WO2011031988A3 - Secure communication of payment information to merchants using a verification token - Google Patents

Secure communication of payment information to merchants using a verification token Download PDF

Info

Publication number
WO2011031988A3
WO2011031988A3 PCT/US2010/048455 US2010048455W WO2011031988A3 WO 2011031988 A3 WO2011031988 A3 WO 2011031988A3 US 2010048455 W US2010048455 W US 2010048455W WO 2011031988 A3 WO2011031988 A3 WO 2011031988A3
Authority
WO
WIPO (PCT)
Prior art keywords
payment information
secure communication
merchants
verification token
verification
Prior art date
Application number
PCT/US2010/048455
Other languages
French (fr)
Other versions
WO2011031988A2 (en
Inventor
Ayman Hammad
Original Assignee
Visa International Service Association
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US12/712,148 external-priority patent/US7891560B2/en
Priority claimed from US12/780,657 external-priority patent/US9038886B2/en
Application filed by Visa International Service Association filed Critical Visa International Service Association
Priority to EP10816167.0A priority Critical patent/EP2476088A4/en
Priority to CA2773543A priority patent/CA2773543A1/en
Priority to AU2010292125A priority patent/AU2010292125B2/en
Priority to BR112012005419A priority patent/BR112012005419A2/en
Publication of WO2011031988A2 publication Critical patent/WO2011031988A2/en
Publication of WO2011031988A3 publication Critical patent/WO2011031988A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data

Abstract

Disclosed are apparatuses, systems, and methods pertaining to the secure communication of payment information from portable consumer devices, such as credit cards, to online merchants using verification tokens.
PCT/US2010/048455 2009-09-10 2010-09-10 Secure communication of payment information to merchants using a verification token WO2011031988A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
EP10816167.0A EP2476088A4 (en) 2009-09-10 2010-09-10 Secure communication of payment information to merchants using a verification token
CA2773543A CA2773543A1 (en) 2009-09-10 2010-09-10 Secure communication of payment information to merchants using a verification token
AU2010292125A AU2010292125B2 (en) 2009-09-10 2010-09-10 Secure communication of payment information to merchants using a verification token
BR112012005419A BR112012005419A2 (en) 2009-09-10 2010-09-10 check sheet, method, computer program product, validation entity, method for communicating payment information to a merchant, merchant computer, merchant processing system, and method for receiving payment information

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US24136709P 2009-09-10 2009-09-10
US61/241,367 2009-09-10
US12/712,148 US7891560B2 (en) 2009-05-15 2010-02-24 Verification of portable consumer devices
US12/712,148 2010-02-24
US12/780,657 2010-05-14
US12/780,657 US9038886B2 (en) 2009-05-15 2010-05-14 Verification of portable consumer devices

Publications (2)

Publication Number Publication Date
WO2011031988A2 WO2011031988A2 (en) 2011-03-17
WO2011031988A3 true WO2011031988A3 (en) 2011-07-21

Family

ID=43733107

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2010/048455 WO2011031988A2 (en) 2009-09-10 2010-09-10 Secure communication of payment information to merchants using a verification token

Country Status (5)

Country Link
EP (1) EP2476088A4 (en)
AU (1) AU2010292125B2 (en)
BR (1) BR112012005419A2 (en)
CA (1) CA2773543A1 (en)
WO (1) WO2011031988A2 (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9715681B2 (en) 2009-04-28 2017-07-25 Visa International Service Association Verification of portable consumer devices
US8893967B2 (en) 2009-05-15 2014-11-25 Visa International Service Association Secure Communication of payment information to merchants using a verification token
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US9038886B2 (en) 2009-05-15 2015-05-26 Visa International Service Association Verification of portable consumer devices
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
KR101895243B1 (en) 2011-03-04 2018-10-24 비자 인터네셔널 서비스 어소시에이션 Integration of payment capability into secure elements of computers
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
WO2015161699A1 (en) * 2014-04-25 2015-10-29 天地融科技股份有限公司 Secure data interaction method and system
CN109191116B (en) * 2018-07-27 2023-05-12 创新先进技术有限公司 Resource management method and system and payment management method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050043997A1 (en) * 2003-08-18 2005-02-24 Sahota Jagdeep Singh Method and system for generating a dynamic verification value
KR20050019674A (en) * 2003-08-20 2005-03-03 엘지전자 주식회사 Payment method for mobile credit card using mobile communication device
US6983882B2 (en) * 2003-03-31 2006-01-10 Kepler, Ltd. Personal biometric authentication and authorization device
US20070136211A1 (en) * 2004-03-15 2007-06-14 Brown Kerry D Financial transactions with dynamic card verification values
US20070178883A1 (en) * 2006-02-02 2007-08-02 Lucent Technologies Inc. Authentication and verification services for third party vendors using mobile devices
KR20080051198A (en) * 2006-12-05 2008-06-11 백승한 Authentication system and method for approval

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5365586A (en) * 1993-04-09 1994-11-15 Washington University Method and apparatus for fingerprinting magnetic media
AU2001256591A1 (en) * 2000-06-26 2002-01-08 Covadis Sa Computer keyboard unit for carrying out secure transactions in a communications network
US7740168B2 (en) 2003-08-18 2010-06-22 Visa U.S.A. Inc. Method and system for generating a dynamic verification value
US20060016879A1 (en) * 2004-07-26 2006-01-26 First Data Corporation Presentation instrument security arrangement and methods
EP2098985A3 (en) 2008-03-03 2012-11-07 Broadcom Corporation Secure financial reader architecture

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6983882B2 (en) * 2003-03-31 2006-01-10 Kepler, Ltd. Personal biometric authentication and authorization device
US20050043997A1 (en) * 2003-08-18 2005-02-24 Sahota Jagdeep Singh Method and system for generating a dynamic verification value
KR20050019674A (en) * 2003-08-20 2005-03-03 엘지전자 주식회사 Payment method for mobile credit card using mobile communication device
US20070136211A1 (en) * 2004-03-15 2007-06-14 Brown Kerry D Financial transactions with dynamic card verification values
US20070178883A1 (en) * 2006-02-02 2007-08-02 Lucent Technologies Inc. Authentication and verification services for third party vendors using mobile devices
KR20080051198A (en) * 2006-12-05 2008-06-11 백승한 Authentication system and method for approval

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2476088A4 *

Also Published As

Publication number Publication date
EP2476088A4 (en) 2014-01-15
EP2476088A2 (en) 2012-07-18
BR112012005419A2 (en) 2016-04-12
AU2010292125A1 (en) 2012-04-26
AU2010292125B2 (en) 2014-11-06
WO2011031988A2 (en) 2011-03-17
CA2773543A1 (en) 2011-03-17

Similar Documents

Publication Publication Date Title
WO2011031988A3 (en) Secure communication of payment information to merchants using a verification token
WO2012125759A3 (en) System and method for processing payment transactions
WO2012151590A3 (en) Systems and methods for enabling mobile payments
WO2013045743A3 (en) Payment system
WO2014085478A3 (en) Systems and methods for processing electronic transactions based on consumer characteristics
WO2012054763A3 (en) Integration of verification tokens with portable computing devices
WO2012058309A3 (en) Integration of verification tokens with mobile communication devices
WO2010132808A3 (en) Verification of portable consumer devices
WO2013012200A3 (en) Complex payment system using a portable terminal, and complex payment method
WO2010129357A3 (en) Verification of portable consumer devices
WO2011005766A3 (en) Transit access system and method including device authentication
WO2011057007A3 (en) Verification of portable consumer devices for 3-d secure services
WO2014124395A3 (en) Consumer device payment token management
WO2008106560A3 (en) Authentication of a data card using a transit verification value
WO2014076686A3 (en) Methods and apparatus for card transactions
WO2011119761A3 (en) Merchant fraud risk score
WO2011028840A3 (en) Portable consumer device with funds transfer processing
GB201309968D0 (en) Purchase transaction system with encrypted payment card data
WO2011091053A3 (en) Token based transaction authentication
WO2011133494A3 (en) Devices, systems, and methods for tokenizing sensitive information
WO2010129300A3 (en) Fraud and reputation protection using advanced authorization and rules engine
WO2009137076A3 (en) A one card system
WO2014055645A3 (en) Systems, methods, and computer program products for managing remote financial transactions
EP2556474A4 (en) Method and system for processing pin debit transactions
WO2011068624A3 (en) System and method for approving transactions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10816167

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2773543

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2010816167

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2010292125

Country of ref document: AU

ENP Entry into the national phase

Ref document number: 2010292125

Country of ref document: AU

Date of ref document: 20100910

Kind code of ref document: A

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112012005419

Country of ref document: BR

ENP Entry into the national phase

Ref document number: 112012005419

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20120309