News Column

Patent Application Titled "Hub and Spokes Pin Verification" Published Online

February 13, 2014

By a News Reporter-Staff News Editor at Politics & Government Week -- According to news reporting originating from Washington, D.C. , by VerticalNews journalists, a patent application by the inventor Nilsson, Magnus (Djursholm, SE), filed on March 13, 2012 , was made available online on January 30, 2014 . The assignee for this patent application is Izettle Merchant Services Ab. Reporters obtained the following quote from the background information supplied by the inventors: "Every day an incredible number of debit and credit card payments are made around the world, and the number of payments are steadily increasing. "EMV is the leading payment system specification for debit and credit cards on the market and was jointly developed by the companies Europay International , Mastercard International , and Visa International , hence the abbreviation EMV. To be able to develop a debit and credit card payment system that is capable of using standard EMV approved cards, it is essential that the payment system fulfill the EMV specification. "The majority of debit and credit card payments are still made in stores using bulky and stationary EMV approved point-of-sale (POS) terminals. However, in the last couple of years the interest, both from the public and from companies, of being able to make payments with portable hand-held devices such as mobile phones have grown rapidly. However, the mobile phone is not considered to be a secure device and would not fulfill the requirements for conducting an EMV payment. The main security issue is the input of the personal identification number (PIN) into the mobile phone which could be intercepted by a third party using for instance malicious software. Thus, finding a way to be able to make EMV approved secure debit and credit card payments using ordinary mobile phones are therefore highly sought after." In addition to obtaining background information on this patent application, VerticalNews editors also obtained the inventor's summary information for this patent application: "With the above description in mind, then, an aspect of the present invention is to provide a way to make EMV approved secure debit and credit card payments which seek to mitigate, alleviate, or eliminate one or more of the above-identified deficiencies in the art and disadvantages singly or in any combination. "A first aspect of the present invention relates to a method of conducting electronic credit card payments to a payment acquirer using a merchant's device, comprising a card reader and a mobile phone, a buyer's mobile device and a payment server, wherein said method comprising, initiating an electronic credit card payment transaction by executing a payment application in said merchant's device, entering sales information in said merchant's device, entering a credit card into said card reader of said merchant's device, entering buyer identification information and generating an PIN entry request in said merchant's device, transmitting an encrypted purchase message from said merchant's device to a payment server, wherein said encrypted purchase message comprising at least one of sales information, buyer identification information, PIN entry request and encrypted credit card information read from said credit card in said card reader, receiving and decrypting said encrypted purchase message in said payment server, determining buyer's contact information using said buyer's identification information in said decrypted encrypted purchase message, transmit a PIN code request to a buyer's mobile device based on said buyer's contact information, receiving said PIN code request in said buyer's mobile device, and launching a secure PIN entry application in said buyer's mobile device, entering PIN code in said secure PIN entry application, transmitting a PIN code block comprising encrypted said PIN code to said payment server, receiving said PIN code block in said payment server, determining if a verification of said PIN code is performed off-line or on-line, wherein said off-line verification comprising the steps, i. transmitting said PIN code block from said payment server to said merchant's device, ii. decrypting said PIN code block and verifying said PIN code block against PIN information in said credit card, iii. transmitting sales information from merchant's device to said payment server, iv. transmitting said credit card information and said sales information from said payment server to a bank server, v. verifying said credit card information and sales information in said bank server, "wherein said on-line verification comprising the steps, i. transmitting said PIN code block, said credit card information and said sales information from said payment server to said bank server, ii. verifying said PIN code, said credit card information and said sales information in said bank server, producing a verification message in said bank server based on said verification, transmitting said verification message to said payment server, generating a receipt message in said payment server based on received verification message, transmitting said receipt message to said buyer's mobile device and said merchant's device via said payment server, and displaying said receipt message in said buyer's mobile device and in said merchant's device completing said electronic debit or credit card payment. "The method of conducting electronic credit card payments wherein the step of entering PIN code in said secure PIN entry application may also comprise entering buyer security information and encrypting said buyer security information and including it in said PIN code block. "The method of conducting electronic credit card payments wherein the step of receiving said PIN code block in said payment server may also comprise decrypting said buyer security information at said payment server, and verifying said buyer security information against said buyer identification information. "The method of conducting electronic credit card payments wherein said buyer identification information may be any of: the buyer's mobile phone number, an e-mail address, postal address, a social security number, a signature, a one-time code, a pre-registered identification number, a photograph and biometric information. "The method of conducting electronic credit card payments wherein said step of launching a secure PIN entry application in said buyer's mobile device may entail launching an encrypted web interface that is uniquely encrypted for each PIN input occasion, or a dedicated web browser capable of decrypting the PIN input web component and ensuring secure input of the PIN code. "The method of conducting electronic credit card payments wherein said transmission between said merchant's device and said payment server, between said payment server and said buyer's mobile device, and between said payment server and said bank server may be encrypted using standard secure socket layer communication. "The method of conducting electronic credit card payments wherein said receipt message may be stored on the payment server, and is accessible by the buyer and/or the merchant using a web browser, the merchant's device or the buyer's mobile device. "A second aspect of the present invention relates to a system for conducting electronic credit card payments comprising a merchant's device, comprising a card reader and a mobile phone, a payment server, a buyer's mobile phone and a bank server, wherein said merchant's device, payment server, buyer's device and bank server having transceiver means and processing means for carrying out the steps set out in the first aspect above. BRIEF DESCRIPTION OF THE DRAWINGS "Further objects, features, and advantages of the present invention will appear from the following detailed description of some embodiments of the invention, wherein some embodiments of the invention will be described in more detail with reference to the accompanying drawings, in which: "FIG. 1 shows a mobile phone for conducting PIN authorized EMV payments, according to an embodiment of the present invention; and "FIG. 2 shows a block diagram of a system for conducting PIN authorized EMV payments using an ordinary mobile phone, according to an embodiment of the present invention; and "FIG. 3a shows a flowchart describing the steps in a method for conducting PIN authorized EMV payments using an ordinary mobile phone, according to an embodiment of the present invention; and "FIG. 3b shows a flowchart which is a continuation of the flowchart in FIG. 3a, according to an embodiment of the present invention; and "FIG. 3c shows a flowchart which is a continuation of the flowchart in FIG. 3a, according to an embodiment of the present invention." For more information, see this patent application: Nilsson, Magnus. Hub and Spokes Pin Verification. Filed March 13, 2012 and posted January 30, 2014 . Patent URL: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2FPTO%2Fsearch-adv.html&r=700&p=14&f=G&l=50&d=PG01&S1=20140123.PD.&OS=PD/20140123&RS=PD/20140123 Keywords for this news article include: Izettle Merchant Services Ab. Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC


For more stories on investments and markets, please see HispanicBusiness' Finance Channel



Source: Politics & Government Week


Story Tools