[go: up one dir, main page]

WO2013001133A1 - Bank-card fraud detection and prevention for bank automats - Google Patents

Bank-card fraud detection and prevention for bank automats Download PDF

Info

Publication number
WO2013001133A1
WO2013001133A1 PCT/FI2011/000034 FI2011000034W WO2013001133A1 WO 2013001133 A1 WO2013001133 A1 WO 2013001133A1 FI 2011000034 W FI2011000034 W FI 2011000034W WO 2013001133 A1 WO2013001133 A1 WO 2013001133A1
Authority
WO
WIPO (PCT)
Prior art keywords
bank
card
automat
information
rfid
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/FI2011/000034
Other languages
French (fr)
Inventor
Kaveh Mirfakhraei
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to PCT/FI2011/000034 priority Critical patent/WO2013001133A1/en
Publication of WO2013001133A1 publication Critical patent/WO2013001133A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/201Accessories of ATMs
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/205Housing aspects of ATMs
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/211Software architecture within ATMs or in relation to the ATM network

Definitions

  • Terminal means a bank automat or an ATM terminal which is used when a person using a bank-card or credit card to get cash money or pay in a shop.
  • Customer here in after is the person who is rightfully using his bank-card or credit card. At the moment there is very less to be done to prevent a bank card fraud when a bank card is stolen with the correct password.
  • the cases where the bank-card and the correct password has somehow been stolen and then used to take money from the bank automats have recently increased.
  • This invention relates to using a relatively known technology and a new process for verification of the true identity of the person using the bank card while using a terminal so that using the stolen bank card will not be possible even with a having a correct password, but only it will be possible for the true owner of the bank card.
  • An object of the present invention is to provide a method and an apparatus for implementing the method so as to alleviate the above problems.
  • the invention aims at providing a technique which enables owners of bank cards safely use their bank cards. In case a bank card is stolen with the password, the stolen bank card could not be used with the bank automats which are equipped with this fraud prevention technique.
  • the object of the invention is achieved by methods, equipment and software and hardware products which are characterized by what is stated in the independent claims.
  • a method for identification of the owner of the bank card using a bank automat is provided.
  • the method comprises:
  • Bank automat can then communicate with the bank server to transfer the RFID Tag information as well as the bank card information and password to the server;
  • Bank server then authenticates the bank card and matches it with the true owner of the RFID Tag and then sends positive identification to the bank automat;
  • Bank automat will then proceed to execute the commands as given by the owner of the bank card;
  • An element of the inventive idea is combining the RFID technology with the current methods used for authentication of the true owner identity.
  • the correct owner of the bank card is the person who has the bank card, the password and the correct RFID tag all three at the same time when using the bank card in a bank automat or other terminal.
  • FIG 1 shows different types of RFID Tags which the users of bank cards can carry with themselves while using the bank card.
  • FIG. 1 shows the process of which the invention can be used
  • FIG. 1 shows the process in which the invention can be used.
  • the two major portions of the inventive concept are the integration of RFID Readers and their middleware in the bank automat and use of RFID Tags in parallel with the bank card and password for authentication of the user's rights.
  • Radio frequency identification (RFID) tags are used as a second means for identification method.
  • a typical RFID tag includes an antenna and a silicon chip containing modulation circuits, control logic and non-volatile memory.
  • the silicon chip derives electrical power from radio signals received by the antenna or from a battery, and is able to exchange data with a RFID tag reader, by demodulating and modulating radio signals.
  • the device coupled to the RFID tag can read and write from and to the memory of the RFID tag using radio signal transmission.
  • An RFID-based solution comprises a Tag reader software integrated in the bank automat when activated, emits a short-range radio signal that powers up the tag, enabling the data on the tag to be read.
  • Each tag contains a specific serial number identifies the owner of the bank card. The service can be initiated simply by the owner of the bank card having the tag in his pocket and standing in front of the bank automat within a reasonable distance of about 1 meter.
  • the authentication related information such as the name of the card owner, year of birth, type of the card and name of the bank and other owner and bank related information, may be stored in the RFID tag as a unique serial number at the time the tag is given to the bank card owner by the bank.
  • Fig 2 shows the process of the authentication asfollows: Number 1 bank card owner standing in front of the bank automat and placing his bank card into the automat. Number 2 the bank card is read and the information of it with the password given are transferred to the bank server for authentication of the card. Number 3 the Tag reader is reading the RFID Tag which is being carried by the ban card user. Number 4 the RFID reader sends the Tag information to bank server using the middleware software embedded in the bank automat. Number 5 the server authenticates both the bank card, and the RFID card. If they match and the password is also correct, the positive identification result is sent to the bank automat. Number 6 the bank automat will continue to serve the user. In case of a negative match, the process will act according to the processes of a stolen or missing card for each bank.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Burglar Alarm Systems (AREA)

Abstract

The system is composed of a Bank automat equipped with an RFID Tag reader, an RFID middleware to read the information from the tag correctly and transfer the information to the bank automat software, a bank server to which the bank automat is connected, having information of all of the RFID tags distributed to the bank card owners. When a bank card user having an RFID Tag approaches to the bank automat and places his/her bank card or credit card to the bank automat and gives the correct password, the bank automat transfers the data of the card, and the given password as well as the information from the RFID Tag to the bank server for authentication. If the information of the RFID Tag is matching with the owner of the card and the card and password are matching each other, the server sends positive authentication information to the bank automat and the process to deal with the card owner request will proceed. If the information in the tag is not matching with the bank card, or the RFID Tag information is missing, the server will send negative response to the bank automat and the process will continue as the bank will define in cases of bank card or credit card misuse, theft, or lost.

Description

Bank-card fraud detection and prevention for bank automats
Background of the invention
This invention relates to communication methods, equipment and software products which relate to bank automats and ATM terminals. As used herein, Terminal means a bank automat or an ATM terminal which is used when a person using a bank-card or credit card to get cash money or pay in a shop. Customer here in after is the person who is rightfully using his bank-card or credit card. At the moment there is very less to be done to prevent a bank card fraud when a bank card is stolen with the correct password. According to the recent statistics the cases where the bank-card and the correct password has somehow been stolen and then used to take money from the bank automats have recently increased. There are several relatively easy methods to steal bank cards and their passwords and then later use the stolen bank card with it's correct password to get money from bank automats or make purchases in shops having ATM terminals. This invention relates to using a relatively known technology and a new process for verification of the true identity of the person using the bank card while using a terminal so that using the stolen bank card will not be possible even with a having a correct password, but only it will be possible for the true owner of the bank card.
The Problem with current Bank automat systems is that the bank cards are being authenticated through the data which is inhibited in the card and the password that the owner provides to the bank automat. But the identity of the person using the bank card is not authenticated.
Hereby through this invention an integrated method for identification of the owner of the bank card is introduced while the bank cards being used. Therefore it highly reduces the possibility of using stolen bank cards with the bank automats and terminals which are equipped with this prevention technique.
Brief description of the invention
An object of the present invention is to provide a method and an apparatus for implementing the method so as to alleviate the above problems. In other words, the invention aims at providing a technique which enables owners of bank cards safely use their bank cards. In case a bank card is stolen with the password, the stolen bank card could not be used with the bank automats which are equipped with this fraud prevention technique. The object of the invention is achieved by methods, equipment and software and hardware products which are characterized by what is stated in the independent claims.
According to an aspect of the invention, there is provided a method for identification of the owner of the bank card using a bank automat.
The method comprises:
installing an RFID Tag reader to bank automat;
installing a intermediate software called RFID Middleware to the bank automat which provides the means to read an RFID tag and transfer the information from the RFID tag to the bank automat;
Bank automat can then communicate with the bank server to transfer the RFID Tag information as well as the bank card information and password to the server;
Bank server then authenticates the bank card and matches it with the true owner of the RFID Tag and then sends positive identification to the bank automat;
Bank automat will then proceed to execute the commands as given by the owner of the bank card; An element of the inventive idea is combining the RFID technology with the current methods used for authentication of the true owner identity. The correct owner of the bank card is the person who has the bank card, the password and the correct RFID tag all three at the same time when using the bank card in a bank automat or other terminal. Brief description of the drawings
In the following the invention will be described in greater detail by means of specific embodiments with reference to the attached drawings, in which
Figure 1 shows different types of RFID Tags which the users of bank cards can carry with themselves while using the bank card.
Figure 2 shows the process of which the invention can be used;
Detailed description of specific embodiments
First, the process of the invention relating to mobile terminals will be described in connection with Figure 1. Figure 1 shows the process in which the invention can be used. The two major portions of the inventive concept are the integration of RFID Readers and their middleware in the bank automat and use of RFID Tags in parallel with the bank card and password for authentication of the user's rights. Radio frequency identification (RFID) tags are used as a second means for identification method. A typical RFID tag includes an antenna and a silicon chip containing modulation circuits, control logic and non-volatile memory. The silicon chip derives electrical power from radio signals received by the antenna or from a battery, and is able to exchange data with a RFID tag reader, by demodulating and modulating radio signals. The device coupled to the RFID tag can read and write from and to the memory of the RFID tag using radio signal transmission.
An RFID-based solution comprises a Tag reader software integrated in the bank automat when activated, emits a short-range radio signal that powers up the tag, enabling the data on the tag to be read. Each tag contains a specific serial number identifies the owner of the bank card. The service can be initiated simply by the owner of the bank card having the tag in his pocket and standing in front of the bank automat within a reasonable distance of about 1 meter.
The authentication related information such as the name of the card owner, year of birth, type of the card and name of the bank and other owner and bank related information, may be stored in the RFID tag as a unique serial number at the time the tag is given to the bank card owner by the bank.
Separate sets of identical RFID tags can be provided to bank card users. Each user can have several Tags in different shapes at his/her disposal to be used in different occasions. The above description of specific embodiments of the invention were based on the assumption that the bank automat is equipped with the RFID Tag reader and the middleware needed to read the tag and transfer the tag information to the bank automat to be transferred to the bank server along with other bank card information as well as the password that the bank card owner is providing while using the bank automat. If the bank automat is used with a bank card and correct password, but the related RFID tag is missing, or the tag information is not matching with the bank card in the server, the bank card is certainly being misused and the process related to stolen or misused bank cards in the related bank can be initiated. Fig 2 shows the process of the authentication asfollows: Number 1 bank card owner standing in front of the bank automat and placing his bank card into the automat. Number 2 the bank card is read and the information of it with the password given are transferred to the bank server for authentication of the card. Number 3 the Tag reader is reading the RFID Tag which is being carried by the ban card user. Number 4 the RFID reader sends the Tag information to bank server using the middleware software embedded in the bank automat. Number 5 the server authenticates both the bank card, and the RFID card. If they match and the password is also correct, the positive identification result is sent to the bank automat. Number 6 the bank automat will continue to serve the user. In case of a negative match, the process will act according to the processes of a stolen or missing card for each bank.

Claims

Claims
1. A method for authentication of the bank card used with bank automats and other bank card terminals, the method comprising:
installing a RFID reader and an RFID middleware to a bank automat; - distributing RFID Tags to customers having bank cards, each TAG carrying data related to a corresponding bank card owner;
providing the bank server with the information of the Tags given to customers;
performing the following acts at least partially by the bank card user:
- Carrying the RFID tag at all times when using the bank card with a bank card automat;
performing the following acts by the bank server:
receiving and analysing the information from RFID Tag through the RFID middleware from the bank automat;
- comparing the received Tag information and the information of the bank card and the password from the bank automat
2. A method according to claim 1 , wherein the bank terminal is any bank card terminal used in shops or any other terminal used for example in self service petrol stations or anywhere else that a bank card and owner authentication is required to make a payment using the bank card or credit card.
3. That RFID tags for this purpose are produced and distributed to bank card and credit card owners either as part of same process of distributing the bank cards and credit cards to their owners or as part of a separate process.
PCT/FI2011/000034 2011-06-28 2011-06-28 Bank-card fraud detection and prevention for bank automats Ceased WO2013001133A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/FI2011/000034 WO2013001133A1 (en) 2011-06-28 2011-06-28 Bank-card fraud detection and prevention for bank automats

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/FI2011/000034 WO2013001133A1 (en) 2011-06-28 2011-06-28 Bank-card fraud detection and prevention for bank automats

Publications (1)

Publication Number Publication Date
WO2013001133A1 true WO2013001133A1 (en) 2013-01-03

Family

ID=47423469

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2011/000034 Ceased WO2013001133A1 (en) 2011-06-28 2011-06-28 Bank-card fraud detection and prevention for bank automats

Country Status (1)

Country Link
WO (1) WO2013001133A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103903395A (en) * 2014-03-27 2014-07-02 成都微英威诺环境监控设备有限公司 Low-cost landslide early warning recording device based on MEMS accelerometers
US9380421B1 (en) 2014-11-07 2016-06-28 Wells Fargo Bank, N.A. Multi-channel geo-fencing systems and methods
CN108376446A (en) * 2018-02-02 2018-08-07 上海农村商业银行股份有限公司 It is a kind of to carry out the method and system that deposit receipt renews using self-service device
US10154372B1 (en) 2014-11-07 2018-12-11 Wells Fargo Bank, N.A. Real-time custom interfaces through multi-channel geo-fencing
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
US11354632B1 (en) 2016-04-01 2022-06-07 Wells Fargo Bank, N.A. Systems and methods for remote ATM access

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070215698A1 (en) * 2006-03-14 2007-09-20 Perry Daniel D Credit card security system and method
US7584885B1 (en) * 2003-04-01 2009-09-08 Diebold Self-Service Systems Division Of Diebold, Incorporated Currency dispensing ATM with RFID card reader
US20090299864A1 (en) * 2008-05-28 2009-12-03 First Data Corporation Systems and methods of payment account activation

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7584885B1 (en) * 2003-04-01 2009-09-08 Diebold Self-Service Systems Division Of Diebold, Incorporated Currency dispensing ATM with RFID card reader
US20070215698A1 (en) * 2006-03-14 2007-09-20 Perry Daniel D Credit card security system and method
US20090299864A1 (en) * 2008-05-28 2009-12-03 First Data Corporation Systems and methods of payment account activation

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103903395A (en) * 2014-03-27 2014-07-02 成都微英威诺环境监控设备有限公司 Low-cost landslide early warning recording device based on MEMS accelerometers
US11272317B1 (en) 2014-11-07 2022-03-08 Wells Fargo Bank, N.A. Multi-channel geo-fencing systems and methods
US11432103B1 (en) 2014-11-07 2022-08-30 Wells Fargo Bank, N.A. Real-time custom interfaces through multi-channel geo-fencing
US10154372B1 (en) 2014-11-07 2018-12-11 Wells Fargo Bank, N.A. Real-time custom interfaces through multi-channel geo-fencing
US10560799B1 (en) 2014-11-07 2020-02-11 Wells Fargo Bank, N.A. Multi-channel geo-fencing system and method
US10687168B1 (en) 2014-11-07 2020-06-16 Wells Fargo Bank, N.A. Real-time custom interfaces through multi-channel geo-fencing
US11026043B1 (en) 2014-11-07 2021-06-01 Wells Fargo Bank, N.A. Multi-channel geo-fencing systems and methods
US12069533B2 (en) 2014-11-07 2024-08-20 Wells Fargo Bank, N.A. Real-time custom interfaces through multi-channel geo-fencing
US9380421B1 (en) 2014-11-07 2016-06-28 Wells Fargo Bank, N.A. Multi-channel geo-fencing systems and methods
US11974188B1 (en) 2014-11-07 2024-04-30 Wells Fargo Bank, N.A. Multi-channel geo-fencing systems and methods
US11729578B1 (en) 2014-11-07 2023-08-15 Wells Fargo Bank, N.A. Real time custom interfaces through multi-channel geo-fencing
US11570573B1 (en) 2014-11-07 2023-01-31 Wells Fargo Bank, N.A. Multi-channel geo-fencing systems and methods
US11354631B1 (en) 2016-04-01 2022-06-07 Wells Fargo Bank, N.A. Systems and methods for remote atm access
US11715078B1 (en) 2016-04-01 2023-08-01 Wells Fargo Bank, N.A. Systems and methods for remote ATM access
US11354632B1 (en) 2016-04-01 2022-06-07 Wells Fargo Bank, N.A. Systems and methods for remote ATM access
US12067543B2 (en) 2016-04-01 2024-08-20 Wells Fargo Bank, N.A. Systems and methods for remote ATM access
US12125009B1 (en) 2016-04-01 2024-10-22 Wells Fargo Bank, N.A. Systems and methods for remote ATM access
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
CN108376446A (en) * 2018-02-02 2018-08-07 上海农村商业银行股份有限公司 It is a kind of to carry out the method and system that deposit receipt renews using self-service device

Similar Documents

Publication Publication Date Title
US11263619B2 (en) Secure credit card with near field communications
EP2038227B1 (en) System and method for activating telephone-based payment instrument
RU2427915C2 (en) Equipment and method of payment making integrated with electronic goods delivery
JP4711039B2 (en) Method for ensuring the safety of a multipurpose portable terminal having a plurality of functions
US9473295B2 (en) Virtual transportation point of sale
US20090050689A1 (en) Electronic wallet device and method of using electronic value
US20120166344A1 (en) Secure wireless payment system and method thereof
US20150242844A1 (en) System and method for secure remote access and remote payment using a mobile device and a powered display card
CN104123793B (en) Money withdrawing system based on NFC function, money withdrawing method of money withdrawing system based on NFC function and money withdrawing machine
WO2014104436A1 (en) Method for mutual authentication for payment device
CN104272315A (en) Id authentication
US20160012408A1 (en) Cloud-based mobile payment system
WO2013034192A1 (en) Method for validating an electronic transaction, and system thereof
WO2013001133A1 (en) Bank-card fraud detection and prevention for bank automats
JPWO2019246533A5 (en)
CN102034307A (en) Electronic wallet-based dynamic password authentication system and method
CN102487320B (en) Method and system used for automatic teller machine identity authentication
CN109670821A (en) A kind of on-site payment method for processing business and smart card
KR20190007196A (en) Apparatus and methods for providing card activation control and digital wallet exchange using card owner's identity verification
CA2970007A1 (en) The bioid nfc smart card
CN109670839A (en) A kind of on-site payment method for processing business and smart card
JP6845888B2 (en) Authentication method for electronic wallet media
WO2021091549A1 (en) Payment system and apparatus
WO2017182859A1 (en) A system and method for mobile payments
EP2754109A1 (en) Method for validating an electronic transaction, and system thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11868522

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205ADATED 16/04/2014)

122 Ep: pct application non-entry in european phase

Ref document number: 11868522

Country of ref document: EP

Kind code of ref document: A1