WO2011136730A1

WO2011136730A1 - A method and an apparatus for improved electronic transaction security

Info

Publication number: WO2011136730A1
Application number: PCT/SE2011/050516
Authority: WO
Inventors: Heide Larsson
Original assignee: Show & Pay Ab
Priority date: 2010-04-28
Filing date: 2011-04-27
Publication date: 2011-11-03

Abstract

Provided is a method and arrangement for validating an ownership of a customer card being issued by a first intermediate transaction party (100) and used for an on-line transaction or interaction between a customer (110) and an electronic marketplace or the like (120). The on-line transaction or interaction taking place in a computerised environment being part of a global interconnecting network (130) and the method comprises using an arrangement including a second intermediate transaction party secure server (140) for visually verifying the ownership of the used customer card.

Description

TITLE: A method and an apparatus for improved electronic transaction security TECHNICAL FIELD

The present invention relates to a method and arrangement for secure electronic transactions when purchasing products or making a transaction or making an interaction with a card provider using a debit card or credit card or membership card or loyalty card or employee security card or the like - called "customer card" in the following. More in detail, the invention relates to secure transactions or interactions between a customer and an on-line marketplace or on-line member accounts, fora/forums, etc, in a computerized environment which is part of a global interconnecting network, such as the Internet, or local net such as an intranet, in which the method and apparatus are specially adapted for utilizing an existing customer card processing infrastructure.

BACKGROUND

Stolen customer card information is used worldwide by perpetrators in various card frauds, causing extremely high losses and also causing high extra costs for customers, merchants, insurance companies, banks and credit card companies. The above situation, in conjunction with the Internet being proved to be an efficient channel for marketing both products and services, distributing product information as well as for selecting, ordering and transferring payment for desired products and services, means that there has been a radical increase in exposure to customer card frauds.

Even though numerous approaches and technologies have been suggested for enabling secure electronic transaction or interactions, following an on-line purchase, still no single secure electronic transaction or interaction method has completely been adopted as the overall dominating method, nor has any method been standardized worldwide. The complexity of previously suggested transaction security systems and security methods, which have made them too expensive and often too difficult to use for an ordinary user, have discouraged many merchants from using on-line security systems.

Thus, at present, in a normal on-line purchase or interaction, for example changing membership details, changing staus, booking events or meetings, etc, a customer has to fill in his/her customer card information in a specific payment form, which typically is provided by an on-line marketplace where the on-line purchase is taking place. The online marketplace will validate the on-line purchase by sending the customer card information (i.e. customer card parameters) to the customer's bank or customer card company. Information provided by the customer is thus used in the validation process. The information provided normally includes parameters such as the customer's name, surname, customer card number, validation date and sometimes also the Card Validation Code (CVC) number of the issued customer card.

The purpose of the validation process is to validate that the customer who is making the purchase, is also the same customer who has the customer card in his/her possession and that he or she is the correct holder/owner of the customer card.

If the customer card parameters, which are inputted by the customer, are accurate according to the validation process, the purchase will be approved and the customer will finally receive the ordered product and payment for the ordered product will be charged to the customer's customer card.

However, the validation process above will only be approved if all the necessary parameters are given correctly. For instance, a so-called CVC number is one of the leading security features for customer card transactions, providing an increased protection against customer card fraud.

The initial purpose of the CVC number is to ensure that the data stored on the magnetic stripe of the card is valid and was generated by the issuing bank. Supplying the CVC number in an on-line transaction is intended to verify that the customer has the card in his/her possession and knowledge of the CVC number actually proves that the customer has seen the physical card. The CVC number is not contained on the magnetic stripe, or chip, of the customer card, thus it is not typically included in a purchase transaction when the card is used in a face-to-face situation. However, every electronic on-line transaction method requires a kind of information for "card not present" verification.

A major problem is of course the existence of a large amount of stolen customer card information worldwide. Such stolen customer card information is often found in a 'full package' including; name, surname, customer card number, validation date and sometimes even the CVC number. These 'full packages' of stolen credit/debit card information are constantly used by perpetrators all over the world to make fraudulent purchases.

Another major problem is that the use of the CVC-code is actually difficult to protect against "phishing scams". A phishing scam is where a cardholder is tricked into entering his/her CVC-code, among other card details, via for instance a fraudulent website or by being registered by a vicious 'Trojan' installed on the computer of the customer. The growth in phishing and 'Trojan-attacks' has effectively reduced the efficiency of the CVC- code as an anti-fraud means.

Thus, due to the high risk and rather large possibility of becoming a victim of a customer card fraud, as can be seen by the above, there are several rationales for introducing an improved method and arrangement for verifying the ownership of a customer card when performing on-line transactions or interactions. The security of the card information on a customer card is jeopardized merely by submitting this information on a merchant's website, when purchasing a product. Once thus exposed the card information can possibly be used by any malicious perpetrator to make illegal purchases. Customer card fraud and purchases with stolen customer card information are increasing every day. An explanation is the lack of, or ineffective, mechanisms or technical solutions for verifications which reliably test if the purchasing customer is really the valid card holder. This makes it very easy for perpetrators to use stolen customer card information for illegal purchases via different electronic transactions methods on the Internet or on different mobile phone networks.

SUMMARY

An object of the present invention is to provide a method for validating an ownership of a customer card issued by a first intermediate transaction party, the customer card being used for an on-line transaction or interaction between a customer and an electronic marketplace wherein the on-line transaction or interaction takes place in a computerised environment which is part of a global interconnecting network, the method including using a second intermediate transaction party secure server for validating the ownership of the customer card being used and comprising receiving a request for an on-line transaction or interaction, as a result of an initiated and finalized on-line order, from the electronic marketplace wherein the method comprises re-directing the customer, or presenting the customer with a link, to the second intermediate transaction party secure server and visually presenting a secure webpage, supplied from the second intermediate transaction party secure server, displaying a set of pictures to the customer wherein a specific picture out of the set of pictures representing the customer card used, whereby validation of the ownership of the customer card is achieved by correct identification of the customer card being used for the transaction.

A further object of the present invention is to provide an arrangement enabling validation of ownership of a customer card comprising an intermediate transaction party secure server having an interface which is adapted to receive a customer card picture and customer card information from the first intermediate transaction party and further including a processing system which is adapted to analyzing, categorizing and tagging said received customer card picture.

An advantage of embodiments of the invention is the ease of implementation, i.e. no introduction of additional software packets, like prior art security technologies use, is required. A further advantage is that hardware required for utilizing embodiments of the invention is already present in existing web-based, or mobile phone based, ordering and payment systems. The presence of already present hardware is convenient and enables all intermediate transaction parties, banks and electronic marketplaces with the necessary hardware to realize and quickly implement the invention. These and other aspects and advantages of embodiments of the present invention will become apparent from the following detailed description and from the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS In the following description of embodiments of the invention, reference will be made to the accompanying drawings of which:

FIG.1 is a schematic diagram showing a system overview of a first example of an embodiment of the invention.

FIG.2 is a diagram illustrating an example of the components of the second intermediate transaction party secure server.

FIG.3 is a schematic diagram of an example of computer-readable media that may be associated with the second intermediate transaction party secure server.

FIG.4A illustrates an example of a picture of the issued (and later on used) customer card.

FIG.4B illustrates the picture of the customer card, after the customer card picture has been analyzed by a picture recognition means of the second intermediate transaction party secure server.

FIG.5A and FIG.5B is an illustration of an example of an on-line electronic marketplace, i.e. a web-shop.

FIG.5C illustrates an example of a secure webpage provided by a secure server of the second intermediate transaction party.

FIG.6A illustrates a flowchart disclosing a first embodiment of the invention.

FIG.6B illustrates a flowchart of a further embodiment of the invention.

Fig. 6C illustrates a flowchart of a third embodiment of the invention.

FIG.7A illustrates an example of a picture of the issued (and later on used) customer card. FIG.7B illustrates the picture of the customer card, after the customer card picture has been analyzed in accordance with the third embodiment of the invention by a picture recognition means of the second intermediate transaction party secure server.

FIG. 8 illustrates an example of a secure webpage provided by a secure server of the second intermediate transaction party in accordance with the third embodiment of the invention.

DETAILED DESCRIPTION

Embodiments of present invention will now be described in detail below wherein the embodiments of the invention address and solve the problems related to secure purchases with customer card information via electronic transaction or interaction methods.

As mentioned above, embodiments of present invention are easy to implement, mainly due to the fact that no introduction of additional software packets is required. Therefore, negative customer attitudes towards solutions of the invention caused by the necessity to download and install software are avoided. Moreover, hardware required for utilising the invention is already present in existing web-based or mobile phone based ordering and payment systems, which enables the intermediate transaction party, the banks and the merchants with means to conveniently realize and quickly implement the invention. The purpose of the present invention is not to change the present payment and transaction processes and methods. The present invention is only an independent addition or supplement that can be added as an extra step to the present payment and transaction processes and methods.

Normally a perpetrator has no knowledge of how a customer's customer card looks like in real life; i.e. knowledge about physical attributes of the customer card, such as overlay pictures, size of the card and/or the form of the card. Thus, security may be radically enhanced by asking a customer to select a picture, out of a set of randomized pictures (preferably a minimum of 9 to 20 pictures) of different customer cards presented on a secure webpage. Thus, by requiring the customer to select the picture of a card among the set of pictures of customer cards presented on the secure webpage that matches with the customer card which is supposed to be in the customer's possession, the possibility for the perpetrator to purchase any product by using stolen customer card via electronic transaction methods is reduced or even eliminated. Embodiments of the present invention may be provided by an electronic marketplace as a safety mechanism, to be used by customers to verify possession of a customer card, by selecting the card representing their customer card, in a purchase process within an electronic transaction method. In this way any potential perpetrator will probably fail the verification process, due to lack of knowledge about the visible aspects of the customer card in question. Thereby security is enhanced.

As can be noted, embodiments of present invention are advantageous for all parties involved. This is because customer card fraud scenarios that occur in related technologies can be avoided to a great extent. Parties involved in, or subject to, a possible customer card fraud scenarios are customers, merchants from whom the customer purchases products, and intermediate transaction parties. The intermediate transaction party may for instance be a credit card issuing company, a bank or a PSP (Payment Service Provider). In accordance with the present invention, a perpetrator having stolen a customer card information would fail to validate a money transaction following an order, due to lack of knowledge about the visual appearance of the used customer card which leads to the inability to correctly identify the card among the images of cards presented on the webpage.

In the following the present invention is illustrated by examples in which a transaction such as a purchase is performed, but the invention is equally applicable to interactions in which information is exchanged or amended, thus in the following the term "on-line electronic market place" is intended to also include places where interactions (such as the change of membership information or status or input or the like) take place such as on-line member accounts, fora/forums, etc, and the term "transaction" is also intended to mean interaction. FIG.1 is a diagram showing a system overview of an example of an embodiment of the invention comprising a first intermediate transaction party 100, i.e. a card issuer typically a bank or the like, a customer 110 connected via a wireless or fixed network connection to the system, an on-line electronic marketplace 120, i.e. a web-site for various products or services provided by an on-line merchant, a channel of communication 130 and a second intermediate transaction party secure server 140.

FIG.2 is a diagram illustrating examples of components of the second intermediate transaction party secure server 140, As illustrated, the second intermediate transaction party secure server 140 includes a processing system 210 and an interface 220. Processing system 210 controls the operation of the second intermediate transaction party secure server 140. Processing system 210 also process information received via interface 220. As illustrated, processing system 210 includes processing logic 212 and a memory 214. It will however be appreciated that processing system 210 may include additional and/or different components than those illustrated in FIG.2. Processing logic 212 includes a processor, a microprocessor, an ASIC, an FPGA, or the like. Processing logic 212 processes information received via interface 220. In addition, processing logic 212 generates control messages and/or data messages; typically these comprise a validation information string, a flag or the like, and processing logic 212 causes those control messages and/or data messages to be transmitted via interface 220. By a flag is meant for example a bit, a series of bits, a byte, kbit or kbytes or similar. Processing logic 212 also processes control messages and/or data messages received from interface 220. Memory 214 includes a RAM, a ROM, and/or another type of memory to store data and instructions that may be used by processing logic 212. Interface 120 includes one or more line cards that allow the second intermediate transaction party secure server 140 to transmit data to and receive data from other devices over wired and/or wireless connections. As illustrated, interface 220 may include a specific interface 222 that allows the second intermediate transaction party secure server 140 to communicate, for example, with a server, such as the first intermediate server 140 and/or a server at the electronic marketplace 120. It will be appreciated that interface 220 may include additional interfaces in addition to those illustrated in FIG.2. For example, interface 220 may include an interface for communicating with another network, such as the Internet, wireless networks such as GSM, LTE, WiMAX or any other suitable network. The second intermediate transaction party secure server 140 may perform certain operations in response to processing logic 212 executing software instructions contained in a computer- readable medium, such as memory 214. The software instructions may be read into memory 214 from another computer-readable medium or from another device via interface 220. The software instructions contained in memory 214 causes processing logic 212 to perform processes described below. Alternatively, hardwired circuitry may be used in place of or in combination with software instructions to implement processes described below. Thus, embodiments described in the present application are not limited to any specific combination of hardware circuitry and software.

FIG.3 is a diagram of an example of computer-readable media 300 that may be associated with the second intermediate transaction party secure server 140. It will be appreciated that similar computer-readable media may be associated with the server at the on-line electronic marketplace 120 or a server at the first intermediate transaction party 100. While a single computer-readable media is described below, it will be appreciated that computer-readable media 300 may include additional computer-readable media stored locally elsewhere (e.g., in memory 214), or stored at one or more different and possibly remote locations. As illustrated, computer-readable medium 300 maintains a group of entries in the following exemplary fields: a picturelD field 310 and a card information field 320 i.e. the card information field comprises information relating to card number, name validity and CVC codes. Computer-readable medium 300 may maintain additional or different information than that illustrated in FIG. 3. Example of such information is audio files in an audio file field. Thus, a PicturelD may be associated and linked to one or more audio files. PicturelD field 310 stores a sequence of characters that identifies a picture, such as picture 400, associated with a card number 401 or other type of card information. In an example of an embodiment of the present invention, the sequence of characters is unique for that picture 400. For example, the sequence of characters may correspond to a name. Card information field 320 may store the card number 401 information which is obtained by the second intermediate transaction party secure server 140 linked to the picture 400 identified in picturelD field 310. In one embodiment of the present invention, the card number 401 information may further also include information relating to past and/or current usage of the particular card. For example, the card number 401 information may include information relating to the type-, or class that the card belongs to and/or other types of information that might be useful in determining belongings or verifying ownership of a card. Such type or class may be vehicles typically cars, motorcycles, bikes or the like, humans, family members, pets, animals or the like. FIG.4A illustrates a picture 400 of the issued (and later on used) customer card.

The initial pictures comprises a card number 401, name to whom the card is issued 402, a specific recognition mark or feature 403 and in most cases also a date of validity 404.

FIG.4B illustrates the picture 400 of the customer card, after the customer card picture 400 has been analyzed by an image or picture recognition means, i.e. typically a specific image or picture recognition software code, of the second intermediate transaction party secure server 140. The picture 400 of the customer card provided by the first intermediate transaction party 100 is thus 'cleaned' from all transaction critical card information, such as the card number 401 and the name 402. I.e. both the card number 401 and the name 402 to whom the card is issued will be removed from the actual picture 400, either by blurring, covering up, or by any other suitable removal means. The picture 400 received from the first intermediate transaction party 100 may actually also be more than one; i.e. there could also be comprised a second picture illustrating the back-side of the customer card. Thus, the second intermediate transaction party secure server 140 will comprise a large amount of card information from a plurality of first intermediate transaction parties 100; i.e. card issuing instances and/or banks. It should be noted that the pictures 400 of the customer cards could be categorized in different types, or classes, of pictures. This is especially important due to personalized customer cards having personalized pictures. For example if the picture 400 illustrates a card holder's family member(s), then such a card could be categorized in either a class of humans or faces or the like. It may further be noted that a customer card may be categorized in more than one class or type, depending on its appearance. For instance a customer card illustrating a person sitting on a motorcycle could be categorized in both a class, or a type of humans/faces and/or in a class, or a type, of vehicles/motorcycles. By utilizing classes, or types, as mentioned above, it is possible to display only customer cards having the same, or similar, appearance as the used customer card. I.e. a user having a customer card with a kitten on it, should preferably be displayed only with different customer cards illustrating cats or kittens, thereby making a random guess of which card is correct practically impossible. The above may reduce the chances of second guessing the correct card for a perpetrator. For ease of use, utilization of picture or image recognition software code, to perform the classification of the cards, is preferable.

FIG.5A is an illustration of an example of an on-line electronic marketplace 120, i.e. a web-site 500, for various products or services provided by an on-line merchant. In the on-line electronic marketplace 120 it is possible for a customer 110 to choose desired services or products. In FIG.5A the customer 110 has initiated an electronic on-line order for a selected product 501 , or service 501 , in the on-line electronic marketplace 120. By an electronic market place 120 is meant a place where various products, services or combinations thereof are displayed, or presented, and available for purchase or rent purposes; typically an electronic market place 120 is an Internet shop, a car rental site, or a site providing a service or product and which requires a payment via customer card.

FIG.5B is an illustration of the exemplary on-line electronic marketplace 120 showing that after the initiation of the electronic on-line order, the customer 110 finalizes the order by filling out an on-line form 510, typically an order confirmation page within the domain of the on-line electronic marketplace 120. The filled-in on-line form 510 comprises information such as order value related to the order and some information about the customer card, typically this information is the customer card number 401 , the card validity 404 (i.e. year and month of expiration) and probably also the CVC-number (not illustrated) of the card. After the customer 110 has entered the necessary card information in the on-line form 510, the customer 110 will receive confirmation from the on-line electronic marketplace 120, via any previously established channel 130, that the customer 110 has accepted the order.

FIG.5C illustrates an embodiment of a secure webpage 520 provided by a secure server 140 of the second intermediate transaction party, to which the customer 110 has been re-directed, or has been presented with a link to said secure webpage (link not illustrated). The link has to be followed within a predetermined period of time in order to finalize transaction. The customer 110 will then have the possibility to verify, in the secure webpage 520, that the customer card used is actually in his or her ownership.

FIG.6A illustrates a flowchart disclosing an example of an embodiment of the invention, which will be described in more detail below, wherein

Step 600 illustrates an initial state wherein the second intermediate transaction party secure server 140 is ready for use.

Step 620 is a step where the second intermediate transaction party secure server 140 will receive a request for card validation from the on-line electronic marketplace 120. Step 630 where the customer 110 will be re-directed to a secure webpage 520 (see FIG.5C), provided by a secure server 140 of the second intermediate transaction party, or the customer 110 will be presented with a link (not illustrated) to a secure webpage 520, which is to be followed within a predetermined period of time. The customer 110 will subsequently have the possibility to verify, in the secure webpage 520, that the customer card used is actually in his or her ownership.

Step 640, in this step, the customer 110 is presented with a set 521 of randomized pictures (see FIG.5C) of different customer cards, on the secure webpage 520 provided by the secure server 140. The physical position, or display, of the displayed pictures 521 is preferably dynamic and may change from one time to another and in an example of an embodiment of the invention the positions of the pictures of customer cards will be random at every single time. FIG.6B illustrates a flowchart disclosing a further embodiment of the invention, which will be described in more detail below, wherein;

Step 600 still illustrates an initial state, wherein the first intermediate transaction party 100 provides a picture 400 of the issued (and later on used) customer card, together with the card number 401 , via the channel of communication 130, to the second intermediate transaction party secure server 140.

Step 601 the second intermediate transaction party secure server 140 thus receives the picture 400 of the issued (and later on used) customer card, together with the card information 401, 402, 404. Step 602 the second intermediate transaction party secure server 140 then analyzes the received information 400, 401 , 402, 404 and performs an image recognition, i.e. by means of a special software code module or the like, of the picture 400 in order to establish what type of, or class of, picture 400 has been received.

Step 603 the second intermediate transaction party secure server 140 will then perform a categorization of the picture preferably by utilizing a picture recognition means, i.e. a special software, to establish what type of, or class of, picture 400 is being received and categorizing this into a specific action, event, class or type which are predefined. Different types of classes are mentioned previously, but could for example be 'pets' and also each class preferably having a sub-class, in the above example, the class 'pets' having the sub-classes: 'cats', 'dogs', 'horses' or the like.

Step 604 the second intermediate transaction party secure server 140 will then link the received card information (both picture 400 and number 401) to a unique picturelD. For example, a bank 100 sends a picture 400 and a customer card number 401 of said customer card which has a picture of the bank's logotype 403, to the second intermediate transaction party secure server 140. The second intermediate transaction party secure server 140 will then tag the received picture 400 with a unique picturelD and link it to corresponding card number 401 as described above. The customer card picture 400 will then be analyzed by the picture recognition software of the second intermediate transaction party secure server 140 and tagged with a unique picturelD, which then will be classified into at least one type, or class. In the described embodiment, said class may for instance be "banklogos". Of course the picture 400 of the customer card provided by the first intermediate transaction party 100 will be 'cleaned' from critical card information (see FIG.4B) such as the card number 401 and the name 402. I.e. both the card number 401 and the name 402 to whom the card is issued will be removed from the actual picture 400, either by blurring, covering up, or by any other suitable removal means. The picture 400 received from the first intermediate transaction party 100 may actually also be more than one; i.e. there could also be comprised a second picture illustrating the reverse side of the customer card. Thus, the second intermediate transaction party secure server 140 will usually comprise a large amount of card information from a plurality of first intermediate transaction parties 100; i.e. card issuing instances and/or banks.

Step 605 all information such as picturelD and card information 401, 402, 404 is saved or stored in the memory 214 and may be processed further by the processing system 210 and utilized further via the interface 220 of the second intermediate transaction party secure server 140.

An example of an embodiment of the invention will now be described in detail below disclosing a graphical identification and verification, GIVD, sequence. Step 610, in a first step, the customer 110 enters the on-line electronic marketplace 120, i.e. a web-site 500, for various products 501 or services 501 provided by an on-line merchant, either via Internet, by a mobile phone or by any other suitable electronic means establishing a channel of communication 130.

Step 611 , the customer 110 then initiates (see FIG.5A) an electronic on-line order for a selected product 501 , or service 501, in the on-line electronic marketplace 120.

Step 620, after entering the on-line electronic marketplace 120 and after the initiation of the electronic on-line order, the customer 110 finalizes the order by filling out an on-line form 510, typically an order confirmation page (see, for example, FIG.5B), within the domain of the on-line electronic marketplace 120. Step 621 the filled-in on-line form 510 may comprise information such as order value related to the order and information 401, 402, 404 about the customer card. After the customer 110 has entered the card information 401 , 402, 404 in the on-line form 510, the customer 110 will receive confirmation from the on-line electronic marketplace 120, via any previously established channel 130, that the customer 110 has accepted the order. Step 630 the customer 110 will be re-directed to a secure webpage 520 (see FIG.5C), provided by a secure server 140 of the second intermediate transaction party, or the customer 110 will be presented with a link (not illustrated) to a secure webpage 520, which is to be followed within a predetermined period of time. The customer 110 will then 5 have the possibility to verify, in the secure webpage 520, that the customer card used is actually in his or her possession.

Step 640, in this step, the customer 110 is presented a set 521 of randomized pictures (see FIG.5C) of different customer cards, on the secure webpage 520 provided by the secure server 140. The physical position, or display, of the displayed pictures 521 10 is preferably dynamic and may change from one time to another and in an example of an embodiment of the invention the position of the pictures of customer cards will be random at every single time.

Step 650 the customer 110 is asked to select a picture 400 which is identical to the customer card in his or her possession. The customer 110 then has to mark, or select, the

15 picture 400 which is being identical to the used customer card, out of all displayed pictures 521. The selection preferably must be made within a predetermined period of time, or/and within a predetermined number of attempts. Typically no more than 1 , 2 or 3 attempts are allowed or the attempts have to be performed within a period of typically less than or equal to 60 seconds, preferably less than 50 seconds, more preferably less than

20 30 seconds, even more preferably less than 15 second. Should the customer 110 successfully select the picture 400 showing the correct customer card within the predetermined period of time and/or number of attempts as applicable then the electronic transaction process will continue.

Step 670, if the customer 110 successfully selected the correct picture 400 25 illustrating the customer card being used, then the electronic transaction process will continue and the on-line electronic marketplace 120 will transfer the customer card information 401 , 402, 404 already provided by the customer, to the first intermediate transaction party 100. At the same time validation information will be transferred from the second transaction party secure server 140 to the first transaction party 100. The 30 transferred customer card information 401 , 402, 404 may possibly also be encrypted, using encryption technologies. The first intermediate transaction party 100 is typically a PSP, a customer card issuer company or a bank. The customer card information 401, 402, 404 may be transferred by earlier established systems and devices such as a dial-up terminal, a proprietary network or over secure channels over the Internet or the like. As can be noted, the method does require almost instant confirmation of the customer card validity status and thus there is a need to establish a real-time connection to the second intermediate transaction party. Step 680, depending on whether the first intermediate transaction party 100 is a bank or a customer card issuer, the customer card information may be validated directly. Should however the first intermediate transaction party 100 be a PSP, the customer card information will have to be transferred to the customer's bank or to the customer card issuer company for validation, i.e. the originator of the customer card issuer, for proper charging of the customer card. Subsequently the on-line electronic marketplace 120 will be acknowledged by the first intermediate transaction party 100 about the validation process. Thus a customer unique graphical identifier and verification, GIVD, may enable the customer to validate his or her card via the secure server of the second intermediate party 120 even without use of a SSL certificate. If the payment from the customer was successful, i.e. the on-line electronic marketplace 120 was acknowledged by the first intermediate transaction party 100 about the money transaction; the on-line electronic marketplace 120 will be able to prepare the ordered product/service and enable shipping to the customer 10. If the payment from the customer 110 was un-successful, then the order will be disrupted and no valid order will take place. Step 700, should the customer 110 fail to select the picture 400 showing correct customer card, either after several attempts or after the period of time allowed for the attempts has lapsed, then the electronic transaction process will be disrupted and no valid order or transaction will take place.

Figure 6C shows a flow diagram corresponding to a third embodiment of the present invention. This embodiment is similar to the previous embodiment of the invention but includes a further level of security at step 640' and step 650' - described below. This is obtained by dividing the image of the card into a plurality of security areas and then either informing the customer that an issuer-preselected one or more of these areas to be used as unique identifying security area or areas, in any order or in a certain order, or, at a later time, for example, when the card is to be used for the first time, requiring the customer to preselect one of these areas as a unique identifying security area. Following this, in order to allow a transaction to take place the customer not only has to identify the picture which corresponds to the customer's correct customer card but also must identify the correct preselected security area.

FIG.7A illustrates a picture 400' of the issued (and later on used) customer card. The initial picture comprises a card number 401 , name to whom the card is issued 402, a specific recognition mark or features 403 and in most cases also a date of validity 404.

FIG.7B illustrates the picture 400' of the customer card, after the customer card picture 400 has been analyzed by an image or picture recognition means, i.e. typically a specific image or picture recognition software code, of the second intermediate transaction party secure server 140. The picture 400' of the customer card provided by the first intermediate transaction party 100 is thus 'cleaned' from all transaction critical card information, such as the card number 401 and the name 402. I.e. both the card number 401 and the name 402 to whom the card is issued will be removed from the actual picture 400', either by blurring, covering up, or by any other suitable removal means. Furthermore the picture is provided with a plurality of distinct areas, called security areas 405 in the following, formed, for example by superimposing a grid of lines 406, 407 (shown as dashed lines in the figure, but dotted, solid and/or coloured lines may also be used) on the image. In this example the security areas cover the entire surface of the image, but it is possible to only cover part of the surface with security areas. The image may be provided with a coordinate system 408, 409 of digits and letters to aid identification of a preselected security area 405'. Thus the security area 405' could be identified as "Area B2" or "Area 2B" or "The security area in the second row from the top and the second column from the left".

Thus, following step 630, in step 640', the customer 110 is presented a set 521 of randomized pictures (see FIG. 8) of different customer cards, on the secure webpage 520 provided by the secure server 140. The physical position, or display, of the displayed pictures 521 is preferably dynamic and may change from one time to another and in an example of an embodiment of the invention the position of the pictures of customer cards will be random every single time. A grid of lines is superimposed on each card, thereby dividing each card into a plurality of security areas. Step 650' the customer 110 is asked to mark, or select, a picture 400 which is identical to the customer card in his or her possession and to mark, or select, the security area or areas corresponding to the preselected security area or areas. The customer 110 then has to mark, or select, the picture 400 which is being identical to the used customer card, out of all displayed pictures 521 and also mark or select the preselected security area or areas, selected in any order or in a certain order. The selection preferably must be made within a predetermined period of time, or/and within a predetermined number of attempts. Typically no more than 1 , 2 or 3 attempts are allowed or the attempts have to be performed within a period of typically less than or equal to 60 seconds, preferably less than 50 seconds, more preferably less than 30 seconds, even more preferably less than 15 second. Should the customer 110 successfully select the picture 400 showing the correct customer card and successfully select the preselected security area or security areas, in any or in a certain order, within the predetermined period of time and/or number of attempts as applicable then the electronic transaction process will continue.

According to further embodiments, a special sound or melody may be assigned and linked to a certain a certain picture 400 and/or security area 405 (see figure 7B), i.e. each security area is associated to a unique sound or melody, which corresponding audio file will be activated and played by audio player means when the corresponding picture and/or security area is pointed at by the customer 110. The processing system has audio file player systems, e.g. audio card, loud speaker arrangements, audio player, multi media player, etc. A customer is therefore able to listen and find the correct picture by pointing at a card or security area, and selecting the correct picture and/or security areas. Persons with considerably impaired vision, nearly or totally blind, will appreciate this embodiment as it provides an aid for using secure electronic transaction and interaction systems. For some of these persons, said embodiment of the invention even enables them to use such systems.

According to this alternative, step 601 described above is modified. The second intermediate transaction party secure server 140 thus receives the picture 400 of the issued (and later on used) customer card, together with the card information 401, 402, 404 and an audio file.

Step 602 and Step 603 dos not need to be modified.

Step 604 the second intermediate transaction party secure server 140 will then link the received card information (both picture 400 and number 401) to a unique picturelD and a certain sound or melody in an audio file.

For example, a bank 100 sends a picture 400, an audio file and a customer card number 401 of said customer card which has a picture of the bank's logotype 403, to the second intermediate transaction party secure server 140. The second intermediate transaction party secure server 140 will then tag the received picture 400 with a unique picturelD and link it and the audio file to corresponding card number 401 as described above. Various embodiments of the present invention also solve security issues when it comes to electronic commerce on Internet and purchases made via a mobile phone on a mobile phone network, even though not explicitly exemplified in this specification. Various embodiments of the present invention also solve the issue of purchases with stolen customer card information on the Internet and purchases made via a mobile phone network. As should be noted, the present invention is not limited to the above-described preferred embodiments. Various alternatives, modifications and equivalents may be used. Therefore, the above embodiments should not be taken as limiting the scope of the invention, which is defined by the appended claims.

Claims

1. A method for validating an ownership of a customer card issued by a first intermediate transaction party (100), the customer card being used for an on-line transaction or interaction between a customer (110) and an electronic marketplace (120) wherein the on-line transaction or interaction taking place in a computerised environment which is part of an interconnecting network (130), the method including using a second intermediate transaction party secure server (140) for validating the ownership of the customer card being used and comprising receiving (S620) a request for an on-line transaction or interaction from the electronic marketplace (120) the method characterised by

- re-directing (S630) the customer, or presenting the customer with a link, to the second intermediate transaction party secure server (140); and

- visually presenting (S640), following redirection or activation of the link, a secure webpage (520), from the second intermediate transaction party secure server (140), said webpage displaying a set of pictures (521) to the customer (1 10) wherein a specific picture (400) out of the set of pictures (521) represents the customer card being used, whereby validation of the ownership of the customer card being used is achieved by correct identification of the specific picture of the customer card being used.

2. The method according to claim 1 wherein said specific picture (400) is provided with a plurality of security areas, whereby validation of the ownership of the customer card being used is achieved by correct identification of one or more preselected security areas (405') in addition to said specific picture of the customer card being used.

3. The method according to claim 1 or claim 2 wherein the step of visually presenting (S640) a secure webpage (520) further comprising displaying the set of pictures (521) on randomized positions on the secure webpage.

4. The method according to claim 3 further comprising:

- enabling (S650) the customer (1 10) to select the picture (400) representing the customer card being used out of the set of randomized pictures (521) and, where present, enabling the customer (110) to select the preselected security area (405').

5. The method according claim 4 further comprising: - issuing and transferring (S670) a validation information which states whether or not the customer card information is validly used to the first intermediate transaction party (100).

6. The method according any preceding claim further comprising

- receiving (601) a customer card picture (400) and a customer card information from the first intermediate transaction party (100).

7. The method according claim 6 further comprising

- analyzing (602) the received customer card picture (400) by image recognition means; and

- categorizing (603) the received and analyzed customer card picture (400) into a specific class.

8. The method according claim 7 further comprising

- tagging (604) the received picture (400) with a picturelD (310), linking the received customer card info (320) to said received picturelD (310); and

- storing (605) the picturelD (310), the received picture (400) and the customer card info (320) in a memory (214).

9. The method according claim 7 further comprising

- tagging (604) the received picture (400) with a picturelD (310), linking the received customer card info (320) to said received picturelD (310) and one or more audio files; and

- storing (605) the picturelD (310), the one and more audio files, the received picture (400) and the customer card info (320) in a memory (214).

10. An arrangement enabling validation of ownership of a customer card

characterized by an intermediate transaction party secure server (140) comprising

- an interface (220) adapted to receive a customer card picture (400) and a customer card information from the first intermediate transaction party (100);

- a processing system (210) adapted to analyzing, categorizing and tagging the received customer card picture (400).

11. An arrangement according to claim 10 wherein the processing system (210) comprises

- a processing means (212) being

adapted to analyzing the received customer card picture (400) by image recognition means the processing means (212);

adapted to categorizing the received and analyzed customer card picture (400) into a specific class;

adapted to tagging the received picture (400) with a picturelD (310), linking the received customer card info (320) to said received picturelD (310); and

adapted to providing the validation information to be transmitted;

- a memory (214) adapted to storing the picturelD (310), the received picture (400) and the customer card info (320) in a memory (214).

12. An arrangement according to claims 10 or 11 wherein the interface (220) is further adapted to transmit the provided validation information to the first intermediate transaction party (100).

13. An arrangement according to claims 11 or 12, wherein the memory (214) is adapted to store the picturelD (310), one or more audio files, the received picture (400) and the customer card info (320) in a memory (214).

14. Computer program product for integral installation into existing infrastructure for secure transaction or interactions between a customer (110) and an on-line electronic marketplace (120), the infrastructure being part of a global interconnecting network characterised in that the computer program product being adapted to carry out the method steps of anyone of claims 1-9.