[go: up one dir, main page]

GB2372361A - Credential authorisation verification using a mobile communiation device - Google Patents

Credential authorisation verification using a mobile communiation device Download PDF

Info

Publication number
GB2372361A
GB2372361A GB0104138A GB0104138A GB2372361A GB 2372361 A GB2372361 A GB 2372361A GB 0104138 A GB0104138 A GB 0104138A GB 0104138 A GB0104138 A GB 0104138A GB 2372361 A GB2372361 A GB 2372361A
Authority
GB
United Kingdom
Prior art keywords
authorisation
server
details
requests
credential
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0104138A
Other versions
GB0104138D0 (en
Inventor
Keith Alexander Harrison
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HP Inc
Original Assignee
Hewlett Packard Co
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett Packard Co filed Critical Hewlett Packard Co
Priority to GB0104138A priority Critical patent/GB2372361A/en
Publication of GB0104138D0 publication Critical patent/GB0104138D0/en
Publication of GB2372361A publication Critical patent/GB2372361A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/24Credit schemes, i.e. "pay after"
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/28Pre-payment schemes, e.g. "pay before"
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/403Solvency checks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • G07F7/122Online card verification

Landscapes

  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Telephone Function (AREA)

Abstract

A system 1 comprising a mobile communication device 5 such as a mobile phone and an authorisation server 3, the server and the phone being capable of exchanging information. When use of a credential, such as a credit or debit card, occurs, a request for authorisation of that use is transmitted to the server 3. Depending on the nature of the transaction the server is configured to either automatically provide authorisation or send details of the pending transaction to the mobile phone 5 of the controller (i.e. he who provides authorisation) for a decision on whether the authorisation should be granted. In either case details of the requests for authorisation and the outcome of such requests are stored by the server 3 and accessible by the phone so that conveniently those details may be viewed on the screen of the phone. Thus advantageously the controller can determine if any requests for authorisation were wrongly or fraudulently granted.

Description

SYSTEM FOR CREDENTIAL AUTHORISATION VERIFICATION The present invention relates to a system for credential authorisation verification and in particular to a system comprising a mobile communication device and an authorisation server.
BACKGROUND TO THE INVENTION It has been realised that it would be beneficial to allow the user of a particular credential, such as a credit card, to obtain and study details of requests for authorisation of use of the credential and of the outcome of such requests on a mobile communication device, such as a mobile phone.
The term credential is used herein to denote any means which provides prima facie authority to do something, for example a credit or debit card to pay for goods or a password for obtaining access to a database.
SUMMARY OF THE INVENTION According to a first aspect of the invention there is provided a system comprising a mobile communication device and a server, the system being configured such that in use the server is operative to transmit details of requests for authorisation of use of a credential and of the outcome of such requests to the mobile communication device.
The server is preferably operative to store details of both requests and of the outcomes of such requests.
The mobile communication device may be operative to store details of both the requests and of the outcomes of such requests.
Preferably the mobile communication device is a mobile phone. According to a second aspect of the invention there is provided a method of operating a system, the system comprising a mobile communication device and a server, the method comprising transmitting details of a request for authorisation of use of a credential and details of the outcome of the request to the server and transmitting the details to the mobile communications device.
BRIEF DESCRIPTION OF THE DRAWING The invention will now be described, by way of example only, with reference to the accompanying drawing in which : Figure 1 is a schematic representation of a system in accordance with the invention.
DESCRIPTION OF THE PREFERRED EMBODIMENTS With reference to Figure 1 there is shown a system 1 comprising a mobile phone 5, an authorisation server 3, the mobile phone 5 and authorisation server 3 may communicate with each other via an appropriate communications network (not illustrated).
In use the system operates as follows. A credit or debit card is interfaced with an Electronic Funds Transfer at Point of Sale (EFTPOS) unit (not shown) which is located at a trader to purchase goods, for example.
A request for authorisation of the use of the card comprising information relating to the pending transaction (for example the monetary value of the
transaction) is then sent to the authorisation server 3 via a communications network. On receipt of the information the server 3 will then decide whether authorisation for the request can automatically be sent to the EFTPOS unit so that the transaction can proceed or whether (perhaps in the situation that the monetary value of the transaction is large) the information needs to be sent to the mobile phone 5, which is in the possession of the person controlling provision of authorisation (the 'owner'of the card), so that that person can decide if the transaction should be authorised. In the latter situation the authorisation server 3 comprises a database 9 which maps the identity of the credential e. g. the number of the card, to the number of the mobile phone 5.
Details of all requests for authorisation of transactions conducted with the card are stored by the server 3. Such details could include the monetary value of the transaction, where and when the transaction was conducted and details of any passwords or PIN numbers that were used at the location of the use of the card. The server would also store details of the outcome of requests for authorisation of use of the card i. e. if a particular request was granted or denied. In other words the server stores details of the history of the use of the card. These historical details are accessible by use of the mobile phone 5 so that such information may be viewed.
The mobile phone 5 is most preferably a Wireless Application Protocol (WAP) phone. The phone is able to store details of a predetermined number of the most recent transactions, such information being automatically downloaded from the server 3 from time to time.
Advantageously the controller of the credential is able to retrieve the details of use of a credential (of which he may have a plurality) to verify that no fraudulent uses of the credential have taken place. For example, the controller would review details of the last six transactions for his credit card. The displayed information would show if any request for authorisation which he denied was ultimately, but wrongly, granted, and take the appropriate action.
In a further preferred embodiment of the invention the server 3 does not store details of requests for authorisation of a credential but merely forwards those details to the mobile phone of the controller of the credential for storage thereby.

Claims (5)

1. A system (1) comprising a mobile communication device (5) and a server (3), the system being configured such that in use the server is operative to transmit details of requests (7) for authorisation of use of a credential and of the outcome of such requests to the mobile communication device.
2. A system (1) as claimed in claim 1 in which the server (3) is operative to store details of both requests (7) and of the outcomes of such requests.
3. A system (1) as claimed in claim 1 or claim 2 in which the mobile communication device (5) is operative to store details of both the requests (7) and of the outcomes of such requests.
4. A system (1) as claimed in any preceding claim in which the mobile communication device (5) is a mobile phone.
5. A method of operating a system (1), the system comprising a mobile communication device (5) and a server (3), the method comprising transmitting details of a request (7) for authorisation of use of a credential and details of the outcome of the request to the server and transmitting the details to the mobile communications device.
GB0104138A 2001-02-20 2001-02-20 Credential authorisation verification using a mobile communiation device Withdrawn GB2372361A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0104138A GB2372361A (en) 2001-02-20 2001-02-20 Credential authorisation verification using a mobile communiation device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0104138A GB2372361A (en) 2001-02-20 2001-02-20 Credential authorisation verification using a mobile communiation device

Publications (2)

Publication Number Publication Date
GB0104138D0 GB0104138D0 (en) 2001-04-11
GB2372361A true GB2372361A (en) 2002-08-21

Family

ID=9909110

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0104138A Withdrawn GB2372361A (en) 2001-02-20 2001-02-20 Credential authorisation verification using a mobile communiation device

Country Status (1)

Country Link
GB (1) GB2372361A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2384350A (en) * 2001-02-20 2003-07-23 Hewlett Packard Co Credential authorisation using e.g. a mobile phone
US7610040B2 (en) * 2003-02-21 2009-10-27 Swisscom Mobile Ag Method and system for detecting possible frauds in payment transactions
US20120271768A1 (en) * 2008-11-14 2012-10-25 Denis Kang Payment transaction processing using out of band authentication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2289783A (en) * 1994-05-19 1995-11-29 Wong Kam Fu A Security System
US5878337A (en) * 1996-08-08 1999-03-02 Joao; Raymond Anthony Transaction security apparatus and method
US6064990A (en) * 1998-03-31 2000-05-16 International Business Machines Corporation System for electronic notification of account activity

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2289783A (en) * 1994-05-19 1995-11-29 Wong Kam Fu A Security System
US5878337A (en) * 1996-08-08 1999-03-02 Joao; Raymond Anthony Transaction security apparatus and method
US6064990A (en) * 1998-03-31 2000-05-16 International Business Machines Corporation System for electronic notification of account activity

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2384350A (en) * 2001-02-20 2003-07-23 Hewlett Packard Co Credential authorisation using e.g. a mobile phone
GB2384350B (en) * 2001-02-20 2005-06-29 Hewlett Packard Co Apparatus for credential authorisation
US7610040B2 (en) * 2003-02-21 2009-10-27 Swisscom Mobile Ag Method and system for detecting possible frauds in payment transactions
US20120271768A1 (en) * 2008-11-14 2012-10-25 Denis Kang Payment transaction processing using out of band authentication
US8898762B2 (en) * 2008-11-14 2014-11-25 Visa International Service Association Payment transaction processing using out of band authentication

Also Published As

Publication number Publication date
GB0104138D0 (en) 2001-04-11

Similar Documents

Publication Publication Date Title
US9858574B2 (en) Verification methods for fraud prevention in money transfer receive transactions
EP2212842B1 (en) System and method for secure management of transactions
EP1708473B1 (en) A-computer accounting system with a lock using in a bank and the corresponding method used for secure payment by phone
US7523067B1 (en) Electronic settlement system, settlement apparatus, and terminal
US20040111369A1 (en) Method to associate the geographic location of a participant with the content of a communications session
US7549574B2 (en) Emergency services notification from an ATM systems and methods
US20100138345A1 (en) Financial transaction system having location based fraud protection
MXPA04009725A (en) System and method for secure credit and debit card transactions.
AU2800400A (en) Method for carrying out cash-free payments and system for carrying out said method
JPH04267495A (en) Transaction confirming system
US20160162893A1 (en) Open, on-device cardholder verification method for mobile devices
GB2461975A (en) A method of and apparatus for operating machines using a personal interface
WO2003025868A1 (en) A method and system for reducing the risk of credit card fraud
GB2372361A (en) Credential authorisation verification using a mobile communiation device
AU2004312730B2 (en) Transaction processing system and method
WO2023129071A1 (en) A system for preventing fraud by authentication
MXPA06006883A (en) Method for user registration with a proxy for further work with one of the server units.
KR101547730B1 (en) Apparatus and method for managing financial account having two or more secret numbers in an account
KR20100006911A (en) Loan service system and method using credit card inquiry apparatus thereof
JP3454785B2 (en) Card payment merchant terminal, card payment service system, and card validity display method in card payment
KR100662278B1 (en) Electronic payment system and method
GB2372368A (en) System for credential authorisation
KR20040084380A (en) System and method for financial transaction using the mobile device
KR20020061740A (en) System for selling of Lottery by Internet
WO2001035352A1 (en) Switchable payment system

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)