U.S. patent application number 10/586128 was filed with the patent office on 2007-07-19 for electronic transaction system and a transaction terminal adapted for such a system.
This patent application is currently assigned to AXALTO S.A.. Invention is credited to Michel Leger, Jean-Paul Mengus, Dominique Quesselaire.
Application Number | 20070168300 10/586128 |
Document ID | / |
Family ID | 34610238 |
Filed Date | 2007-07-19 |
United States Patent
Application |
20070168300 |
Kind Code |
A1 |
Quesselaire; Dominique ; et
al. |
July 19, 2007 |
Electronic transaction system and a transaction terminal adapted
for such a system
Abstract
A system for performing electronic transaction comprises:--a
human interface module SPED comprising a keypad KP, a display D, a
card reader CR, a processing means MP and an internal bus B for
connecting these elements,--a hosting means HT connectable to the
human interface module SPED through connection means C1, said
hosting means comprising a scheduler means ES, a processing means
and a memory HTR, communication means CR, and a power supply PS,
EPS,--a gateway means VTS connectable to the hosting means HT
through a telecommunication network TN, the gateway means VTS being
a virtual terminal server
Inventors: |
Quesselaire; Dominique;
(Cachan, FR) ; Mengus; Jean-Paul; (Montmagny,
FR) ; Leger; Michel; (Meudon, FR) |
Correspondence
Address: |
OSHA LIANG L.L.P.
1221 MCKINNEY STREET
SUITE 2800
HOUSTON
TX
77010
US
|
Assignee: |
AXALTO S.A.
MEUDON
FR
|
Family ID: |
34610238 |
Appl. No.: |
10/586128 |
Filed: |
January 13, 2005 |
PCT Filed: |
January 13, 2005 |
PCT NO: |
PCT/IB05/00070 |
371 Date: |
July 17, 2006 |
Current U.S.
Class: |
705/79 |
Current CPC
Class: |
G06Q 20/347 20130101;
G06Q 20/32 20130101; G06Q 20/20 20130101; G06Q 20/027 20130101;
G07F 7/1075 20130101; G07F 7/10 20130101; G07G 1/14 20130101; G06Q
20/4012 20130101; G06Q 20/409 20130101; G07G 1/0009 20130101; G06Q
20/4014 20130101 |
Class at
Publication: |
705/079 |
International
Class: |
G06Q 99/00 20060101
G06Q099/00; H04L 9/00 20060101 H04L009/00 |
Foreign Application Data
Date |
Code |
Application Number |
Jan 16, 2004 |
EP |
0429*0122.3 |
Claims
1. A system for performing electronic transaction comprises: a
human interface module (SPED) comprising a keypad, a display, a
card reader, a first processing means and an internal bus for
connecting the keypad, the display, the card reader and the
processing means, a hosting means connectable to the human
interface module through connection means, said hosting means
comprising a scheduler means, a second processing means and a
memory, a communication means, and a power supply, a gateway means
connectable to the hosting means through a telecommunication
network, said gateway means being a virtual terminal server.
2. The system of claim 1, wherein a transaction service provider
host is connectable to the gateway means.
3. The system of claim 1, wherein the human interface module
further comprises a printer.
4. The system of claim 1, wherein the gateway means comprises a
security module for performing secure communication with the
hosting means.
5. A transaction terminal comprising: a human interface module
comprising a keypad, a display, a card reader, a first processing
means and an internal bus for connecting the keypad, the display,
the card reader and the processing means, and a hosting means
connectable to the human interface module through connection means,
said hosting means comprising a scheduler means, a second
processing means and a memory, communication means, and a power
supply.
6. The system of claim 2, wherein the human interface module
further comprises a printer.
7. The system of claim 2, wherein the gateway means comprises a
security module for performing secure communication with the
hosting means.
8. The system of claim 3, wherein the gateway means comprises a
security module for performing secure communication with the
hosting means.
9. The transaction terminal of claim 5, wherein the transaction
terminal is connected to a gateway means through a
telecommunication network, wherein said gateway means is a virtual
terminal server.
10. The system of claim 9, wherein said gateway means is connected
to a transaction service provider host.
11. The system of claim 5, wherein the human interface module
further comprises a printer.
12. The system of claim 5, wherein the gateway means comprises a
security module for performing secure communication with the
hosting means.
Description
FIELD OF THE INVENTION
[0001] The invention relates to electronic transaction systems and
transaction terminals adapted to perform electronic transaction. An
electronic transaction is for example a payment transaction
enabling payment of goods at a merchant store or a healthcare
transaction enabling a patient to recover fees paid at the doctor,
borrowing a book in a library etc . . .
BACKGROUND OF THE INVENTION
[0002] The payment terminal market is experiencing a price war, and
at the same time due to the Europay MasterCard Visa EMV migration,
new functionality are required. Further, the telecommunication
environment is changing the global architecture of the transaction
scheme.
[0003] Today, a transaction terminal has all the capabilities and
resources to handle a transaction, namely: a PIN pad (keyboard for
entering the user Personal Identification Number), a printer, a
display, a card reader (either magnetic stripe card or
microprocessor card), processing power and memory.
[0004] The features required from the transaction terminal are more
and more resource demanding. The result is that the processing
power and the memory size need to be increased. At the same time
the security specifications become more and more severe.
OBJECT AND SUMMARY OF THE INVENTION
[0005] Therefore it is an object of the present invention to
provide an electronic transaction system and a transaction terminal
adapted for such a system that overcomes the at least one
shortcoming of the prior art methods and terminals.
[0006] The idea of the invention is to leverage on the capabilities
of the telecommunication network, mobile telecommunication industry
and the fact that processing power is more and more available (e.g.
on personal computer PC, personal digital assistant PDA, mobile
phone, or telecommunication router, etc . . . ). According to the
invention, instead of having all the resources in one terminal, the
resources are distributed as follows: [0007] 1) a secured human
interface module (Secured PIN Entry Device: SPED) comprising a
display, a keypad, a smart card reader and/or a magnetic card
reader and possibly a printer, [0008] 2) an electronic scheduler
(e-scheduler), for example analog to Subscriber Identity Module SIM
based, comprising a transaction terminal task manager, ciphering
means and merchant contract management means (identification, fees,
etc . . . ), [0009] 3) a hosting device (PC, mobile phone, PDA, etc
. . . ) having processing means, memory and communication means,
and [0010] 4) a gateway in the network or a remote server
connectable to a service provider (of a bank or a financial
institution, of a healthcare institution, etc . . . ).
[0011] The gateway have different functionality, for example:
[0012] translation of protocols compliant with bank or healthcare
institution (message format), [0013] transaction uploading, [0014]
parameter downloading, [0015] application boot downloading, [0016]
floor limit management (i.e. a level requiring an authorization for
processing the transaction) by card holder, [0017] data mining
capabilities (loyalty programs, data consolidation for multilane
merchant applications,local black, gray, . . . list management, etc
. . . ), [0018] secure communication with the e-scheduler.
[0019] Due to the significant decrease of the telecommunication
cost, the system according to the invention enables a substantial
cost reduction of the price of the transaction terminal.
BRIEF DESCRIPTION OF THE DRAWINGS
[0020] The following detailed description, given by way of example,
will be best understood with the accompanying drawings in
which:
[0021] FIG. 1 represents schematically an electronic transaction
system according to the invention,
[0022] FIG. 2 illustrates a particular embodiment of a transaction
terminal adapted for a system according to the invention, and
[0023] FIG. 3 illustrates different embodiments of a hosting device
in an electronic transaction system according to the invention.
DETAILED DESCRIPTION OF THE INVENTION
[0024] An example of payment transaction involving for example a
mobile phone (e.g. compliant with GSM) will be described in more
details in relation with FIG. 1. A human interface module SPED is
connected by a wire or a wire-less connection C1 to a hosting
terminal HT, for example a mobile phone. The hosting terminal HT
enables to communicate with an application host or virtual terminal
server VTS through an existing public or private telecommunication
network TN. The virtual terminal server VTS is further able to
communicate by adapted communication means and networks C2 with the
information processing systems of bank(s) BH.
[0025] The human interface module SPED comprises a keypad KP, a
display D, a card reader CR, a processing means MP connected to
each other by an internal bus B. The human interface module SPED
can also comprise a printer P. Advantageously, the human interface
module SPED is secured in the sense that it is tamper evident or
tamper proof. This means that a user is able to know (for example
by seeing that the module was broken) When a fraud tentative to get
his PIN is going to occur.
[0026] The hosting terminal HT is equipped with a security module
or e-scheduler ES. The security module ES is comparable to a
Subscriber Identity Module SIM card as currently used in the field
of mobile telephony. The hosting means HT is connectable to the
human interface module SPED through connection means C1. The
processing means and the memory HTR of hosting means can be used by
the scheduler means ES for helping in performing various task. The
hosting means HT also comprises communication means CR for
exchanging data using the telecommunication network TN. A power
supply either internal PS, e.g. a battery or external EPS, e.g.
electricity network are a source of energy to the hosting terminal
HT and also to the human interface module SPED.
[0027] The payment terminal comprises the hosting terminal, i.e.
the mobile phone, the human interface module SPED and the security
module ES. The payment terminal performs the phases of the
transaction which involves directly the following actors: the
merchant who need to be paid for goods sold or services offered and
the customer carrying the means of payment (a bank or a credit
card). The transaction phases comprises the entry of the amount to
be paid with the keypad KP, reading and authentication of the bank
or credit card through the card reader CR and the processing means
MP, entry of the PIN code through the keypad KP, displaying of the
instruction to be followed on the display D, possibly editing of
payment ticket with the printer P. The human interface module SPED
executes these transaction phases under the e-scheduler ES control.
However, the human interface module SPED executes totally
autonomously the treatments regarding security (display the message
asking for PIN code entry, entry of the PIN code, presentation of
the PIN code to the card, generation of the ciphered PIN data . . .
).
[0028] The communication between the human interface module SPED
and the e-scheduler ES through the mobile phone is secured by
ciphered data exchange. The cryptographic keys are generated
uniquely after a mutual identification of the human interface
module SPED and the e-scheduler ES.
[0029] In an analogous way, the communication between the virtual
terminal server VTS and the e-scheduler ES through the mobile phone
HT and the telecommunication network TN is secured by mutual
identification proceeding and the used of cryptographic keys. The
virtual terminal server VTS can comprise a security module EL
(e-link) analog to a SIM card. The security module EL can be in
relationship with one or more e-scheduler(s). The main task of the
security module EL is to allow a secure communication of data
between the virtual terminal server VTS and the hosting terminal HT
(in the present example the mobile phone).
[0030] The e-scheduler uses its host HT (in the present example the
mobile phone) to store bulky data without any security requirements
connection: e.g. fonts definition, printing format, etc . . . The
e-scheduler ES and the virtual terminal server VTS contributes to
carry out in a distributed way an equivalent of a payment
transaction currently carried out on a point-of-sale or payment
terminal. A virtual terminal can be seen when considering the
addition of all the functionality of the human interface module
SPED, the hosting terminal HT including the e-scheduler ES and the
virtual terminal server VTS including the security module e-link
EL.
[0031] The scheduler means ES is specific to the electronic
transaction application to be performed for example a banking
application, or a healthcare application, etc . . .
[0032] FIG. 2 shows a particular embodiment of a transaction
terminal adapted for a system according to the invention in which
the human interface module SPED and the hosting terminal HT are
grouped in one device ATB. This device can be a specific device
which include all the functionality of the human interface module
SPED and the hosting terminal HT. Alternatively, it can also be for
example a personal computer PC, a personal digital assistant PDA,
or a mobile phone In all these examples, advantageously, the device
is tamper evident or tamper proof, so that a user knows when a
fraud tentative to get the user PIN is occurring.
[0033] FIG. 3 shows schematically different embodiments of a
hosting device in an electronic transaction system according to the
invention, from top to down of the Figure a personal computer PC, a
network hub HUB, a personal digital assistant PDA, and a mobile
phone MT respectively. The links shown on the Figure between the
different devices/systems/terminals can be wired or wireless. The
e-scheduler ES and the security module e-link EL are inserted or
connected into the respective devices in an appropriate manner,
known by the man skilled in the art.
[0034] With the system of the invention, it is possible to cheaply
adapt the whole system to different type of electronic transaction
banking, healthcare, library . . . simply by changing the scheduler
means ES. Also it is possible to use the resources where they are
already available, e.g. the hosting terminal or the virtual
terminal server (the gateway) while having a basic and cheap but
secure human interface module.
* * * * *