U.S. patent application number 12/124658 was filed with the patent office on 2008-11-20 for system and method for facilitating electronic financial transactions using a mobile telecommunication device.
This patent application is currently assigned to CONCEPTM COMPANY LIMITED. Invention is credited to Joseph Chan, Kevin Cheng, Peter Chui, Raymond Fung, Rudolph Lee, Gary Leung, Shahen Mekertichian, Andrew Mitchell.
Application Number | 20080288351 12/124658 |
Document ID | / |
Family ID | 3833044 |
Filed Date | 2008-11-20 |
United States Patent
Application |
20080288351 |
Kind Code |
A1 |
Leung; Gary ; et
al. |
November 20, 2008 |
System and Method for Facilitating Electronic Financial
Transactions Using a Mobile Telecommunication Device
Abstract
A transaction processing system for processing a transaction
between a supplier and a customer, said system comprising a
supplier device for initiating the transaction, a system server and
a mobile communication device, said device containing a message
processing program module for enabling local verification of the
transaction within the mobile device, wherein a transaction message
is sent from the supplier device to the system server, a message
requesting payment for the transaction is sent from the system
server to the mobile communication device, the transaction is
authorised and verified at the mobile telecommunications device
from which a verification message is sent back to the system
server, and the transaction is then processed.
Inventors: |
Leung; Gary; (Hongkong,
HK) ; Lee; Rudolph; (Melbourne, AU) ; Cheng;
Kevin; (Forestville, AU) ; Chui; Peter; (St
Leonardo, AU) ; Mitchell; Andrew; (Voyager Point,
AU) ; Mekertichian; Shahen; (Sydney, AU) ;
Fung; Raymond; (St. Ives, AU) ; Chan; Joseph;
(Hong Kong, HK) |
Correspondence
Address: |
MARSHALL, GERSTEIN & BORUN LLP
233 S. WACKER DRIVE, SUITE 6300, SEARS TOWER
CHICAGO
IL
60606
US
|
Assignee: |
CONCEPTM COMPANY LIMITED
Causeway Bay
CN
|
Family ID: |
3833044 |
Appl. No.: |
12/124658 |
Filed: |
May 21, 2008 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
10497739 |
Apr 14, 2005 |
7379920 |
|
|
PCT/AU02/01635 |
Dec 4, 2002 |
|
|
|
12124658 |
|
|
|
|
Current U.S.
Class: |
705/14.26 ;
705/44; 713/170; 726/4 |
Current CPC
Class: |
H04M 15/68 20130101;
H04L 63/12 20130101; G06Q 20/40 20130101; H04M 2215/0196 20130101;
G06Q 30/0603 20130101; H04L 63/10 20130101; G06Q 20/3229 20130101;
G06Q 20/3223 20130101; G06Q 20/42 20130101; H04W 4/24 20130101;
G06Q 20/382 20130101; G06Q 30/06 20130101; H04W 8/26 20130101; G06Q
20/3255 20130101; G06Q 20/3674 20130101; H04W 4/00 20130101; H04W
12/082 20210101; G06Q 30/0225 20130101; G06Q 20/32 20130101; G06Q
20/20 20130101 |
Class at
Publication: |
705/14 ; 713/170;
726/4; 705/44 |
International
Class: |
G06Q 30/00 20060101
G06Q030/00; H04L 9/32 20060101 H04L009/32; G06Q 40/00 20060101
G06Q040/00 |
Foreign Application Data
Date |
Code |
Application Number |
Dec 4, 2001 |
AU |
PR9260 |
Claims
1-54. (canceled)
55. A message processing program module, for use in a mobile
communication device, which device forms part of a transaction
processing system, said program module comprising: (a) mobile
device data storage means containing a customer security criterion;
(b) message receiving means for receiving the a transaction request
message from system server; (c) transaction authorisation means
adapted to: (i) extract transaction data and supplier identifying
indicia contained in the transaction request message; (ii) generate
and display, on a visual display screen of the mobile communication
device, a text message containing transaction data, the supplier
identifying indicia and a request for a customer either to:
authorise the transaction, by making a first pre-determined entry
in a keypad of the mobile device, said predetermined entry
including a secret identification parameter of the customer, or
decline the transaction, by making a second pre-determined entry in
the keypad; (d) verification message generation means adapted to:
(i) receive an authorisation order generated by the first
pre-determined entry into the keypad; (ii) following receipt of
said authorisation order, verify that an identification parameter
matches the customer security criterion in the mobile device data
storage means and, if they do match, generate a verification
message, said verification message containing contents of the
transaction request message; and (iii) encrypt the verification
message to generate a secure verification message. (e) decline
message generation means adapted to: (i) receive a decline order
generated by the second pre-determined entry into the keypad; and
(ii) generate and send a decline transaction message, following
receipt of said decline order; and (f) message transfer means for
transferring the secure verification message or the decline message
to the mobile communication device for sending to the system
server.
56. A message processing program module according to claim 55,
wherein the customer security criterion is a personal
identification number (PIN) of the customer.
57. A message processing program module according to claim 55,
wherein the secure verification message, sent from the mobile
communication device to the system server, comprises a binary data
stream.
58. A transaction processing system, comprising: (a) a supplier
device for initiating a transaction between a customer and a
supplier; (b) a transaction processing server adapted to process
said transaction; and (c) a system server adapted to receive
messages from, and forward messages to, the supplier device, the
transaction processing server and a mobile communication device;
wherein: (i) the supplier device is adapted so that, when
initiating a transaction, the supplier device forwards a
transaction initiation message to the system server; and (ii) the
system server is adapted so that: after receiving said transaction
initiation message, the system server sends a first transaction
authorisation request to the mobile communication device; the
system server receives a secured first transaction verification
message from the mobile communication device in response to said
authorisation request; upon receipt of said secured first
transaction verification message, the system server sends a second
transaction authorisation request to the transaction processing
server; the system server receives a second transaction
verification message from the transaction processing server; and
provided the second transaction verification message satisfies
predetermined criteria, the system server sends a first transaction
approval message to said supplier device.
59. A transaction processing system according to claim 58, said
system being further adapted to send a second transaction approval
message to said mobile communication device if the second
transaction verification message satisfies predetermined
criteria.
60. A system server for facilitating an electronic financial
transaction, said system server being adapted to communicate with a
supplier device, a mobile communication device of a customer and a
transaction processing server, wherein said system server is
further adapted to: (a) receive a transaction initiation message
from the supplier device, said message containing certain customer
identifying indicia; (b) identify the customer by reference to
customer identifying indicia; (c) send a first transaction
authorisation request to the mobile communication device of the
identified customer in response to receiving the transaction
initiation message; (d) receive a secured first transaction
verification message from the mobile communication device; (e) send
a second transaction authorisation request to the transaction
processing server; (f) receive a second transaction verification
message from the transaction processing server; and (g) send a
first transaction approval message to said supplier device if the
second transaction verification message satisfies predetermined
approval criteria.
61. A system server according to claim 60, said server being
further adapted to send a second transaction approval message to
said mobile communication device if the second transaction
verification message satisfies predetermined approval criteria.
62. A method of facilitating an electronic financial transaction
between a supplier and a customer, using a system server, which is
adapted to communicate with a supplier device, a mobile
communication device of a customer and a transaction processing
server, wherein the system server performs the steps of: (a)
receiving a transaction initiation message from the supplier
device; (b) sending a first transaction authorisation request to
the mobile communication device in response to receiving the
transaction initiation message; (c) receiving a secured first
transaction verification message from the mobile communication
device; (d) sending a second transaction authorisation request to
the transaction processing server; (e) receiving a second
transaction verification message from the transaction processing
server; and (f) sending a first transaction approval message to
said supplier device if the second transaction verification message
satisfies predetermined approval criteria.
63. A method according to claim 62, further including the step of
sending a second transaction approval message to said mobile
communication device if the second transaction verification message
satisfies predetermined criteria.
64. A method according to claim 62, wherein the supplier device has
a display screen and the method includes the step of displaying the
first transaction approval message on the display screen.
65. A method according to claim 64, wherein the supplier device is
in communication with a printer and the step of displaying the
first transaction approval message includes displaying the message
by sending to the printer a print command which corresponds to the
message.
66. A method according to claim 64, wherein the mobile
communication device is further adapted to receive the second
transaction approval message from the system server and to display
said message on the display screen.
67. A method according to claim 66, wherein the mobile
communication device is programmed to require entry of a customer's
personal identification details before the secured transaction
verification message is sent to the system server.
68. A method according to claim 67, wherein the personal
identification details are selected from a personal identification
number (PIN), a password and a security key.
69. A method according to claim 62, wherein the first transaction
verification message is digitally secured using customer
identification data.
70. A method according to claim 69, wherein the customer
identification data is selected from the group consisting of a
mobile telephone number, a customer account number, a personal
identification number (PIN), a password and a security key.
71. A method according to claim 62, wherein the first transaction
verification message includes a customer verification that the
customer authorises the transaction to proceed.
72. A method according to claim 62, wherein the transaction
approval message comprises a positive indication from the
transaction processing server that the transaction has been, is
being, or will be processed.
73. A method according to claim 62, wherein the system server
reviews a database for a coupon applicable to the transaction.
74. A method according to claim 73, wherein the system server sends
a notification to the supplier device for confirmation of the
coupon availability.
75. A method according to claim 62, wherein the mobile
communication device is a mobile telephone or a cellular telephone.
Description
TECHNICAL FIELD
[0001] The present invention relates to a system and method for
facilitating electronic financial transactions. More particularly,
one aspect of the invention relates to a system and method for
facilitating electronic financial transactions between a goods or
services provider and a consumer using a system server in
communication with a supplier device, a mobile communication device
and a transaction processing server.
[0002] The present invention also relates to a system and method
for sending service suggestion messages to mobile communication
devices. It also relates to a method of confirming the validity of
a service suggestion.
BACKGROUND ART
[0003] A number of proposals have been made to enable electronic
financial transactions to be conducted using mobile phones. Some of
these involve the transmission of a customer's mobile telephone
number over the internet to a supplier's website. In such a system,
the supplier's site transmits the telephone number, a supplier
identifier and a relevant product reference to a management server
which then contacts the customer by sending an SMS message to the
mobile telephone number. The customer then provides his or her
consent to the transaction and may provide an identifying
authentication. The management server then sends a message to the
supplier's site confirming the customer's consent and the supplier
may then arrange for delivery of the relevant product (eg, see
PCT/FR00/03440). Such a system has a very low level of security
and, therefore, users of such a system run a significant risk that
messages transmitted over the system (which may include
confidential identifying criterion, such as a PUV) may be
intercepted and used fraudulently.
[0004] Another system which has been developed is one in which the
circuitry of the mobile telephone is programmed to incorporate the
customer's bank account number and may contain "consistency
information" of the customer's bankcard. Accordingly, the system
functions by means of the bank account number (or bankcard number)
being transmitted by the mobile telephone for the purposes of
effecting the financial transactions (eg. see PCT/FR99/01605). A
problem with this system is that it also involves a low level of
security with the relevant bank account details being transmitted
and subject to interception by unauthorised persons.
[0005] Another example is the system described in Australian Patent
Application Number AU 200051840 entitled "System and process for
remote payments and transactions in real time by mobile telephone".
This system also provides for the processing of payments and
transactions between consumers and service providers, by way of a
mobile telephone network. However, this system has a number of
disadvantages, namely: [0006] 1. The telecommunication and account
management functions are performed by the same server. In many
countries, government regulations prohibit telecommunication
carriers from functioning as financial institutions. In order for
this system to work as claimed, it has to perform both
telecommunication and banking functions. [0007] 2. Having the
telecommunication and account management functions performed by the
same server compromises the security of the system and renders the
accounts of users more vulnerable to being accessed by unauthorised
persons than is the case if the telecommunication and account
management functions are performed by (more secure) server which is
separate from the telecommunication server. This is a concern given
that the server contains confidential information of the customer
(eg a PIN). [0008] 3. The user's PIN (or "secret identification
code") is transmitted over the wireless network from the user's
mobile phone to the main server. This provides the opportunity for
third parties to tap into the wireless transaction and learn the
user's PIN. They can then use the PIN to fraudulently conduct
further transactions. [0009] 4. The system is a simple
browser-based system, with the messages to and from the system
server being sent over the network as text messages (eg, SMS
messages). The procedure for verifying the user's identity is
effected by a text message being sent from the system server to the
customer's mobile telephone, requesting the customer to enter his
or her personal identification code (eg, PIN). The PIN is
transmitted over the network and the verification is conducted
within the system server. Again, this gives rise to a low level of
security with the danger that the PIN could be intercepted by an
unauthorised person. [0010] 5. The system is very network-dependent
and, for it to work effectively, a complex arrangement of data
storage means and checks need to be conducted to identify the type
of mobile phone of the user and then to determine the relevant
network on which the mobile phone operates. [0011] 6. The system
involves a complicated and expensive arrangement of verification
means, databases, account management means, confirmation messages
and acceptances messages which interact in a complex manner.
[0012] This has the effect of slowing down the system and
increasing the likelihood of errors or failures occurring.
DEFINITIONS
[0013] Throughout this specification (unless the context requires
otherwise), the terms:
[0014] "electronic financial transaction" and "electronic
transaction" are intended to mean "non-cash (or non-cheque)"
financial transactions and may include transactions effected by
electronic, electromagnetic wireless, radio, telephonic (or other
similar) means or by any combination of these;
[0015] "comprise", or variations such as "comprises" or
"comprising", will be understood to imply the inclusion of a stated
element, integer or step, or group of elements, integers or steps,
but not the exclusion of any other element, integer or step, or
group of elements, integers or steps;
[0016] "service provider" is intended to refer to any person or
entity which provides goods and/or services; and
[0017] "service suggestion" is intended to refer to any suggestion,
invitation or offer relating to the provision, sale or purchase of
any goods or services.
DESCRIPTION OF THE INVENTION
[0018] According to a first aspect of this invention, there is
provided a transaction processing system for processing a
transaction between a supplier and a customer, said system
comprising: [0019] (a) a supplier device for initiating a
transaction between the supplier and the customer, said supplier
device including: [0020] (i) supplier device data storage means for
storing supplier identifying indicia; [0021] (ii) supplier device
data receiving means for receiving transaction data and
customer-supplied customer identifying indicia, said transaction
data including the monetary amount of the transaction; [0022] (iii)
supplier device message generation means for generating a
transaction message containing the supplier identifying indicia,
the transaction data and the customer identifying indicia; and
[0023] (iv) supplier device telecommunication means for sending the
transaction message to a system server and for receiving messages
from the system server; [0024] (b) the system server which
includes: [0025] (i) server data storage means for storing supplier
information and customer information; [0026] (ii) server
telecommunication means for sending and receiving messages to and
from the supplier device and a mobile communication device of the
customer; [0027] (iii) server verification means: [0028] for
verifying that the supplier identifying indicia and the customer
identifying indicia in the transaction message match corresponding
indicia within the supplier information and the customer
information, respectively; and [0029] for issuing either a
transaction proceed order or a transaction terminate order based on
result of said verification; [0030] (iv) server message generation
means for generating either: [0031] a transaction denied message
following receipt of a transaction terminate order; or [0032] a
transaction request message following receipt of a transaction
proceed order, said message containing, the supplier identifying
indicia, the transaction data, the customer identifying indicia,
and a unique transaction identifier which is different for each
transaction; [0033] and for transmitting the transaction denied
message or the transaction request message to the server [0034]
telecommunication means for the sending of said message to the
mobile communication device; [0035] (c) the mobile communication
device of the customer, comprising: [0036] (i) mobile device
telecommunication means for receiving messages from and sending
messages to the system server; [0037] (ii) a message processing
program module comprising: [0038] mobile device data storage means
containing a customer security criterion; and [0039] transaction
authorisation means adapted to extract the transaction data and the
supplier identifying indicia contained in the transaction request
message, received by the mobile communication device, and to
generate and display, on a visual display screen of the mobile
communication device, a message containing the transaction data,
the supplier identifying indicia and a request for the customer
either to: [0040] authorise the transaction, by making a first
pre-determined entry in a keypad of the mobile device, said
predetermined entry including a secret identification parameter of
the customer, or [0041] decline the transaction, by making a second
predetermined entry in the keypad; [0042] (iii) verification
message generation means adapted to: [0043] receive an
authorisation order generated by the first pre-determined entry
into the keypad; [0044] following receipt of said authorisation
order, verify that the identification parameter matches the
customer security criterion in the mobile device data storage means
and, if they do match, generate a verification message, said
verification message containing contents of the transaction request
message; and [0045] encrypt the verification message to generate a
secure verification message. [0046] (iv) decline transaction
message generation means adapted to: [0047] receive a decline order
generated by the second pre-determined entry into the keypad; and
[0048] generate a decline transaction message, following receipt of
said decline order; and [0049] (v) message transfer means for
transferring the secure verification message, or the decline
transaction message, to the mobile device telecommunication means
for sending to the system server; [0050] (d) a transaction
processing server, in secure communication with the system server,
comprising: [0051] (i) means for receiving the secure verification
message; [0052] (ii) means for decrypting the secure verification
message; and [0053] (iii) processing means for: identifying a
customer account associated with the customer identifying indicia;
identifying a supplier account associated with the supplier
identifying indicia; arranging for said customer account to be
debited by the monetary amount of the transaction; and arranging
for said supplier account to be credited by said monetary
amount.
[0054] A particularly advantageous feature of the above system is
the message processing program module. This module enables the
transaction to be verified locally by the customer on his or her
mobile communication device (eg a mobile phone). In this way, the
secret identification parameter (eg a personal identification
number (PIN)) is not transmitted to the server. Accordingly, there
is no possibility of the PIN being intercepted in transit.
Similarly, the server does not contain any reference to the secret
identification parameter and there is therefore no prospect of the
parameter being accessed or viewed on the server by an unauthorised
person. The security of the above system is further enhanced by the
encryption of the transaction verification message and by the
digital signature which may optionally be attached to the
message.
[0055] The customer identifying indicia is a typically a mobile
telephone number of said mobile communication device. However,
alternatively, it can be some other number or code which is
recognisable by the system server as being the identifying number
or code of the customer. When a number or code is used, which is
different from the mobile telephone number, the system server will
need to locate the mobile telephone from its data storage means (by
reference to the provided number or code). The unique transaction
identifier of the transaction request message is typically assigned
by the system server.
[0056] The transaction data further may further include, in
addition to the monetary amount of the transaction, one or more of
the following: time of the transaction; nature of the goods and/or
services being purchased; monetary amount of particular goods
and/or services of the transaction; and any discount or surcharge
applied by the supplier.
[0057] The customer security criterion is typically a personal
identification number (PIN) of the customer.
[0058] The transaction message, the transaction request message and
the verification message are preferably formed as mobile data
messages, which, for example, may be selected from SMS messages,
GPRS messages and UTMS messages.
[0059] The secure verification message, sent from the mobile
communication device to the system server, should be a non-text
message and will preferably comprise a binary data stream. The
transaction message and the transaction request message may also
comprise binary data streams. This provides even further security
to the system as, even if they are intercepted, they would not be
able to be comprehended.
[0060] It is particularly preferred that the system server also
includes digital signature recognition means; and that the
verification message generation means is further adapted to create
and attach to the secure verification message a digital signature
which is adapted to be recognised by the recognition means. This
adds a substantial further level of security to the transaction
verification message.
[0061] The transaction authorising means of the program module may
be further adapted to include, in the request within the message
generated by said authorising means, a further option to enable the
customer to indicate that the monetary amount of the transaction is
to be varied. This enables the customer to provide a tip or
gratuity, for instance at a restaurant or cafe. This option is
typically exercisable by a third predetermined entry being made in
the keypad. In this situation, the transaction authorising means
will typically be adapted, upon receipt of the third predetermined
entry being made, to: [0062] (a) generate a query message querying
the amended monetary amount to which the customer wants the
monetary amount amended; [0063] (b) receive said amended monetary
amount input by the customer; and [0064] (c) amend the monetary
amount of the transaction data to the amended monetary amount.
[0065] As will be apparent, if the monetary amount is so amended
then, in all subsequent messages which contain the monetary amount,
the amended monetary amount should be substituted for the monetary
amount.
[0066] In one preferred embodiment, the message processing program
module is contained in a SIM card. Although this is convenient and
advantageous, it is not essential as other means for incorporating
the program module into a mobile communication device can readily
be contemplated.
[0067] In this system, it is generally desirable that each message
have attached thereto a transaction code representative of the
relevant message. This enables the device which receives the
message readily to recognise whether it is a message which it
should be receiving for the purpose of processing a financial
transaction under this system.
[0068] Therefore, it is desirable that: [0069] (a) the transaction
message sent to the system server includes a predetermined
transaction message code (eg 001); [0070] (b) the transaction
request message sent to the mobile communication device contains a
predetermined request message code (eg 002); [0071] (c) the
verification message sent to the system server contains a
predetermined verification message code (eg 003);
[0072] wherein said codes are recognisable by the receiving system
server or device and said receiving system server or device are
adapted to discontinue the transaction if the relevant message does
not contain its predetermined code.
[0073] In a preferred embodiment of this invention, the server data
storage means of the system server further includes benefits
information concerning the availability of benefits offered by
system-subscribed suppliers, and the system server further
includes: [0074] (a) checking means adapted to determine whether
the server data storage means contains any benefits information
concerning any benefits which are, or may be, available in respect
of, or in association with, the transaction; [0075] (b) means for
generating a benefit notification message if any relevant benefit
is located and for transmitting this notification message to the
server telecommunication means for sending to the supplier device,
said notification message containing details of the located benefit
and a request for the supplier to verify or deny availability of
the benefit.
[0076] In this embodiment of the invention, the supplier device
would typically further include benefit processing means adapted
to: [0077] (a) receive and display the benefit notification
message; [0078] (b) receive a verification input or a denial input
from the supplier; and [0079] (c) upon receipt of a verification
input, revise the monetary amount to a revised monetary amount to
accommodate any discount associated with said benefit and to send
to the system server a benefit confirmation message containing the
revised monetary amount; or [0080] (d) upon receipt of a denial
input, send a benefit denial message to the system server.
[0081] As would be apparent, if the monetary amount is so revised,
as contemplated above, in all subsequent messages which contain the
monetary amount, the revised monetary amount will be substituted
for the monetary amount.
[0082] The above benefits may be discounts (including discount
coupons), special deals (eg "2 for 1" deals), special offerings of
products and services or other similar offers.
[0083] In a further preferred embodiment, the server data storage
means further includes a transaction database adapted to capture
desired details of each transaction. These desired transaction
details include one or more of the following: [0084] (a) the
transaction data; [0085] (b) desired additional transaction data
including some or all of, date of transaction, amount of any
discount provided; and the goods or serves covered by the
transaction; and [0086] (c) customer identifying indicia, and
supplier identifying indicia.
[0087] The transaction processing server should be in secure
communication with a financial institution server, said financial
institution server adapted to transfer funds, corresponding to the
monetary amount, to the supplier account and to record a
corresponding debit in the customer account. Typically, the
transaction processing server communicates with the financial
institution server via a payment gateway.
[0088] The transaction processing server may further include
account record means for keeping a record of the supplier account,
the customer account and all debits and credits associated with
these accounts.
[0089] In the present system, it is further preferred that: [0090]
(a) the transaction processing server is adapted to send, upon
completion of the transaction, a transaction complete message to
the system server; and [0091] (b) the system server is adapted to
send said transaction complete message to either or both of the
supplier device and the mobile communication device.
[0092] A beneficial feature of the above system is the relative
simplicity of the system server and the message flow to and from
this server.
[0093] According to a second aspect of this invention, there is
provided a message processing program module, for use in a mobile
communication device, which device forms part of the transaction
processing system described above, said program module comprising:
[0094] (a) mobile device data storage means containing a customer
security criterion; [0095] (b) message receiving means for
receiving the transaction request message from the system server;
[0096] (c) transaction authorisation means adapted to: [0097] (i)
extract transaction data and the supplier identifying indicia
contained in the transaction request message; [0098] (ii) generate
and display, on a visual display screen of the mobile communication
device, a text message containing the transaction data, the
supplier identifying indicia and a request for the customer either
to: [0099] authorise the transaction, by making a first
pre-determined entry in a keypad of the mobile device, said
predetermined entry including a secret identification parameter of
the customer, or [0100] decline the transaction, by making a second
pre-determined entry in the keypad; [0101] (d) verification message
generation means adapted to: [0102] (i) receive an authorisation
order generated by the first pre-determined entry into the keypad;
[0103] (ii) following receipt of said authorisation order, verify
that the identification parameter matches the customer security
criterion in the mobile device data storage means and, if they do
match, generate a verification message, said verification message
containing contents of the transaction request message; and [0104]
(iii) encrypt the verification message to generate a secure
verification message. [0105] (e) decline message generation means
adapted to: [0106] (i) receive a decline order generated by the
second pre-determined entry into the keypad; and [0107] (ii)
generate and send a decline transaction message, following receipt
of said decline order; and [0108] (f) message transfer means for
transferring the secure verification message or the decline message
to the mobile device telecommunication means for sending to the
system server.
[0109] As noted above, this program module is a unique feature
which substantially improves the security of the abovementioned
system. Incorporated in the program module is means for enabling
self-verification by a user completely at the user's mobile device,
without any message (containing the secret identification
parameter) having to be sent from the mobile device to the system
server. The program module also provides for the verification
message to be encrypted and (optionally) digitally signed which
substantially improves the security of the system.
[0110] As is also noted above, the customer security criterion is
preferably a personal identification number (PIN) of the
customer.
[0111] The security of the system is further enhanced by forming
the secure verification message, sent from the mobile communication
device to the system server, of a binary data stream.
[0112] As noted above, the message processing program module is
preferably (but not necessarily) contained in a SIM card.
[0113] In a third aspect of this invention, there is provided a
method of processing a transaction between a supplier and a
customer, using a transaction processing system according to any
one of claims x to y, said method comprising the following steps:
[0114] (a) within the supplier device: [0115] (i) receiving
transaction data and customer-supplied customer identifying
indicia; [0116] (ii) generating a transaction message containing
the supplier identifying indicia (obtained from data storage means
within the supplier device), the transaction data and the customer
identifying indicia; [0117] (iii) transmitting the transaction
message to the supplier device telecommunications means; and [0118]
(iv) sending the transaction message to the system server; [0119]
(b) within the system server: [0120] (i) receiving the transaction
message; [0121] (ii) verifying that the supplier identifying
indicia and the customer identifying indicia in the transaction
message match corresponding indicia within the supplier information
and customer information (stored in data storage means within the
server); [0122] (iii) issuing either a transaction proceed order or
a transaction terminate order based on result of said verification;
[0123] (iv) transmitting the transaction proceed order or the
transaction terminate order to the server message generation means;
[0124] (v) generating, within the server message generation means,
either: [0125] a transaction denied message following receipt of a
transaction terminate order; or [0126] a transaction request
message following receipt of a transaction proceed order, said
message containing, the supplier identifying indicia, the
transaction data, the customer identifying indicia, and a unique
transaction identifier which is different for each transaction;
[0127] (vi) transmitting the transaction denied message or the
transaction request message to the server telecommunications means;
[0128] (vii) sending the transaction denied message to the supplier
device or sending the transaction request message to mobile device
telecommunication means of the customer; [0129] (c) within the
mobile communication device: [0130] (i) receiving, within the
telecommunication means of the mobile device, the transaction
request message; [0131] (ii) transmitting the transaction request
message to receiving means within a message processing program
module; [0132] (iii) said module: [0133] extracting transaction
data and supplier data from the transaction request message; [0134]
generating and displaying, on a visual display screen of the mobile
communication device, a message containing the transaction data,
the supplier identifying indicia and a request for the customer
either to: [0135] authorise the transaction, by making a first
pre-determined entry in a keypad of the mobile device, said
predetermined entry including a secret identification parameter of
the customer, or [0136] decline the transaction, by making a
second-predetermined entry in the keypad; [0137] receiving an
authorisation order generated by the first pre-determined entry
into the keypad; [0138] following receipt of said authorisation
order, verifying that the identification parameter matches the
customer security criterion in the mobile device data storage means
and, if they do match, generating a verification message, said
verification message containing the contents of the transaction
request message; [0139] encrypting the verification message to
generate a secure verification message; [0140] transferring the
secure verification message to the mobile device telecommunication
means; [0141] (iv) sending the secure verification message to the
system server.
[0142] The above method will typically involve further standard
steps, including forwarding the secure verification message onto
the transaction processing server. At the transaction processing
server, the secure message verification is decrypted. This
decryption enables the transaction processing server to identify a
customer account associated with the customer identifying indicia
and to identify a supplier account associated with the supplier
identifying indicia. Typically, the transaction processing server
then arranges for said customer account to be debited by the
monetary amount of the transaction and for said supplier account to
be credited by said monetary amount.
[0143] The abovementioned unique transaction identifier of the
transaction request message is typically assigned by the system
server. It is particularly preferred that the transaction message,
the transaction request message and the verification message are
mobile data messages, which may be selected from SMS messages, GPRS
messages and UTMS messages.
[0144] In order to enhance the security of the above system and
method, a self-designed test digital certificate may be issued on
each of the system components. These certificates are then used to
sign all messages communicating between the system components.
[0145] For example, each outgoing transmission may consist of a
digital signature, the public key of the centre's digital
certificate and an octal representation of the XML content. The
digital signature is created with the private key of the sender.
The receiver will be able to use the public key to verify the
signature.
[0146] The test certificates are typically installed in the
personal certificate store locally in each component. If one of the
components runs multiple system components, then that component may
contain multiple certificates.
[0147] In a further aspect of this invention, there is provided a
transaction processing system, including: [0148] (a) a supplier
device for initiating a transaction between a customer and a
service provider; [0149] (b) a transaction processing server
adapted to process said transaction; and [0150] (c) a system server
adapted to receive messages from, and forward messages to, the
supplier device, the transaction processing server and a mobile
communication device;
[0151] wherein: [0152] (i) the supplier device is adapted so that,
when initiating a transaction, it forwards a transaction initiation
message to the system server; and [0153] (ii) the system server is
adapted so that: [0154] after receiving said transaction initiation
message, it sends a first transaction authorisation request to the
mobile communication device, [0155] it may receive a secured first
transaction verification message from the mobile communication
device in response to said authorisation request; [0156] upon
receipt of said secured first transaction verification message, it
sends a second transaction authorisation request to the transaction
processing server; [0157] it receives a second transaction
verification message from the transaction processing server; and
[0158] provided the second transaction verification message
satisfies predetermined criteria, it sends a first transaction
approval message to said supplier device.
[0159] Preferably, the system server is further adapted to send a
second transaction approval message to said mobile communication
device if the second transaction verification message satisfies
predetermined criteria.
[0160] In a still further aspect, the present invention provides a
system server for facilitating an electronic financial transaction,
said system server being adapted to communicate with a supplier
device, a mobile communication device of a customer and a
transaction processing server, wherein said system server is
further adapted to: [0161] (a) receive a transaction initiation
message from a supplier device, said message containing certain
customer identifying indicia; [0162] (b) identify the customer by
reference to customer identifying indicia; [0163] (c) send a first
transaction authorisation request to the mobile communication
device of the identified customer in response to receiving the
transaction initiation message; [0164] (d) receive a secured first
transaction verification message from the mobile communication
device; [0165] (e) send a second transaction authorisation request
to the transaction processing server; [0166] (f) receive a second
transaction verification message from the transaction processing
server; and [0167] (g) send a first transaction approval message to
said supplier device if the second transaction verification message
satisfies predetermined approval criteria.
[0168] Preferably, the system server is further adapted to send a
second transaction approval message to said mobile communication
device if the second transaction verification message satisfies
predetermined approval criteria.
[0169] In yet another aspect, the present invention provides a
method of facilitating an electronic financial transaction using a
system server, which is adapted to communicate with a supplier
device, a mobile communication device and a transaction processing
server, wherein the system server performs the steps of: [0170] (a)
receiving a transaction initiation message from the supplier
device; [0171] (b) sending a first transaction authorisation
request to the mobile communication device in response to receiving
the transaction initiation message; [0172] (c) receiving a secured
first transaction verification message from the mobile
communication device; [0173] (d) sending a second transaction
authorisation request to the transaction processing server; [0174]
(e) receiving a second transaction verification message from the
transaction processing server; and [0175] (f) sending a first
transaction approval message to said supplier device if the second
transaction verification message satisfies predetermined approval
criteria.
[0176] Preferably, the method further includes the step of sending
a second transaction approval message to said mobile communication
device if the second transaction verification message satisfies
predetermined criteria.
[0177] Preferably, the supplier device has a display screen and the
step of displaying the transaction acceptance and rejection
messages includes displaying those messages on the display
screen.
[0178] Alternatively, the supplier device may be in communication
with a printer and the step of displaying the transaction
acceptance and rejection messages includes displaying those
messages by sending to the printer a print command which
corresponds to the messages.
[0179] Preferably, the mobile communication device is further
adapted to receive a transaction approval message from the system
server, and to display the transaction approval message on the
display screen.
[0180] Preferably, the mobile communication device is programmed to
require entry of a user's personal identification details (such as
a PIN number or password and a security key) before the secured
transaction verification message is sent to the system server.
[0181] Preferably, the first transaction verification message will
be digitally secured using some customer identification data (such
as a personal identification (PIN), secret number, password or the
like and a security key). The first transaction verification
message preferably includes a customer verification that the
customer authorises the transaction to proceed.
[0182] The transaction approval message may simply be a positive
indication from the transaction processing server that the
transaction may proceed.
[0183] Preferably, the mobile communication device is a mobile
phone or cellular phone.
[0184] Any discussion of documents, acts, materials, devices,
articles or the like which has been included in the present
specification is solely for the purpose of providing a context for
the present invention. It is not to be taken as an admission that
any or all of these matters form part of the prior art base or were
common general knowledge in the field relevant to the present
invention as it existed before the priority date of each claim of
this application.
BRIEF DESCRIPTION OF THE DRAWINGS
[0185] Preferred embodiments of the aspects of this invention will
now be described, by way of example only, with reference to the
accompanying drawings in which:
[0186] FIG. 1 is a schematic flow diagram illustrating an
embodiment of the system and the method of this invention;
[0187] FIG. 2 is a simplified flow diagram illustrating the
processing of a transaction according to the invention;
[0188] FIG. 3 is a simplified flow diagram illustrating initial
steps in the method of the invention which occur at a supplier
device (eg supplier point of sale);
[0189] FIG. 4 is a simplified flow diagram illustrating other steps
in the method of the invention which occur at the system
server;
[0190] FIG. 5 is a simplified flow diagram illustrating later steps
in the method of the present invention which occur at a customer's
mobile device (or mobile communication device); and
[0191] FIG. 6 is a simplified flow diagram illustrating further
steps in the method of the present invention which occur at the
system server.
[0192] FIG. 7 is a schematic diagram of an embodiment of the system
of present invention showing further detail of the components of
the system server.
[0193] FIG. 8 is a transactional flow diagram illustrating an
embodiment of the system and method of this invention.
[0194] FIG. 9 is a logic flow diagram showing transaction
initiation steps of an embodiment of the method of this
invention.
[0195] FIG. 10 is a large flow diagram showing benefit notification
steps of a preferred embodiment of the method of this
invention.
[0196] FIG. 11 is a large flow diagram showing benefit confirmation
steps of a preferred embodiment of the method of this
invention.
[0197] FIG. 12 is a logic flow diagram of transaction request steps
of an embodiment of the method of this invention.
[0198] FIG. 13 is a logic flow diagram of 3 steps associated with
transmitting the verification message to the transaction processing
system in an embodiment of the method of this invention.
[0199] FIG. 14 is a logic flow diagram of transaction approval
steps of an embodiment of the method of this invention.
[0200] FIG. 15a and 15b constitute a menu flow diagram of
transaction request steps associated with an embodiment of the
method of this invention.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
[0201] In a preferred embodiment, the present invention provides a
system and process for facilitating electronic financial
transactions between a goods and services provider and a consumer
using a system server in communication with a supplier device, a
mobile communication device, a system service and transaction
processing server. The invention includes a system and method for
conducting credit/debit payment services between a goods/services
provider ("supplier") and a consumer ("customer") using wireless
communication devices.
[0202] One version of the system and process is illustrated in the
flow diagram of FIG. 1 which shows the steps involved in processing
(or facilitating) a transaction according to the invention. The
present invention allows a customer of goods and services to
initiate a credit/debit payment by providing the supplier of goods
and services with a pre-defined client identifier, such as a mobile
telephone number, which is provided by a third party system
operator.
[0203] As can be seen from FIGS. 1 and 2, an embodiment of the
system of this invention includes a supplier device 1 (eg a
supplier terminal); a system server 2, a mobile communication
device 3 of a customer, and a transaction processing server 4. The
supplier device 1, the system server 2, the mobile communication
device 3 and the transaction processing server 4 are adapted to
communicate by means of messages. The system server 2 and the
transaction process server 4 are in wired (and secured)
communication. However, the system server 2, the mobile
communication device 3, and the supplier device 1 are only in
wireless communication with each other and, accordingly, they
communicate by means of mobile data messages.
[0204] In the process of this invention, once a transaction is
initiated between a customer and a supplier, the customer provides
to the supplier customer identifying indicia (typically the mobile
telephone number of the mobile communication device 3 (which is
typically a mobile telephone). For the system to operate, the
customer and the supplier must be subscribers to the system and
their respective identifying indicia must be recorded in the system
server 2.
[0205] As depicted in FIG. 1 and FIG. 3, in order to process the
transaction, a transaction message (a) is sent from the supplier
device 1 (controlled by the supplier), to the system server 2. The
transaction message (a) includes the customer identifying indicia
and supplier identifying indicia. The supplier identifying indicia
is typically embedded in data storage means of the supplier device
1 (or it could be entered manually).
[0206] As shown in FIG. 4, upon receipt of the transaction message
(a) the systems server conducts a preliminary verification to
verify that the customer identifying indicia and the supplier
identifying indicia are recorded in data storage means within the
system server 2. If either of these indicia are not recognised by
the system server 2, the transaction will not proceed further and a
corresponding message may be sent back to the supplier device
1.
[0207] The transaction message (a) may further include a
transaction message code identifiable by the system server 2 so
that if a purported transaction message is received by the system
server 2 without a transaction message code, the system server 2
will not recognise the message as having been sent by a subscriber
to the system. In such a situation, the transaction will not
proceed.
[0208] Following verification of the customer identifying indicia
and the supplier identifying indicia of the transaction message,
the system server 2 may conduct a review of its database(s) to
determine if there is a record of an applicable coupon (eg a
discount or promotional coupon) being redeemable with the supplier
in respect of the transaction. As shown in FIG. 1, if such a coupon
is located, the system server 2 is adapted to generate and send a
coupon notification message (b) to the supplier device 1. The
supplier device 1 is programmed then to prompt the supplier to
confirm or deny the availability of the coupon and, if available,
to send a coupon confirmation message (c) back to the system server
2. The coupon notification and confirmation procedure is entirely
optional and will not apply in respect of all transactions or all
suppliers linked to the system.
[0209] Following verification of the customer identifying indicia
and the supplier identifying indicia in the transaction message
(and, where applicable, following receipt of the coupon
confirmation message), the system server 2 is adapted to generate
and send a transaction request message (d) to the mobile
communication device 3. The transaction request message (d)
typically contains a unique transaction identifying code (applied
by the system server 2), the customer identifying indicia, the
supplier identifying indicia and transaction data. At the least,
the transaction data includes the amount payable under the
transaction. Where a coupon has been confirmed as being available
in respect of the transaction, the transaction data will include
the amount payable as altered (eg reduced) by virtue of the
coupon.
[0210] The mobile communication device 3 receives the transaction
request message and undertakes a self-verification process
described further below.
[0211] Following verification that the customer wishes to proceed
with the transaction, the mobile communication device 3 generates a
verification message. This verification message contains contents
of the transaction request message (d) but is encrypted to generate
a secure verification message (e) which is sent to the systems
server 2. This secure verification message (e) may further include
a digital signature, forming part of the message, for added
security.
[0212] The secure verification message (e) may also include a
verification message code identifiable by the system server so
that, if a purported verification message is received by the system
server 2 without the verification message code, the transaction
will not proceed further.
[0213] Upon receipt of the secure verification message (d), the
system server 2 transmits it to the transaction processing server
4. The system server 2 is in wired communication with the
transaction processing server 4. The transaction processing server
4 is a secure server which contains decrypting means adapted to
decrypt the secure verification message (e). The server 4 is also
adapted to identify (from the customer identifying indicia and the
supplier identifying indicia) the relevant accounts of the customer
and the supplier and to arrange for processing of the financial
transaction. This processing is typically effected in conjunction
with a financial institution 6 which is in communication with the
transaction processing means via a payment gateway 5.
[0214] In one embodiment of this invention, a system is developed
to enable: [0215] third party system operator(s) ("Trusted Agent")
to provide Personal Identification Number ("PIN"), Client
Identifier ("Client Identifier"), and Subscriber Identity Module
card Trusted Key ("Trusted Key") to a customer [0216] the Customer
to initiate a credit/debit payment by providing the Client
Identifier [0217] the Supplier to use the client identifier and the
total invoiced amount to request the Trusted Agent to activate a
payment request to the Customer's wireless communication device
[0218] the Trusted Agent to use the Client Identifier to retrieve
personal information of the Customer from the Trusted Agent's
server system [0219] the Trusted Agent to use the personal
information retrieved, the information of the Supplier, and a
unique transaction number generated by the Trusted Agent server
system ("Transaction Number"), to compile a payment request and
such request is send to the Customer's wireless communication
device through a licensed spectrum or [0220] the Trusted Agent to
send the personal information retrieved, the information of the
Supplier ("Supplier Identity"), and a unique transaction number
generated by the Trusted Agent server system to the Customer's
wireless communication device through a licensed spectrum [0221]
the Customer's wireless communication device to display the payment
request or [0222] the Customer's wireless communication device to
use the Supplier Identity, Transaction Number, and the Personal
Information to compile a payment request and display the payment
request [0223] the Customer to authorise a credit/debit payment in
response to the payment request by inputting the PIN via an input
interface of the Customer's mobile handset [0224] the Customer to
authenticate his/her identity in response to the payment request by
inputting the PIN via the input interface of the Customer's mobile
handset [0225] the system in the Customer's mobile handset to
compile a secured data packet (or transaction verification message)
based on information such as the PIN and the Customer's Trusted
Key. The secured data packet maybe or may not be digitally signed
[0226] the Customer's mobile handset to send the secured data
packet back to the Trusted Agent via the wireless telecommunication
network operating through a licensed spectrum, and [0227] the
secured data packet to be used by the Trusted Agent (or system
server) such that the Customer's identity is authenticated and a
credit/debit payment is authorised, which will result in the
Customer paying the Supplier.
[0228] The method of the present invention involves four main
steps, described below with reference to FIGS. 3 to 6.
[0229] Step 1:
[0230] FIG. 3 is a flow diagram illustrating the first main step in
the method of the present invention which occurs at a point of
sale.
[0231] In this embodiment, the Supplier installs the Supplier
Device (or supplier device) at its point of sales. The Supplier
Device communicates with the Carrier's GSM network and it enables
the Supplier to use the invention. In this embodiment, the Supplier
has a transaction account/supplier service agreement with a bank,
the Customer is enabled with the invention, and the Customer
carries his/her wireless communication device, in this embodiment,
mobile handset, when he/she visits the Supplier ("Mobile
Handset").
[0232] A number of steps occur at the point of sale: [0233] 1.
Assume a Customer decides to buy an item at a shop, ie Supplier,
using the Invention. The Customer is now at the counter waiting to
pay for the item. The cashier operator examine the item and present
an invoice to the Customer [0234] 2. In this embodiment, the
Supplier partners with the Bank and the Carrier to exploit the
Invention. The Supplier therefore offers payment options such as
Cash, Cheque, Debit Card, VISA, Master, AMEX, Diners Club, JCB and
others, as well as the Invention. In alerting the Customer that the
Invention is available as one of the payment options, the Invention
is added to the list of payment modes that are accepted by the
Supplier. This can be in a form of logo/sticker placed around the
cash register [0235] 3. In this embodiment, the Customer chooses to
settle the invoice using the Invention [0236] 4. Through choosing
to use the Invention, the cashier operator asks for the Customer's
Client Identifier, in this embodiment, his/her mobile handset
number [0237] 5. As shown in FIG. 3, the cashier operator types in
the Client Identifier and the amount payable by the Customer
("Amount Payable") into a communication device. In this embodiment,
a GSM device is provided to the Supplier ("Supplier GSM Device") by
the Carrier that is capable of sending text messages via the Short
Messaging System ("SMS"). The Supplier GSM Device is logged onto
the Carrier's wireless telecommunication network through a licensed
spectrum, ie 900 MHz [0238] 6. The Supplier GSM Device sends the
Customer's mobile handset number and the Amount Payable as a
request to the Carrier in a form of SMS message using SMS. The SMS
message is used to activate a payment request to the Customer's
wireless communication device, which, in this embodiment, his/her
mobile handset The request is transmitted from the Supplier GSM
Device to a base station within the GSM telecommunication network
of the Carrier using the 900 MHz-licensed spectrum.
[0239] Step 2
[0240] FIG. 4 is a flow diagram illustrating the second main step
in the method of the present invention which occurs at a
telecommunication carrier (or system server).
[0241] In this embodiment, the Carrier's Short Messaging System
Center ("SMSC") is networked with its server system ("Server
System").
[0242] In one embodiment (and as shown in FIG. 7), the system
server includes two databases: [0243] A) Customer Database (or
"M-Directory DB" as labelled in FIG. 7)--This database contains
relevant information about the Customers and the suppliers.
[0244] The preferred fields are: [0245] Internal customer reference
number (for both customers and suppliers) [0246] Customers' and
Suppliers' name [0247] ICCID, i.e. Customer ID or Supplier ID
[0248] Mobile handset number [0249] B) Transactional Database--This
database keeps an audit trail of all transactions. The database
records the messages related to the transactions.
[0250] FIG. 5 illustrates a number of further sub-steps: [0251] 1.
The Carrier's SMSC receives a SMS message from the Supplier GSM
Device, directing to a special number linking to the Server System
[0252] 2. The Carrier's SMSC routes the SMS message to the Server
System [0253] 3. The Server System receives the SMS message from
the SMSC, with an indicator, (such as Device Number), noting that
the message is sent from the Supplier GSM Device [0254] 4. The
Server System reads the information contained in the SMS message,
ie. the amount payable and the mobile handset number and stores it
in its RAM [0255] 5. In this embodiment, the Server System uses the
mobile handset number to match the data-field within its database,
and retrieve information that is linked to the mobile handset
number. In this embodiment, the information retrieved includes a
record of the Customer, ie first name of the Customer, Mobile
Handset Number of the Customer [0256] 6. The Server System also
uses the Device Number to match the data-field within its database,
and retrieve Supplier information that is linked to the Device
Number. In this embodiment, the Supplier information retrieved
includes name of the Supplier, Supplier id. [0257] 7. In this
embodiment, the Server System assigns a unique transaction number
("Transaction Number") using the Supplier information, the
Customer's information, the time and the Amount Payable. [0258] 8.
The Server System generates a payment request in a form of a SMS
message ("Payment Request"). This message contains data-fields
including first name of the Customer, name of Supplier, Supplier
id, Transaction Number and Amount Payable. [0259] 9. The Server
System sends the Payment Request to the Mobile Handset via the SMSC
of the Carrier's GSM telecommunication network using the 900
MHz-licensed spectrum.
[0260] Step 3
[0261] FIG. 5 is a flow diagram illustrating the third main step in
the method of the present invention which occurs at a user's mobile
device (or mobile communication device). [0262] 1. Upon receiving
the Payment Request, the Mobile Handset passes the SMS message to
the Client System, which reads the Payment Request. The Client
System then command the Mobile Handset to display a text message on
the output interface of the Mobile Handset [0263] 2. In this
embodiment, a text message is displayed on the screen of the Mobile
Handset immediately and automatically. The message contains the
Customer's first name, the Supplier name, the Amount Payable, and a
request to authorise a payment. The Customer checks the text
message and examines the details of the Payment Request, ie
Supplier name and the Amount Payable. The Customer can choose to
either terminate the transaction, ie Amount Payable incorrect, or
proceed with the transaction. In this embodiment, the Customer
decides to proceed with the request and the Customer needs to press
the "OK" button (or similar activating button, icon or the like)
located in the input interface. [0264] 3. In this embodiment, the
Client System receives the command from the Customer to proceed
with the request. The Client System generates a text message to the
mobile handset's screen, prompting the Customer to enter his/her
PIN. The text message repeats the Amount Payable, and provides a
notice to the Customer that he/she is authorising the payment by
entering the PIN. [0265] 4. The Customer enters the PIN and presses
(in this embodiment) the "OK" button located in the input
interface. This action binds the customer to pay the Bank the
Amount Payable, which the Bank in turn settles the invoice with the
Supplier on behalf of the Customer. In this embodiment, the Client
system creates a secured data packet from the Transaction Number,
Amount Payable and the Supplier id. The secured data packet is
digitally signed by a digital signature created from the PIN and
the Trusted Key. [0266] 5. In this embodiment, the Client System
commands the Mobile Handset to send the secured data packet back to
the Server System via the Carrier's wireless telecommunication
network operating through a licensed spectrum.
[0267] Step 4
[0268] FIG. 6 is a flow diagram illustrating the fourth main step
in the method of the present invention which occurs at a
telecommunication carrier (or system server).
[0269] In this embodiment, the secured data packet is received by
the Carrier's base station, which passes it on to its SMSC and then
its Server System. The secured data packet is used such that the
Customer's identity is authenticated and a credit/debit payment is
authorised, which results in the Customer paying the Bank and the
Bank paying the Supplier.
[0270] As shown in FIG. 7 the system server typically consists of 2
primary software components (shown as "Gateway Receiver" and
"Gateway Core") and one or more databases. FIG. 7 shows 2
databases--one being a transaction database ("Transation DB") and
the other is a customer database ("M-Directory DB"). The main
purpose of the Transaction DB is to maintain records in respect of
transactions performed over the system. The databases work in
conjunction with the Gateway Core in order to carry out transaction
logging and to capture itemised bill information.
[0271] The system server is typically built on top of a Message
Oriented Middleware ("MOM"), and Java Messaging Service ("JMS") is
generally specified as the API for accessing the MOM for the
subject messaging system.
[0272] The invention will now be illustrated by reference to the
following example:
EXAMPLE
[0273] FIGS. 9 to 14 are logic flow diagrams showing the flow of
messages within the system of this invention. The steps shown in a
hexagonal border are performed within the Gateway Receiver and
steps contained in rectangular borders are performed in the Gateway
Core. The system server receives a request from the supplier device
("M Payment Request Initialisation Tool") to initiate a
transaction. The message then undergoes certain checks within the
carrier server. A transaction identifier ("MTransID") is added to
the message and the message can then be sent.
[0274] Alternatively (as shown in FIG. 9), before the message is
sent, the system server can check on the availability of any
benefits (eg coupons, product/service offerings and the like) being
offered by the supplier. In order to do this, the system server
checks its database records and if a particular benefit is found,
then the processing steps are implemented.
[0275] The benefit processing steps are shown in FIGS. 10 and 11.
If a benefit is located, a message is sent from the system server
to the supplier device seeking confirmation that the benefit is
available. A supplier reply is then sent from the supplier device
back to the system server confirming whether or not the benefit is
available. If it is, the system server will include an indication
to this effect in the transaction request message sent to the
customer. The system server may need to alter the monetary amount
of the transaction if, for example, a discount is provided by
virtue of the benefit . The benefit need not always be a discount.
It may include other product or service offerings provided by the
supplier.
[0276] Following the benefit processing steps, or if no benefit was
previously located by the system server, the system server then
sends a transaction request message to the customer's mobile phone
requesting verification of the transaction (see FIG. 12). The
customer then, in conjunction with the mobile phone verifies and
authorises the transaction by virtue of the message processing
program module contained in the mobile phone (typically in the SIM
card). If the customer wishes to proceed with the transaction, a
secure verification message (which is typically encrypted and
digitally signed) is sent back to the system server. The
verification message then undergoes certain minor steps (including
checking of the transaction identifier and the message code) and
the verification message is then sent to the transaction processing
server ("MSS") (see FIG. 13).
[0277] As shown in FIG. 14, if the transaction is approved by the
relevant financial institution, the transaction processing server
is notified of this and sends a corresponding message to the system
server. The system server then passes on such a confirmation
message to the supplier device and to the customer's mobile phone.
The transaction is then completed.
[0278] The data flow of the referred embodiment of this invention
(exemplified above) can be summarised as follows: [0279] 1)
Merchant initiates and sends a formatted `Merchant Payment Request
Message` to M Gateway. [0280] The Merchant Payment Request Message
(TransCode=001) data string:
TransCode;DeviceID;MerchantID;Merchant
Name;CustNum;BillNum;AmountRequest;Items->M Gateway
[0280] [0281] 2) M Gateway checks coupon database for coupon
availability for particular purchase. [0282] If no coupon is
available, proceed to step 4. [0283] If coupon is available, send
`Coupon Notification Message` to merchant's M Device. [0284] The
Coupon Notification Message (TransCode=010) data string:
TransCode;MtransID;CustNum;Billnum;CouponNum;
Coupon;CouponExpiry;
[0284] [0285] 3) `Coupon Confirmation Message` returns from
merchant's M Device with the new amount. [0286] The Coupon
Confirmation Message (TransCode=011) data string:
TransCode;MtransID;MerchantID;BillNum;CouponNum; AmountRequest
[0286] [0287] 4) M Gateway transforms the `Merchant Payment Request
Message` to a `Customer Payment Request Message` and routes it to
customer's mobile handset via SMS.
[0288] The Customer Payment Request Message (TransCode=002) data
string:
TransCode;MtransID;MerchantID; BillNum;
AmountRequest;[<MerchantName>requests payment of
<Amount>. u accept?->Customer Mob [0289] 5) Customer
replies the `Customer Payment Request Message` by keying in the PIN
to authorise the transaction. A digitally signed Customer [0290]
Authorisation Message will be sent to M Gateway. [0291] The
Customer Authorisation Message (TransCode=003) data string:
TransCode;MtransID;[MerchantID;CustAccountNo;BillNum;amount];SIGNATURE->-
;M Gateway
[0291] [0292] 6) When M Gateway receives `Customer Authorisation
Message`, it identifies the TransCode and the MtransID and
transfers the secure data packet to the MSS as a `Transaction
Order`. [0293] MSS decrypts the digitally signed customer
authorisation data packet and generates a `Bank Approval Request`.
This Bank Approval Request is then sent to the bank's payment
system. [0294] The Transaction Order (TransCode=004) data
string:
TransCode;MtransID;CustNum;[MerchantID;CustAccountNo;BillNum;amount]
SIGNATURE->MSS
[0294] [0295] 7) MSS sends a `Payment Receipt Message` to M Gateway
when the bank's payment system has acknowledged the transaction
order, verified the transaction detail and approved the
transaction. [0296] The Payment Receipt Message (TransCode=005)
data string:
TransCode;MtransID;CustNum;[ApprovalCode;CTransRefNum];
MerchantID;[ApprovalCode;MTransRefNum;CTrans] Num]->M
Gateway
[0296] [0297] 8) M Gateway transforms the `Payment Receipt Message`
and sends it to the customer's mobile handset via SMS. [0298] The
Payment Receipt Message (TransCode=006) data string (for
customer):
TransCode;MtransID;[ApprovalCode;CTransRefNum]- >Customer
mob
[0298] [0299] 9) M Gateway transforms the `Payment Receipt Message`
and sends it to the merchant via SMS or IP connections. [0300] The
Payment Receipt Message (TransCode=007) data string (for
merchant):
TransCode;MtransID;[ApprovalCode;MTransRefNum;CTransRefNum]->M-Device
Itemised Bill Information Data Flow
[0300] [0301] When itemised bill information is made available from
M Device's bill capture, M Device sends the sales items text string
to M Gateway.
[0302] The Itemised Bill Information (TransCode=009) data string:
TransCode;MerchantID;BillNum;Items
SMS Coupon Data Flow
[0303] When a Coupon is make available by Project M's targeted
life-style suggestion programme, M Gateway generates a SMS Coupon
and sends it to the customer's mobile handset via SMS. [0304] The
SMS Coupon message (TransCode=012) data string (for merchant):
TransCode;MobileNum;CustNum;couponNum;[<MerchantName> offers
you <Coupon> until <CouponExpiry YY-MMM-DD, HH:MM>
[0305] It will be appreciated from the foregoing discussion that
the present invention has a number of advantages over prior art
payment systems and methods. These include: [0306] 1. Real-time
direct customer approval--the invention changes the fundamental
authentication mechanism by adopting wireless communication network
to facilitate real time personal approval and authorisation
capability. The invention is designed to improve the mechanism
through: [0307] The use of a mobile device, such as a mobile phone,
in the authentication process, which is carried out by the phone
user, provides a comprehensive authentication process. This
minimises the possibility of fraud, such as magnetic strip
reproduction and card cloning which has been a major problem in
respect of credit cards. [0308] The customer carries out the
authorisation by entering a unique PIN into his/her own handset;
the suppliers are no longer responsible for POS authentication and
signature verification. The responsibility rests on the customer as
he/she keys-in the PIN. [0309] Customer identification is now
represented by a distinctive SIM card number/phone number, and is
verified real-time by the Trusted Agent SMS network.
[0310] This reduces the authentication risk and limits the
liability of all parties [0311] 2. Secure environment--The
invention enhances the security by adopting SIM card (or similar
software contained in the mobile phone) as the technology platform.
The quality of the SIM card application ensures strong data
confidentiality when secure messages are transported through the
GSM network. Thereby increasing the security level of payment
system. For example: [0312] SIM card can store and compute digital
signatures, which ensure authentication, non-repudiation,
confidentiality and reliability of transactions. [0313] SIM card is
preferably anti-clone, this minimises the chance of fake cards
[0314] SIM Card and GSM network hosting the transaction information
passage also improve traceability and confidentiality. [0315] 3.
Trust Key--the invention enhances overall security by requesting
the Customer to use a SIM card that has a Trust Key as well as a
client system embedded. The Trust Key is expected to provide a
security infrastructure for Bank(s) to implement Private-Public Key
encryption and decryption technology. Thus the financial security
of the Customer is independent from the Carrier(s). [0316] 4.
Greater efficiency--the system of the invention has been designed
to be relatively simple to implement and use. The system server is
not required to carry out detailed vertification/authentication
steps (which are now mainly carried out within the mobile device
(eg mobile phone). Consequently, the server is less expensive to
manufacture and less likely to default than certain prior art
servers. The simplicity of the system leads to greater reliability
and speed of transactions.
[0317] Using the invention described herein, consumers, suppliers
and banks (or other financial institutions) will enjoy a higher
level of security to protect confidential information, reduce the
costs to suppliers and banks by minimising the risk of charge backs
and lower potential consumer or supplier frauds.
[0318] It will be appreciated by persons skilled in the art that
numerous variations and/or modifications may be made to the
invention as shown in the specific embodiments without departing
from the spirit or scope of the invention as broadly described. The
present embodiments are, therefore, to be considered in all
respects as illustrative and not restrictive.
* * * * *