request cryptogram preferably in the form of ARQC, is located directly on the removable memory card.
  • the top-up application running on the microcontroller in the memory card can be a part of the payment-terminal application ant in that kind of configuration, it is possible to realize even payment-terminal processes, e.g. of the EMV standard, from the payment device.
  • the architecture and software equipment of the memory card can be set in such a way, that the microcontroller works with a top-up application and the payment from the pre-paid card then operates as in the currently known systems e.g. in paying for transport.
  • the removable memory card will be inserted into the slot for extending accessories used beyond the basic functions of the mobile communication device.
  • the basic function of the mobile communication device is a transfer of voice and data in the mobile operator's network.
  • the important characteristic of the submitted invention is the placement of the pre-paid card, the payment device with the pre-paid credit into the removable memory card, where on the card directly there is the block for storage of the current credit amount data and the unit for the creation of the request cryptogram. So the submitted solution does not use the structure in the mobile communication device only for the management and usage of credit that is located at the payment processor's, but the payment device is adequately implemented into removable memory card, apart from the SIM (subscriber identity module) card.
  • SIM subscriber identity module
  • the removable memory card is a carrier of the pre-paid card, where during the top-up, the powering and the communication flow runs over the memory card's interface. The removal of the memory card does not influence other functions of the mobile communication device.
  • the memory card will be of the SD or miniSD or microSD card or M2 card type. Due to its interface and basic architecture, these types of cards are suitable for the creation of the payment device according to this invention and also widespread in common types of phones.
  • the usage of the removable memory card instead of SIM card used in other, previous solution, also offers the advantage in the form of interface capacity, since in the removable memory card at least a two conductor, preferably a four conductor bus is considered for these purposes.
  • the cashless payment device can be located on an independent domain of the secure element in the smart card chip. On independent parts of the same secure element, which is in the form of a hardware chip, there can be even other payment applications, e.g. blocks with standard payment cards and also blocks with non-financial applications.
  • the memory card is equipped with a contactless communication element, especially of the NFC (Near Field Communication) type.
  • NFC Near Field Communication
  • an antenna to which a contactless communication device is connected, will be located on the removable memory card. Thanks to this configuration of elements, the payment device will be capable of communication with NFC readers in contactless payments, e.g. when paying for a traffic ticket and similar.
  • the subject of this description is also a top-up of electronic money to the above described payment device, where the cryptogram of authorization request, especially in the form of ARQC, is requested and generated.
  • a cryptogram of the authorization response especially in the form of ARPC, is created according to this invention, the subject matter of which is based in the fact, that a message, preferably in the form of SMS, containing information about prepared money for the increase of current credit is sent from the host according the database of assigned payment devices to phone numbers of corresponding mobile communication devices.
  • authorization request cryptogram is generated in the unit for the creation of the request cryptogram on the payment device.
  • This one is in the form of ARQC and the block then switches into the state, in which an equivalent authorization request cryptogram is permanently generated until it receives a corresponding authorization response cryptogram, especially in the form of ARPC.
  • the authorization request cryptogram is created in the block on the payment device and the authorization response cryptogram is created in the host. After the creation of the authorization request cryptogram, the block switches into the described IDLE state, so the authorization process with an equivalent cryptogram can be repeated. This enables to phase the top-up process into independent phases that can be realized over SMS messages.
  • the creation of the new state in the block for the authorization request cryptogram creation is an important characteristic of the solution presented. It enables to phase the top-up process and even an instable, interrupted channel when realizing top-up becomes acceptable.
  • Both cryptograms can be sent in both directions in the form of the SMS (Short Message Service) within the mobile operator's network. This is possible since in case of their undesirable change on the route would be detected when decrypted on the other side of the communication channel or it would cause interruption and termination of the top-up process.
  • the authorization request cryptogram will be sent to the phone number from which the mobile communication device received the information that the money is prepared.
  • the received authorization request cryptogram is evaluated and the authorization response cryptogram is created, which is then sent by the host to the mobile communication device so the command that was added to the authorization response cryptogram in the host would be run.
  • the supplemented command reflects the situation that was found out currently in the host.
  • the command in the script requests an increase of the current credit on the pre-paid card in the mobile communication device and in the same time a record on a realized operation is done in the host.
  • the received authorization response cryptogram is transferred into the payment device on the memory card.
  • the received authorization response cryptogram is stored in the mobile communication device and is prepared for a later transfer into the memory card.
  • the receiver is informed about the need to insert the removable memory card into the corresponding slot on the display of the mobile communication device. This procedure solves the situation which did not have to be treated in case of current contact top-up.
  • the mentioned communication procedure can be realized only with small interventions into common EMV procedures and the required security of operations is maintained.
  • the removable memory card can have two independent access modes.
  • One access mode is designed and set for the common function of the removable memory card which rests in the extension of the memory capacity of the mobile communication device, such as a mobile phone.
  • This access mode prevents access to the unit with the payment card and to the contactless communication element on the removable memory card.
  • this card appears to be a common removable card without the secure element and without the communication element on the removable memory card.
  • the second access mode is designed and set for the payment function of the removable memory card, where the access to the unit with the payment card and also to the contactless communication element on the removable memory card is allowed from the mobile communication device's circuits over an interface.
  • the two modes are alternatively selectable, it is important, that the access mode for the payment function of the removable memory card can be active only after physical press of the hardware payment button. Even a common flash memory can be accessible in the payment function access mode.
  • the removable memory card on which at least one payment card unit is located, appears to be a removable memory card for the extension of the memory capacity of the mobile communication device on the interface and that up until the moment when the purpose payment button is physically pushed. Then the removable memory card is made accessible on the interface as a card with Secure Element.
  • the existence of the purpose hardware payment button enables the change of the removable payment card's character on its interface level to be tied exclusively to the physical press of the payment button.
  • the necessity of physical press of the button excludes the possibility to run the payment application by some undesirable software or script imitating the will of the user.
  • connection between the physical press of the button and run of the corresponding Firmware can be stored in the memory in such a way that it is either never possible to rewrite it, change it or update it or it is not possible to do it without the corresponding password.
  • the unauthorized program then cannot emulate the signal from the physical payment button in such a way so this signal could appear as a real physical press of the button to the other steps of the application's run.
  • FIG 4 there is a schematically displayed diagram showing the successiveness of the payment application's run with the press of the hardware payment button, where it is possible to see the localization of the individual tasks and processes during the launch of the application on the level phone hardware / phone firmware / removable memory card.
  • a mobile communication device 4 in the form of a mobile phone and a removable memory card 1 of the micro SD type is used in this example.
  • a top-up (pre-paid) card On the removable memory card 1 with common standard sizes there is located a top-up (pre-paid) card, so the payment device itself and also the NFC communication element 7.
  • the memory card 1 has a microcontroller 6 in the form of 32-bit microprocessor operating with a multi-task operating system, in this case with Linux.
  • a flash memory, secure element 3_ and SD interface 5 is connected to the microcontroller 6.
  • the microprocessor contains internal EEPROM memory and boot-loader block for the control of unauthorized interventions in the loaded payment-terminal application.
  • the flash memory is divided into protected and unprotected part.
  • the unprotected parte there is an area for freely accessible and freely usable data of the user and also an area for hidden storage of system files, especially the records on the payment transactions running over the payment terminal.
  • the protected part there is a block with operating system, in this case with Linux and above all the payment-terminal application block, where is the payment- terminal application, in this case of the EMV type.
  • the protected part of the memory in this example there is also a download management block that serves for the storage and management of the software update on the memory card L
  • the application's binary data are loaded into the unprotected part of the flash memory, e.g.
  • the download management block is checking periodically whether there is some new file in the system data block that should be loaded into the secure element 3_. If yes, it starts a corresponding installation.
  • the memory card 1 also has its own NFC contactless communication element 7 with the antenna located on, respectively in the memory card's 1 body. By this configuration, it is enabled to create a NFC communication channel between the common phone without NFC chip with a corresponding reader according ISO 14443.
  • the pre-paid card is located on an independent domain of the secure element in the smart card chip 3_.
  • An encryption block is located in a different domain of the secure element in the smart card chip 3_.
  • the host 2 (HOST - Payment processor) there is a database assigning payment devices to the phone numbers of the mobile communication devices 4.
  • the card can be topped-up over SMS from a personal account or even by a money transfer from one mobile phone to another.
  • the card does not have its own realistic account in the bank, however it must have its image (subaccount) in the host 2 (on the HOST).
  • the receiver of electronic money must have and application supporting Push SMS technology for the detection of the incoming SMS messages structure's meaning installed in the mobile communication device 4.
  • the suitable operating systems are e.g. Windows Mobile, Symbian 60, JAVA JSR257.
  • the sender of the electronic money over internet e.g.
  • the sender of the electronic money chooses to use ATM (automated teller machine), he should have his payment card issued by the same or connected issuer, as is the issuer of the pre-paid card. On the ATM, the sender will enter the receiver's phone number and the amount (e.g. 25, - EUR), that he wants to be sent to the pre-paid card.
  • ATM automated teller machine
  • the host 2 will transfer the money from the sender's account to the receiver's subaccount and it will send an SMS for the receiver with the information meaning: "You have 25 EUR prepared” into the receiver's mobile phone.
  • the money is labeled as "Money_for_top-up”.
  • the sender In case of sending the money over the internet banking, the sender will enter money transfer for the benefit of the receiver, who will be identified by a corresponding phone number.
  • the internet banking application must recognize that the account is entered over a phone number (the pre-paid card subaccount or alias a phone number).
  • the host 2 (HOST) transfers money from the sender's account to the receiver's subaccount and sends the receiver an SMS with information meaning: "You have 25 EUR prepared" to the receiver's mobile phone.
  • the receiver After the receiver received SMS message "You have 25 EUR prepared", the receiver starts the top-up application on the mobile phone.
  • the application asks the EMV processor on the microSD memory card 1 to start the transaction of the "Top-up” type.
  • the EMV processor loads the configuration data from its secure domain and asks the pre-paid card to generate the ARQC.
  • the card After generation of ARQC, the card goes into the IDLE mode. In this state, the card cannot do anything else but generate the same ARQC in case of any repeated request for generation.
  • the card gets out of the IDLE state only in case it receives a corresponding ARPC from the host from its Issuer.
  • the EMV processor writes the ARQC into the flash memory, which is in this case on the memory card 1.
  • the ARQC is taken in the form of a file from the flash memory and it is sent as SMS into the host 2 (HOST).
  • the phone number to which the SMS is to be sent is the same as the phone number from which the SMS message "You have 25 EUR prepared" was received. This phone number is stored in the application's memory.
  • the host 2 verify whether the card's ID number (PAN) is consistent with the phone number from which the SMS was receive. If yes, it verifies whether it has the money of the "Money_for_top-up" type for the corresponding pre-paid card and if yes, than it generates the ARPC and the corresponding script with the commands.
  • PAN card's ID number
  • the top-up phase itself increasing the amount of money on the card is realized in such a way that the application in the mobile phone receives SMS and detects the received message over the Push SMS technology as a message with data for top-up.
  • the microSD card is present in the mobile phone's slot, it sends it directly into the microSD card.
  • the microSD card with the pre-paid card is outside the mobile phone's slot, then the message is temporarily remembered and the receiver is notified that he has received money, which could not be inserted into the card and that top-up is awaited.
  • the receiver after the receiver inserts the microSD card, he starts the application once more and the application tries to write the ARPC again.
  • the terminal resends the ARPC into the card, which checks the ARPC and in case of agreement it runs the corresponding command contained in the script. If for any reason, the APRC was lost (deleted), the transaction must be run again.
  • the cryptogram creation block on the card is still in the IDLE mode, it generates the same ARQC as last time.
  • the host 2 HOST
  • HOST host 2
  • the host 2 runs an internal verification process, the purpose of which is to find out, whether the card asks for a new top-up or whether the previous process ended unsuccessfully. If the host 2 received the same ARQC, as the one stored during the last top-up, then it presumes that the card did not get the ARPC and that the top-up process was not ended successfully.
  • the cryptogram creation block on the pre-paid card is blocked and it generates the same ARQC. That being the case, the host sends the ARPC once again with all the data, commands, which should be realized by the pre-paid card.
  • Example 2 In this example according to the figures 4 to 7, there is described a system, in which the removable memory card 1 is in the form of microSD card. There are two Secure Elements 3 . located on it in this example, where one Secure Element 3_ is designed for the payment card unit 9, or respectively for several payment card units 9 from different issuers and the second Secure Element 3_ contains the payment terminal unit Jj).
  • the removable memory card 1 with a common flash memory 1_4 has the interface 5 . of the common microSD standard and is inserted into the mobile communication device's 4 slot. It is a common slot designed for the insertion of the extension memories.
  • the NFC communication element 7 with antenna is j_3 is located on the removable memory card L
  • the mobile communication device 4 has a payment button 8 . located next to the keyboard field.
  • the payment button 8 . is connected with microswitch on the mobile communication device's 4.
  • the specific realization of the microswitch is not important and can be in different forms, e.g. as a membrane switch, capacity switch and similar.
  • the payment button 8 is connected to the Firmware in such a way that the only acceptable order for the change of access mode of the removable memory card 1 can be from the contact of the payment button 8 . at least in case the mobile communication device 4 is equipped with this kind of payment button 8 . . In case, the same removable memory card 1 will be inserted into the slot of the mobile communication device 4 without the purpose hardware payment button 8 . , the change of access mode will be realized over menu on the display 12 of the mobile communication device 4. In the mobile phone, which is equipped with the payment button 8 . , it will not be possible to access Secure Element 3_ on the removable memory card 1 by any other way then over the predefined firmware connected with the payment button 8 . . In this example it will be the LGM (LOGOMOTION) application.
  • the two access modes can have the following characteristics: function access mode access mode extension of the memory for payment function
  • NFC communication NO NO extended access SDIO .
  • YES/ NO YES according to the phone access to the SE from the NO YES application in the phone file cashe memory in flash YES/ NO NO according to the phone permanent powering of the YES/ NO YES card according to the phone
  • the caching of the files on the removable memory card 1 will be switched off, the access to the flash memory 2 and the access into the file system will be supported.
  • the mobile communication device 4 will be capable of supporting higher communication interface, e.g. the SDIO standard (Secure Digital Input Output), McEX, the corresponding interface can be accessible even in the access mode of the payment function.
  • the creation of the request cryptogram is enabled only in the access mode for the payment function of the removable memory card 1 after the hardware payment button 8 . is physically pressed
  • the industrial usability is obvious. According to this invention, it is possible to create and use pre-paid payment devices and it is also possible to top-up these kinds of payment device using messages, especially of the SMS type.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Finance (AREA)
  • Telephone Function (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Cashless payment device with prepaid credit contains a block for storage of data about the of current credit amount and is located on the removable memory card (1), which is located in the mobile communication device (4). In case of contactless top-up of electronic money on the pre-paid card, a message, preferably in the form of SMS, with the information about prepared money for the increase of the current credit is sent from the host (2) to the corresponding mobile communication device (4) according to the database of assigned numbers. The authorization request cryptogram, especially in the form of ARQC, is generated in the block on the payment device and the block is switched into the IDLE mode, in which the same authorization request cryptogram is generated permanently until the corresponding authorization response cryptogram is received, especially in the form of ARPC, which is created in the host (2).

Description

Contactless payment device, method of contactless top-up of electronic money on a payment device
Technology The invention refers to a payment device located in the mobile communication device, such as a mobile phone in the form of a pre-paid card. The invention also described the process of electronic money top-up on the payment device located in the mobile communication device, while the security standard, especially the one according to the EMV (Europay MasterCard Visa) rules remains preserved. The topped-up electronic money is used for contactless payment transactions realized over the mobile communication device. The solution ties up to the previous patent filing SK PP00032-2009 from May 3rd, 2009.
Present technology
There exist several configurations of an electronic wallet with pre-paid credit for the payment of off-line contactless payments. Some pre-paid money systems, e.g. as the one according to the CN101013489A use the mobile phone for the data flow, requests for payment hand over and for the management of contactless transaction in total. The electronic money itself, the data on the amount of electronic cash, is however not stored within the mobile communication device. There are known pre-paid cards, into which the electronic money, so basically the data on the current credit amount are inserted using contactless devices. The communication between the top-up terminal and the card is in case of EMV standard realized over encrypted messages, where ARQC (Authorization Request Cryptogram) is generated and then it is waited for the ARPC (Authorization Response Cryptogram) response with a corresponding command, a script. While waiting, the card remains in contact with the terminal. The interruption of the connection between the card and the terminal would cause a creation of a new, different ARQC on the card, by which the termination of a regular top-up of already prepared money would be disabled.
There is no system known, which would enable secure creation of a payment device with pre-paid electronic money in the mobile phone's structure that would comply with the EMV standard. Also, the system in which this kind of payment device could be topped-up with electronic money, e.g. using messages in the SMS format is not known. It is required for the money top-up process to run even is in time separate phases, since it is not suitable to required for the sender to synchronize with regard the time his steps with the receiver of the money. These two money top-up process's participants can be at a random distance from each other.
The subject matter of the invention The deficiencies mention are to a large extent eliminated by the cashless payment device with pre-paid credit containing a block for storage of current credit amount according to this invention, the subject matter of which is based on the fact that this block is located on the secure element in the removable memory card. The removable memory card is located in the mobile communication device, where the secure element is interconnected with the microcontroller to run the top-up application. Until know, the microcontroller was a part of an independent hardware, to which the pre-paid card was connected in a contact way to realize the electronic money top-up process. This hardware was usually a payment terminal, which had a common payment terminal application for contactless payments with a money top-up subsystem on the card. The microcontroller, over which the top-up application was run, was not held by the user. The new configuration solves the limitations of the current state and it considerably increases application possibilities of the removable memory card. The unit for the creation of the request cryptogram, preferably in the form of ARQC, is located directly on the removable memory card.
The top-up application running on the microcontroller in the memory card can be a part of the payment-terminal application ant in that kind of configuration, it is possible to realize even payment-terminal processes, e.g. of the EMV standard, from the payment device. The architecture and software equipment of the memory card can be set in such a way, that the microcontroller works with a top-up application and the payment from the pre-paid card then operates as in the currently known systems e.g. in paying for transport. The removable memory card will be inserted into the slot for extending accessories used beyond the basic functions of the mobile communication device. The basic function of the mobile communication device is a transfer of voice and data in the mobile operator's network. The important characteristic of the submitted invention is the placement of the pre-paid card, the payment device with the pre-paid credit into the removable memory card, where on the card directly there is the block for storage of the current credit amount data and the unit for the creation of the request cryptogram. So the submitted solution does not use the structure in the mobile communication device only for the management and usage of credit that is located at the payment processor's, but the payment device is adequately implemented into removable memory card, apart from the SIM (subscriber identity module) card. The removable memory card is a carrier of the pre-paid card, where during the top-up, the powering and the communication flow runs over the memory card's interface. The removal of the memory card does not influence other functions of the mobile communication device.
In preferable configuration, the memory card will be of the SD or miniSD or microSD card or M2 card type. Due to its interface and basic architecture, these types of cards are suitable for the creation of the payment device according to this invention and also widespread in common types of phones. The usage of the removable memory card instead of SIM card used in other, previous solution, also offers the advantage in the form of interface capacity, since in the removable memory card at least a two conductor, preferably a four conductor bus is considered for these purposes.
The cashless payment device can be located on an independent domain of the secure element in the smart card chip. On independent parts of the same secure element, which is in the form of a hardware chip, there can be even other payment applications, e.g. blocks with standard payment cards and also blocks with non-financial applications. For the extended possibilities of the contactless payment transaction outside the mobile communication device's operator's network, it will be suitable if the memory card is equipped with a contactless communication element, especially of the NFC (Near Field Communication) type. In suitable configuration even an antenna, to which a contactless communication device is connected, will be located on the removable memory card. Thanks to this configuration of elements, the payment device will be capable of communication with NFC readers in contactless payments, e.g. when paying for a traffic ticket and similar.
The subject of this description is also a top-up of electronic money to the above described payment device, where the cryptogram of authorization request, especially in the form of ARQC, is requested and generated. In the host a cryptogram of the authorization response, especially in the form of ARPC, is created according to this invention, the subject matter of which is based in the fact, that a message, preferably in the form of SMS, containing information about prepared money for the increase of current credit is sent from the host according the database of assigned payment devices to phone numbers of corresponding mobile communication devices. Subsequently, authorization request cryptogram is generated in the unit for the creation of the request cryptogram on the payment device. This one is in the form of ARQC and the block then switches into the state, in which an equivalent authorization request cryptogram is permanently generated until it receives a corresponding authorization response cryptogram, especially in the form of ARPC. The authorization request cryptogram is created in the block on the payment device and the authorization response cryptogram is created in the host. After the creation of the authorization request cryptogram, the block switches into the described IDLE state, so the authorization process with an equivalent cryptogram can be repeated. This enables to phase the top-up process into independent phases that can be realized over SMS messages. The creation of the new state in the block for the authorization request cryptogram creation is an important characteristic of the solution presented. It enables to phase the top-up process and even an instable, interrupted channel when realizing top-up becomes acceptable. It will also be possible for the electronic money to stay prepared in the interposition in the mobile communication device on a removable memory card. Then, in the process diagram there are set commands, which will unblock the IDLE mode into the common authorization request cryptogram generation with the counters incrementation even in case of unsuccessful money top-up. This can be done in such a way, that the authorization request cryptogram is created in different situations, when a suitably set script with commands is added to a correctly created cryptogram.
Both cryptograms can be sent in both directions in the form of the SMS (Short Message Service) within the mobile operator's network. This is possible since in case of their undesirable change on the route would be detected when decrypted on the other side of the communication channel or it would cause interruption and termination of the top-up process. For the simplicity reasons and as an additional security element, the authorization request cryptogram will be sent to the phone number from which the mobile communication device received the information that the money is prepared.
In the host, the received authorization request cryptogram is evaluated and the authorization response cryptogram is created, which is then sent by the host to the mobile communication device so the command that was added to the authorization response cryptogram in the host would be run. The supplemented command reflects the situation that was found out currently in the host. In case there is money prepared in the host, the command in the script requests an increase of the current credit on the pre-paid card in the mobile communication device and in the same time a record on a realized operation is done in the host.
In case the removable memory card is inserted in the mobile communication device's slot when the message with the authorization response cryptogram is received, the received authorization response cryptogram is transferred into the payment device on the memory card. In case the removable memory card is not inserted in the mobile communication device's slot, the received authorization response cryptogram is stored in the mobile communication device and is prepared for a later transfer into the memory card. In the same time the receiver is informed about the need to insert the removable memory card into the corresponding slot on the display of the mobile communication device. This procedure solves the situation which did not have to be treated in case of current contact top-up.
The mentioned communication procedure can be realized only with small interventions into common EMV procedures and the required security of operations is maintained.
In order to increase security, the removable memory card can have two independent access modes. One access mode is designed and set for the common function of the removable memory card which rests in the extension of the memory capacity of the mobile communication device, such as a mobile phone. This access mode prevents access to the unit with the payment card and to the contactless communication element on the removable memory card. Basically in this access mode on the removable memory card's interface this card appears to be a common removable card without the secure element and without the communication element on the removable memory card.
The second access mode is designed and set for the payment function of the removable memory card, where the access to the unit with the payment card and also to the contactless communication element on the removable memory card is allowed from the mobile communication device's circuits over an interface.
The two modes are alternatively selectable, it is important, that the access mode for the payment function of the removable memory card can be active only after physical press of the hardware payment button. Even a common flash memory can be accessible in the payment function access mode.
The removable memory card, on which at least one payment card unit is located, appears to be a removable memory card for the extension of the memory capacity of the mobile communication device on the interface and that up until the moment when the purpose payment button is physically pushed. Then the removable memory card is made accessible on the interface as a card with Secure Element.
The existence of the purpose hardware payment button enables the change of the removable payment card's character on its interface level to be tied exclusively to the physical press of the payment button. The necessity of physical press of the button excludes the possibility to run the payment application by some undesirable software or script imitating the will of the user.
By this configuration we will exclude the risk that the removable memory card's interface will be misused for the trials to overcome the security elements without the user's knowledge. The connection between the physical press of the button and run of the corresponding Firmware can be stored in the memory in such a way that it is either never possible to rewrite it, change it or update it or it is not possible to do it without the corresponding password. The unauthorized program then cannot emulate the signal from the physical payment button in such a way so this signal could appear as a real physical press of the button to the other steps of the application's run. Since the intruder will not have the possibility to physically press the button described on the remote mobile communication device, it is excluded that he could gain uncontrollable access to the payment card's unit or to the unit of the payment terminal on the removable memory card. The removable memory card will behave as a standard memory card and only after physical press of the payment button will switch into the payment card mode. The end of payment application will automatically switch the card's mode into the common card extending the memory capacity mode.
Pictures overview
The invention is described in more detail on the figures 1 and 7. On the figure 1 there is a basic scheme of the memory card with the payment device and the pre-paid credit.
On the figure 2 there is the procedure of sending electronic money from the internet application into the pre-paid card in the mobile phone, where the course of tasks is mentioned from above down. The flow of files between the removable memory card and a mobile phone is similar as a flow of files between the mobile phone and the host. On the figure 3 there is a situation, when the removable memory card and by that even the pre-paid payment card itself, is not inserted in the mobile phone when the ARPC cryptogram is received by the mobile phone.
On the figure 4 there is a schematically displayed diagram showing the successiveness of the payment application's run with the press of the hardware payment button, where it is possible to see the localization of the individual tasks and processes during the launch of the application on the level phone hardware / phone firmware / removable memory card.
On the figure 5 we can see the structure, with which the removable memory card is presented on the outside in case of common extension of the mobile phone's memory access mode. On the figure 6 there is the structure, with which the removable memory card is presented on the outside in case of payment card access mode. In this configuration there is even the unit with the payment terminal located on the removable memory card.
On the figure 7 there is an example of mobile phone with the payment button. Realization examples
Example 1
A mobile communication device 4 in the form of a mobile phone and a removable memory card 1 of the micro SD type is used in this example. On the removable memory card 1 with common standard sizes there is located a top-up (pre-paid) card, so the payment device itself and also the NFC communication element 7.
The memory card 1 has a microcontroller 6 in the form of 32-bit microprocessor operating with a multi-task operating system, in this case with Linux. A flash memory, secure element 3_ and SD interface 5. is connected to the microcontroller 6. The microprocessor contains internal EEPROM memory and boot-loader block for the control of unauthorized interventions in the loaded payment-terminal application.
The flash memory is divided into protected and unprotected part. In the unprotected parte, there is an area for freely accessible and freely usable data of the user and also an area for hidden storage of system files, especially the records on the payment transactions running over the payment terminal. In the protected part there is a block with operating system, in this case with Linux and above all the payment-terminal application block, where is the payment- terminal application, in this case of the EMV type. In the protected part of the memory in this example, there is also a download management block that serves for the storage and management of the software update on the memory card L In case it is necessary to load/upgrade applications in the secure element 3_, then the application's binary data are loaded into the unprotected part of the flash memory, e.g. into the system data block in the area for data hidden to the user. The download management block is checking periodically whether there is some new file in the system data block that should be loaded into the secure element 3_. If yes, it starts a corresponding installation. The memory card 1 also has its own NFC contactless communication element 7 with the antenna located on, respectively in the memory card's 1 body. By this configuration, it is enabled to create a NFC communication channel between the common phone without NFC chip with a corresponding reader according ISO 14443. The pre-paid card is located on an independent domain of the secure element in the smart card chip 3_. An encryption block is located in a different domain of the secure element in the smart card chip 3_.
In the host 2 (HOST - Payment processor) there is a database assigning payment devices to the phone numbers of the mobile communication devices 4. The card can be topped-up over SMS from a personal account or even by a money transfer from one mobile phone to another. The card does not have its own realistic account in the bank, however it must have its image (subaccount) in the host 2 (on the HOST). The receiver of electronic money must have and application supporting Push SMS technology for the detection of the incoming SMS messages structure's meaning installed in the mobile communication device 4. The suitable operating systems are e.g. Windows Mobile, Symbian 60, JAVA JSR257. For the fastness purposes, the sender of the electronic money over internet (e.g. parent that wants to sent money to his child's card in the mobile phone) should have a valid account in the bank, that issued the prepaid card in question, otherwise the transfer of money from one bank to another (the pre-paid card's issuer) would take longer, a situation that would lower the operability of the top-up. In case the sender of the electronic money chooses to use ATM (automated teller machine), he should have his payment card issued by the same or connected issuer, as is the issuer of the pre-paid card. On the ATM, the sender will enter the receiver's phone number and the amount (e.g. 25, - EUR), that he wants to be sent to the pre-paid card. The host 2 (HOST) will transfer the money from the sender's account to the receiver's subaccount and it will send an SMS for the receiver with the information meaning: "You have 25 EUR prepared" into the receiver's mobile phone. The money is labeled as "Money_for_top-up".
In case of sending the money over the internet banking, the sender will enter money transfer for the benefit of the receiver, who will be identified by a corresponding phone number. The internet banking application must recognize that the account is entered over a phone number (the pre-paid card subaccount or alias a phone number). The host 2 (HOST) transfers money from the sender's account to the receiver's subaccount and sends the receiver an SMS with information meaning: "You have 25 EUR prepared" to the receiver's mobile phone.
After the receiver received SMS message "You have 25 EUR prepared", the receiver starts the top-up application on the mobile phone. The application asks the EMV processor on the microSD memory card 1 to start the transaction of the "Top-up" type. The EMV processor loads the configuration data from its secure domain and asks the pre-paid card to generate the ARQC. After generation of ARQC, the card goes into the IDLE mode. In this state, the card cannot do anything else but generate the same ARQC in case of any repeated request for generation. The card gets out of the IDLE state only in case it receives a corresponding ARPC from the host from its Issuer. The EMV processor writes the ARQC into the flash memory, which is in this case on the memory card 1. The ARQC is taken in the form of a file from the flash memory and it is sent as SMS into the host 2 (HOST). The phone number to which the SMS is to be sent is the same as the phone number from which the SMS message "You have 25 EUR prepared" was received. This phone number is stored in the application's memory. After the SMS message is received by the electronic money receiver, the host 2 verify whether the card's ID number (PAN) is consistent with the phone number from which the SMS was receive. If yes, it verifies whether it has the money of the "Money_for_top-up" type for the corresponding pre-paid card and if yes, than it generates the ARPC and the corresponding script with the commands. The entire cryptogram is sent back to the receiver and marks the money as "Money is in the wallet" in its database. It makes a record, it stores the received ARPC into the memory. In case that some inconsistency between the card's number and the corresponding phone number is found in the host 2 with the corresponding phone number, the host creates the ARPC file despite this inconsistency, so the ARQC creation block on the pre-paid card could be switch from the IDLE state. In this case, the command of the Response_code=do_nothing type is added to the cryptogram and the entire cryptogram is sent to the receiver.
The top-up phase itself, increasing the amount of money on the card is realized in such a way that the application in the mobile phone receives SMS and detects the received message over the Push SMS technology as a message with data for top-up. In case the microSD card is present in the mobile phone's slot, it sends it directly into the microSD card. In case the microSD card with the pre-paid card, is outside the mobile phone's slot, then the message is temporarily remembered and the receiver is notified that he has received money, which could not be inserted into the card and that top-up is awaited. In that kind of case, after the receiver inserts the microSD card, he starts the application once more and the application tries to write the ARPC again. The terminal resends the ARPC into the card, which checks the ARPC and in case of agreement it runs the corresponding command contained in the script. If for any reason, the APRC was lost (deleted), the transaction must be run again.
In case of repeated authorization, the cryptogram creation block on the card is still in the IDLE mode, it generates the same ARQC as last time. When the host 2 (HOST) receives the ARQC, it runs an internal verification process, the purpose of which is to find out, whether the card asks for a new top-up or whether the previous process ended unsuccessfully. If the host 2 received the same ARQC, as the one stored during the last top-up, then it presumes that the card did not get the ARPC and that the top-up process was not ended successfully. Then the cryptogram creation block on the pre-paid card is blocked and it generates the same ARQC. That being the case, the host sends the ARPC once again with all the data, commands, which should be realized by the pre-paid card. In case the host receives a different ARQC, then the host 2 reaches the conclusion that the pre-paid card wants to be topped-up in a new process. In case the host does not have any money prepared for it, it sends the Response_code=do nothing command back to the mobile phone.
Example 2 In this example according to the figures 4 to 7, there is described a system, in which the removable memory card 1 is in the form of microSD card. There are two Secure Elements 3. located on it in this example, where one Secure Element 3_ is designed for the payment card unit 9, or respectively for several payment card units 9 from different issuers and the second Secure Element 3_ contains the payment terminal unit Jj). The removable memory card 1 with a common flash memory 1_4 has the interface 5. of the common microSD standard and is inserted into the mobile communication device's 4 slot. It is a common slot designed for the insertion of the extension memories.
In this example the NFC communication element 7 with antenna is j_3 is located on the removable memory card L The mobile communication device 4 has a payment button 8. located next to the keyboard field. The payment button 8. is connected with microswitch on the mobile communication device's 4. The specific realization of the microswitch is not important and can be in different forms, e.g. as a membrane switch, capacity switch and similar.
The payment button 8. is connected to the Firmware in such a way that the only acceptable order for the change of access mode of the removable memory card 1 can be from the contact of the payment button 8. at least in case the mobile communication device 4 is equipped with this kind of payment button 8.. In case, the same removable memory card 1 will be inserted into the slot of the mobile communication device 4 without the purpose hardware payment button 8., the change of access mode will be realized over menu on the display 12 of the mobile communication device 4. In the mobile phone, which is equipped with the payment button 8., it will not be possible to access Secure Element 3_ on the removable memory card 1 by any other way then over the predefined firmware connected with the payment button 8.. In this example it will be the LGM (LOGOMOTION) application.
The two access modes can have the following characteristics: function access mode access mode extension of the memory for payment function
read/write files YES YES
NFC communication NO NO extended access (SDIO ...) YES/ NO YES according to the phone access to the SE from the NO YES application in the phone file cashe memory in flash YES/ NO NO according to the phone permanent powering of the YES/ NO YES card according to the phone
In the access mode of the payment function, the caching of the files on the removable memory card 1 will be switched off, the access to the flash memory 2 and the access into the file system will be supported. In case the mobile communication device 4 will be capable of supporting higher communication interface, e.g. the SDIO standard (Secure Digital Input Output), McEX, the corresponding interface can be accessible even in the access mode of the payment function.
The creation of the request cryptogram is enabled only in the access mode for the payment function of the removable memory card 1 after the hardware payment button 8. is physically pressed
Industrial usability
The industrial usability is obvious. According to this invention, it is possible to create and use pre-paid payment devices and it is also possible to top-up these kinds of payment device using messages, especially of the SMS type.
LIST OF RELATED SYMBOLS:
1. a memory card
2. the host
3. a secure element
4. a mobile communication device
5. an interface
6. a microcontroller
7. a contactless communication unit
8. a payment button
9. a payment card unit
10. a payment terminal unit
11. keyboard
12. display
13. antenna
14. a memory
EMV - Europay MasterCard Visa ARQC - Authorization Request Cryptogram ARPC - Authorization Response Cryptogram SIM - subscriber identity module
NFC - Near Field Communication SMS - Short Message Service ATM - automated teller machine

Claims

PATENT CLAIMS
1. A cashless payment device with a pre-paid credit containing block for the storage of the current credit amount i s ch ar ac t e ri s e d by th e fa c t that it is located in the secure element (3) in the removable memory card (1) located in the mobile communication device (4), where the secure element (3) is connected to the microcontroller (6) for the realization of the top-up application and the microcontroller (6) with the unit for the creation of the request cryptogram, preferably in the form of ARQC, is located in the removable memory card (1).
2. Cashless payment device as in the claim l i s ch ar ac te ri s e d by the fac t that the top-up application, preferably of the EMV standard, is a part of the payment-terminal application.
3. Cashless payment device as in the claims I or2i s c hara c t e r i s e d by th e fa c t that the removable memory card (1) is inserted into the slot for extending accessories used beyond the range of the mobile communication device's (4) basic function and it is connected to the mobile communication device (4) over the interface (5).
4. Cashless payment device as in any of the claims 1 to 3 i s ch ara c t e ri s e d b y the fa c t that the memory card (1) is of the
SD type or miniSD or microSD card or M2 card.
5. Cashless payment device as in any of the claims 1 to 4 i s ch ara c te ri s e d by the fa c t that it is located on an independent domain of the secure element (3) having several domains.
6. Cashless payment device as in any of the claims 1 to 5 i s ch ara c t e ri s e d by the fa c t that the memory card (1) is equipped by a contactless communication element (7), preferably even an antenna connected with the contactless communication element (7).
7. Cashless payment device as in any of the claims 1 to 6 i s ch ar ac te ri s e d b y th e fac t that the removable memory card (1) has to access modes - - access mode for the function of the extension of the mobile communication's devices (4) memory capacity, which blocks the access to Secure Element (3)
- access mode for the payment function of the removable memory card (1) with allowed access to the Secure Element (3) with the payment card unit (9), where the access mode for the payment function of the removable memory card (1) is active only after physical press of the hardware payment button (8).
8. Cashless payment device as in any of the claims 1 to 7 i s ch ara c t e ri s e d by the fa c t that the software in the mobile communication device (4) blocks the possibility to emulate the signal form the payment button (8) initiated by another output.
9. The method of contactless top-up of electronic money on the payment device with request and generation of authorization request cryptogram, especially in the form of ARQC, where the authorization request cryptogram is created in the block on the payment device, and with the creation of authorization response cryptogram, especially in the form of ARPC, where the authorization response cryptogram is created in the host, in which there is a of assigned payment devices to phone numbers of mobile communication devices i s ch ara c t e ri s e d by th e fa c t tha t the message, preferably in the SMS form, with information about prepared money for the increase of the current credit is sent from the host (2) to the corresponding mobile communication device (4) according to the database of assigned payment devices to phone numbers; subsequently, a authorization request cryptogram, especially in the ARQC form is generated in the block on the payment device within the removable memory card (1); and the block is switched into the state, in which it generates the same authorization request cryptogram and does that permanently until a corresponding authorization cryptogram, especially in the ARPC form.
10. Method of contactless top-up of electronic money on the payment device as in the claim 9 i s ch ar ac te r i s e d by the fa c t that the authorization request cryptogram is sent to the host (2) in the form of SMS.
11. Method of contactless top-up of electronic money on the payment device as in the claim 9 or 10 i s ch ara c t e ri s e d by the fa c t that the authorization request cryptogram is sent to the phone number from which the mobile communication device (4) received information on the money prepared.
12. The method of contactless top-up of electronic money on the payment device as in any of the claims 9 to 11 i s ch ar ac te r i s e d b y th e fa c t that the received authorization request cryptogram is evaluated at the host (2) and the authorization response cryptogram is created, which the host (2) sends to the mobile communication device (4), where the command added to the authorization response cryptogram is realized.
13. The method of contactless top-up of electronic money on the payment device as in the claim 12 i s ch ara c t e ri s e d by the fa c t that the authorization response cryptogram received into the mobile communication device (4) is transferred into payment device in the memory card (1), if the memory card (1) is inserted into the corresponding slot of the mobile communication device (4) and in case the memory card (1) is not inserted in the corresponding slot of the mobile communication device (4), the received authorization response cryptogram is stored in the mobile communication device (4) until it is transferred into the memory card (1).
14. The method of contactless top-up of electronic money on the payment device as in any of the claims 9 to 13 i s ch ar ac te r i s e d b y th e fa c t that the command added to the authorization response cryptogram contains data on the change of current credit.
15. The method of contactless top-up of electronic money on the payment device as in any of the claims 9 to 14 i s ch ar ac te r i s e d b y th e fa c t that the creation of the request cryptogram is enabled only in the access mode for the payment function of the removable memory card (1) after the hardware payment button (8) is physically pressed.
EP10730522A 2009-05-14 2010-05-14 Contactless payment device, method of contactless top-up of electronic money on a payment device Withdrawn EP2430620A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
SK500272009A SK288717B6 (en) 2009-05-14 2009-05-14 Non-cash means of payment, contactless method of updating the electronic money payment means
SK50016-2010A SK500162010A3 (en) 2010-04-19 2010-04-19 Involvement of key for payment in a mobile communication device, the method of starting the payment process
PCT/IB2010/052149 WO2010131226A1 (en) 2009-05-14 2010-05-14 Contactless payment device, method of contactless top-up of electronic money on a payment device

Publications (1)

Publication Number Publication Date
EP2430620A1 true EP2430620A1 (en) 2012-03-21

Family

ID=42727435

Family Applications (1)

Application Number Title Priority Date Filing Date
EP10730522A Withdrawn EP2430620A1 (en) 2009-05-14 2010-05-14 Contactless payment device, method of contactless top-up of electronic money on a payment device

Country Status (2)

Country Link
EP (1) EP2430620A1 (en)
WO (1) WO2010131226A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102132457B (en) 2008-08-29 2016-01-20 Smk公司 Removable card for contactless communication, its use and manufacturing method
US9098845B2 (en) 2008-09-19 2015-08-04 Logomotion, S.R.O. Process of selling in electronic shop accessible from the mobile communication device
SK288641B6 (en) 2008-10-15 2019-02-04 Smk Corporation Communication method with POS terminal and frequency convertor for POS terminal
KR101789113B1 (en) 2009-05-03 2017-10-23 에스에무케이 가부시키가이샤 A payment terminal using a mobile communication device, such as a mobile phone;a method of direct debit payment transaction
EP4120169A1 (en) 2012-02-29 2023-01-18 Apple Inc. Method, device and secure element for conducting a secured financial transaction on a device
TWI546748B (en) * 2013-01-15 2016-08-21 hong-jian Zhou Portable electronic trading device
WO2015021336A1 (en) 2013-08-07 2015-02-12 Lu Dat The Methods and systems for top-up
US9894216B2 (en) 2013-08-07 2018-02-13 Miltech Platform, Inc. Methods and systems for telecommunication messaging and real-time replenishment systems
CN104933565B (en) * 2015-06-05 2019-04-05 中国银行股份有限公司 A kind of IC card transaction method and system
CN105848117B (en) * 2015-07-31 2019-05-17 维沃移动通信有限公司 Recharge method and recharging device
CN109447627B (en) * 2018-12-19 2024-02-06 浩勉(深圳)新能源有限公司 Remote recharging device based on Lora wireless communication

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060224470A1 (en) * 2003-07-02 2006-10-05 Lucia Garcia Ruano Digital mobile telephone transaction and payment system
US20090063312A1 (en) * 2007-08-28 2009-03-05 Hurst Douglas J Method and System for Processing Secure Wireless Payment Transactions and for Providing a Virtual Terminal for Merchant Processing of Such Transactions

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101013489A (en) 2006-07-24 2007-08-08 李佳佳 Technical method of forward purchasing ticket by mobile phone, reserving hotel and shopping paying

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060224470A1 (en) * 2003-07-02 2006-10-05 Lucia Garcia Ruano Digital mobile telephone transaction and payment system
US20090063312A1 (en) * 2007-08-28 2009-03-05 Hurst Douglas J Method and System for Processing Secure Wireless Payment Transactions and for Providing a Virtual Terminal for Merchant Processing of Such Transactions

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2010131226A1 *

Also Published As

Publication number Publication date
WO2010131226A1 (en) 2010-11-18
WO2010131226A4 (en) 2011-01-20

Similar Documents

Publication Publication Date Title
WO2010131226A1 (en) Contactless payment device, method of contactless top-up of electronic money on a payment device
US8583493B2 (en) Payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction
US8811971B2 (en) Mobile communication device and method for disabling applications
CA2651821C (en) System and method for activating telephone-based payment instrument
US8799084B2 (en) Electronic payment application system and payment authorization method
EP2048590B1 (en) Method for communication, communication device and secure processor
EP3528221A1 (en) Ic card-based transaction processing and credit payment authorization method, device and system
US12488331B2 (en) Type 4 NFC tags as protocol interface
WO2014062623A1 (en) System and method for secure remote access and remote payment using a mobile device and a powered display card
US20080235132A1 (en) Transactional Device With Anticipated Pretreatment
EP2112634A1 (en) Method for transferring provisioning information to a mobile unit
US20240161088A1 (en) Method for managing a transaction with a smart card
EP4120165A1 (en) Method for managing a smart card
WO2009017292A1 (en) Mobile status detection contactless module
WO2008154872A1 (en) A mobile terminal, a method and a system for downloading bank card information or payment application information
EP4571620A1 (en) Method for managing a payment transaction
EP2881908A1 (en) NFC top-up
TWI521450B (en) A payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction
SK500272009A3 (en) Non-cash means of payment, method of contactless replenishment of electronic money for payment of funds
Nieto HCE-oriented payments vs. SE-oriented payments. Security Issues
McBride et al. Security and Privacy in Mobile Payment Systems
JP2008217836A (en) Value information management system
KR20080074072A (en) How to use card terminal

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20111214

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

RAX Requested extension states of the european patent have changed

Extension state: BA

Payment date: 20111214

Extension state: ME

Payment date: 20111214

17Q First examination report despatched

Effective date: 20130723

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: SMK-LOGOMOTION CORPORATION

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: SMK CORPORATION

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20191203