WO2015163771A1 - Payment systems - Google Patents

Payment systems Download PDF

Info

Publication number
WO2015163771A1
WO2015163771A1 PCT/NZ2015/050048 NZ2015050048W WO2015163771A1 WO 2015163771 A1 WO2015163771 A1 WO 2015163771A1 NZ 2015050048 W NZ2015050048 W NZ 2015050048W WO 2015163771 A1 WO2015163771 A1 WO 2015163771A1
Authority
WO
WIPO (PCT)
Prior art keywords
purchasing
authentication
point
sale
transaction
Prior art date
Application number
PCT/NZ2015/050048
Other languages
French (fr)
Inventor
Julien Truesdale
Original Assignee
Julien Truesdale
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Julien Truesdale filed Critical Julien Truesdale
Publication of WO2015163771A1 publication Critical patent/WO2015163771A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/321Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wearable devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/325Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/352Contactless payments by cards

Definitions

  • This invention relates to methods and apparatus for conducting a commercial transaction, and has particular relevance to wireless or contactless transaction systems.
  • POS point of sale
  • Radio frequency communication may occur in a number of ways, but in most instances the communication is essentially in the near field i.e. only a few
  • Contactless smart cards contain a security system with tamper resistant properties, for example a secure cryptic processor and a secure file system.
  • a magnetic field which is effective within a limited range is produced by the point of sale card reader device and this field is received by an antenna embedded in the contactless smart card.
  • the energy in the field is used to energise a circuitry within the card so that
  • an authentication device to wirelessly communicate information to one of the purchasing device or the point of sale device to enable the transaction to be completed.
  • the purchasing device comprises a payment card.
  • the purchasing device comprises a portable mobile electronic and/or communication device such as a smart phone or smart watch.
  • the authentication device can comprise a mobile electronic and/or communication device such as a smart phone or smart watch.
  • the authentication device comprises a personal item or wearable item such as spectacles (including for example google glass), a watch, or jewellery.
  • the purchasing device comprises a portable electronic device such as a smart phone and the authentication device comprises either a card or a personal item which may be worn or usually carried by a user.
  • a point of sale device to wirelessly communicate transaction information to or from a purchasing device
  • the invention provides a method for performing a commercial transaction, comprising:
  • a point of sale device to wirelessly communicate transaction information to or from a purchasing device
  • the purchasing device comprises a contactless payment card
  • the purchasing device comprises a mobile electronic and/or communication device such as a smart phone or smart watch for example.
  • the authentication device can comprise a mobile electronic and/or communication device such as a smart phone or smart watch.
  • the authentication device comprises a personal item or wearable item such as spectacles (including for example google glass), a watch, or jewellery.
  • the purchasing device comprises a portable electronic device such as a smart phone and the authentication device comprises either a card or a personal item which may be worn or usually carried by a user.
  • the invention provides apparatus for performing a commercial transaction, the apparatus having communication means adapted to wireless communicate with a point of sale device, and being adapted to wirelessly receive authentication information from an authentication device.
  • the invention consists in any one or more of the features described in this document either alone or in combination. Further aspects of the invention will become apparent from the following description.
  • Figure 1 is diagrammatic illustration of apparatus for facilitating a commercial transaction
  • Figure 2 is a flow chart of a process which may be used in conjunction with the apparatus of Figure 1 .
  • the apparatus and processes described further below allow more secure use of contactless payment systems by including an authentication or verification mechanism which reduces the risk of fraudulent transactions whilst still providing the ease, speed and convenience of contactless payment processing.
  • the authentication is performed by a physically separate device which a purchaser would typically carry along with the device which is used as the primary means of making the purchase.
  • the system as illustrated includes point of sale apparatus 2 for effecting transactions at the point of sale which may, for example, be located at a merchant's premises.
  • point of sale apparatus 2 for effecting transactions at the point of sale which may, for example, be located at a merchant's premises.
  • point of sale device which is envisaged for use herein includes wireless communication means.
  • Such point of sale devices may include personal computers or tablets for example which use software as a service over cloud based systems. Others are dedicated mobile EFPOS devices for example.
  • the wireless communication may take a variety of different forms and use various protocols, as would be understood by a skilled in the art to which the invention relates.
  • the point of sale device 2 is one which can read and/or communicate with a contactless payment card, for example a card which is used in conjunction with the system branded under the trade mark Paywave.
  • a contactless payment card for example a card which is used in conjunction with the system branded under the trade mark Paywave.
  • NFC near field communications
  • BT Bluetooth
  • the point of sale device 2 is communicatively connected to a back end system represented in Figure 1 by server 4 which is configured to execute commercial transactions, for example a bank, acquirer or the like. Transactions may include those conducted by credit card schemes, banks and the like.
  • a purchasing device 6 is provided for wireless communication with the point of sale device. Furthermore, an authentication device 8 is also provided.
  • the purchasing device 6 has the ability to communicate wirelessly with the point of sale device using a wireless communication means 10 which may comprise an antenna for example or an antenna and the appropriate circuitry for providing signals to/from the antenna.
  • the processor 12 is preferably (but not necessarily) provided, depending upon the nature of the required communication. Substitute circuitry may be present instead. Whatever circuitry is used, it is preferable that there is a data or memory storage means 14 so that transaction information i.e. infromation that is desirable or necessary to enable the transaction to be processed or completed may be stored on the purchasing device.
  • the trnsaction information may comprise an identifier (for example an account or card number) which can be provided by the wireless communication means in response to an enquiry request or prompt from the point of sale device for example.
  • the purchasing device may comprise a smart card.
  • the purchasing device may comprise a smart card.
  • the purchasing device could be a mobile electronic device such as a mobile telephone, a smart watch or a device such as that marketed under the trade mark Google Glass. Therefore, it will be appreciated that the wireless communication means 10 may comprise one of a variety of technologies. In one embodiment, if the purchasing device comprises a RFID tag, then RFID technology may be used. In another embodiment, near field communication (NFC) and relevant protocols may be used. In still further embodiments, Wi-Fi or Bluetooth could be used to perform the communication required. In one embodiment the purchasing device is a device which is already known or used for conducting commercial transactions at a point of sale device in a merchant environment.
  • the authentication device 8 also includes a wireless
  • communication means such as an antenna and/or appropriate communication circuitry, optionally a processor 18 if that is required and a data or memory means 20.
  • authentication device 8 may take a variety of different forms, but in its broader sense is desirably physically separate from the purchasing device, yet carried conveniently by a purchaser using the purchasing device.
  • the authentication device 8 may comprise a RFID tag which is present in an article worn by a user, or commonly used by a user.
  • a RFID tag which may be attached to a mobile telephone or other personal electronic device.
  • an RFID tag which is incorporated into an item which may be worn by a user, for example an RFID tag may be attached to or included in a user's watch, spectacles, an item of jewellery or a similar article.
  • the RFID tag if that is the form adopted for the authentication device 8, may be used for other purposes.
  • RFID tag for another purpose such as a tag which is used as an identifier for public transport, or as part of a loyalty programme or similar scheme
  • that RFID tag may also be used as the authentication device 8 in the system described in this document.
  • the authentication device 8 may comprise an article such as a key fob, or another device or token which is often used by an individual.
  • a device which has another security purpose may be used.
  • a contactless car key, office or house key may be provided with an identifier that can also be used to authenticate of verify the transaction. In this way the existing communication capabilities of a device may be used without having to provide dedicated apparatus.
  • the purchasing device or the authentication device may be implanted in the user, for example being provided subcutanelously as thus constantly securely associated with the user.
  • Such devices may be powered by long life batteries, or wirelessly chargeable batteries, or may be capable of being energised by a field i.e. an NFC device or a device which operates using similar principles.
  • the authentication device 8 could embody another personal electronic device such as a mobile telephone or smartphone for example. If that is the case, then the smartphones inherent communication abilities may be used to perform the relevant wireless communication, and the smart phone may be enabled to perform the relevant tasks by downloading an app for example.
  • FIG. 2 an example of an overall process flow is shown for use of the apparatus described with reference to Figure 1 , when performing a commercial transaction.
  • the process starts at step 30 with a user wishing to purchase a product or service from a merchant using a point of sale system.
  • the user will move the purchasing device 6 insufficiently close proximity to the point of sale apparatus 2 in order to establish communication between the devices as shown in step 32.
  • this document refers to at least a query being made electronically by the point of sale device to which data is provided in response by the purchasing device (or vice versa).
  • Those skilled in the art to which the invention relates will understand that a variety of different communication protocols or transaction methodologies are possible.
  • various background checks may be made from the back end server if required, for example information such as whether the purchasing device is blacklisted in some way (for example being reported stolen) available balances etc.
  • this data can be accessed at a later stage in the process.
  • the next step 34 is a check which can be performed for verification or authentication. There are two convenient possible pathways over which this may occur, as shown in broken lines 22 and 24 in Figure 1 .
  • Communication path 22 in Figure 1 illustrates the authentication device providing the
  • the purchasing device may emit a signal which requests a response from the authentication device.
  • the authentication device may simply regularly emit a communication signal which is detected by the purchasing device.
  • the authentication device may be powered by a field provided by the point of sale apparatus 2 in which case the authentication device is inactive until such time as it is within a relatively close range of the point of sale device so that it is energised in order to provide a signal to the purchasing device whether that authentication signal is requested by the purchasing device or otherwise.
  • the communication path 22, although shown in Figure 1 as being a path between the wireless communication apparatus 10 and 16 of the two devices may be performed by separate communication apparatus resonant on each device.
  • the wireless communication apparatus 10 and 16 of the two devices may be performed by separate communication apparatus resonant on each device.
  • communication means reference 10 and 16 in Figure 1 may comprise a plurality of discreet communication interfaces or protocols.
  • the other alternative communication path 24 is one between the authentication device and the point of sale apparatus 2.
  • the authentication device provides an identifier or verifier directly to the point of sale device so the point of sale device can match that data with data provided by the purchasing device 6 and therefore authorise the transaction.
  • the wireless communication interface is used in the step may differ from those used between the point of sale device 2 and the purchasing device 6.
  • the purification information is provided from the authentication device in step 36 and this is checked in step 34. If verification is confirmed, then the process proceeds with the exchange of the relevant transaction data instead 38. However, alternatively, the verification check may occur after transaction data is exchanged as shown in decision step 40 just prior to the final step of confirming the transaction and processing the payment in step 42.
  • the verification information which is provided by the authentication device may take a variety of different forms. This will be appreciated by the person skilled in the art. If communication path 22 is used, then the simplest form of communication is simply an encrypted identifier the presence of which indicates that the authentication device 8 is either: a) within a certain predefined range of the purchasing device, or b) is within a predefined range of the point of sale apparatus (for example being energised by the point of sale apparatus).
  • the authentication device may in its simplest form simply provide an identifier or other appropriate or similar form of verification to the point of sale device. This is then used by point of sale device to verify the transaction for example by matching it with data relating to the purchasing device which is being used.
  • the data which is passed over communication path 24 may for example be confirmatory location data.
  • the authentication device comprises a device which has location identifying a capability, such as a smart phone or smart watch or similar device, then the location data can be passed over path 24 so that the point of sale apparatus 2 may match the location data with the known location of the point of sale apparatus and therefore verify that the authentication device is in the same proximity as the purchasing device i.e.
  • the authentication device may provide location information to the back end system without having to establish a communication link with a point of sale device 2. Therefore, a Wi-Fi link or a cellular communication link may be used to transfer information over path 26 so that data matching for example can be performed at the back end and an authentication signal or message can be sent from the back end 4 to the point of sale device if required. Similarly, the verification may still occur at the point of sale device 2. Thus authentication or verification infromation may be communicated to the POS device indirectly.
  • step 44 the system checks to see whether a transaction value limit may be imposed if the verification is not enabled.
  • a user or a bank may be satisfied that in the absence of authentication or verification, the transaction limit may be reduced to a level for example $50 so as to manage the risk of a stolen or misused purchasing device. This may in contrast to a much higher limit should the authentication or verification be confirmed in steps 34 or 40. If a transaction value limit is applicable, then that new limit is set on the transaction in step 46 and if the transaction is one within the value limit, then the transaction can be confirmed a process in step 42.
  • step 44 is simply disconnection of the payment communication in step 48 after which the process ends at step 50.

Abstract

A commercial transaction, such as a contactless point of sale transaction, uses a purchasing device (6) such as a contactless payment card to wirelessly communicate transaction information to a point of sale device (2). An authentication device (8) such as a smart phone or smart watch may be used to wirelessly communicate authentication or verification information to the purchasing device or the point of sale device to enable the transaction to be completed.

Description

PAYMENT SYSTEMS
Field of the Invention
This invention relates to methods and apparatus for conducting a commercial transaction, and has particular relevance to wireless or contactless transaction systems.
Background of Invention
Payments systems have been rapidly evolving, particularly with the widespread use of electronic point of sale (POS) systems in which payment cards may be used to process transactions between customers and merchants.
More recent developments include the use of wireless communications in order to enable transactions at point of sale terminals. One particular product which is now in use is marketed under the trade mark Paywave. Another is marketed under the trade mark Paypass. Under these systems, a bank or card scheme customer is issued with a contactless smart card. These cards are reasonably well known as any pocket sized card with an embedded integrated circuit that can process and store data and communicate with a point of sale terminal via radio frequency communication. The radio frequency communication may occur in a number of ways, but in most instances the communication is essentially in the near field i.e. only a few
centimetres away from the point of sale device. Contactless smart cards contain a security system with tamper resistant properties, for example a secure cryptic processor and a secure file system.
In use, a magnetic field which is effective within a limited range is produced by the point of sale card reader device and this field is received by an antenna embedded in the contactless smart card. The energy in the field is used to energise a circuitry within the card so that
communication with a point of sale device can occur.
Contactless smart cards are popular because commercial transactions can be conducted simply and quickly. For example, a purchaser can simply wave the card a few centimetres above a card reader apparatus at the point of sale to complete a transaction. Nothing further is required. Therefore the user does not need to enter a pin number on a keypad or sign any
documentation. This ease of use also has a downside. If a card is stolen, then it is also very easily used by a thief to make transactions, at least until such time as the card is reported as missing.
One way of reducing the negative effects of card theft is to place a limit on the amount of each transaction for which the card can be used in a contactless manner. Therefore, for example if a transaction has a value of more than say $80, then the transaction cannot proceed without the purchaser performing a manual authentication or verification step, such as using a PIN number. Obviously, this has the drawback that the inherent advantages of a contactless transaction are limited by having to perform a manual step, or alternatively that the range of possible transactions is limited.
Summary of Invention
It is an object of the invention to provide commercial payment systems or apparatus which at least go some way toward overcoming disadvantages of existing systems. Alternatively, it is an object of the invention to at least provide a useful alternative to existing systems.
In one aspect of the invention provides a method for performing a commercial transaction, comprising;
using a purchasing device to wirelessly communicate transaction information to a point of sale device;
using an authentication device to wirelessly communicate information to one of the purchasing device or the point of sale device to enable the transaction to be completed.
In one embodiment the purchasing device comprises a payment card. In another embodiment the purchasing device comprises a portable mobile electronic and/or communication device such as a smart phone or smart watch.
In one embodiment the authentication device can comprise a mobile electronic and/or communication device such as a smart phone or smart watch.
In another embodiment, the authentication device comprises a personal item or wearable item such as spectacles (including for example google glass), a watch, or jewellery. In other embodiments, the purchasing device comprises a portable electronic device such as a smart phone and the authentication device comprises either a card or a personal item which may be worn or usually carried by a user.
In another aspect of the invention provides a method for performing a commercial transaction, comprising;
using a point of sale device to wirelessly communicate transaction information to or from a purchasing device;
wherein at least some of the transaction information communicated to the point of sale device is authenticated using an authentication device.
In another aspect the invention provides a method for performing a commercial transaction, comprising:
using a point of sale device to wirelessly communicate transaction information to or from a purchasing device;
using the point of sale device or a communications network to receive from
authentication information from an authentication device.
In one embodiment the purchasing device comprises a contactless payment card, in another embodiment the purchasing device comprises a mobile electronic and/or communication device such as a smart phone or smart watch for example.
In one embodiment the authentication device can comprise a mobile electronic and/or communication device such as a smart phone or smart watch.
In another embodiment, the authentication device comprises a personal item or wearable item such as spectacles (including for example google glass), a watch, or jewellery.
In other embodiments, the purchasing device comprises a portable electronic device such as a smart phone and the authentication device comprises either a card or a personal item which may be worn or usually carried by a user.
In another aspect the invention provides apparatus for performing a commercial transaction, the apparatus having communication means adapted to wireless communicate with a point of sale device, and being adapted to wirelessly receive authentication information from an authentication device. in a further aspect the invention consists in any one or more of the features described in this document either alone or in combination. Further aspects of the invention will become apparent from the following description.
Drawing Description
One or more embodiments will be described with reference to the drawings in which:
Figure 1 is diagrammatic illustration of apparatus for facilitating a commercial transaction;
Figure 2 is a flow chart of a process which may be used in conjunction with the apparatus of Figure 1 .
Detailed Description
The apparatus and processes described further below allow more secure use of contactless payment systems by including an authentication or verification mechanism which reduces the risk of fraudulent transactions whilst still providing the ease, speed and convenience of contactless payment processing.
The authentication is performed by a physically separate device which a purchaser would typically carry along with the device which is used as the primary means of making the purchase.
Turning to Figure 1 , the payment system as shown generally referenced 1 . The system as illustrated includes point of sale apparatus 2 for effecting transactions at the point of sale which may, for example, be located at a merchant's premises. Those skilled in the art will understand that a variety of different point of sale devices exist, and an in depth description is not necessary for purposes of this specification. However, the point of sale device which is envisaged for use herein includes wireless communication means. Such point of sale devices may include personal computers or tablets for example which use software as a service over cloud based systems. Others are dedicated mobile EFPOS devices for example. The wireless communication may take a variety of different forms and use various protocols, as would be understood by a skilled in the art to which the invention relates. In one embodiment, the point of sale device 2 is one which can read and/or communicate with a contactless payment card, for example a card which is used in conjunction with the system branded under the trade mark Paywave. However other communication mechanisms and protocols are also within the scope of this description. For example, near field communications (NFC) could be used as could Wi-Fi through means of a wireless local area network or Bluetooth (BT).
The point of sale device 2 is communicatively connected to a back end system represented in Figure 1 by server 4 which is configured to execute commercial transactions, for example a bank, acquirer or the like. Transactions may include those conducted by credit card schemes, banks and the like.
Still referring to Figure 1 , a purchasing device 6 is provided for wireless communication with the point of sale device. Furthermore, an authentication device 8 is also provided.
The purchasing device 6 has the ability to communicate wirelessly with the point of sale device using a wireless communication means 10 which may comprise an antenna for example or an antenna and the appropriate circuitry for providing signals to/from the antenna. The processor 12 is preferably (but not necessarily) provided, depending upon the nature of the required communication. Substitute circuitry may be present instead. Whatever circuitry is used, it is preferable that there is a data or memory storage means 14 so that transaction information i.e. infromation that is desirable or necessary to enable the transaction to be processed or completed may be stored on the purchasing device. For example the trnsaction information may comprise an identifier (for example an account or card number) which can be provided by the wireless communication means in response to an enquiry request or prompt from the point of sale device for example.
In one embodiment, the purchasing device may comprise a smart card. In another
embodiment, the purchasing device could be a mobile electronic device such as a mobile telephone, a smart watch or a device such as that marketed under the trade mark Google Glass. Therefore, it will be appreciated that the wireless communication means 10 may comprise one of a variety of technologies. In one embodiment, if the purchasing device comprises a RFID tag, then RFID technology may be used. In another embodiment, near field communication (NFC) and relevant protocols may be used. In still further embodiments, Wi-Fi or Bluetooth could be used to perform the communication required. In one embodiment the purchasing device is a device which is already known or used for conducting commercial transactions at a point of sale device in a merchant environment.
Therefore, relevant examples are contactless smart cards and smart phones. However, as discussed earlier in this document, if a wireless transaction can be conducted without any other verification or authentication step, then there is a risk that a stolen purchasing device can be used by others to make unauthorised purchases. The system described in this document overcomes this problem by the provision of a separate authentication device 8. As shown diagrammatically in Figure 1 , the authentication device 8 also includes a wireless
communication means such as an antenna and/or appropriate communication circuitry, optionally a processor 18 if that is required and a data or memory means 20. The
authentication device 8 may take a variety of different forms, but in its broader sense is desirably physically separate from the purchasing device, yet carried conveniently by a purchaser using the purchasing device.
In one embodiment the authentication device 8 may comprise a RFID tag which is present in an article worn by a user, or commonly used by a user. One common example on daily use is an RFID tag which may be attached to a mobile telephone or other personal electronic device. Yet another example, is an RFID tag which is incorporated into an item which may be worn by a user, for example an RFID tag may be attached to or included in a user's watch, spectacles, an item of jewellery or a similar article. Furthermore, the RFID tag, if that is the form adopted for the authentication device 8, may be used for other purposes. For example, in one embodiment, if a user has been issued with an RFID tag for another purpose such as a tag which is used as an identifier for public transport, or as part of a loyalty programme or similar scheme, then that RFID tag may also be used as the authentication device 8 in the system described in this document.
In other embodiments the authentication device 8 may comprise an article such as a key fob, or another device or token which is often used by an individual. In some instances, a device which has another security purpose may be used. For example, a contactless car key, office or house key may be provided with an identifier that can also be used to authenticate of verify the transaction. In this way the existing communication capabilities of a device may be used without having to provide dedicated apparatus.
In yet other embodiments the purchasing device or the authentication device may be implanted in the user, for example being provided subcutanelously as thus constantly securely associated with the user. Such devices may be powered by long life batteries, or wirelessly chargeable batteries, or may be capable of being energised by a field i.e. an NFC device or a device which operates using similar principles.
Those skilled in the art will also appreciate that the authentication device 8 could embody another personal electronic device such as a mobile telephone or smartphone for example. If that is the case, then the smartphones inherent communication abilities may be used to perform the relevant wireless communication, and the smart phone may be enabled to perform the relevant tasks by downloading an app for example.
Turning now to Figure 2, an example of an overall process flow is shown for use of the apparatus described with reference to Figure 1 , when performing a commercial transaction. The process starts at step 30 with a user wishing to purchase a product or service from a merchant using a point of sale system. At this point the user will move the purchasing device 6 insufficiently close proximity to the point of sale apparatus 2 in order to establish communication between the devices as shown in step 32. By communication, this document refers to at least a query being made electronically by the point of sale device to which data is provided in response by the purchasing device (or vice versa). Those skilled in the art to which the invention relates will understand that a variety of different communication protocols or transaction methodologies are possible.
At this point in the transaction process, various background checks may be made from the back end server if required, for example information such as whether the purchasing device is blacklisted in some way (for example being reported stolen) available balances etc.
Alternatively, this data can be accessed at a later stage in the process. The next step 34 is a check which can be performed for verification or authentication. There are two convenient possible pathways over which this may occur, as shown in broken lines 22 and 24 in Figure 1 .
Communication path 22 in Figure 1 illustrates the authentication device providing the
purchasing device with some form of identifier or similar information (preferably the
communication is encrypted) by which the purchasing device can confirm that the authentication device is within a certain boundary or locality of the purchasing device. To perform the communication, the purchasing device may emit a signal which requests a response from the authentication device. In other embodiments, the authentication device may simply regularly emit a communication signal which is detected by the purchasing device. The authentication device may be powered by a field provided by the point of sale apparatus 2 in which case the authentication device is inactive until such time as it is within a relatively close range of the point of sale device so that it is energised in order to provide a signal to the purchasing device whether that authentication signal is requested by the purchasing device or otherwise.
Moreover, the communication path 22, although shown in Figure 1 as being a path between the wireless communication apparatus 10 and 16 of the two devices may be performed by separate communication apparatus resonant on each device. In other words, the wireless
communication means reference 10 and 16 in Figure 1 may comprise a plurality of discreet communication interfaces or protocols.
The other alternative communication path 24 is one between the authentication device and the point of sale apparatus 2. Under this arrangement, the authentication device provides an identifier or verifier directly to the point of sale device so the point of sale device can match that data with data provided by the purchasing device 6 and therefore authorise the transaction. Once again, the wireless communication interface is used in the step may differ from those used between the point of sale device 2 and the purchasing device 6.
Thus, referring to Figure 2 again, the purification information is provided from the authentication device in step 36 and this is checked in step 34. If verification is confirmed, then the process proceeds with the exchange of the relevant transaction data instead 38. However, alternatively, the verification check may occur after transaction data is exchanged as shown in decision step 40 just prior to the final step of confirming the transaction and processing the payment in step 42.
The verification information which is provided by the authentication device may take a variety of different forms. This will be appreciated by the person skilled in the art. If communication path 22 is used, then the simplest form of communication is simply an encrypted identifier the presence of which indicates that the authentication device 8 is either: a) within a certain predefined range of the purchasing device, or b) is within a predefined range of the point of sale apparatus (for example being energised by the point of sale apparatus).
If communication path 24 is used, then once again, the authentication device may in its simplest form simply provide an identifier or other appropriate or similar form of verification to the point of sale device. This is then used by point of sale device to verify the transaction for example by matching it with data relating to the purchasing device which is being used. In another embodiment, the data which is passed over communication path 24 may for example be confirmatory location data. For example, if the authentication device comprises a device which has location identifying a capability, such as a smart phone or smart watch or similar device, then the location data can be passed over path 24 so that the point of sale apparatus 2 may match the location data with the known location of the point of sale apparatus and therefore verify that the authentication device is in the same proximity as the purchasing device i.e. that the purchasing device has not been separating from (e.g. stolen) the authentication device. In this context, another communication path 26 (refer Figure 1 ) may be used. In this embodiment, the authentication device may provide location information to the back end system without having to establish a communication link with a point of sale device 2. Therefore, a Wi-Fi link or a cellular communication link may be used to transfer information over path 26 so that data matching for example can be performed at the back end and an authentication signal or message can be sent from the back end 4 to the point of sale device if required. Similarly, the verification may still occur at the point of sale device 2. Thus authentication or verification infromation may be communicated to the POS device indirectly.
Referring again to Figure 2, if either of the verification checks performed in steps 34 or 40 are negative, then a further decision point can be applied in step 44. In this step the system checks to see whether a transaction value limit may be imposed if the verification is not enabled.
Therefore, one example, a user or a bank may be satisfied that in the absence of authentication or verification, the transaction limit may be reduced to a level for example $50 so as to manage the risk of a stolen or misused purchasing device. This may in contrast to a much higher limit should the authentication or verification be confirmed in steps 34 or 40. If a transaction value limit is applicable, then that new limit is set on the transaction in step 46 and if the transaction is one within the value limit, then the transaction can be confirmed a process in step 42.
However, if there is no reduced transaction value limit, and the transaction cannot be verified using the authentication device, then the transaction may simply be avoided in which case the outcome of step 44 is simply disconnection of the payment communication in step 48 after which the process ends at step 50.
From the foregoing we have seen that a system is provided which has the convenience of contactless payment being able to be made with reduced risk of unauthorised or fraudulent use of payment devices such as smart cards. By having an authentication device which must be within a certain location of either the purchasing device, or the point of sale at where the purchasing device is being used, the use of purchasing device may be authenticated. This substantially lowers the risks associated with contactless transactions.

Claims

Claims:
1 . A method for performing a commercial transaction, comprising;
using a purchasing device to wirelessly communicate transaction information to a point of sale device;
using an authentication device to wirelessly communicate information to one of the purchasing device or the point of sale device to enable the transaction to be completed.
2. A method as claimed in claim 1 wherein the purchasing device comprises a payment card.
3. A method as claimed in claim 1 wherein the purchasing device comprises a portable electronic device.
4. A method as claimed in claim 1 wherein the purchasing device comprises a mobile electronic communications device.
5. A method as claimed in claim 3 or claim 4 wherein the purchasing device comprises a mobile telephone or smart phone.
6. A method as claimed in any one of claims 1 to 4 wherein the authentication device
comprises a mobile electronic communications device.
7. A method as claimed in claim 5 wherein the authentication device comprises a smart watch.
8. A method as claimed in claim 1 wherein the purchasing device comprises a smart watch and the authentication device comprises a smart phone.
9. A method as claimed in any one of claims 1 to 6 wherein the authentication device
comprises a personal item or wearable item.
10. A method for performing a commercial transaction, comprising;
using a point of sale device to wirelessly communicate transaction information to or from a purchasing device;
wherein at least some of the transaction information communicated to the point of sale device is authenticated using an authentication device.
1 1 . A method as claimed in claim 10 wherein the authentication device authenticates the transaction information by communication with the point of sale device.
12. A method as claimed in claim 10 wherein the authentication device authenticates the transaction information by communication with the purchasing device.
13. A method as claimed in any one of claims 10 to 12 wherein the transaction information comprises identification information.
14. A method for performing a commercial transaction, comprising:
using a point of sale device to wirelessly communicate transaction information to or from a purchasing device;
using the point of sale device or a communications network to receive authentication information from an authentication device.
15. A method as claimed in claim 14 wherein the purchasing device comprises a payment card.
16. A method as claimed in claim 14 wherein the purchasing device comprises a portable electronic device.
17. A method as claimed in claim 14 wherein the purchasing device comprises a mobile electronic communications device.
18. A method as claimed in claim 16 or claim 17 wherein the purchasing device comprises a mobile telephone or smart phone.
19. A method as claimed in any one of claims 14 to 17 wherein the authentication device comprises a mobile electronic communications device.
20. A method as claimed in claim 18 wherein the authentication device comprises a smart watch.
21 . A method as claimed in claim 14 wherein the purchasing device comprises a smart watch and the authentication device comprises a smart phone.
22. A method as claimed in any one of claims 14 to 19 wherein the authentication device comprises a personal item or wearable item.
23. Apparatus for performing a commercial transaction, the apparatus having
communication means adapted to wirelessly communicate with a point of sale device, and being operable to wirelessly receive authentication information from an
authentication device.
24. Apparatus as claimed in claim 23 wherein the purchasing device comprises a payment card.
25. Apparatus as claimed in claim 23 wherein the purchasing device comprises a portable electronic device.
26. Apparatus as claimed in claim 23 wherein the purchasing device comprises a mobile electronic communications device.
27. Apparatus as claimed in claim 25 or claim 26 wherein the purchasing device comprises a mobile telephone or smart phone.
28. Apparatus as claimed in any one of claims 23 to 26 wherein the authentication device comprises a mobile electronic communications device.
29. Apparatus as claimed in claim 27 wherein the authentication device comprises a smart watch.
30. Apparatus as claimed in claim 23 wherein the purchasing device comprises a smart watch and the authentication device comprises a smart phone.
31 . Apparatus as claimed in any one of claims 23 to 26 wherein the authentication device comprises a personal item or wearable item.
32. Apparatus as claimed in any one of claims 23 to 31 wherein the purchasing device and the authentication device are physically separate items.
33. A method substantially as herein described with reference to the drawings.
34. Apparatus substantially as herein described with reference to the drawings.
PCT/NZ2015/050048 2014-04-23 2015-04-23 Payment systems WO2015163771A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NZ62408914 2014-04-23
NZ624089 2014-04-23

Publications (1)

Publication Number Publication Date
WO2015163771A1 true WO2015163771A1 (en) 2015-10-29

Family

ID=54332832

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/NZ2015/050048 WO2015163771A1 (en) 2014-04-23 2015-04-23 Payment systems

Country Status (1)

Country Link
WO (1) WO2015163771A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2020129156A (en) * 2019-02-07 2020-08-27 オムロン株式会社 Settlement processing support terminal, transaction processing system, settlement processing support method, and settlement processing support program
US11637825B2 (en) 2019-01-11 2023-04-25 Visa International Service Association Authentication with offline device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050119978A1 (en) * 2002-02-28 2005-06-02 Fikret Ates Authentication arrangement and method for use with financial transactions
US20050269402A1 (en) * 2004-06-03 2005-12-08 Tyfone, Inc. System and method for securing financial transactions
US20070278291A1 (en) * 2005-12-22 2007-12-06 Rans Jean-Paul E Methods and Systems for Two-Factor Authentication Using Contactless Chip Cards or Devices and Mobile Devices or Dedicated Personal Readers
US20090319428A1 (en) * 2008-06-24 2009-12-24 International Business Machines Corporation Authorizing An Electronic Payment Request
WO2011089423A2 (en) * 2010-01-19 2011-07-28 Proxama Limited An apparatus and a method for secure authentication
US20110313922A1 (en) * 2009-06-22 2011-12-22 Mourad Ben Ayed System For NFC Authentication Based on BLUETOOTH Proximity
KR20130082665A (en) * 2011-12-13 2013-07-22 주식회사 케이티디에스 Server and method for performing payment process for device, and the device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050119978A1 (en) * 2002-02-28 2005-06-02 Fikret Ates Authentication arrangement and method for use with financial transactions
US20050269402A1 (en) * 2004-06-03 2005-12-08 Tyfone, Inc. System and method for securing financial transactions
US20070278291A1 (en) * 2005-12-22 2007-12-06 Rans Jean-Paul E Methods and Systems for Two-Factor Authentication Using Contactless Chip Cards or Devices and Mobile Devices or Dedicated Personal Readers
US20090319428A1 (en) * 2008-06-24 2009-12-24 International Business Machines Corporation Authorizing An Electronic Payment Request
US20110313922A1 (en) * 2009-06-22 2011-12-22 Mourad Ben Ayed System For NFC Authentication Based on BLUETOOTH Proximity
WO2011089423A2 (en) * 2010-01-19 2011-07-28 Proxama Limited An apparatus and a method for secure authentication
KR20130082665A (en) * 2011-12-13 2013-07-22 주식회사 케이티디에스 Server and method for performing payment process for device, and the device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
NARAYANASWAMI C. ET AL.: "What Would You Do with a Hundred MIPS on Your Wrist?", IBM RESEARCH REPORT, 22 January 2001 (2001-01-22), XP055232456 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11637825B2 (en) 2019-01-11 2023-04-25 Visa International Service Association Authentication with offline device
JP2020129156A (en) * 2019-02-07 2020-08-27 オムロン株式会社 Settlement processing support terminal, transaction processing system, settlement processing support method, and settlement processing support program
JP7111016B2 (en) 2019-02-07 2022-08-02 オムロン株式会社 Payment processing support terminal, transaction processing system, payment processing support method, and payment processing support program

Similar Documents

Publication Publication Date Title
US10049357B2 (en) System and method of processing PIN-based payment transactions via mobile devices
CN101809977B (en) Updating mobile devices with additional elements
ES2662254T3 (en) Method and mobile terminal device that includes smart card module and near field communications media
US10614465B2 (en) Dynamic modification of a verification method associated with a transaction card
US20150242844A1 (en) System and method for secure remote access and remote payment using a mobile device and a powered display card
KR101161778B1 (en) System for paying pos using near field communication
CN105493116A (en) Methods and systems for provisioning payment credentials
US10417631B2 (en) Systems and methods for activating account card functions based on physical device interactions
US10977641B2 (en) Binding process using electronic telecommunications device
US20160012408A1 (en) Cloud-based mobile payment system
SE1300499A1 (en) Secure two-party comparison transaction system
US20150149360A1 (en) Method for validating an electronic transaction, and system thereof
KR101330670B1 (en) Method and server for payment
US20150134539A1 (en) System and method of processing point-of-sale payment transactions via mobile devices
US20200210994A1 (en) Intelligent payment card carrying systems and methods
AU2022283711A1 (en) System and method for secure transacting
US20140089169A1 (en) System and Method of Processing Payment Transactions via Mobile Devices
TWI794155B (en) Apparatus and method for communicating with a digital transaction processing unit (dtpu)
CN105184563A (en) Safe processing method and apparatus for NFC (Near Field Communication) chip
WO2015163771A1 (en) Payment systems
KR20090021887A (en) The integrative method and system which use an id card and a mobile phone for electronic payment
RU2461065C2 (en) Consumer authentication system and method
AU2022291439A1 (en) System and method for transacting
WO2018185787A1 (en) A system and method of usage of a smart card for cashless transaction
KR20190007196A (en) Apparatus and methods for providing card activation control and digital wallet exchange using card owner's identity verification

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15783713

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15783713

Country of ref document: EP

Kind code of ref document: A1