[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2006094316A2 - System for processing financial transactions - Google Patents

System for processing financial transactions Download PDF

Info

Publication number
WO2006094316A2
WO2006094316A2 PCT/ZA2006/000022 ZA2006000022W WO2006094316A2 WO 2006094316 A2 WO2006094316 A2 WO 2006094316A2 ZA 2006000022 W ZA2006000022 W ZA 2006000022W WO 2006094316 A2 WO2006094316 A2 WO 2006094316A2
Authority
WO
WIPO (PCT)
Prior art keywords
transaction
client
transaction processing
code
authorisation
Prior art date
Application number
PCT/ZA2006/000022
Other languages
French (fr)
Other versions
WO2006094316A3 (en
Inventor
Selvanathan Narainsamy
Grant Paul Weideman
Original Assignee
Selvanathan Narainsamy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Selvanathan Narainsamy filed Critical Selvanathan Narainsamy
Priority to ZA200606754A priority Critical patent/ZA200606754B/en
Publication of WO2006094316A2 publication Critical patent/WO2006094316A2/en
Publication of WO2006094316A3 publication Critical patent/WO2006094316A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation

Definitions

  • This invention relates to a system for processing financial transactions.
  • a vendor swipes a customer's credit card through a point of sale (POS) card processing device.
  • the POS device sends a request to the server of an acquiring bank (the bank that owns the POS device) via a PSTN (public telephone) line or a radio pad (i.e. SWIFTNET in South Africa).
  • the acquiring bank contacts the bank that issued the card (the issuer bank) by way of an authorisation network.
  • the request is either authorised or denied.
  • the acquiring bank notifies the vendor via the POS device whether or not the transaction has been authorised and if authorised, the funds are transferred to the vendor's account on finalisation of the purchase at the point of sale.
  • SMS Short Message Service
  • This invention seeks to provide an authentication mechanism and process that can operate independently of an immediately available SMS service.
  • the financial transaction verification system of this invention comprises: a programmable transaction processing client; a programmable transaction processing server under the control of a financial services provider a programmable telecommunications client under the control of a transaction initiator which telecommunications client has been previously (prior to initiation of the transaction) programmed with at least one transaction authorisation code by the transaction processing server; the transaction processing client, the transaction processing server and the telecommunications client all being connected to or adapted for connection to one or more telecommunications networks; the transaction processing client being programmed, when in use a transaction is initiated and processed through the transaction processing client: to record data pertaining to a transaction initiated, in use, by the transaction . initiator and data pertaining to a financial account of the transaction initiator with the financial services provider; and to transmit the recorded data to the transaction processing server byway of the telecommunications network to which it and the transaction processing 1 server are connected;
  • the transaction processing client being programmed, further:
  • the transaction processing server being programmed, further:
  • the transaction processing server being programmed to transmit at least one new
  • the transaction processing server may conveniently be programmed, if an incorrect code
  • the financial transaction verification system may conveniently use a mobile communication
  • the transaction authorisation code may be
  • the transaction authorisation code is a once-off code issued by the transaction processing
  • 26 server which is programmed: 7 to record the issuance of the transaction authorisation code
  • the transaction processing client is constituted by a vendor POS terminal
  • the transaction processing server is constituted by the computer systems of a bank
  • the telecommunications client includes any telecommunications-enabled device
  • the telecommunications client is connected to or adapted for connection to a GSM
  • the transaction processing client will, typically, record data pertaining to a transaction after
  • the transaction processing server is preferably programmed to transmit a new transaction 4 authorisation code to the telecommunications client only after the transaction has been 5 finalised.
  • the invention includes a financial transaction verification system that is adapted to 8 accommodate situations in which the transaction processing client fails, in use, to 9 communicate with the transaction processing server, the adapted transaction verification 0 system including: 1 a portable programmable logic device, such as a smart card; 2 the transaction processing server being adapted: 1 to program and store in the programmable logic device, preferably by
  • the invention includes a method of verifying and administering financial transactions using
  • 13 is a flow chart illustrating the financial transaction verification system of the invention by
  • POS point of sale
  • the credit card belongs to the
  • the transaction initiator (the person who makes a purchase). The transaction initiator will have
  • the financial services provider operates and serves a network of point of sale terminals
  • ATM automated teller machines
  • This network of terminals is normally operated from a central server or servers which, in
  • the network need not be a fixed line network, particularly since
  • POS terminal that serves as a programmable transaction processing client
  • the POS terminal (transaction processing client) is connected to or adapted for connection
  • the telecommunications client is constituted by a customer cell phone, but any other
  • 32 telecommunications appliance can be used as the telecommunications client, which is 1 connected to or adapted for connection to the bank servers (transaction processing server)
  • a GPRS network can also be used as can a wireless network
  • Wi-Fi or WiMax Wi-Fi or WiMax
  • internet network in the case of an internet appliance.
  • the customer cell phone is programmed with a transaction authorisation code.
  • SMS can be fully automated and non-transparent in the sense that SMS can be
  • the POS terminal (transaction processing client) is programmed, when in use a
  • the POS terminal is used to obtain customer account data, normally by
  • the POS terminal transmits the recorded transaction data to
  • the bank server (transaction processing server) is programmed to first use the customer's
  • the bank server is programmed to formulate a transaction authorisation request to the POS
  • the POS terminal (transaction processing client) is programmed, as a precondition forthe
  • the bank server (transaction processing server) compares the code
  • the bank server transmits a new transaction authorisation code to the customer cell phone (telecommunications client) by way of the GSM network and stores a duplicate of the new transaction authorisation code in the bank server as the currently valid transaction authorisation code.
  • the bank server is programmed, if an incorrect code is entered as the purported transaction authorisation code, to transmit a notification to the customer cell phone. In a fraud situation, this additional notification serves to alert the customer to the effect that an attempt is being made to defraud her.
  • the transaction authorisation code is a once-off code issued by the bank server in that the bank server records issuance of the transaction authorisation code and stores the code as the currently valid transaction authorisation code.
  • the bank server records use of the transaction authorisation code and marks such a used transaction authorisation code as obsolete and then transmits a new transaction authorisation code to the customer cell phone (telecommunications client).
  • All communications in this financial transaction verification system including those between the POS terminal (transaction processing client), the bank server (transaction processing server) and the customer cell phone (telecommunications client) are by way of secure encrypted communications.
  • the financial transaction verification system of the invention can be adapted to accommodate situations in which the POS terminal (transaction processing client) fails, in use, to communicate with the bank server (transaction processing server), such as when the telephone lines of the PSTN are down or the bank server is down.
  • the portable programmable logic device of preference is a smart card.
  • the preliminary programming step outlined above includes programming of the smart card and the storage in secure memory on the smart card, of a plurality or a range of transaction authorisation codes. This can be done on initialisation of the smart card, but typically it will be done after each successfully concluded transaction, but not immediately, as will be seen from what follows.
  • the same range of codes is programmed and stored into secure memory on the customer cell phone.
  • the POS terminal operates in the same way as outlined above.
  • a transaction is initiated and processed through the POS terminal, it records data pertaining to the transaction and the bank account of the customer and attempts to transmit the recorded data to the bank server.
  • the normal process as outlined above takes place except that the POS terminal, the bank server and the customer cell phone rely on one of the range of transaction authorisation codes stored on the customer cell phone instead of just the one currently valid transaction authorisation code.
  • the POS terminal will require access to the smart card.
  • the POS terminal On presentation of the smart card, the POS terminal is programmed to retrieve the transaction authorisation codes stored in the smart card. The codes will not be displayed. Instead, the POS terminal will call for the entry of at least one of the transaction authorisation codes previously programmed into the telecommunications client as a precondition for the further processing of the transaction and upon entry of the code, compare the code so entered with the transaction authorisation codes stored in the smart card. If the entered code matches one of the stored codes, the POS terminal notifies the vendor or merchant that the entered code is valid, meaning that the customer presenting the smart card is the person authorised to use the card.
  • the POS terminal is programmed to update the smart card memory and to mark the entered code as obsolete in the smart card memory. 1
  • the vendor can then perform a manual telephonic balance check to authorise the
  • the bank server transmits a new range transaction authorisation
  • the bank server sends the customer cell phone an identical range of
  • the transaction is authorised 0 after the bank server, using the customer's bank account data, carries out the normal 1 customer identification and available balance checks found in existing financial transaction 2 verification systems.
  • Customer authentication is carried out when the bank server uses the transaction 5 authorisation code sent to it by the POS terminal to authenticate the customer.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A financial transaction verification system wherein, when a cell phone is used in a transaction, a bank server transmits a transaction authorisation code to the cell phone, and the code is stored in a secure memory of the cell phone. A duplicate of the transaction authorisation code is stored in the bank server. A POS terminal processes the transaction and records transaction data, including customer account data, which is transmitted to the bank server. The bank server uses the account data to verify customer identification and available balance, and transmits a transaction authorisation request to the POS terminal. The transaction authorisation code stored in the secure memory of the cell phone is then entered into the POS terminal and transmitted to the bank server. The bank server compares the received code to the transaction authorisation code previously stored in the bank server to determine if the transaction should proceed.

Description

System for processing financial transactions
Background to the invention
This invention relates to a system for processing financial transactions.
In the systems currently in use to authorise credit card transactions, a vendor swipes a customer's credit card through a point of sale (POS) card processing device. The POS device sends a request to the server of an acquiring bank (the bank that owns the POS device) via a PSTN (public telephone) line or a radio pad (i.e. SWIFTNET in South Africa). The acquiring bank contacts the bank that issued the card (the issuer bank) by way of an authorisation network. Depending on the availability of funds, the request is either authorised or denied.
If authorised, funds in the customer's bank account are reserved for the vendor. The acquiring bank notifies the vendor via the POS device whether or not the transaction has been authorised and if authorised, the funds are transferred to the vendor's account on finalisation of the purchase at the point of sale.
At no point in this process is there any authentication of the person using the credit card or of the fact that this person is indeed the rightful owner and user of the card.
The applicant is also the applicant in respect of a co-pending patent application, PCT Patent Application No. PCT/ZA2004/000072 (WO 2005/001670) which is incorporated herein by reference and which describes a transaction verification system that provides a means of confirming that the transaction itself is authorised and that the person initiating the transaction is authentic and authorised to conclude the transaction. This is done with the use of a first data channel (radio, PSTN, GSM, GPRS or the like) to relay transaction authorisation communications between the vendor POS terminal and the bank and a second, preferably different data channel to relay customer authentication communications between the bank and the customer. The advantage of this methodology is that if any fraud is perpetrated, the data on both communication channels must be intercepted and synchronised. With secure encryption and less than two minutes before the request from the bank server times out, hacking into this system is improbable.
The disadvantage of this methodology is that it relies, in practice, on virtually immediate communication by Short Message Service (SMS) on GSM or GPRS networks, which is not always achievable.
This invention seeks to provide an authentication mechanism and process that can operate independently of an immediately available SMS service.
Summary of the invention
The financial transaction verification system of this invention comprises: a programmable transaction processing client; a programmable transaction processing server under the control of a financial services provider a programmable telecommunications client under the control of a transaction initiator which telecommunications client has been previously (prior to initiation of the transaction) programmed with at least one transaction authorisation code by the transaction processing server; the transaction processing client, the transaction processing server and the telecommunications client all being connected to or adapted for connection to one or more telecommunications networks; the transaction processing client being programmed, when in use a transaction is initiated and processed through the transaction processing client: to record data pertaining to a transaction initiated, in use, by the transaction . initiator and data pertaining to a financial account of the transaction initiator with the financial services provider; and to transmit the recorded data to the transaction processing server byway of the telecommunications network to which it and the transaction processing 1 server are connected;
2 the transaction processing server being programmed:
3 to use the data pertaining to the transaction initiator and the
4 telecommunications client previously stored with the financial services
5 provider to formulate a transaction authorisation request to the transaction
6 processing client; and
7 to transmit the transaction authorisation request to the transaction
8 processing client by way of the telecommunications network to which the
9 transaction processing server and the transaction processing client are W connected;
11 the transaction processing client being programmed, further:
12 to require, on receipt of the transaction authorisation request, the entry of at
13 least one transaction authorisation code previously programmed into the
14 telecommunications client as a precondition for the further processing of
15 the transaction; and w upon entry of the code, to transmit the code so entered to the transaction
17 processing server by means of the telecommunications network to which
18 the transaction processing client and transaction processing server are f9 connected;
20 the transaction processing server being programmed, further:
21 to compare the code transmitted to it by the transaction processing client to
22 the transaction authorisation code or codes previously transmitted by the
23 transaction processing server to the telecommunications client;
24 if a correct transaction authorisation code is entered, to process the
25 transaction and transmit a transaction processing notification to the
26 transaction processing client by way of the telecommunications network to
27 which the transaction processing server and the transaction processing
28 client are connected; and
29 if an incorrect code is entered, to abort the transaction and transmit a failed
30 transaction notification to the transaction processing client by way of the
31 telecommunications network to which the transaction processing server
32 and the transaction processing client are connected; 1 and
2 the transaction processing server being programmed to transmit at least one new
3 transaction authorisation code to the telecommunications client by way of the
4 telecommunications network to which the transaction processing server and the
5 telecommunications client are connected. e
7 The transaction processing server may conveniently be programmed, if an incorrect code
8 is entered as the purported transaction authorisation code, to transmit a notification to the
9 telecommunications client in addition to the notification sent to the transaction processing 10 client.
11
12 The financial transaction verification system may conveniently use a mobile communication
13 device (such as a cellular or mobile phone) that is personal to the transaction initiator as
14 the telecommunications client, in which case the transaction authorisation code may be
15 stored in secure memory in the cell phone.
16
IT This process can be automated by programming the cell phone to receive the SMS
18 message containing the transaction authorisation code on a disclosed basis that requires
19 user interaction to accept the code or in background without the user even knowing that
20 the SMS has been received.
21
22 The transaction authorisation code is protected in that access to the cell phone memory
23 where the code is stored is only possible using a password known only to the user.
24
25 The transaction authorisation code is a once-off code issued by the transaction processing
26 server which is programmed: 7 to record the issuance of the transaction authorisation code;
28 to record the first use of the transaction authorisation code;
29 to mark such a used transaction authorisation code as obsolete; and
30 to transmit a new transaction authorisation code to the transaction processing
31 client.
32 S.
1 In the preferred embodiment of the invention:
2 the transaction processing client is constituted by a vendor POS terminal;
3 the transaction processing server is constituted by the computer systems of a bank
4 or other financial services provider;
5 the telecommunications client includes any telecommunications-enabled device
6 such as a telephone, cell phone or the like personal to the transaction initiator or an
7 internet-connected PC or the like;
8 the transaction processing client and the transaction processing server are
9 connected via a PSTN (public telephone) line or a radio pad (SWIFTNET in South
10 Africa); and
11 the telecommunications client is connected to or adapted for connection to a GSM,
12 GPRS or internet network.
13
14 . The transaction processing client will, typically, record data pertaining to a transaction after
15 the entry of the data by means of a keyboard or keypad and record data pertaining to the w financial account of the transaction initiator by means of a magnetic stripe or smart card 17 reader forming part of the POS terminal.
18
19 Communications between the transaction processing client, the transaction processing 0 server and the telecommunications client are preferably by way of secure encrypted 1 communications. 2 3 The transaction processing server is preferably programmed to transmit a new transaction 4 authorisation code to the telecommunications client only after the transaction has been 5 finalised. 0 7 The invention includes a financial transaction verification system that is adapted to 8 accommodate situations in which the transaction processing client fails, in use, to 9 communicate with the transaction processing server, the adapted transaction verification 0 system including: 1 a portable programmable logic device, such as a smart card; 2 the transaction processing server being adapted: 1 to program and store in the programmable logic device, preferably by
2 means of a previously used transaction processing client, a plurality of
3 transaction authorisation codes;
4 to program and store the identical transaction authorisation codes in the
5 telecommunications client prior to initiation of a transaction by means of the
6 telecommunications network to which the transaction processing server
7 and telecommunications client are connected;
8 the transaction processing client being programmed, when in use a transaction is
9 initiated and processed through the transaction processing client:
10 to record data pertaining to a transaction initiated, in use, by the transaction
11 initiator and data pertaining to a financial account of the transaction initiator
12 with the financial services provider;
13 to transmit the recorded data to the transaction processing server by way of
14 the telecommunications network to which it and the transaction processing
15 server are connected; w if such transmission fails, to require access to the programmable logic
17 device;
18 upon, such access, to access the transaction authorisation codes stored in ?9 the programmable logic device;
20 to require the entry of at least one of the transaction authorisation codes
21 previously programmed into the telecommunications client as a
22 precondition for the further processing of the transaction;
23 upon entry of the code, to compare the code so entered with the transaction
24 authorisation codes stored in the programmable logic device;
25 if a correct transaction authorisation code is entered, to process the
26 transaction;
27 and
28 the transaction processing server being programmed:
29 to program and store in the programmable logic device when next the
30 transaction processing server establishes communications with the
31 programmable logic device, a plurality of new transaction authorisation
32 codes to replace the transaction authorisation codes then stored in the 1 programmable logic device; and
2 to program and store identical new transaction authorisation codes to
3 replace the transaction authorisation codes then stored in the
4 telecommunications client. 5
6 The invention includes a method of verifying and administering financial transactions using
7 the verification system outlined above as well as financial transaction verification apparatus
8 for us in the system outlined above.
9 io Brief description of the drawings
11
12 The invention will be further described with reference to the accompanying drawing which
13 is a flow chart illustrating the financial transaction verification system of the invention by
14 means of the process involved in processing a financial transaction within the system.
15
16 Description of embodiments of the invention π
W The flow chart illustrates the example of a relatively simple financial transaction involving a
19 point of sale (POS) payment terminal at which a credit card or smart card is used to pay for
20 the purchase of goods. Using the example of a credit card, the credit card belongs to the
21 transaction initiator (the person who makes a purchase). The transaction initiator will have
22 a credit card account linked to the credit card with a bank or other financial institution,
23 which is referred to in this specification as a financial services provider.
24
25 The financial services provider operates and serves a network of point of sale terminals
26 and other electronic transaction terminals, such as automated teller machines (ATM's) and
27 the computers of its banking clients in circumstance where those computers serve as
28 internet banking terminals. 29
30 This network of terminals is normally operated from a central server or servers which, in
31 this specification, are referred to as the transaction processing server.
32 1 In a typical credit card transaction, the transaction details are entered at the POS terminal
2 (the transaction processing client) where the credit card is swiped to obtain details
3 pertaining to the transaction initiator, typically the credit card account number held with the
4 financial services provider. 5
G The transaction processing client then dials up the transaction processing server
7 automatically, normally making use of a fixed line telecommunication network or PSTN or a
8 radio pad (SWIFTNET). 9
10 In the normal course of events, using current authorisation systems, the transaction is
11 authorised or declined in a process of communication between the transaction processing
12 server and the financial services provider. The result of this authorisation process is then
13 communicated back to the transaction processing client by way of the fixed line network.
14 is It will be appreciated that the network need not be a fixed line network, particularly since
16 mobile communication networks are being used with increasing frequency in situations
IT such as this. 18
19 Referring to the flow chart, the financial transaction verification system of this invention
20 comprises:
21 a POS terminal that serves as a programmable transaction processing client;
22 bank server or servers that constitute a programmable transaction processing
23 server; and
24 a customer with a telephone, cell phone or other telecommunications appliance (a
25 telecommunications client under the control of the transaction initiator).
20
27 The POS terminal (transaction processing client) is connected to or adapted for connection
28 to the bank servers (transaction processing server) byway of a PSTN, but a SWIFTNET or
29 other radio pad can also be used.
30
31 The telecommunications client is constituted by a customer cell phone, but any other
32 telecommunications appliance can be used as the telecommunications client, which is 1 connected to or adapted for connection to the bank servers (transaction processing server)
2 by way of a GSM network. A GPRS network can also be used as can a wireless network
3 (Wi-Fi or WiMax) or internet network in the case of an internet appliance.
4
5 In a preliminary programming step, which can be on initialisation of the customer cell
6 phone (telecommunications client) for use with the financial transaction verification system
7 of the invention or (more usually) at the conclusion of each successfully verified
8 transaction, the customer cell phone is programmed with a transaction authorisation code.
9 This is a code which is transmitted to the customer cell phone by the bank server W (transaction processing server) by way of an SMS message. This process can be
11 automated by programming the cell phone to receive the SMS message containing the
12 transaction authorisation code and to store the code in memory. In the customer cell
13 phone, the transaction authorisation code is protected in that access to the area of cell
14 phone memory where the code is stored is only possible using a personal identification
15 number (PIN) known only to the user.
16 n The process can be fully automated and non-transparent in the sense that SMS can be
18 received and the transaction authorisation code extracted from the message without the
19 user even knowing that the SMS it has happened. It might be more reassuring for a user,
20 however, to receive the SMS and to accept the transaction authorisation code, with or
21 without the transaction authorisation code being displayed in the process.
22
23 A duplicate of the transaction authorisation code is stored in the bank server (transaction
24 processing server) as the currently valid transaction authorisation code. 25
26 The POS terminal (transaction processing client) is programmed, when in use a
27 transaction is initiated and processed through the POS terminal to record transaction data,
28 normally directly from the till of which the POS terminal forms a part or by way of keypad
29 entries. In addition, the POS terminal is used to obtain customer account data, normally by
30 swiping the customer's credit card through the magnetic stripe reader forming part of the
31 POS terminal.
32 1 The POS terminal (transaction processing client) transmits the recorded transaction data to
2 the bank server (transaction processing server) by way of the PSTN to which it and the
3 bank server are connected.
4
5 The bank server (transaction processing server) is programmed to first use the customer's
6 bank account data to carry out the normal customer identification and available balance
7 checks found in existing financial transaction verification systems. In addition, however,
8 the bank server is programmed to formulate a transaction authorisation request to the POS
9 terminal and to transmit the transaction authorisation request to the POS terminal by way of 10 . the PSTN.
11
12 The POS terminal (transaction processing client) is programmed, as a precondition forthe
13 further processing of the transaction, to require, on receipt of the transaction authorisation
14 request, the entry of a transaction authorisation code into the POS terminal. The code that
15 must be entered is the transaction authorisation code first programmed into and stored in
16 secure memory in the customer cell phone, which the customer must access using her PIN IT to access the secure memory are of the phone and then enter into the POS terminal by W way of the terminal keypad.
19
20 Upon entry of the code he POS terminal is programmed to transmit the code so entered to
21 the bank server by means of the PSTN.
22
23 At the bank, the bank server (transaction processing server) compares the code
24 transmitted to it by the POS terminal to the currently valid transaction authorisation code
25 stored in the bank server.
26
27 If a correct transaction authorisation code is received, the bank server issues a transaction
28 processing notification to the POS terminal by way of the PSTN authorising the transaction
29 to proceed.
30
31 If an incorrect code is entered, the transaction is aborted and the bank server transmits a
32 failed transaction notification to the POS terminal. At the same time the bank server transmits a new transaction authorisation code to the customer cell phone (telecommunications client) by way of the GSM network and stores a duplicate of the new transaction authorisation code in the bank server as the currently valid transaction authorisation code.
The bank server is programmed, if an incorrect code is entered as the purported transaction authorisation code, to transmit a notification to the customer cell phone. In a fraud situation, this additional notification serves to alert the customer to the effect that an attempt is being made to defraud her.
The transaction authorisation code is a once-off code issued by the bank server in that the bank server records issuance of the transaction authorisation code and stores the code as the currently valid transaction authorisation code. The bank server records use of the transaction authorisation code and marks such a used transaction authorisation code as obsolete and then transmits a new transaction authorisation code to the customer cell phone (telecommunications client).
All communications in this financial transaction verification system, including those between the POS terminal (transaction processing client), the bank server (transaction processing server) and the customer cell phone (telecommunications client) are by way of secure encrypted communications.
By the addition of a smart card or other portable programmable logic device, the financial transaction verification system of the invention can be adapted to accommodate situations in which the POS terminal (transaction processing client) fails, in use, to communicate with the bank server (transaction processing server), such as when the telephone lines of the PSTN are down or the bank server is down. The portable programmable logic device of preference is a smart card.
In this adaptation of the invention, the preliminary programming step outlined above includes programming of the smart card and the storage in secure memory on the smart card, of a plurality or a range of transaction authorisation codes. This can be done on initialisation of the smart card, but typically it will be done after each successfully concluded transaction, but not immediately, as will be seen from what follows.
The same range of codes is programmed and stored into secure memory on the customer cell phone.
In this adaptation of this invention, the POS terminal operates in the same way as outlined above. When in use a transaction is initiated and processed through the POS terminal, it records data pertaining to the transaction and the bank account of the customer and attempts to transmit the recorded data to the bank server.
If the transmission succeeds, the normal process as outlined above takes place except that the POS terminal, the bank server and the customer cell phone rely on one of the range of transaction authorisation codes stored on the customer cell phone instead of just the one currently valid transaction authorisation code.
If the transmission fails however, the POS terminal will require access to the smart card.
On presentation of the smart card, the POS terminal is programmed to retrieve the transaction authorisation codes stored in the smart card. The codes will not be displayed. Instead, the POS terminal will call for the entry of at least one of the transaction authorisation codes previously programmed into the telecommunications client as a precondition for the further processing of the transaction and upon entry of the code, compare the code so entered with the transaction authorisation codes stored in the smart card. If the entered code matches one of the stored codes, the POS terminal notifies the vendor or merchant that the entered code is valid, meaning that the customer presenting the smart card is the person authorised to use the card.
The POS terminal is programmed to update the smart card memory and to mark the entered code as obsolete in the smart card memory. 1 The vendor can then perform a manual telephonic balance check to authorise the
2 transaction via the bank.
3
4 When next the bank server establishes communications with the smart card (during a
5 subsequent transaction), the bank server transmits a new range transaction authorisation
6 codes to replace the transaction authorisation codes then stored in memory on the smart
7 card. 8
9 At the same time, the bank server sends the customer cell phone an identical range of
10 transaction authorisation codes, the customer cell phone being programmed to store the
11 new range of transaction authorisation codes in the place of the transaction authorisation
12 codes then stored in customer cell phone memory. 13
14 Notwithstanding the use of the terms "transaction authorisation code" and "authorisation" in is the description given above, it is clear that the financial transaction verification system of w this invention performs the functions of authorisation and authentication set out above as
17 being necessary in a comprehensive transaction verification system. 18
19 In a first sub-process between POS terminal and bank server, the transaction is authorised 0 after the bank server, using the customer's bank account data, carries out the normal 1 customer identification and available balance checks found in existing financial transaction 2 verification systems. 3 4 Customer authentication is carried out when the bank server uses the transaction 5 authorisation code sent to it by the POS terminal to authenticate the customer.

Claims

1 Claims
2
3 1. A financial transaction verification system comprising:
4 a programmable transaction processing client;
5 a programmable transaction processing server under the control of a financial
6 services provider
7 a programmable telecommunications client under the control of a transaction a initiator which telecommunications client has been previously (prior to initiation of 9 the transaction) programmed with at least one transaction authorisation code by the
10 transaction processing server;
11 the transaction processing client, the transaction processing server and the
12 telecommunications client all being connected to or adapted for connection to one
13 or more telecommunications networks; u the transaction processing client being programmed, when in use a transaction is
15 initiated and processed through the transaction processing client:
16 to record data pertaining to a transaction initiated, in use, by the transaction
17 initiator and data pertaining to a financial account of the transaction initiator W with the financial services provider; and
19 to transmit the recorded data to the transaction processing server by way of
20 the telecommunications network to which it and the transaction processing
21 server are connected;
22 the transaction processing server being programmed:
23 to use the data pertaining to the transaction initiator and the
24 telecommunications client previously stored with the financial services
25 provider to formulate a transaction authorisation request to the transaction
26 processing client; and
27 to transmit the transaction authorisation request to the transaction
28 processing client by way of the telecommunications network to which the
29 transaction processing server and the transaction processing client are
30 connected;
31 the transaction processing client being programmed, further:
32 to require, on receipt of the transaction authorisation request, the entry of at least one transaction authorisation code previously programmed into the telecommunications client as a precondition for the further processing of the transaction; and upon entry of the code, to transmit the code so entered to the transaction processing server by means of the telecommunications network to which the transaction processing client and transaction processing server are connected; the transaction processing server being programmed, further: to compare the code transmitted to it by the transaction processing client to the transaction authorisation code or codes previously transmitted by the transaction processing server to the telecommunications client; if a correct transaction authorisation code is entered, to process the transaction and transmit a transaction processing notification to the transaction processing client by way of the telecommunications network to which the transaction processing server and the transaction processing client are connected; and if an incorrect code is entered, to abort the transaction and transmit a failed transaction notification to the transaction processing client by way of the telecommunications network to which the transaction processing server and the transaction processing client are connected; and the transaction processing server being programmed to transmit at least one new transaction authorisation code to the telecommunications client by way of the telecommunications network to which the transaction processing server and the telecommunications client are connected.
2. A financial transaction verification system according to claim 1 in which the transaction processing server is programmed, if an incorrect code is entered as the purported transaction authorisation code, to transmit a notification to the telecommunications client in addition to the notification sent to the transaction processing client. 1 3. A financial transaction verification system according to either of the preceding claims,
2 in which the telecommunications client is a mobile communication device (such as a
3 cellular or mobile phone) that is personal to the transaction initiator and in which the
4 transaction authorisation code is stored in secure memory in the cell phone. 5
6 4. A financial transaction verification system according to claim 3 in which the mobile
7 communication device is programmed to receive the SMS message containing the
8 transaction authorisation code on a disclosed basis that requires user interaction to
9 accept the code. w
11 5. A financial transaction verification system according to claim 3 in which the mobile
12 communication device is programmed to receive the SMS message containing the
13 transaction authorisation code on an un-disclosed basis or in background without the
14 user even knowing that the SMS has been received.
15
16 6. A financial transaction verification system according to any one of the preceding
17 claims in which the transaction authorisation code is a once-off code issued by the
18 transaction processing server, which server is programmed:
19 to record the issuance of the transaction authorisation code; 0 to record the first use of the transaction authorisation code; 1 to mark such a used transaction authorisation code as obsolete; and 2 to transmit a new transaction authorisation code to the transaction processing 3 client. 4 5 7. A financial transaction verification system according to any one of the preceding 6 claims in which: 7 the transaction processing client is constituted by a vendor POS terminal; 8 the transaction processing server is constituted by the computer systems of a bank 9 or other financial services provider; 0 the telecommunications client includes any telecommunications-enabled device 1 such as a telephone, cell phone or the like personal to the transaction initiator or an 2 internet-connected PC or the like; 1 the transaction processing client and the transaction processing server are
2 connected via a PSTN (public switched telephone network) line or a radio
3 communications system; and
4 the telecommunications client is connected to or adapted for connection to a GSM,
5 GPRS or internet network.
6
7 8. A financial transaction verification system according to any one of the preceding
8 claims in which communications between the transaction processing client, the
9 transaction processing server and the telecommunications client are by way of 0 secure encrypted communications. 1 ι2 9. A financial transaction verification system according to claim 9 in which the 3 transaction processing server is programmed to transmit a new transaction
14 authorisation code to the telecommunications client only after the transaction has
15 been finalised.
16 1 10. A financial transaction verification system according to any one of the preceding 13 claims that is adapted, when, in use, the transaction processing client fails to 9 communicate immediately with the transaction processing server, the system 0 including: 1 a portable programmable logic device a portable programmable logic device, such 2 as a smart card; 3 the transaction processing server being adapted: 4 to program and store in the programmable logic device, by means of a 5 previously used transaction processing client, a plurality of transaction 8 authorisation codes; 7 to program and store the identical transaction authorisation codes in the 8 telecommunications client prior to initiation of a transaction by means of the 9 telecommunications network to which the transaction processing server 0 and telecommunications client are connected; 1 the transaction processing client being programmed, when in use a transaction is 2 initiated and processed through the transaction processing client: 1 to record data pertaining to a transaction initiated, in use, by the transaction
2 initiator and data pertaining to a financial account of the transaction initiator
3 with the financial services provider;
4 to transmit the recorded data to the transaction processing server by way of
5 the telecommunications network to which it and the transaction processing
6 server are connected;
7 if such transmission fails, to require access to the programmable logic
8 device;
9 upon such access, to access the transaction authorisation codes stored in
10 the programmable logic device;
11 to require the entry of at least one of the transaction authorisation codes
12 previously programmed into the telecommunications client as a
13 precondition for the further processing of the transaction;
14 upon entry of the code, to compare the code so entered with the transaction
15 authorisation codes stored in the programmable logic device;
16 if a correct transaction authorisation code is entered, to process the n transaction;
18 and
W the transaction processing server being programmed:
20 to program and store in the programmable logic device when next the
21 transaction processing server establishes communications with the
22 programmable logic device, a plurality of new transaction authorisation
23 codes to replace the transaction authorisation codes then stored in the
24 programmable logic device; and
25 to program and store identical new transaction authorisation codes to
28 replace the transaction authorisation codes then stored in the 27 telecommunications client.
28
29 11. A method of verifying a financial transaction, the method comprising the steps of:
30 programming, by means of a transaction processing server, a programmable
31 telecommunications client intended to be under the control of a transaction initiator
32 (prior to initiation of the transaction), with at least one transaction authorisation 1 code;
2 connecting the transaction processing client, the transaction processing server and
3 the telecommunications client to a telecommunications network;
4 programming a transaction processing client, when in use a transaction is initiated
5 and processed through the transaction processing client:
6 to record data pertaining to a transaction initiated, in use, by the transaction
7 initiator and data pertaining to a financial account of the transaction initiator
8 with the financial services provider; and
9 to transmit the recorded data to the transaction processing server byway of
10 the telecommunications network to which it and the transaction processing
11 server are connected;
12 programming the transaction processing server:
13 to use the data pertaining to the transaction initiator and the
14 telecommunications client previously stored with the financial services
15 provider to formulate a transaction authorisation request to the transaction
16 processing client; and ii to transmit the transaction authorisation request to the transaction
18 processing client by way of the telecommunications network to which the
19 transaction processing server and the transaction processing client are
20 connected;
2.1 programming the transaction processing client, further:
22 to require, on receipt of the transaction authorisation request, the entry of at
23 least one transaction authorisation code previously programmed into the
24 telecommunications client as a precondition for the further processing of
25 the transaction; and
26 upon entry of the code, to transmit the code so entered to the transaction
27 processing server by means of the telecommunications network to which
28 the transaction processing client and transaction processing server are
29 connected;
30 programming the transaction processing server, further:
31 to compare the code transmitted to it by the transaction processing client to
32 the transaction authorisation code or codes previously transmitted by the transaction processing server to the telecommunications client; if a correct transaction authorisation code is entered, to process the transaction and transmit a transaction processing notification to the transaction processing client by way of the telecommunications network to which the transaction processing server and the transaction processing client are connected; and if an incorrect code is entered, to abort the transaction and transmit a failed transaction notification to the transaction processing client by way of the telecommunications network to which the transaction processing server and the transaction processing client are connected; and programming the transaction processing server to transmit at least one new transaction authorisation code to the telecommunications client by way of the telecommunications network to which the transaction processing server and the telecommunications client are connected.
12. A method of verifying a financial transaction according to claim 11 , the method including the step of programming the transaction processing server, if an incorrect code is entered as the purported transaction authorisation code, to transmit a notification to the telecommunications client in addition to the notification sent to the transaction processing client.
13. A method of verifying a financial transaction according to either of claims 11 and 12 in which the telecommunications client is a mobile communication device (such as a cellular or mobile phone) that is personal to the transaction initiator and in which the transaction authorisation code is stored in secure memory in the cell phone.
14. A financial transaction verification system according to claim 3 in which the mobile communication device is programmed to receive the SMS message containing the transaction authorisation code on a disclosed basis that requires user interaction to accept the code. 1 15. A method of verifying a financial transaction according to claim 14 in which the
2 mobile communication device is programmed to receive the SMS message
3 containing the transaction authorisation code on an un-disclosed basis or in
4 background without the user even knowing that the SMS has been received. 5
6 16. A method of verifying a financial transaction according to any one of claims 11 to 15
7 in which the transaction authorisation code is a once-off code issued by the
8 transaction processing server, the method including the steps of programming the
9 server: 0 to record the issuance of the transaction authorisation code; 1 to record the first use of the transaction authorisation code; ? to mark such a used transaction authorisation code as obsolete; and 3 to transmit a new transaction authorisation code to the transaction processing 4 client. 5 0 17. A method of verifying a financial transaction according to any one of claims 11 to 16 7 in which: 8 the transaction processing client is constituted by a vendor POS terminal; 9 the transaction processing server is constituted by the computer systems of a bank 0 or other financial services provider; 1 the telecommunications client includes any telecommunications-enabled device 2 such as a telephone, cell phone or the like personal to the transaction initiator or an 3 internet-connected PC or the like; 4 the method including the steps of: 5 connecting the transaction processing client and the transaction processing server 6 via a PSTN (public switched telephone network) line or a radio communications 7 system; and 8 connecting the telecommunications client to a GSM, GPRS or internet network. 9 0 18. A method of verifying a financial transaction according to claim 17 in which the 1 transaction processing server is programmed to transmit a new transaction 2 authorisation code to the telecommunications client only after the transaction has 1 been finalised.
2
3 19. A method of verifying a financial transaction according to any one of claims 11 to 18
4 when, in use, the transaction processing clientfails to communicate immediately with
5 the transaction processing server, the method including the steps of: δ programming and storing, in a portable programmable logic device, such as a
7 smart card and by means of a previously used transaction processing client, a
8 plurality of transaction authorisation codes;
9 programming and storing the identical transaction authorisation codes in the
10 telecommunications client prior to initiation of a transaction by means of the
11 telecommunications network to which the transaction processing server and
12 telecommunications client are connected;
13 programming the transaction processing client, when in use a transaction is
14 initiated and processed through the transaction processing client:
15 to record data pertaining to a transaction initiated, in use, by the transaction
16 initiator and data pertaining to a financial account of the transaction initiator IT with the financial services provider;
IB to transmit the recorded data to the transaction processing server by way of
19 the telecommunications network to which it and the transaction processing
20 server are connected;
21 if such transmission fails, to require access to the programmable logic
22 device;
23 upon such access, to access the transaction authorisation codes stored in
24 the programmable logic device;
25 to require the entry of at least one of the transaction authorisation codes
26 previously programmed into the telecommunications client as a
27 precondition for the further processing of the transaction;
28 upon entry of the code, to compare the code so entered with the transaction
29 authorisation codes stored in the programmable logic device;
30 if a correct transaction authorisation code is entered, to process the
31 transaction;
32 and 1 programming the transaction processing server:
2 to program and store in the programmable logic device when next the
3 transaction processing server establishes communications with the
4 programmable logic device, a plurality of new transaction authorisation
5 codes to replace the transaction authorisation codes then stored in the
6 programmable logic device; and
7 to program and store identical new transaction authorisation codes to s replace the transaction authorisation codes then stored in the 9 telecommunications client. 0 1 20. A financial transaction verification system substantially as described in this 2 specification with reference to the accompanying drawings. 3 4 21. A method of verifying a financial transaction substantially as described in this 5 specification with reference to the accompanying drawings.
PCT/ZA2006/000022 2005-02-14 2006-02-14 System for processing financial transactions WO2006094316A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
ZA200606754A ZA200606754B (en) 2005-02-14 2006-08-14 GSM Transaction Management System

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA200501285 2005-02-14
ZA2005/01285 2005-02-14

Publications (2)

Publication Number Publication Date
WO2006094316A2 true WO2006094316A2 (en) 2006-09-08
WO2006094316A3 WO2006094316A3 (en) 2009-05-07

Family

ID=36941918

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/ZA2006/000022 WO2006094316A2 (en) 2005-02-14 2006-02-14 System for processing financial transactions

Country Status (2)

Country Link
WO (1) WO2006094316A2 (en)
ZA (1) ZA200606754B (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008089522A1 (en) * 2007-01-25 2008-07-31 A & Mt Projects Pty Limited Multi factor authorisations utilising a closed loop information management system
WO2011050811A3 (en) * 2009-10-28 2011-08-18 Mspay Aps Transaction method and system
US8285648B2 (en) 2006-09-29 2012-10-09 Dan Scammell System and method for verifying a user's identity in electronic transactions
US10042589B2 (en) 2015-03-11 2018-08-07 Secure Cloud Systems, Inc. Encrypted data storage and retrieval system
CN111932127A (en) * 2020-08-11 2020-11-13 广元量知汇科技有限公司 Intelligent manufacturing production management system
US11012722B2 (en) 2018-02-22 2021-05-18 Secure Cloud Systems, Inc. System and method for securely transferring data
US11329963B2 (en) 2018-02-22 2022-05-10 Eclypses, Inc. System and method for securely transferring data
US11405203B2 (en) 2020-02-17 2022-08-02 Eclypses, Inc. System and method for securely transferring data using generated encryption keys
US11522707B2 (en) 2021-03-05 2022-12-06 Eclypses, Inc. System and method for detecting compromised devices
US11720693B2 (en) 2021-03-05 2023-08-08 Eclypses, Inc. System and method for securely transferring data

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020147913A1 (en) * 2001-04-09 2002-10-10 Lun Yip William Wai Tamper-proof mobile commerce system
US20030004876A1 (en) * 2001-06-29 2003-01-02 David Jacobson Mobile terminal incorporated with a credit card
US20030023566A1 (en) * 2000-03-03 2003-01-30 Tomonori Fujisawa Authenticating method
US20030191945A1 (en) * 2002-04-03 2003-10-09 Swivel Technologies Limited System and method for secure credit and debit card transactions
US20040039709A1 (en) * 2002-01-23 2004-02-26 Petri Pirhonen Method of payment
US20040098350A1 (en) * 2002-08-08 2004-05-20 Fujitsu Limited Framework and system for purchasing of goods and srvices
US20040250068A1 (en) * 2001-09-03 2004-12-09 Tomonori Fujisawa Individual certification method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030023566A1 (en) * 2000-03-03 2003-01-30 Tomonori Fujisawa Authenticating method
US20020147913A1 (en) * 2001-04-09 2002-10-10 Lun Yip William Wai Tamper-proof mobile commerce system
US20030004876A1 (en) * 2001-06-29 2003-01-02 David Jacobson Mobile terminal incorporated with a credit card
US20040250068A1 (en) * 2001-09-03 2004-12-09 Tomonori Fujisawa Individual certification method
US20040039709A1 (en) * 2002-01-23 2004-02-26 Petri Pirhonen Method of payment
US20030191945A1 (en) * 2002-04-03 2003-10-09 Swivel Technologies Limited System and method for secure credit and debit card transactions
US20040098350A1 (en) * 2002-08-08 2004-05-20 Fujitsu Limited Framework and system for purchasing of goods and srvices

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8285648B2 (en) 2006-09-29 2012-10-09 Dan Scammell System and method for verifying a user's identity in electronic transactions
WO2008089522A1 (en) * 2007-01-25 2008-07-31 A & Mt Projects Pty Limited Multi factor authorisations utilising a closed loop information management system
WO2011050811A3 (en) * 2009-10-28 2011-08-18 Mspay Aps Transaction method and system
US10042589B2 (en) 2015-03-11 2018-08-07 Secure Cloud Systems, Inc. Encrypted data storage and retrieval system
US10452320B2 (en) 2015-03-11 2019-10-22 Secure Cloud Systems, Inc. Encrypted data storage and retrieval system
US11012722B2 (en) 2018-02-22 2021-05-18 Secure Cloud Systems, Inc. System and method for securely transferring data
US11329963B2 (en) 2018-02-22 2022-05-10 Eclypses, Inc. System and method for securely transferring data
US11770370B2 (en) 2018-02-22 2023-09-26 Eclypses, Inc. System and method for transferring data
US11405203B2 (en) 2020-02-17 2022-08-02 Eclypses, Inc. System and method for securely transferring data using generated encryption keys
US11979498B2 (en) 2020-02-17 2024-05-07 Eclypses, Inc. System and method for securely transferring data using generated encryption keys
CN111932127A (en) * 2020-08-11 2020-11-13 广元量知汇科技有限公司 Intelligent manufacturing production management system
US11522707B2 (en) 2021-03-05 2022-12-06 Eclypses, Inc. System and method for detecting compromised devices
US11720693B2 (en) 2021-03-05 2023-08-08 Eclypses, Inc. System and method for securely transferring data

Also Published As

Publication number Publication date
ZA200606754B (en) 2008-10-29
WO2006094316A3 (en) 2009-05-07

Similar Documents

Publication Publication Date Title
WO2006094316A2 (en) System for processing financial transactions
US7533065B2 (en) Advanced method and arrangement for performing electronic payment transactions
US5915023A (en) Automatic portable account controller for remotely arranging for transfer of value to a recipient
US8500008B2 (en) Method and system of electronic payment transaction, in particular by using contactless payment means
JP4490618B2 (en) Payment transaction method and payment transaction system
US7580885B2 (en) Electronic money settlement method using mobile communication terminal
US20030191945A1 (en) System and method for secure credit and debit card transactions
US8887997B2 (en) Method for making secure a transaction with a payment card, and center for authorizing implementation of said method
US9098845B2 (en) Process of selling in electronic shop accessible from the mobile communication device
EP1772832A1 (en) Method of making secure payment or collection transactions using programmable mobile telephones
WO2003083793A2 (en) System and method for secure credit and debit card transactions
US20030119554A1 (en) Method and arrangement for performing a cashless payment transaction
NO309346B1 (en) Procedure for carrying out money transactions using a mobile phone system
US20060095291A1 (en) System and method for authenticating users for secure mobile electronic transactions
WO2002007110A2 (en) System and methods of validating an authorized user of a payment card and authorization of a payment card transaction
WO2005001670A2 (en) Transaction verification system
US20140344157A1 (en) Method and device for carrying out cashless payment
EP1872316A1 (en) A method of authenticating a user of a network terminal device and a system therefor
US9342664B2 (en) Method to make payment or charge safe transactions using programmable mobile telephones
US20190066114A1 (en) System and method for purchasing using biometric authentication
CA2561479A1 (en) Payment method and system
WO2004049621A1 (en) Authentication and identification system and transactions using such an authentication and identification system
WO2004090825A1 (en) System for secure transactions
WO2008015637A2 (en) Mobile payment method and system
US20060100961A1 (en) Automated teller machine, a personal wireless device and methods of transferring funds therebetween

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200606754

Country of ref document: ZA

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06740971

Country of ref document: EP

Kind code of ref document: A2