WO2011089423A2 - An apparatus and a method for secure authentication - Google Patents

An apparatus and a method for secure authentication Download PDF

Info

Publication number
WO2011089423A2
WO2011089423A2 PCT/GB2011/050082 GB2011050082W WO2011089423A2 WO 2011089423 A2 WO2011089423 A2 WO 2011089423A2 GB 2011050082 W GB2011050082 W GB 2011050082W WO 2011089423 A2 WO2011089423 A2 WO 2011089423A2
Authority
WO
WIPO (PCT)
Prior art keywords
tag
authentication
application
card
computing device
Prior art date
Application number
PCT/GB2011/050082
Other languages
French (fr)
Other versions
WO2011089423A3 (en
Inventor
Neil Garner
Original Assignee
Proxama Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Proxama Limited filed Critical Proxama Limited
Publication of WO2011089423A2 publication Critical patent/WO2011089423A2/en
Publication of WO2011089423A3 publication Critical patent/WO2011089423A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • G06Q20/3263Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/227Payment schemes or models characterised in that multiple accounts are available, e.g. to the payer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/353Payments by cards read by M-devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities

Abstract

A mobile computing device ( 100 ) comprising a communication module for communicating with an authentication tag ( 101 ), in which the authentication tag ( 101 ) is for enabling a secure function; wherein the communication module is arranged to cause the authentication tag to transmit first authentication data which may be received by the communication module; and wherein the device determines if the first authentication data is valid, when it is received by the communication module, and if the first authentication data is valid, the device executes the secure function.

Description

AN APPARATUS AND A METHOD FOR SECURE AUTHENTICATION
TECHNICAL FIELD This invention relates to an apparatus for secure authentication. In particular, the present invention relates to a mobile telephone having a function which is activated using near field communication.
BACKGROUND TO THE INVENTION
Contactless payment technology enables mobile telephones to be used for payment for goods and services. A mobile telephone may include contactless technology, such as a near-field communications (NFC) transceiver, which enables the telephone to act as contactless payment card, such as a bank card or credit card. Rather than the payment card being a physical card, the payment card is a virtual card stored on the mobile telephone. The mobile telephone may therefore have several payment cards stored on it, for use with different services.
The mobile telephone includes a mobile wallet application in which the virtual cards are accessed. In order to use a card, the user may log into the application using a secure passcode. The mobile wallet is therefore protected against fraudulent use. If someone steals the mobile telephone, they are unable to use any virtual payment cards as the thief will not typically have the passcode. Alternatively, the device may include no passcode, in which case the virtual money is not protected against fraudulent use.
SUMMARY OF EXAMPLES OF THE INVENTION
An example of the invention provides a mobile computing device comprising a communication module for communicating with an authentication tag, in which the authentication tag is for enabling a secure function; wherein the communication module is arranged to cause the authentication tag to transmit first authentication data which may be received by the communication module; and wherein the device determines if the first authentication data is valid, when it is received by the communication module, and if the first authentication data is valid, the device executes the secure function.
Examples of the invention provide a device which is easy to use, and allows a user a initiate a secure function without having to use the user interface of the phone. The user does not have remember a password/passcode. The device makes it more difficult for a phone to be used by an unauthorised person. If the device is stolen, the secure function can't be initiated without the authentication tag. In an example, the first authentication data is a tag ID and the mobile device executes the secure function if the tag ID is stored on the device. This means different tags with different IDs can be used for different secure functions. Alternatively, one tag could be used for several secure functions. In an example, the device further comprises a tag ID record in which tag IDs are stored, wherein the device determines if a tag ID is valid by checking the tag ID store.
In an example, the device further comprises a secure application, and wherein the secure function is launching of the secure application. In an example, the secure application has an associated application ID, and the authentication tag has second authentication data which is the application ID. In an example, the secure application is launched if the second authentication data matches the application ID of the secure application. This enables the device to work out which secure application the tag is for use with.
In an example, the secure application includes a plurality of options, and the authentication tag may be used to cycle through said options. Therefore, in addition to opening an application, the tag can be used to initiate other functions.
In an example, said secure application is an account access application which includes an account record store, arranged to store user account details, and wherein said secure function is activating a user account. In an example, said secure application is arranged to communicate with a remote server. In an example, said user account details may be updated by communication with said remote server. In an example, said authentication tag is used activate the secure application to update said user account details. In an example, the account access application is a mobile wallet and said user account details are virtual bank cards. In an example, the authentication tag is for activating a virtual bank card for payment. In an example, the mobile wallet includes a plurality of bank cards, and the authentication tag is for cycling through the cards. In an example, the communications module is further arranged to communicate with a contactless payment point using said virtual bank card. One use of the device is to store virtual bank cards on the device. The cards are activated for payment using the authentication tag. Payments can only be made if the correct authentication card is used to activate the card. In an example, the device further comprises a public key, wherein authentication data stored on the authentication tag is encrypted with a private key, and, in order to read the authentication data, the mobile device uses the public key to decrypt the data. In an example, wherein said tag ID is generated using one-time passcode creation when the communications module communicates with the authentication tag. In an example, wherein said tag ID is generated using challenge-response when the communication module communicates with the authentication tag. These encryption techniques can be used to add further layers of security to the device.
In an example, wherein the secure function may be initiation of a telephone call. The device may be used for various secure functions, apart from a mobile wallet. For example, imitating an emergency call.
In an example, said communications module is a near-field communications module, and said authentication tag is an RFID tag and said data is stored as an NDEF record. In an example, said secure function is initiated by bringing the mobile device into close proximity with the authentication tag. In an example, said authentication tag is located in an authentication card which has the dimensions of a credit card. In an example, the authentication card is arranged to be attached to an item of clothing, and the secure function is initiated by moving the phone to the card. In an example, the device is a mobile telephone.
In a further example embodiment, the present invention provides a cellular telephone for communicating with a cellular telephone network, comprising a near-field communication module for communicating with RFID tags, wherein the near-filed communication module is arranged to cause any RFID tags brought into proximity with the telephone to transmit a tag ID and an application ID stored on the tags, and wherein the telephone includes a mobile wallet application, having an application ID, the mobile wallet application including at least one virtual bank card, and wherein the telephone further includes a tag ID record, and when the communication module receives the tag ID and application ID, it validates the tag by checking the tag ID is stored in the tag ID record, and if valid, the telephone opens the mobile wallet application and activates at least one virtual bank card.
In a further example embodiment, the present invention provides a method of operating the device described above.
In a further example embodiment, the present invention provides a method comprising: bringing an authentication tag and a mobile computing device into proximity with each other; receiving, at a communication module of the device, first authentication data, transmitted from the authentication tag; determining, on the mobile device, if the first authentication data is valid; and executing a secure function if the first authentication data is valid.
In a further example embodiment, the present invention provides a system comprising: the mobile computing device described above; and an authentication tag; wherein the authentication tag has first authentication data stored thereon. In a further example embodiment, the present invention provides a computer program to be run by a processor on a mobile computing device, to: determine if first authentication data, received from an authentication tag, is valid; and execute a secure function on the mobile device, if the first authentication data is valid. In a further example embodiment, the present invention provides a computer- readable medium comprising instructions, which when executed by a mobile computing device causes the device to: determining if first authentication data, received from an authentication tag, is valid; execute a secure function, if the first authentication data is valid.
This summary provides examples of the invention which are not intended to be limiting on the scope of the invention. The features of the invention described above and recited in the claims may be combined in any suitable manner. The combinations described above and recited in the claims are not intended to limit the scope of the invention.
Features and advantages associated with the examples of the invention will be apparent from the following description of some examples of the invention.
BRIEF DESCRIPTION OF THE DRAWINGS
Examples of the invention are hereinafter described with reference to the accompanying figures in which:
Figure 1 shows a mobile telephone and an authentication card in an example of the invention;
Figure 2 is a schematic diagram showing some components of the mobile telephone shown in Figure 1 ;
Figure 3 shows some details of the authentication card of Figure 1 ;
Figure 4 shows some of the applications and data stored in the memory of the mobile telephone shown in Figure 1 ;
Figure 5 is a flow chart showing a method of operation of the mobile telephone shown in Figure 1 ; Figure 6 shows the mobile telephone of Figure 1 during use;
Figure 7 shows a system which includes the mobile telephone of Figure 1 . Figure 8 is a flow chart showing a further method of operation of the mobile telephone shown in Figure 1 ; and
Figure 9 is a flow chart showing a further method of operation of the mobile telephone shown in Figure 1 .
DESCRIPTION OF EXAMPLES OF THE INVENTION
In a first example embodiment, the present invention provides a system for secure payment. This is shown in Figure 1 . The system includes a mobile telephone 100 which includes a NFC module, which may use RFID technology, for example. The NFC module enables the mobile telephone to communicate with contactless payment points. A mobile wallet is stored on the mobile telephone and includes one or more virtual bank cards. A user is able to pay for goods or services using the virtual cards. In order to make a payment, the user selects the card they wish to use and waves the mobile telephone in front of the contactless payment point. Money is then deducted from the virtual card.
In addition, the user has one or more authentication cards, such as authentication card 101 , as shown in Figure 1 . The authentication card 101 is used to unlock the mobile wallet to enable a user to make a payment. The authentication card 101 is a plastic, credit card sized card which has an RFID tag embedded therein. In order to make a payment, the user waves the mobile telephone 100 in front of the authentication card 101 . The NFC module interrogates the RFID tag, which transmits a unique code back to the mobile telephone 100. This unique code is used to open the mobile wallet and activate a virtual card for payment. If the user loses their mobile phone, no payments can be made. In order to make payments, anyone who obtains the telephone must also have the authentication card. The present invention is not limited to for use with a mobile wallet. In other embodiments, the system may be used to launch secure applications, authorise top- up of a mobile phone account, lock/unlock the mobile telephone 100, prove identification and make emergency calls. Other functions are possible with the scope of the present invention.
The present invention is not limited to the features an combinations described in the detailed description. Different features and combinations of features may be possible. In some embodiments, the mobile telephone may be replaced by other computing devices, including PDAa, handheld computers, games consoles, laptops, etc. The following detailed description provides examples of some ways of carrying out the present invention.
As noted above, the mobile telephone 100 is enabled for NFCs using, for example, RFID technology. The authentication card 101 is, for example, a plastic, credit card sized card, containing an RFID tag. The mobile telephone 100 is arranged to interrogate the authentication card 101 , and the authentication card is arranged to transmit data, stored on the card, to the mobile telephone. The data sent by the authentication card 101 is used by the mobile telephone 100 to authenticate a user to open a secure application, or to authenticate a user access certain functions associated with a secure application. As noted above, this application may be a mobile wallet, amongst other possibilities.
In order to open a secure application, or in order for a function associated with a secure application to be executed, the user must bring an authentication card, such as card 101 , into proximity with the mobile telephone 100. The authentication card 101 has data stored on it which identifies secure application with which it is associated, and a unique code which identifies the card itself. When the authentication card 101 is brought into close proximity with the mobile telephone 100, the telephone interrogates the card 101 , and the card transmits the data stored on it to the mobile telephone 100. The mobile telephone 100 then validates the data received from the card 101 , and causes the relevant secure application to open or to execute the relevant function. Further details of the mobile telephone 101 , authentication card 101 and the method of operation will be described below. The mobile telephone 100 will now be described in more detail with reference to Figure 2. The mobile telephone includes a processor 102, memory 103, an input device 104, a display 105, and an NFC module 106. The processor 102 controls the operation of the mobile telephone 100 by executing computer code stored in memory 103. A user can control the mobile telephone 100 using the input device 104 which may be a keypad. The mobile telephone 100 provides feedback to the user via display 105. The NFC module 106 enables the mobile telephone 100 to interact with other NFC devices, such as the authentication cards described above, as well as with NFC payment points. The memory 103 is used to store secure applications for use with authentication cards, such as card 101 , amongst various other software elements.
The mobile telephone 100 may include additional components as is known in the art. For example, the mobile phone 100 may include various buses to connect the various components, various types of memory, multiple processors for different functions, and a mobile radio for communication with a mobile phone network. The skilled person will understand the components necessary for the mobile phone 100 to function. Only those components which relate to the present invention are described in detail here.
The authentication card 101 will now be described in more detail in connection with Figure 3. The card 101 is a credit card shaped card which includes a passive RFID tag 107. The tag 107 includes an NFC Data Exchange Format (NDEF) record 108. The record 108 includes data 109 which may be sent to a mobile telephone, such as telephone 100, when the tag 107 is interrogated by such a telephone. The data stored on the tag 107 will be described in more detail below.
The secure applications and the authentication data stored in the mobile phone 100 and the authentication card 101 will now be described in more detail with reference to Figure 4. In this example, several secure applications 200a, 200b and 200c are stored in memory 103. The memory 103 is arranged to store one or more secure applications. Each of the secure applications 200a, 200b, 200c has at least one unique mobile application identifier (MAI) associated with it. In this example, each secure application has a single MAI. These MAIs are shown in Figure 4 as MAIs 201 a, 201 b, and 201 c. Memory 103 also includes a MAI record 202 which is used to store the MAIs of all secure applications stored in memory. As can be seen in Figure 4, the MAI record 202 includes MAIs 201 a, 201 b and 201 c.
Each authentication card has a unique card ID. When a card is registered with a particular mobile telephone, the card ID is stored in the mobile telephone. The card ID is used as a passcode to open certain secure applications and to unlock certain secure functions. This process will be described in more detail below. The memory 103 also includes a card ID record 203. In the present case, the card ID record 203 includes three card IDs; card ID 204a, 204b and 204c. This is shown in Figure 4.
Each authentication card has data 109 stored on it, as noted above. The data includes the MAI for the secure application or function which the authentication card is for use with. The data 109 also includes the card ID for that authentication card.
The memory 103 also includes a virtual card store 205 which has virtual cards 206a, 206b, 206c stored therein. In this example, the authentication card 101 corresponds to virtual card 206a. Virtual card 206a is a primary bank card of the user. The primary bank card 206a has a cash balance. The cash balance is stored in memory 103 with the virtual card 206a.
The memory 103 also includes a NFC module controller 207 which is for controlling the operation of the NFC module 106. When data is received by the NFC module 106, the NFC module controller 207 is responsible for handling the data. The operation of the NFC module controller will be described in more detail below.
As can be seen above, the mobile phone includes a record of MAIs and a record of card IDs. The user is in possession of various authentication cards, each of which is designed for a different purpose. Each card also has a MAI and a card ID. When the user brings a card near to the mobile phone, the data stored on the card is transmitted to the mobile telephone. The MAI is used to identify the application or function which the card is designed to unlock, and the card ID is used to authenticate the card. A method of operation of the mobile telephone 100, in accordance with an example embodiment, will now be described in connection with Figure 5. In this example, secure application 200a is mobile wallet application. As noted above, a mobile wallet is a virtual wallet which stores virtual bank cards, as will be described in more detail below. In this example, authentication card 101 is for authorising a payment to be made by such a virtual bank card. The mobile wallet 200a has MAI 201 a. Authentication card 101 has MAI 201 a and card ID 204a stored in the NDEF record 108. The authentication card 101 has already been registered with the mobile telephone 100. The card ID 204a is stored in card ID record 203. The process for registration will be described in more detail below.
The mobile telephone 100 is set up so that the NFC module 106 is in an interrogation mode. When in interrogation mode, the NFC module 106 is transmitting an interrogation signal in order to discover RFID tags. When an RFID tag is brought into proximity of the mobile telephone 100, the tag receives the interrogation signal and transmits a response to the NFC module 106. In the present case, when the user wants to make a payment with the primary bank card, they bring the authentication card 101 into proximity of the mobile telephone 100 (block 301 ). The authentication card 101 transmits a response to the interrogation signal (block 302). The response includes the card ID 204a and the MAI 201 a for the mobile wallet 200a. The NFC module controller 207 cross references the MAI 201 a with the MAI record 202 (block 303). As the MAI 201 a is in the record 202, the NFC module controller 207 passes the data received from the tag 107 to the mobile wallet application 200a (block 304). The mobile wallet application 200a then validates the data received from the authentication card 101 (block 305). In this case, the mobile wallet application 200a checks the card ID with the card ID record 203 (block 306). In this case, the card ID 204a matches the entry in the card ID record 203. The mobile wallet application 200a then opens and displays the virtual card 206a on the mobile telephone display 105. This is shown in Figure 6. The mobile wallet application 200a indicates to the user the card balance and the fact that the card is active. If either the card ID 204a or MAI 201 a are not validated, the mobile wallet application 205 displays an error message (block 307). Once a virtual card is active, the user can pay for services by moving the phone into proximity with a contractless payment point. The technology and mechanisms for making contactless payments are known in the art and sill not be described in any detail here. In a further example embodiment, the present invention provides a system for making an emergency telephone call . In this case, the authentication card 1 01 is for making an emergency call . The mobile telephone 100 includes a secure application which is for initiating an emergency call. The memory 103 includes the MAI of the emergency application, and the card ID of the authentication card. In order to make an emergency call, the user holds the card against the mobile telephone 100. The user must hold the card against the phone for a minimum time-period; for example five seconds. After five seconds the application launches, the phone vibrates to alert the user, and displays the message, "Request Emergency Assistance: Yes/Cancel?". In order to message the emergency services, the user can press "yes". Alternatively, if they are not in a position to do this, the user can remove the card from the phone, and place it against it again, and the phone will send a message. The message will include the user ID and details of their location . Such a system could be invaluable to those who find themselves in a vulnerable situation, and do not wish to alert anyone to the fact that they are calling the emergency services.
In a further example embodiment, the mobile wallet stored in memory 103 may includes several virtual cards. Tapping the authentication card against the mobile phone 100 causes the phone to cycle through the cards. In this example, the authentication card 101 is not specific to any one card. Instead it is just specific to the mobile wallet. Once the wallet has authenticated the card, it opens. Tapping the card against the phone cycles through the various cards. In a further example embodiment, the authentication card can be used to open other secure application on the mobile device. Any application which requires the use of a passcode in order to access it may use this system. For example, social networking applications which require a passcode to access could have an authentication card instead. A single card could enable access to several applications, or different cards could be issued for different applications.
In a further example embodiment, the authentication card could be used to lock or unlock the phone.
In a further example embodiment, the authentication card could be sued to retrieve a PIN. For example, if a user has forgotten or locked a PIN, the authentication card could be used as part of an authentication process. The application provider or network operator could require use of an authentication card in order to retrieve the PIN or unlock it.
In a further example embodiment, the authentication card could be used as mobile phone insurance or a warranty identifier. The authentication card could include an account reference, stored as data, and printed on the card. If the phone is lost, stolen or broken, the card could be used as evidence of ownership. The details could also be used to repatriate the card if lost.
In a further example embodiment, the authentication card could include an application for checking ID. The phone could have the ID record of the owner stored in memory. The system could be used in such a way that the ID is displayed on the phone when an ID authentication card is held next to the phone. This could be used by retailers to check the age of customers. It could also be used by health workers to find details about a patient. Some of the embodiments mentioned above require the authentication card to be registered. In addition, in most embodiments the card must be issued to the user in a secure manner. There are also circumstances when the user needs to contact service in order to, for example, top-up an account on the mobile phone. In order to enable this, in a further example embodiment, the present invention provides a system as shown in Figure 7.
As can be seen in Figure 7, the system includes the mobile telephone 100 and the authentication card 101 . The system also includes an administration server 401 , a tag issuer 402 and third party services 403. The administration server 401 has several purposes, including registration of secure applications, topping-up of mobile phone credit etc. The mobile telephone 101 communicates with the administration server, as required, using conventional communication techniques. The tag issuer 402 is a third party that provides a particular service. For example, the tag issuer
402 may be a bank that issues a mobile wallet bank card. The tag issuer 402 communicates with the administration server 401 in order to register any tags which are issued to users. The administration server 401 therefore has a record of all authentication cards 101 . Third party services 403 may include a service to top-up an account of the mobile telephone 101 . The mobile telephone 101 communicates via the administration server 402 in order to top-up the account.
The process of registering an authentication card will now be described with reference to Figure 8. In order to use a particular service, for example a virtual bank card, a user must sign-up to the service and obtain a corresponding authentication card. In the case of a bank card, a user may sign-up to a particular card service online, via the bank's website. The bank's website is one of the third party services
403 shown in Figure 7. The bank creates an account for the user and sends an authentication card 101 to the user using the tag issuer 402 (block 501 ). The bank then registers these details with the administration server 402. When the user receives the card, they go back to the bank website and provide the card ID of the card they have been sent. The user then registers the card with the mobile wallet application 200a on the mobile telephone 100 (block 502). The user does this by entering the card ID 204a of the authentication card and the account number of the bank account. The mobile wallet application 200a then contacts the administration server 402 to verify the details (block 503). If the details are correct, the administration server 402 confirms this to the mobile wallet application 200a (block 504). The authentication card 101 and associated bank card are then ready for use. In a further embodiment, the bank card is cash card. In other words, virtual money is stored in the mobile wallet. When this money runs out, the virtual bank card must be topped up. In this embodiment, the present invention provides a mechanism for topping-up a bank card. This will be described in connection with Figure 9.
In order to open the mobile wallet 200a, the user places their authentication card 101 against the mobile phone 100, as described above. In this situation, the virtual bank card 206a is displayed on the mobile telephone 100, and the available balance is shown. The mobile wallet 200a, includes a 'top-up now' option, which the user can select in order to top-up the cash on the virtual card. In this case, the user selects the 'top-up now' option (block 601 ). The user can the select to top-up by a set amount (for example, £5, £10 or £20), or they can enter specific amount (block 602). The application then prompts the user to tap their authentication card 101 , against the phone 100 to confirm the transaction (block 603). The phone then contacts the bank via the administration server 402 to process the top-up request (block 604). The bank checks that the details (card ID etc) are correct and updates the virtual card with the new balance (block 605). If the details are incorrect, and error message is returned (block 606). The bank then updates the user's online bank account to reflect the transfer of funds to the virtual card (block 607). As an option, the bank may require the user to enter an additional passcode, when topping-up an account, to act as an extra layer of security.
In a further embodiment, data stored on the authentication card, including the card ID and any MAIs, may be have a digital signature applied to it. The signature can be made using a private asymmetric key of the trusted third party service. This may be the key of the bank issuing the authentication card. The mobile wallet may include the public key of the bank, which is used to validate the card data.
In a further embodiment, the card ID mentioned above may be replaced by one-time passcode creation. In this case, there is a counter on the authentication card and on the mobile telephone. Each time a user uses an authentication card, a new passcode is created using a cryptographic key. This passocde acts as the new card ID. This mechanism is transparent to the user and provides greater security than the use of a static card ID. In a further embodiment, the system may use a challenge-response technique to further improve security. In this case, when a user uses an authentication card, the phone sends a challenge signal to the authentication card. The RFID tag then calculates a response using a cryptographic key, based on the challenge signal, and sends this back to the phone. The phone only allows the user to continue if the response is correct.
The authentication card may come in various form factors. In the examples described above, the card may be a credit card shaped plastic card. This enables the card to be placed in a users wallet. The card may take other shapes that can easily be attached to the users body. For example the card may be incorporated into a belt. In this manner, when a user wishes to make a payment, they can simply wave the mobile telephone phone over the correct portion of the belt. This has particular advantages because the user does not have to locate a card in their wallet to make a payment. Instead, the user intuitively moves their phone to a position on their belt.
An authentication tag may be any suitable sized tag which may store and transmit data to a mobile device. There are no particular limitations on the size, shape or technology used by the tag.
Various modifications, changes, and/or alterations may be made to the above described examples to provide further examples which use the underlying inventive concept, falling within the spirit and/or scope of the invention. Any such further examples are intended to be encompassed by the appended claims.

Claims

Claims
1 . A mobile computing device comprising a communication module for communicating with an authentication tag, in which the authentication tag is for enabling a secure function; wherein the communication module is arranged to cause the authentication tag to transmit first authentication data which may be received by the communication module; and wherein the device determines if the first authentication data is valid, when it is received by the communication module, and if the first authentication data is valid, the device executes the secure function.
2. A mobile computing device according to claim 1 , wherein the first authentication data is a tag ID and the mobile device executes the secure function if the tag ID is stored on the device.
3. A mobile computing device according to claim 2, further comprising a tag ID record in which tag IDs are stored, wherein the device determines if a tag ID is valid by checking the tag ID store.
4. A mobile computing device according to claims 1 , 2 or 3, further comprising a secure application, and wherein the secure function is launching of the secure application.
5. A mobile computing device according to claim 4, wherein the secure application has an associated application ID, and the authentication tag has second authentication data which is the application ID.
6. A mobile computing device according to claim 5, wherein the secure application is launched if the second authentication data matches the application ID of the secure application.
7. A mobile computing device according to claims 4 to 6, wherein the secure application includes a plurality of options, and the authentication tag may be used to cycle through said options.
8. A mobile computing device according to claims 4 to 7, wherein said secure application is an account access application which includes an account record store, arranged to store user account details, and wherein said secure function is activating a user account.
9. A mobile computing device according to claim 8, wherein said secure application is arranged to communicate with a remote server.
10. A mobile computing device according to claim 9, wherein said user account details may be updated by communication with said remote server.
1 1 . A mobile computing device according to claim 10, wherein said authentication tag is used activate the secure application to update said user account details.
12. A mobile computing device according to claims 8 to 1 1 , wherein the account access application is a mobile wallet and said user account details are virtual bank cards.
13. A mobile computing device according to claim 12, wherein the authentication tag is for activating a virtual bank card for payment.
14. A mobile computing device according to claim 13, wherein the mobile wallet includes a plurality of bank cards, and the authentication tag is for cycling through the cards.
15. A mobile computing device according to claims 12 to 14, wherein the communications module is further arranged to communicate with a contactless payment point using said virtual bank card.
16. A mobile computing device according to any preceding claim, further comprising a public key, wherein authentication data stored on the authentication tag is encrypted with a private key, and, in order to read the authentication data, the mobile device uses the public key to decrypt the data.
17. A mobile computing device according to any preceding claim, wherein said tag ID is generated using one-time passcode creation when the communications module communicates with the authentication tag.
18. A mobile computing device according to any preceding claim, wherein said tag ID is generated using challenge-response when the communication module communicates with the authentication tag.
19. A mobile computing device according claim 1 , wherein the secure function may be initiation of a telephone call.
20. A mobile computing device according to any preceding claim, wherein said communications module is a near-field communications module, and said authentication tag is an RFID tag and said data is stored as an NDEF record.
21 . A mobile computing device according to any preceding claim, wherein said secure function is initiated by bringing the mobile device into close proximity with the authentication tag.
22. A mobile computing device according to claim 21 , wherein said authentication tag is located in an authentication card which has the dimensions of a credit card.
23. A mobile computing device according to claim 22, wherein the authentication card is arranged to be attached to an item of clothing, and the secure function is initiated by moving the phone to the card.
24. A mobile computing device according to any preceding claim, the device being a mobile telephone.
25. A cellular telephone for communicating with a cellular telephone network, comprising a near-field communication module for communicating with RFID tags, wherein the near-filed communication module is arranged to cause any RFID tags brought into proximity with the telephone to transmit a tag ID and an application ID stored on the tags, and wherein the telephone includes a mobile wallet application, having an application ID, the mobile wallet application including at least one virtual bank card, and wherein the telephone further includes a tag ID record, and when the communication module receives the tag ID and application ID, it validates the tag by checking the tag ID is stored in the tag ID record, and if valid, the telephone opens the mobile wallet application and activates at least one virtual bank card.
26. A method of operating the device of any of claims 1 to 25.
27. A method comprising:
bringing an authentication tag and a mobile computing device into proximity with each other;
receiving, at a communication module of the device, first authentication data, transmitted from the authentication tag;
determining, on the mobile device, if the first authentication data is valid; and executing a secure function if the first authentication data is valid.
28. A method according to claim 27, wherein the first authentication data is a tag ID and the method comprises executing the secure function if the tag ID is stored on the device.
29. A method according to claim 28, wherein the device further comprises a tag ID record in which tag IDs are stored, and the method further comprises determining if a tag ID is valid by checking the tag ID store.
30. A method according to claims 27 to 29, further comprising a secure application, and wherein executing the secure function is launching of the secure application.
31 . A method according to claim 30, wherein the secure application has an associated application ID, and the authentication tag has second authentication data which is the application ID.
32. A method according to claim 31 , further comprising launching the secure application if the second authentication data matches the application ID of the secure application.
33. A method according to claims 30 to 32, wherein the secure application includes a plurality of options, and the method further comprises using the authentication tag to cycle through said options.
34. A method according to claims 30 to 33, wherein said secure application is an account access application which includes an account record store, arranged to store user account details, and wherein said secure function is activating a user account.
35. A system comprising:
the mobile computing device of any of claims 1 to 25; and
an authentication tag; wherein
the authentication tag has first authentication data stored thereon.
36. The system of claim 35, further comprising an administration server.
37. The system of claim 36, wherein user account details are stored on the mobile device and said authentication card is for activating a user account, and wherein a user account may be updated by communicating with the administration server.
38. A computer program to be run by a processor on a mobile computing device, to: determine if first authentication data, received from an authentication tag, is valid; and
execute a secure function on the mobile device, if the first authentication data is valid.
39. A computer-readable medium comprising instructions, which when executed by a mobile computing device causes the device to:
determining if first authentication data, received from an authentication tag, is valid; execute a secure function, if the first authentication data is valid.
40. A device substantially as herein described and shown in the Figures.
41 . A method substantially as herein described and shown in the Figures.
42. A system substantially as herein described and shown in the Figures.
43. A computer program substantially as herein described and shown in the Figures.
PCT/GB2011/050082 2010-01-19 2011-01-19 An apparatus and a method for secure authentication WO2011089423A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1000837.3 2010-01-19
GB1000837A GB2476989A (en) 2010-01-19 2010-01-19 Activation of secure function in mobile computing device using authentication tag

Publications (2)

Publication Number Publication Date
WO2011089423A2 true WO2011089423A2 (en) 2011-07-28
WO2011089423A3 WO2011089423A3 (en) 2011-10-06

Family

ID=42028550

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2011/050082 WO2011089423A2 (en) 2010-01-19 2011-01-19 An apparatus and a method for secure authentication

Country Status (2)

Country Link
GB (1) GB2476989A (en)
WO (1) WO2011089423A2 (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012150585A2 (en) 2011-05-03 2012-11-08 Verifone, Inc. Mobile commerce system
CN103034823A (en) * 2011-09-29 2013-04-10 美国博通公司 Single NFC device identity selection on a multiple-identity supported device
WO2014011144A1 (en) * 2012-07-09 2014-01-16 Intel Corporation Systems and methods for enabling secure transactions with mobile devices
WO2014140818A3 (en) * 2013-03-15 2014-12-04 Assa Abloy Ab Method, system and device for generating, storing, using, and validating tags and data
WO2015163771A1 (en) * 2014-04-23 2015-10-29 Julien Truesdale Payment systems
US9681302B2 (en) 2012-09-10 2017-06-13 Assa Abloy Ab Method, apparatus, and system for providing and using a trusted tag
US9685057B2 (en) 2013-03-15 2017-06-20 Assa Abloy Ab Chain of custody with release process
US9703968B2 (en) 2014-06-16 2017-07-11 Assa Abloy Ab Mechanisms for controlling tag personalization
US20180124856A1 (en) * 2015-07-14 2018-05-03 Nec Platforms, Ltd. Mobile router, mobile network system, electronic money transaction method and electronic money transaction program
US10237072B2 (en) 2013-07-01 2019-03-19 Assa Abloy Ab Signatures for near field communications
US10440012B2 (en) 2014-07-15 2019-10-08 Assa Abloy Ab Cloud card application platform
EP3627424A3 (en) * 2018-09-19 2020-04-08 Capital One Services, LLC Systems and methods for providing card interactions
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2495704B (en) 2011-10-12 2014-03-26 Technology Business Man Ltd ID Authentication
GB2500560A (en) * 2011-11-03 2013-10-02 Proxama Ltd Authorising transactions in a mobile device
CH705774B1 (en) * 2011-11-16 2016-12-15 Swisscom Ag Method, system, and card to authenticate a user through an application.
WO2013089568A1 (en) 2011-12-12 2013-06-20 Iif Spółka Akcyjna Method of making payment transaction via cellular telephone system and telecommunication system for conducting payment transactions
EP2820600A1 (en) * 2012-02-28 2015-01-07 Giesecke & Devrient GmbH Authenticated transaction approval
EP2842092A4 (en) * 2012-04-16 2016-01-20 Salt Technology Inc Systems and methods for facilitating a transaction using a virtual card on a mobile device
ITMI20120988A1 (en) * 2012-06-07 2013-12-08 Ekboo Ltd SYSTEM AND METHOD FOR AUTOMATIC AUTHENTICATION IN A MOBILE DEVICE.
CN102737308B (en) * 2012-06-08 2015-08-12 中兴通讯股份有限公司 The method and system of a kind of mobile terminal and inquiry smart card information thereof
GB201221433D0 (en) * 2012-11-28 2013-01-09 Hoverkey Ltd A method and system of providing authentication of user access to a computer resource on a mobile device
KR101460179B1 (en) * 2012-11-28 2014-11-10 에스케이씨앤씨 주식회사 Method for Temporary Payment Card Set-up and Mobile Device using the same
US20140149742A1 (en) 2012-11-28 2014-05-29 Arnold Yau Method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors
US10102510B2 (en) 2012-11-28 2018-10-16 Hoverkey Ltd. Method and system of conducting a cryptocurrency payment via a mobile device using a contactless token to store and protect a user's secret key
WO2014116191A1 (en) * 2013-01-24 2014-07-31 Ekmekçi̇ İsmail A virtual wallet
EP2763370B1 (en) * 2013-01-31 2016-12-21 Nxp B.V. Security token and service access system
US9721082B2 (en) * 2013-06-04 2017-08-01 Mattel, Inc. Computing devices having access control
EP2811724B1 (en) * 2013-06-07 2019-01-02 BlackBerry Limited Mobile wireless communications device providing near field communication (nfc) unlock and tag data change features and related methods
US9276643B2 (en) 2013-06-07 2016-03-01 Blackberry Limited Mobile wireless communications device providing near field communication (NFC) unlock and tag data change features and related methods
US9271151B2 (en) 2013-06-28 2016-02-23 Nexkey, Inc. Fingerprinting a mobile device through near field communication
CZ306674B6 (en) * 2013-10-03 2017-05-03 Software602 A.S. A method of securing mobile devices
US9222282B2 (en) 2013-10-11 2015-12-29 Nexkey, Inc. Energy efficient multi-stable lock cylinder
AU2014340234B2 (en) * 2013-10-22 2016-10-20 Accenture Global Services Limited Facilitating secure transactions using a contactless interface
JP6271983B2 (en) * 2013-12-09 2018-01-31 キヤノン株式会社 COMMUNICATION DEVICE, ITS CONTROL METHOD, PROGRAM
CN104200176A (en) * 2014-08-28 2014-12-10 电子科技大学 System and method for carrying out transparent encryption and decryption on file in intelligent mobile terminal
CN105653963B (en) * 2014-11-20 2020-06-19 阿里巴巴集团控股有限公司 Information display method and device
US11423392B1 (en) 2020-12-01 2022-08-23 Wells Fargo Bank, N.A. Systems and methods for information verification using a contactless card

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE521480C2 (en) * 2001-04-18 2003-11-04 Tagmaster Ab Procedure and device for access control and access control
US7920827B2 (en) * 2002-06-26 2011-04-05 Nokia Corporation Apparatus and method for facilitating physical browsing on wireless devices using radio frequency identification
EP3023899B1 (en) * 2003-09-30 2020-09-16 Nxp B.V. Proximity authentication system
US8171531B2 (en) * 2005-11-16 2012-05-01 Broadcom Corporation Universal authentication token
US7562813B2 (en) * 2006-05-10 2009-07-21 First Data Corporation System and method for activating telephone-based payment instrument
US8135956B2 (en) * 2006-12-11 2012-03-13 Palo Alto Research Center Incorporated Systems and methods for lightweight authentication
JP2008171113A (en) * 2007-01-10 2008-07-24 Konica Minolta Business Technologies Inc Management terminal, image processor, control system, control program, and control method
US9264231B2 (en) * 2008-01-24 2016-02-16 Intermec Ip Corp. System and method of using RFID tag proximity to grant security access to a computer

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012150585A2 (en) 2011-05-03 2012-11-08 Verifone, Inc. Mobile commerce system
US9053478B2 (en) 2011-05-03 2015-06-09 Verifone, Inc. Mobile commerce system
US10068222B2 (en) 2011-05-03 2018-09-04 Verifone, Inc. Mobile commerce system
CN103034823A (en) * 2011-09-29 2013-04-10 美国博通公司 Single NFC device identity selection on a multiple-identity supported device
WO2014011144A1 (en) * 2012-07-09 2014-01-16 Intel Corporation Systems and methods for enabling secure transactions with mobile devices
US10445722B2 (en) 2012-07-09 2019-10-15 Intel Corporation Systems and methods for enabling secure transactions with mobile devices
US9681302B2 (en) 2012-09-10 2017-06-13 Assa Abloy Ab Method, apparatus, and system for providing and using a trusted tag
US10652233B2 (en) 2013-03-15 2020-05-12 Assa Abloy Ab Method, system and device for generating, storing, using, and validating NFC tags and data
US9825941B2 (en) 2013-03-15 2017-11-21 Assa Abloy Ab Method, system, and device for generating, storing, using, and validating tags and data
US9860236B2 (en) 2013-03-15 2018-01-02 Assa Abloy Ab Method, system and device for generating, storing, using, and validating NFC tags and data
US11252569B2 (en) 2013-03-15 2022-02-15 Assa Abloy Ab Method, system, and device for generating, storing, using, and validating NFC tags and data
US10404682B2 (en) 2013-03-15 2019-09-03 Assa Abloy Ab Proof of presence via tag interactions
US9685057B2 (en) 2013-03-15 2017-06-20 Assa Abloy Ab Chain of custody with release process
WO2014140818A3 (en) * 2013-03-15 2014-12-04 Assa Abloy Ab Method, system and device for generating, storing, using, and validating tags and data
US11172365B2 (en) 2013-03-15 2021-11-09 Assa Abloy Ab Method, system, and device for generating, storing, using, and validating NFC tags and data
US11026092B2 (en) 2013-03-15 2021-06-01 Assa Abloy Ab Proof of presence via tag interactions
US10237072B2 (en) 2013-07-01 2019-03-19 Assa Abloy Ab Signatures for near field communications
WO2015163771A1 (en) * 2014-04-23 2015-10-29 Julien Truesdale Payment systems
US9703968B2 (en) 2014-06-16 2017-07-11 Assa Abloy Ab Mechanisms for controlling tag personalization
US10440012B2 (en) 2014-07-15 2019-10-08 Assa Abloy Ab Cloud card application platform
US10609738B2 (en) * 2015-07-14 2020-03-31 Nec Platforms, Ltd. Mobile router, mobile network system, electronic money transaction method and electronic money transaction program
US20180124856A1 (en) * 2015-07-14 2018-05-03 Nec Platforms, Ltd. Mobile router, mobile network system, electronic money transaction method and electronic money transaction program
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
EP3627424A3 (en) * 2018-09-19 2020-04-08 Capital One Services, LLC Systems and methods for providing card interactions
US11216806B2 (en) 2018-09-19 2022-01-04 Capital One Services, Llc Systems and methods for providing card interactions
US11861600B2 (en) 2018-09-19 2024-01-02 Capital One Services, Llc Systems and methods for providing card interactions

Also Published As

Publication number Publication date
GB201000837D0 (en) 2010-03-03
GB2476989A (en) 2011-07-20
WO2011089423A3 (en) 2011-10-06

Similar Documents

Publication Publication Date Title
WO2011089423A2 (en) An apparatus and a method for secure authentication
US10977642B2 (en) Apparatuses and methods for operating a portable electronic device to conduct mobile payment transactions
US10515352B2 (en) System and method for providing diverse secure data communication permissions to trusted applications on a portable communication device
CN102567910B (en) NFC transaction server
US10929832B2 (en) Method and system for electronic wallet access
US20130035068A1 (en) Peer-to-peer transactions between embedded near field communication devices with authentication
US20120123935A1 (en) System and Method for Physical-World Based Dynamic Contactless Data Emulation in a Portable Communication Device
CA2857106C (en) Method for securing electronic transactions
JP2014529964A (en) System and method for secure transaction processing via a mobile device
US20160162893A1 (en) Open, on-device cardholder verification method for mobile devices
KR20150072438A (en) System and method for secure remote access and remote payment using a mobile device and a powered display card
KR20110033150A (en) Method and system for authenticating an electronic payment request
JP2013140429A (en) Portable terminal, terminal function management system, terminal function management method, terminal function management program and computer readable storage medium for storing program thereof
CN104700270A (en) Payment request processing method, payment request processing device and terminal
JPH10198636A (en) System and method for personal authentication
US20150039511A1 (en) Mobile computing device, a method for performing a transaction, and a computer-readable storage medium
KR20070029537A (en) Authentication system and method using individual unique code linked with wireless terminal
KR20160085164A (en) Method of paying, a application system, and member apparatus for delivery service
TW201804389A (en) Password resetting system for electronic transaction and method thereof using a third party platform server and a rigorous verification process to increase the security of password resetting for preventing the virtual card from malicious use
WO2022221262A1 (en) Multi-purpose physical smartcard
JP2003150876A (en) Issuing method for virtual credit card and utilization method
WO2012066653A1 (en) Electronic transaction system, information processing terminal capable of electronic transaction, electronic transaction management server, and cash register terminal capable of electronic transaction
CN102567879A (en) Wireless safety transaction payment system and method
KR20090070814A (en) Method & system for converting to credit card or cash card from a mobile communication terminal
KR20200020442A (en) Card settlement system, server and method that allows to set the payment amount

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11734171

Country of ref document: EP

Kind code of ref document: A2