CN101573723A - 安全金融交易 - Google Patents
安全金融交易 Download PDFInfo
- Publication number
- CN101573723A CN101573723A CNA2007800427522A CN200780042752A CN101573723A CN 101573723 A CN101573723 A CN 101573723A CN A2007800427522 A CNA2007800427522 A CN A2007800427522A CN 200780042752 A CN200780042752 A CN 200780042752A CN 101573723 A CN101573723 A CN 101573723A
- Authority
- CN
- China
- Prior art keywords
- financial
- financial transaction
- negotiator
- transaction
- simulation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/105—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/24—Credit schemes, i.e. "pay after"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/347—Passive cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/12—Card verification
- G07F7/122—Online card verification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Signal Processing (AREA)
- Marketing (AREA)
- Technology Law (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Cash Registers Or Receiving Machines (AREA)
Abstract
模拟了银行或其它金融机构传统贷方或借方账的主账号(“PAN”),它通过加密形式加入了实际账号。模拟PAN还需注入一定金额以便于从该账户借出。因此,将账号与金额加密及映射到数字串,而数字串中的号码看起来是正确有效的主账号。从而实际账号及交易额便嵌入PAN。然后,PAN由现行金融交易基础设施进行处理,其间,发行银行知道它不是主账号,同时对相应的数字进行解密以获得嵌入的账号及金额。在应用中,期望实现金融交易的交易人生成了PAN并将其提供给商品或服务提供商,该提供商为其提供上述商品或服务。提供商以传统方式输入PAN与交易金额。然后该数据传到收单银行,而收单银行再将其传给发行银行以获得批准。然后发行银行提取出嵌入的账号及金额,并检查嵌入的金额与提供的金额是否相同(以及其它传统检查方法),如果相同,则批准上述交易。本领域技术人员了解,多数情况下,交易人都被要求提供有效期及卡验证值(“CVV”)。可模拟和利用此二者或二者之一进行信息加密。
Description
本发明涉及电子金融交易。具体来说就是,该发明涉及金融交易***,生成器算法载体、与生成器一起使用的存储器模块、金融机构处理设施、进行金融交易的方法、处理金融交易的方法、以及便利金融交易方法。
一般地,根据本发明,仿效或模拟了银行或其它金融机构传统贷方或借方账的主账号(“PAN”),其以加密形式包含了实际账号。模拟PAN可能还包含一定金额以便于从该账户借出。因此,将账号与金额加密及映射到一串数字,而这些数字看起来是有效的主账号。这样实际账号及交易额就被嵌入模拟PAN。然后,模拟PAN由现行金融交易基础设施进行处理,其间,发行银行知道它不是PAN,并对相应的数字进行解密以提供嵌入的账号及嵌入的金额。在一个应用中,期望实现金融交易的交易人生成模拟的PAN并将其提供给商品或服务提供商,该提供商为其提供所述商品或服务。提供商以传统方式输入模拟PAN与交易金额。然后该数据传到收单银行,而收单银行再将其传给发行银行以获得授权。然后发行银行提取出嵌入的账号及嵌入的金额,并检查嵌入的金额与提供的金额是否相同(以及其它传统的检查),如果相同,则授权交易。本领域的技术人员将了解,多数情况下,交易人都被要求提供有效期及卡验证值(“CVV”)。可模拟和利用此二者或二者之一进行信息加密。此外,本领域的技术人员将明白PAN的第一部分提供了银行识别码(“BIN”),且这依然是有关模拟PAN的问题。
因此可了解通过该发明,因特网安全、特别是电话交易安全将得到改善。
根据本发明的第一方面的内容,提供了一种金融交易***,用于生成唯一的交易号码,交易号码模拟传统贷方或借方卡主账号并在其中包含交易人的账号。
生成器还可在交易号码中合并交易金额。
此外,根据本发明的第一方面,还提供了一种进行金融交易的方法,包括生成模拟PAN,而该PAN包含嵌入其中的账号以及可能被一起嵌入的交易金额。
本发明的该方面在为商品或服务提供商提供这种模拟PAN,以及商品或服务提供商接收这种模拟PAN时均起作用。
模拟PAN可以采用人力能辨别的形式。特别是,为了利用现有的交易基础设施进行操作,它可能包括一串数位。本领域的技术人员将了解上述串可以具有16到23位数。
本领域技术人员还将了解模拟PAN的头6位将指定上文所述的能够使交易指向合适发行金融机构、并使得发行金融机构确认其已接收到的包含嵌入账号及交易金额的模拟PAN的BIN。相似地,本领域技术人员将了解模拟PAN的最后一位数为校验数位。
主账号生成器可以提供唯一的数位序列,它代表加密的信息,而且每次提供的都是新的序列。这样,生成器可以利用合适的加密算法在每次都提供唯一的加密序列。
如上所述,加密序列也可以包括交易金额。
此外,如上所述,CVV和/或有效期也可以是模拟的并包含加密信息。
生成器可以包含电子钱包,当模拟PAN被生成时,交易金额则被记入借方。
模拟PAN也可以以加密形式嵌入预期收款人的身份特征。这样,生成器可以提醒用户输入预期收款人姓名或账号,而这些也将随后被加密并嵌入模拟PAN。
如果模拟PAN是旨在为中间人使用而准备的,则可以中间的加密形式提供字母数字串,这需要单次使用密码来解密及提供有效的模拟PAN。然后将该中间形式通过一个渠道提供给中间人,而密码则通过不同的渠道提供。生成器然后可以具有与单次使用密码一起提供模拟PAN或者中间形式的装置。此外,生成器还可以具有接收中间形式及密码并解密字母数字串和提供有效的模拟PAN的装置。
此外,在模拟PAN中应指明经许可的交易媒介。这样,如果模拟PAN仅能用于ATM的POS设备、电话交易或因特网交易、或上述的任何一种情况,则它也可嵌入该模拟PAN中。
生成器可以包括电子处理设备,存储器单元、用于输入模拟PAN与交易金额请求的输入设备、及用于显示模拟PAN的显示器。将会了解有关账号与加密算法将被存储在存储器中。生成器可以是移动设备,特别是移动电话,在这种情况下存储器单元可以是用户识别模块(SIM)。将会了解,如果用户希望包括预期收款人的特征;并/或需要中间形式的字母数字串与相关密码;并/或希望指定特别的交易媒介,而这需要经由输入设备与显示器来实现,同时要有合适的提示和/或菜单。
因此,本发明提供了存储模块,诸如SIM,在其中存储适当的BIN;提供账号、用于账号加密的加密算法以及给出的交易金额以提供模拟PAN,而此PAN并入了BIN与嵌入有账号和交易金额的加密序列。
本发明还提供了一个用于为生成器提供加密算法的载体,这样生成器就拥有了加密算法,优选包括账号。
而且本发明还提供了便利金融交易的方法,在此方法中,交易人生成模拟传统贷方或借方卡主账号且已加入交易人账号的加密金融交易号码,包括为交易人提供存储模块,此存储模块则将交易人账号与加密算法存储其中。
同样地,本发明还提供了便利金融交易的方法,在此方法中,交易人生成模拟传统贷方或借方卡主账号且已加入交易人账号的加密金融交易号码,包括将其账号与加密算法发送给交易人。
此外,依照本发明第二方面的内容,本发明提供了用于处理金融交易号码的金融机构处理设备,而该理金融交易号码则模拟了传统的贷方或借方卡主账号且其中已加入交易人账号,同时该账户中包含了用于从模拟PAN中提取出账号的提取器。
本发明在这方面提供了用于处理金融交易的***,包括如上所述的金融机构处理设备以及上述金融交易***。
而且,依照本发明的该方面内容,本发明提供了一种处理金融交易的方法,包括
接收模拟传统的贷方或借方卡主账号且其中已加入交易人账号的虚假金融交易号码,同时请求批准支付交易金额;以及
从模拟主账号中提取出账号。
经由传统金融通信网络可接收到模拟PAN。
如上所述,PAN加入了BIN,同时模拟PAN的剩余位将被解密。因此,***可以具有用于从BIN分离加密位的分离装置。此外,如果交易金额也进行了加密,则解密装置也可解密交易金额。
如果,如上所述,CVV和/或有效期也进行了模拟且包含加密信息,则它们也被解密。
如果模拟PAN嵌入了交易金额,嵌入金额解密后与通过传统方式提供的交易金额利用对比方法进行比较。如果二者不同,则交易被拒绝。
类似地,如果模拟PAN加入了预期收款人的特征,然后这也被提取出来并与通过传统方式和模拟PAN一起提供的收款人详细信息进行比较;如果模拟PAN还加入了指定的交易媒介的话,则该交易媒介也会被提取出来,同时检查交易媒介是否使用正确。
该***还包括用来存储已接收的模拟PAN或至少其中的加密成分,以及用于比较接收到的模拟PAN(或其中加密成分)与存储模拟PAN(或存储的其中加密成分)的对比方式的存储方法,从而确保模拟PAN只被使用一次。
如果交易获批,则收单银行或商品或服务提供商将得到授权,同时交易金额将计入交易人的适当账户的借方账中。
现在将通过非限制性实例对本发明进行说明,请参考所附示意图,其中:
图1示出本发明的第一实施;
图2示出本发明的第二实施;
图3示出本发明的第三实施。
参考图1,示出了本发明第一实施。期望从商人处购买商品的交易人具有移动电话10形式的生成器。电话10具有显示器14,键盘16以及SIM卡18。SIM卡18中已装载应用程序以提供如上文中讨论的模拟PAN。这样,SIM卡18就存入了交易人的账号,BIN、加密算法以及PIN。交易人经由键盘16输入激活应用程序的请求及他的PIN码,然后在显示器发出提示时,使用键盘16输入交易金额。该应用程序然后生成模拟PAN,CVV以及有效期,这些都在显示器14上显示出来。电话10与SIM卡18能够提供虚拟贷方或借方卡则更好。
交易人将PAN、CVV以及有效期读给收银员听,而该收银员则手动将相关的数位,包括成交金额输入销售点(POS)设备20。POS设备20对模拟PAN进行检查以确保校验数位正确,且模拟PAN、CVV及有效期、以及成交金额经由传统金融网络24以传统方式传送到商人的收单银行22。收单银行22根据BIN识别适当发行银行26的身份并向发行银行26传送模拟PAN、CVV和有效期、以及成交金额。发行银行26具有通信接口28,处理器30以及存储器32。将模拟PAN、CVV和有效期、及交易金额提供给处理器30,处理器30将加密的部分从模拟PAN、CVV和有效期中分离出来。然后将其与存储在存储单元32中的全部先前接收的数字串列表进行比较。如果该串是唯一的且在以前没有使用过,则将其加入存储列表中。如果之前使用过并存储在列表中,则此交易被拒绝,并将先后给收单银行22及商人发送适当的消息。如果该串在之前没有使用过,则其将由处理器30利用适当的解密算法提取出交易人账号与嵌入的交易金额进行解密。发行银行不需要PIN或其它标识符。嵌入的交易金额被与提供的成交金额进行比较,如果它们不同,则拒绝交易。处理器30检查交易人是否有足够资金,交易人账户是否将款项计入借方账以及是否给收单银行22(该银行将款项计入商人账户贷方账并告知商人交易已实现)提供传统授权。
SIM卡18可以作为电子钱包操作,在这种情况下,当提供模拟PAN、CVV以及有效期时,交易金额将计入钱包的借方账。
参考图2,示出了本发明第二实施,其中金融交易经由互联网40实现。在该实施中,生成器42为膝上型计算机,该计算机中装有可提供上述模拟PAN的应用程序。计算机42还存储了交易人的账号、BIN、加密算法以及PIN。
当交易人希望经由因特网从供应商处购买商品或服务,或获得预授权时,则其生成模拟PAN、CVV以及有效期,并经由互联网40将其提供给由供应商操作的服务器44。然后再传送给供应商收单银行22,再由该银行将其传送给发行银行26。然后,参考图1,该事件被如上所述安全地处理。
以相似地方式,如图3所示,可以通过电话进行安全交易。在本实施中,生成器仍为移动电话10,如图1中所示。这样,交易人将由电话10提供的模拟PAN、CVV及有效期经由电话网络50提供给呼叫中心52的操作员。然后上述内容与交易金额一起以传统方式传送给收单银行22及发行银行26。发行银行参考图1对交易进行上述处理。
现在说明模拟PAN是如何生成和进行处理的例子。
BIN PAN CD CVV EXP DATE
6 9 1 3 4
XXXXXX|...............|X (...) MM/YY
1.客户USN=3字节
1st字节=Fl,可由BIN确定
设USN=9876 5432(最多8位)
-------------------------------------------------------------------------------------------
2.生成有效期
●卡的有效期采用5年-即60个月,减去12个月(为照顾本年度减去1年)。
●这样还剩下48个月。
EXPDATE=TRXTYPE[2bits].AID[4bits]
其中:
AID[2bits]=00,01,10,11
TRX TYPE[4bits]=0000,0001,0010,0011,0100,0101,0110,0111,1000,1001,1010,1011
MONTH=TRX TYPE+1(+1就不会使得结束时month=0)
MM=二进制ASCII码(月份)
YEAR=(本年度+1)+AID(CCYY)
YY=二进制ASCII码(年份的最后两位)
注释:
●MM和YY是可显示(ASCII)位。此四位作为要求的有效期输入终端。
●MONTH[1]=MM的等效二进制数(结果总为1字节)
●YEAR[2]=包括世纪的年份的等效二进制数(结果总为2字节)
●AID为计入借方账或贷方账的账户或钱包。
-------------------------------------------------------------------------------------------
3.生成有效期映射值(EDMV)(在此我们留出更多的空间)
●此步中为生成的月份与年份引入了某些随机性以及验证方法,而这将在终端上正确输入。
EDMV=1DES((YEAR[2]+00.MONTH[1])[2].YEAR[2].MONTH
[1].(YEAR[2]-00.MONTH[1])[2].FF)
注释:
●静态密钥用于生成加密块(EDMV密钥)
●(YEAR[2]+00.MONTH[1])结果总为2字节值
●(YEAR[2]-00.MONTH[1])结果总为2字节值
●EDMV1[2]=EDMV结果最后2字节
●EDMV1[2]=EDMV结果第二个2字节
●如果MM/YY没有在终端设备上正确输入,则EDMV将有所不同,因此加密块不会正确生成,而CVV匹配将失败。
-------------------------------------------------------------------------------
4.为USN生成检验和(Checksum)-(多变密钥)
CVV=3DES(USN[3].ULSN[2].ULP[1].EDMV1[2])
注释:
●在USN下使用三重DES,三重密钥,及多变密钥
●利用多变密钥(基于USN)生成加密块(主机密钥)
●将CVV转换为可显示数字(ASCII)
●CVV_1=可显示结果(ASCII)的最后3位。
此3位值作为要求的CVV输入终端(最终CVV)
●CVV_2=CVV_1的等效二进制数(总为2字节)
------------------------------------------------------------------------------------
5.为USN生成PIN加密检验和(Checksum)
●如果用户输入PIN,则PIN构成加密密钥的一部分。
●如果用户不输入PIN,则使用默认PIN密钥。
CVV_PIN=1DES(CVV[8])
注释:
●如果不需要PIN,则使用静态密钥(PIN_KEY)生成加密块
●如果需要PIN,则由用户生成PIN,其位数在4-8位之间(包括4和8位)。
每个数位代表一个十六进制等效半字节,而此半字节将PIN_KEY从最低有效半字节替换到最高有效半字节
●将CVV_PIN转换为可显示数字(ASCII)
●CVV_PIN1=可显示结果(ASCII)的最后3位数。此3位数值作为要求的CVV输入终端
●由于PIN的缘故,CVV被改变;因此,主机将再生成错误的CVV,而CVV匹配失败。
-------------------------------------------------------------------------------------
6.生成卸载签名
AMT[2]=4字节金额的最后2字节
CVV_PIN2[2]=CVV_PIN1的等效二进制数(结果总为2字节)
CVV_TEMP=(AMT[2]XOR CVV_PIN2[2])
SIGN=3DES(AMT[4].CVV_TEMP[2].EDMV2[2])
SIGN=9999 9999 99
注释:
●使用静态密钥生成卸载签名
●虽然卸载签名通常包含一个Unload LSN,但CVV_TEMP已含有Unload LSN。
7.SIGN=头8位。
PAN=USN+SIGN(结果最多为9位数).Optional-[(USN*YY+YY*MM)+SIGN]
PAN=9876 5432(USN)+999 99999(SIGN)
PAN=1987 6543 1
计算PAN的检验和(Checksum)
●将PAN码放入PAN缓冲存储器
●这时,生成完整的PAN、有效期、及CVV
-------------------------------------------------------------------------------------
8.关于主机:
1.重新生成有效期映射值(EDMV1与EDMV2)(步骤3)
-TRXTYPE与AID可以根据MM和YY进行确定
TRXTYPE[2bits].AID[3bits]=((YY-(本年度+1))*12)+MM
2.使用从终端设备接收到的CVV重新生成卸载签名(SIGN)(步骤4、5)
3.USN=PAN-SIGN
4.于是主机就能够获得HOST_KEY、ULSN及ULP
5.使用算出的USN重新生成CVV
6.将重新生成的CVV(步骤4)与从终端接收到的CVV进行比较
检验
1.3位CVV匹配情况
2.如果SIGN是错误的,则不会重新生成CVV
3.如果USN是错误的,则不会重新生成CVV
4.如果EDMV是错误的,则CVV没有正确匹配
卡总结
1.使用USN,ULSN及ULP生成CVV
2.使用CVV生成SIGN
3.然后,PAN=USN+SIGN
主机总结
1.使用接收到的CVV生成SIGN
2.通过使用PAN来使用SIGN求得USN(USN=PAN-SIGN)
3.使用USN得到HOST KEY、ULSN、ULP以生成CVV
4.将生成的CVV与从终端设备接收到的CVV进行比较
本领域技术人员会了解在根据本发明进行交易时,进行欺诈***易是非常困难的(如不是不可能的话)。
Claims (60)
1.一种金融交易***,用于生成唯一的交易号码,所述交易号码模拟传统贷方或借方卡主账号并在其中包含交易人的账号。
2.如权利要求1所述的金融交易***,其中,所述交易号码还包含有交易金额。
3.如权利要求2所述的金融交易***,包括可由交易人操作的输入装置,这样交易人可以输入交易金额。
4.如权利要求1或2所述的金融交易***,其生成数字串,该串的号码基于传统协议,并且其初始预定号码是银行识别号码,用于识别批准交易以及负责交易金额支付的指定金融机构。
5.如权利要求3所述的金融交易***,其中,所述数字串中的最后一位数是校验位。
6.如权利要求1或2所述的金融交易***,还生成模拟有效期。
7.如权利要求1或2所述的金融交易***,还生成模拟卡验证值号码。
8.如权利要求1或2所述的金融交易***,其中,对模拟主账号进行加密,且该生成器包括根据预定加密算法提供加密主账号的加密机。
9.如权利要求1所述的金融交易***,其还在模拟主账号中包含指定收款人的标识符。
10.如权利要求1所述的金融交易***,还包含指定交易媒介的标识符。
11.如权利要求2所述的金融交易***,包括电子钱包,并且当模拟主账号被生成时,根据交易金额减少所述电子钱包中的贷方金额。
12.如权利要求8所述的金融交易***,包括存有交易人账号及加密算法的存储模块。
13.如权利要求2所述的金融交易***,其生成当使用预定解密算法时提供要求的模拟主账号的中间号码与密码。
14.如权利要求13所述的金融交易***,包括预定解密算法。
15.如权利要求1所述的金融交易***,其可由交易人操作。
16.一种用于为权利要求8所述的金融交易***提供加密算法的载体,该载体在其中或在其上具有所述加密算法。
17.一种用于如权利要求12所述的金融交易***的存储模块,包括交易人的账号与加密算法。
18.一种用于处理金融交易号码的金融机构处理设备,所述金融交易号码模拟传统的贷方或借方卡主账号且其包含交易人账号,所述金融机构处理设备包括
用于从模拟主账号提取账号的提取器。
19.如权利要求18所述的金融机构处理设备,其中,所述金融交易号码还包含交易金额,且金融交易号码是与有关批准交易金额支付的请求一起接收到的,且提取器还从模拟主账号中提取交易金额。
20.如权利要求18所述的金融机构处理设备,包括单词使用检查设备,用于确保收到的模拟主账号可以仅被使用一次。
21.如权利要求20所述的金融机构处理设备,其中,单次使用检查设备包括至少存储了先前接收到的模拟主账号的指定部分的存储器,及用于至少对接收到的模拟主账号指定部分与存储部分进行比较的比较器。
22.如权利要求19所述的金融机构处理设备,包括响应消息生成器,用于生成给交易人的、批准或拒绝所请求的交易的消息。
23.如权利要求22所述的金融机构处理设备,包括经由传统金融通信网络将响应消息传送给交易人的传送装置。
24.如权利要求18所述的金融机构处理设备,包括经由传统金融通信网络接收模拟主账号的接收装置。
25.如权利要求22所述的金融机构处理设备,包括交易检查装置,用于检查交易人是否有账号,交易人是否有足够的资金、以及提取出的交易金额是否和成交金额相同,并且所述交易检查装置用于在上述这些问题都是肯定的情况下批准交易,所述响应消息生成器对其作出响应。
26.如权利要求25所述的金融机构处理设备,包括借方账登记设备,用于在交易获得批准的情况下将成交金额计入交易人账户的借方账。
27.如权利要求18所述的金融机构处理设备,包括用于解密所加密的模拟主账号的解密机。
28.如权利要求18所述的金融机构处理设备,其中,金融交易号码已由交易人生成。
29.一种用于处理金融交易的***,包括:
如权利要求1至15中任一个所述的金融交易***;以及
如权利要求18至28中任一个所述的金融机构处理设备。
30.一种进行金融交易的方法,包括生成唯一的金融交易号码,所述金融交易号码模拟传统贷方或借方卡主账号且在其中包含交易人账号。
31.如权利要求30所述的进行金融交易的方法,其中,所述金融交易号码中包含有交易金额。
32.如权利要求31所述的进行金融交易的方法,其中,所述金融交易号码由交易人生成并包括由交易人进行的交易金额输入。
33.如权利要求30所述的进行金融交易的方法,包括生成数字串,该串的号码基于传统协议,并且其初始预定号码是银行识别号码,用于识别批准交易以及负责交易金额支付的指定金融机构。
34.如权利要求33所述的进行金融交易的方法,所述数字串的最后一位数是校验位。
35.如权利要求30所述的进行金融交易的方法,还包括生成模拟有效期。
36.如权利要求30所述的进行金融交易的方法,还包括生成模拟卡验证值号码。
37.如权利要求30所述的进行金融交易的方法,包括根据预定加密算法生成加密的模拟主账号。
38.如权利要求30所述的进行金融交易的方法,还包括在模拟主账号中包含指定收款人的标识符。
39.如权利要求30所述的进行金融交易的方法,还包括并入指定交易媒介的标识符。
40.如权利要求31所述的进行金融交易的方法,包括当模拟主账号被生成时,使电子钱包中的贷方金额根据交易金额而被减小。
41.如权利要求37所述的进行金融交易的方法,包括生成当使用预定解密算法时提供所需模拟主账号的中间号码与密码。
42.如权利要求41所述的进行金融交易的方法,包括解密中间加密号码,使用合适的密码与解密算法生成模拟主账号。
43.如权利要求30所述的进行金融交易的方法,其中,由交易人生成金融交易号码。
44.一种处理金融交易的方法,包括
与有关批准成交金额的支付的请求一起,接收模拟传统的贷方或借方卡主账号且其中已包含交易人账号的虚假的金融交易号码;以及
从模拟主账号提取所述账号。
45.如权利要求44所述的处理金融交易的方法,其中,接收到的金融交易号码还包含有交易金额,且所述方法还包括提取所述交易金额。
46.如权利要求44所述的处理金融交易的方法,包括确保收到的模拟主账号可以仅被使用一次。
47.如权利要求46所述的处理金融交易的方法,包括至少存储先前接收到的模拟主账号的指定部分以及至少对接收到的模拟主账号指定部分与存储部分进行比较。
48.如权利要求44所述的处理金融交易的方法,包括生成给交易人的、批准或拒绝所请求的交易的响应消息。
49.如权利要求48所述的处理金融交易的方法,包括经由传统金融通信网络将响应消息传送给交易人。
50.如权利要求44所述的处理金融交易的方法,包括经由传统金融通信网络接收模拟主账号。
51.如权利要求45所述的处理金融交易的方法,包括检查交易人是否有账号,交易人是否有足够的资金、以及提取出的交易金额是否和成交金额相同,并且在上述这些问题都是肯定的情况下授权所述交易。
52.如权利要求51所述的处理金融交易的方法,包括在交易被批准的情况下将成交金额计入交易人账户的借方账。
53.如权利要求44所述的处理金融交易的方法,包括解密所加密的模拟主账号。
54.如权利要求44所述的处理金融交易的方法,其中,金融交易号码是由交易人生成的。
55.一种便利金融交易的方法,其中,交易人生成模拟传统贷方或借方卡主账号且其中包含有交易人账号的加密的金融交易号码,所述方法包括为交易人提供存储模块,所述存储模块具有存储在其中的交易人账号与加密算法。
56.一种便利金融交易的方法,其中,交易人生成模拟传统贷方或借方卡主账号且其中包含有交易人账号的加密的金融交易号码,所述方法包括将交易人的账号与加密算法发送给所述交易人。
57.一种金融交易***,实质上如这里参考附图所述。
58.一种金融机构处理设备,实质上如这里参考附图所述。
59.一种启动金融交易的方法,实质上如这里参考附图所述。
60.一种处理金融交易的方法,实质上如这里参考附图所述。
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| ZA200609533 | 2006-11-16 | ||
| ZA2006/09533 | 2006-11-16 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101573723A true CN101573723A (zh) | 2009-11-04 |
Family
ID=39315582
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007800427522A Pending CN101573723A (zh) | 2006-11-16 | 2007-11-16 | 安全金融交易 |
Country Status (25)
| Country | Link |
|---|---|
| US (2) | US20100088227A1 (zh) |
| EP (1) | EP2095311A2 (zh) |
| JP (1) | JP2010510567A (zh) |
| KR (3) | KR20170034920A (zh) |
| CN (1) | CN101573723A (zh) |
| AP (1) | AP3361A (zh) |
| AT (1) | AT506775A2 (zh) |
| AU (1) | AU2007320785B2 (zh) |
| BR (1) | BRPI0718902A2 (zh) |
| CA (1) | CA2669320C (zh) |
| CH (2) | CH698351B1 (zh) |
| DE (1) | DE112007002744T5 (zh) |
| EG (1) | EG25664A (zh) |
| FI (1) | FI20095662L (zh) |
| GB (1) | GB2457204A (zh) |
| IL (1) | IL198738A (zh) |
| MA (1) | MA30987B1 (zh) |
| MX (1) | MX2009005257A (zh) |
| MY (1) | MY153194A (zh) |
| NZ (1) | NZ577677A (zh) |
| PH (1) | PH12015500674A1 (zh) |
| RU (1) | RU2479032C2 (zh) |
| SE (1) | SE0950453L (zh) |
| WO (1) | WO2008059465A2 (zh) |
| ZA (1) | ZA200903802B (zh) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107836004A (zh) * | 2015-07-21 | 2018-03-23 | 万事达卡国际股份有限公司 | 用于处理对支付账户的交易的***和方法 |
| CN108352986A (zh) * | 2015-08-27 | 2018-07-31 | 万事达卡国际股份有限公司 | 用于增强基于云的***中的密码验证的方法和*** |
| CN109389395A (zh) * | 2017-08-09 | 2019-02-26 | 森斯通株式会社 | 虚拟代码提供***、生成装置、验证装置、提供方法及提供程序 |
| CN109389382A (zh) * | 2017-08-09 | 2019-02-26 | 森斯通株式会社 | 虚拟***生成装置及验证装置、金融交易提供***、方法及程序 |
Families Citing this family (150)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140019352A1 (en) | 2011-02-22 | 2014-01-16 | Visa International Service Association | Multi-purpose virtual card transaction apparatuses, methods and systems |
| US8762263B2 (en) | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
| US7818264B2 (en) | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
| US9065643B2 (en) | 2006-04-05 | 2015-06-23 | Visa U.S.A. Inc. | System and method for account identifier obfuscation |
| US8121942B2 (en) | 2007-06-25 | 2012-02-21 | Visa U.S.A. Inc. | Systems and methods for secure and transparent cardless transactions |
| US7739169B2 (en) | 2007-06-25 | 2010-06-15 | Visa U.S.A. Inc. | Restricting access to compromised account information |
| US7937324B2 (en) | 2007-09-13 | 2011-05-03 | Visa U.S.A. Inc. | Account permanence |
| US10296874B1 (en) * | 2007-12-17 | 2019-05-21 | American Express Travel Related Services Company, Inc. | System and method for preventing unauthorized access to financial accounts |
| US20090307140A1 (en) * | 2008-06-06 | 2009-12-10 | Upendra Mardikar | Mobile device over-the-air (ota) registration and point-of-sale (pos) payment |
| US8219489B2 (en) | 2008-07-29 | 2012-07-10 | Visa U.S.A. Inc. | Transaction processing using a global unique identifier |
| US8181861B2 (en) | 2008-10-13 | 2012-05-22 | Miri Systems, Llc | Electronic transaction security system and method |
| BRPI0921124A2 (pt) | 2008-11-06 | 2016-09-13 | Visa Int Service Ass | sistema para autenticar um consumidor, método implementado por computador, meio legível por computador, e, computador servidor. |
| GB2466676A (en) * | 2009-01-06 | 2010-07-07 | Visa Europe Ltd | A method of processing payment authorisation requests |
| GB2466810A (en) | 2009-01-08 | 2010-07-14 | Visa Europe Ltd | Processing payment authorisation requests |
| CA2753576A1 (en) * | 2009-02-25 | 2010-09-02 | Miri Systems, Llc | Payment system and method |
| US9715681B2 (en) | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
| US7891560B2 (en) | 2009-05-15 | 2011-02-22 | Visa International Service Assocation | Verification of portable consumer devices |
| US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
| US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
| US8602293B2 (en) | 2009-05-15 | 2013-12-10 | Visa International Service Association | Integration of verification tokens with portable computing devices |
| US8534564B2 (en) | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
| US10846683B2 (en) | 2009-05-15 | 2020-11-24 | Visa International Service Association | Integration of verification tokens with mobile communication devices |
| US9038886B2 (en) | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
| US10140598B2 (en) | 2009-05-20 | 2018-11-27 | Visa International Service Association | Device including encrypted data for expiration date and verification value creation |
| US8364591B2 (en) | 2009-08-10 | 2013-01-29 | Visa International Service Association | Track data mapping system for processing of payment transaction data |
| IN2012DN03242A (zh) | 2009-10-05 | 2015-10-23 | Miri Systems Llc | |
| US10255591B2 (en) | 2009-12-18 | 2019-04-09 | Visa International Service Association | Payment channel returning limited use proxy dynamic value |
| US10049356B2 (en) | 2009-12-18 | 2018-08-14 | First Data Corporation | Authentication of card-not-present transactions |
| BR112012017000A2 (pt) | 2010-01-12 | 2016-04-05 | Visa Int Service Ass | método |
| US10255601B2 (en) | 2010-02-25 | 2019-04-09 | Visa International Service Association | Multifactor authentication using a directory server |
| US9245267B2 (en) | 2010-03-03 | 2016-01-26 | Visa International Service Association | Portable account number for consumer payment account |
| CA2795167C (en) | 2010-04-05 | 2018-09-04 | Cardinal Commerce Corporation | Method and system for processing pin debit transactions |
| US8473414B2 (en) | 2010-04-09 | 2013-06-25 | Visa International Service Association | System and method including chip-based device processing for transaction |
| US9342832B2 (en) | 2010-08-12 | 2016-05-17 | Visa International Service Association | Securing external systems with account token substitution |
| US10586227B2 (en) | 2011-02-16 | 2020-03-10 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
| AU2012217606A1 (en) | 2011-02-16 | 2013-05-09 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
| WO2012116125A1 (en) | 2011-02-22 | 2012-08-30 | Visa International Service Association | Universal electronic payment apparatuses, methods and systems |
| AU2012225684B2 (en) | 2011-03-04 | 2016-11-10 | Visa International Service Association | Integration of payment capability into secure elements of computers |
| US9280765B2 (en) | 2011-04-11 | 2016-03-08 | Visa International Service Association | Multiple tokenization for authentication |
| KR101944504B1 (ko) * | 2011-06-08 | 2019-02-14 | 주식회사 비즈모델라인 | 동적 계좌번호 기반 계좌거래를 제공하는 애플리케이션 등록 방법 |
| US9355393B2 (en) | 2011-08-18 | 2016-05-31 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
| US9582598B2 (en) | 2011-07-05 | 2017-02-28 | Visa International Service Association | Hybrid applications utilizing distributed models and views apparatuses, methods and systems |
| AU2012278963B2 (en) | 2011-07-05 | 2017-02-23 | Visa International Service Association | Electronic wallet checkout platform apparatuses, methods and systems |
| WO2013019567A2 (en) | 2011-07-29 | 2013-02-07 | Visa International Service Association | Passing payment tokens through an hop/sop |
| US9710807B2 (en) | 2011-08-18 | 2017-07-18 | Visa International Service Association | Third-party value added wallet features and interfaces apparatuses, methods and systems |
| US10242358B2 (en) | 2011-08-18 | 2019-03-26 | Visa International Service Association | Remote decoupled application persistent state apparatuses, methods and systems |
| US10825001B2 (en) | 2011-08-18 | 2020-11-03 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
| WO2013029014A2 (en) | 2011-08-24 | 2013-02-28 | Visa International Service Association | Method for using barcodes and mobile devices to conduct payment transactions |
| US8862767B2 (en) | 2011-09-02 | 2014-10-14 | Ebay Inc. | Secure elements broker (SEB) for application communication channel selector optimization |
| US10223730B2 (en) | 2011-09-23 | 2019-03-05 | Visa International Service Association | E-wallet store injection search apparatuses, methods and systems |
| EP2602980B1 (en) * | 2011-12-09 | 2017-02-15 | BlackBerry Limited | Transaction provisioning for mobile wireless communications devices and related methods |
| US8918855B2 (en) * | 2011-12-09 | 2014-12-23 | Blackberry Limited | Transaction provisioning for mobile wireless communications devices and related methods |
| SG11201403861XA (en) | 2012-01-05 | 2014-08-28 | Visa Int Service Ass | Data protection with translation |
| US10223710B2 (en) | 2013-01-04 | 2019-03-05 | Visa International Service Association | Wearable intelligent vision device apparatuses, methods and systems |
| US9830595B2 (en) | 2012-01-26 | 2017-11-28 | Visa International Service Association | System and method of providing tokenization as a service |
| AU2013214801B2 (en) | 2012-02-02 | 2018-06-21 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems |
| US10282724B2 (en) | 2012-03-06 | 2019-05-07 | Visa International Service Association | Security system incorporating mobile device |
| US20130297501A1 (en) | 2012-05-04 | 2013-11-07 | Justin Monk | System and method for local data conversion |
| US9524501B2 (en) | 2012-06-06 | 2016-12-20 | Visa International Service Association | Method and system for correlating diverse transaction data |
| US9547769B2 (en) | 2012-07-03 | 2017-01-17 | Visa International Service Association | Data protection hub |
| US9846861B2 (en) | 2012-07-25 | 2017-12-19 | Visa International Service Association | Upstream and downstream data conversion |
| US9256871B2 (en) | 2012-07-26 | 2016-02-09 | Visa U.S.A. Inc. | Configurable payment tokens |
| US9665722B2 (en) | 2012-08-10 | 2017-05-30 | Visa International Service Association | Privacy firewall |
| US10192216B2 (en) | 2012-09-11 | 2019-01-29 | Visa International Service Association | Cloud-based virtual wallet NFC apparatuses, methods and systems |
| US10176478B2 (en) | 2012-10-23 | 2019-01-08 | Visa International Service Association | Transaction initiation determination system utilizing transaction data elements |
| KR101316466B1 (ko) * | 2012-11-20 | 2013-10-08 | 신한카드 주식회사 | 다이나믹 트랙 2 정보를 이용한 모바일 결제 시스템 및 방법 |
| US9911118B2 (en) | 2012-11-21 | 2018-03-06 | Visa International Service Association | Device pairing via trusted intermediary |
| KR101316489B1 (ko) * | 2012-11-23 | 2013-10-10 | 신한카드 주식회사 | 다이나믹 ραn 이용한 트랜잭션 처리방법 |
| US10304047B2 (en) | 2012-12-07 | 2019-05-28 | Visa International Service Association | Token generating component |
| KR101330943B1 (ko) * | 2012-12-10 | 2013-11-26 | 신한카드 주식회사 | 일회성 카드정보를 이용한 결제 방법 |
| US9741051B2 (en) | 2013-01-02 | 2017-08-22 | Visa International Service Association | Tokenization and third-party interaction |
| US10740731B2 (en) | 2013-01-02 | 2020-08-11 | Visa International Service Association | Third party settlement |
| US11055710B2 (en) | 2013-05-02 | 2021-07-06 | Visa International Service Association | Systems and methods for verifying and processing transactions using virtual currency |
| CN105359179B (zh) | 2013-05-15 | 2019-12-10 | 维萨国际服务协会 | 移动令牌化枢纽 |
| US10878422B2 (en) | 2013-06-17 | 2020-12-29 | Visa International Service Association | System and method using merchant token |
| AU2014285769A1 (en) * | 2013-07-02 | 2016-01-07 | Visa International Service Association | Payment card including user interface for use with payment card acceptance terminal |
| AU2014290143C1 (en) | 2013-07-15 | 2019-01-03 | Visa International Service Association | Secure remote payment transaction processing |
| SG10201800629WA (en) | 2013-07-24 | 2018-02-27 | Visa Int Service Ass | Systems and methods for communicating risk using token assurance data |
| CN115907763A (zh) | 2013-07-26 | 2023-04-04 | 维萨国际服务协会 | 向消费者提供支付凭证 |
| US10496986B2 (en) | 2013-08-08 | 2019-12-03 | Visa International Service Association | Multi-network tokenization processing |
| CA2920661C (en) | 2013-08-08 | 2019-05-21 | Visa International Service Association | Methods and systems for provisioning mobile devices with payment credentials |
| KR102552606B1 (ko) | 2013-08-15 | 2023-07-06 | 비자 인터네셔널 서비스 어소시에이션 | 보안 요소를 이용한 보안 원격 지불 거래 처리 |
| CN115358746A (zh) | 2013-09-20 | 2022-11-18 | 维萨国际服务协会 | 包括消费者认证的安全远程支付交易处理 |
| EP3937108A1 (en) | 2013-10-11 | 2022-01-12 | Visa International Service Association | Network token system |
| US9978094B2 (en) | 2013-10-11 | 2018-05-22 | Visa International Service Association | Tokenization revocation list |
| US10515358B2 (en) | 2013-10-18 | 2019-12-24 | Visa International Service Association | Contextual transaction token methods and systems |
| US10489779B2 (en) | 2013-10-21 | 2019-11-26 | Visa International Service Association | Multi-network token bin routing with defined verification parameters |
| US8886570B1 (en) * | 2013-10-29 | 2014-11-11 | Quisk, Inc. | Hacker-resistant balance monitoring |
| US10366387B2 (en) | 2013-10-29 | 2019-07-30 | Visa International Service Association | Digital wallet system and method |
| US9516487B2 (en) | 2013-11-19 | 2016-12-06 | Visa International Service Association | Automated account provisioning |
| SG11201604906QA (en) | 2013-12-19 | 2016-07-28 | Visa Int Service Ass | Cloud-based transactions methods and systems |
| US9922322B2 (en) | 2013-12-19 | 2018-03-20 | Visa International Service Association | Cloud-based transactions with magnetic secure transmission |
| US10433128B2 (en) | 2014-01-07 | 2019-10-01 | Visa International Service Association | Methods and systems for provisioning multiple devices |
| US9846878B2 (en) | 2014-01-14 | 2017-12-19 | Visa International Service Association | Payment account identifier system |
| US10026087B2 (en) | 2014-04-08 | 2018-07-17 | Visa International Service Association | Data passed in an interaction |
| US9942043B2 (en) | 2014-04-23 | 2018-04-10 | Visa International Service Association | Token security on a communication device |
| WO2015168334A1 (en) | 2014-05-01 | 2015-11-05 | Visa International Service Association | Data verification using access device |
| US9848052B2 (en) | 2014-05-05 | 2017-12-19 | Visa International Service Association | System and method for token domain control |
| CN106465112A (zh) | 2014-05-21 | 2017-02-22 | 维萨国际服务协会 | 离线认证 |
| CN105429928A (zh) | 2014-05-30 | 2016-03-23 | 阿里巴巴集团控股有限公司 | 数据通信方法和***及客户端和服务器 |
| US11023890B2 (en) | 2014-06-05 | 2021-06-01 | Visa International Service Association | Identification and verification for provisioning mobile application |
| US10373153B2 (en) * | 2014-07-03 | 2019-08-06 | Mastercard International Incorporated | Method and system for maintaining privacy and compliance in the use of account reissuance data |
| US9780953B2 (en) | 2014-07-23 | 2017-10-03 | Visa International Service Association | Systems and methods for secure detokenization |
| US10484345B2 (en) | 2014-07-31 | 2019-11-19 | Visa International Service Association | System and method for identity verification across mobile applications |
| US9775029B2 (en) | 2014-08-22 | 2017-09-26 | Visa International Service Association | Embedding cloud-based functionalities in a communication device |
| US10140615B2 (en) | 2014-09-22 | 2018-11-27 | Visa International Service Association | Secure mobile device credential provisioning using risk decision non-overrides |
| CA2960319A1 (en) | 2014-09-26 | 2016-03-31 | Visa International Service Association | Remote server encrypted data provisioning system and methods |
| US11257074B2 (en) | 2014-09-29 | 2022-02-22 | Visa International Service Association | Transaction risk based token |
| US10015147B2 (en) | 2014-10-22 | 2018-07-03 | Visa International Service Association | Token enrollment system and method |
| GB201419016D0 (en) | 2014-10-24 | 2014-12-10 | Visa Europe Ltd | Transaction Messaging |
| US10325261B2 (en) | 2014-11-25 | 2019-06-18 | Visa International Service Association | Systems communications with non-sensitive identifiers |
| CN113537988B (zh) | 2014-11-26 | 2024-05-28 | 维萨国际服务协会 | 用于经由访问装置的令牌化请求的方法和设备 |
| RU2707939C2 (ru) | 2014-12-12 | 2019-12-02 | Виза Интернэшнл Сервис Ассосиэйшн | Платформа обеспечения для межмашинных устройств |
| US10257185B2 (en) | 2014-12-12 | 2019-04-09 | Visa International Service Association | Automated access data provisioning |
| US10187363B2 (en) | 2014-12-31 | 2019-01-22 | Visa International Service Association | Hybrid integration of software development kit with secure execution environment |
| US10096009B2 (en) | 2015-01-20 | 2018-10-09 | Visa International Service Association | Secure payment processing using authorization request |
| US11250391B2 (en) | 2015-01-30 | 2022-02-15 | Visa International Service Association | Token check offline |
| US11176554B2 (en) | 2015-02-03 | 2021-11-16 | Visa International Service Association | Validation identity tokens for transactions |
| US10977657B2 (en) | 2015-02-09 | 2021-04-13 | Visa International Service Association | Token processing utilizing multiple authorizations |
| US10164996B2 (en) | 2015-03-12 | 2018-12-25 | Visa International Service Association | Methods and systems for providing a low value token buffer |
| SG11201706576TA (en) | 2015-04-10 | 2017-09-28 | Visa Int Service Ass | Browser integration with cryptogram |
| US9998978B2 (en) | 2015-04-16 | 2018-06-12 | Visa International Service Association | Systems and methods for processing dormant virtual access devices |
| US10552834B2 (en) | 2015-04-30 | 2020-02-04 | Visa International Service Association | Tokenization capable authentication framework |
| JP2018530834A (ja) | 2015-10-15 | 2018-10-18 | ビザ インターナショナル サービス アソシエーション | トークン即時発行システム |
| CN108370319B (zh) | 2015-12-04 | 2021-08-17 | 维萨国际服务协会 | 用于令牌验证的方法及计算机 |
| SG11201805266YA (en) | 2016-01-07 | 2018-07-30 | Visa Int Service Ass | Systems and methods for device push provisioning |
| EP3411846A1 (en) | 2016-02-01 | 2018-12-12 | Visa International Service Association | Systems and methods for code display and use |
| US11501288B2 (en) | 2016-02-09 | 2022-11-15 | Visa International Service Association | Resource provider account token provisioning and processing |
| US10313321B2 (en) | 2016-04-07 | 2019-06-04 | Visa International Service Association | Tokenization of co-network accounts |
| WO2017184121A1 (en) | 2016-04-19 | 2017-10-26 | Visa International Service Association | Systems and methods for performing push transactions |
| US11250424B2 (en) | 2016-05-19 | 2022-02-15 | Visa International Service Association | Systems and methods for creating subtokens using primary tokens |
| AU2016409079B2 (en) | 2016-06-03 | 2021-07-22 | Visa International Service Association | Subtoken management system for connected devices |
| US11068899B2 (en) | 2016-06-17 | 2021-07-20 | Visa International Service Association | Token aggregation for multi-party transactions |
| SG11201808737YA (en) | 2016-06-24 | 2018-11-29 | Visa Int Service Ass | Unique token authentication cryptogram |
| BR112018076196A2 (pt) | 2016-07-11 | 2019-03-26 | Visa International Service Association | método, e, dispositivos de comunicação portátil e de acesso. |
| WO2018017068A1 (en) | 2016-07-19 | 2018-01-25 | Visa International Service Association | Method of distributing tokens and managing token relationships |
| US10509779B2 (en) | 2016-09-14 | 2019-12-17 | Visa International Service Association | Self-cleaning token vault |
| AU2017364118A1 (en) | 2016-11-28 | 2019-05-02 | Visa International Service Association | Access identifier provisioning to application |
| US10915899B2 (en) | 2017-03-17 | 2021-02-09 | Visa International Service Association | Replacing token on a multi-token user device |
| US10902418B2 (en) | 2017-05-02 | 2021-01-26 | Visa International Service Association | System and method using interaction token |
| US11494765B2 (en) | 2017-05-11 | 2022-11-08 | Visa International Service Association | Secure remote transaction system using mobile devices |
| US11301826B2 (en) | 2017-06-13 | 2022-04-12 | Sony Corporation | Information processing apparatus and information processing system |
| US10491389B2 (en) | 2017-07-14 | 2019-11-26 | Visa International Service Association | Token provisioning utilizing a secure authentication system |
| KR101954446B1 (ko) * | 2018-01-26 | 2019-03-05 | 주식회사 비즈모델라인 | 동적 계좌번호 기반 계좌거래 방법 |
| CN111819555A (zh) | 2018-03-07 | 2020-10-23 | 维萨国际服务协会 | 利用在线认证的安全远程令牌发布 |
| US11256789B2 (en) | 2018-06-18 | 2022-02-22 | Visa International Service Association | Recurring token transactions |
| EP3841498B1 (en) | 2018-08-22 | 2024-05-01 | Visa International Service Association | Method and system for token provisioning and processing |
| US11469895B2 (en) | 2018-11-14 | 2022-10-11 | Visa International Service Association | Cloud token provisioning of multiple tokens |
| SG11202108626QA (en) | 2019-05-17 | 2021-09-29 | Visa Int Service Ass | Virtual access credential interaction system and method |
| EP3767569A1 (en) * | 2019-07-18 | 2021-01-20 | Mastercard International Incorporated | An electronic transaction method and device using a flexible transaction identifier |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6163771A (en) * | 1997-08-28 | 2000-12-19 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
| US20010056409A1 (en) * | 2000-05-15 | 2001-12-27 | Bellovin Steven Michael | Offline one time credit card numbers for secure e-commerce |
| EP1265202A1 (en) * | 2001-06-04 | 2002-12-11 | Orbis Patents Limited | Business-to-business commerce using financial transaction numbers |
| WO2003038719A1 (en) * | 2001-10-31 | 2003-05-08 | Arcot Systems, Inc. | One-time credit card number generator and single round-trip authentication |
Family Cites Families (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5613012A (en) * | 1994-11-28 | 1997-03-18 | Smarttouch, Llc. | Tokenless identification system for authorization of electronic transactions and electronic transmissions |
| EP0993645A4 (en) * | 1997-07-03 | 2004-11-17 | Citicorp Dev Ct | SYSTEM AND METHOD FOR TRANSFERRING A VALUE ON A MAGNETIC TRACK OF A SERVICE CARD |
| US6000832A (en) * | 1997-09-24 | 1999-12-14 | Microsoft Corporation | Electronic online commerce card with customer generated transaction proxy number for online transactions |
| US6327578B1 (en) * | 1998-12-29 | 2001-12-04 | International Business Machines Corporation | Four-party credit/debit payment protocol |
| EP1028401A3 (en) * | 1999-02-12 | 2003-06-25 | Citibank, N.A. | Method and system for performing a bankcard transaction |
| AU2202001A (en) * | 1999-12-17 | 2001-06-25 | Chantilley Corporation Limited | Secure transaction systems |
| US20010029485A1 (en) * | 2000-02-29 | 2001-10-11 | E-Scoring, Inc. | Systems and methods enabling anonymous credit transactions |
| AU2001243473A1 (en) * | 2000-03-07 | 2001-09-17 | American Express Travel Related Services Company, Inc. | System for facilitating a transaction |
| AU2001249276A2 (en) * | 2000-03-24 | 2001-10-08 | Access Business Group International Llc | System and method for detecting fraudulent transactions |
| US7181762B2 (en) * | 2001-01-17 | 2007-02-20 | Arcot Systems, Inc. | Apparatus for pre-authentication of users using one-time passwords |
| US6983381B2 (en) * | 2001-01-17 | 2006-01-03 | Arcot Systems, Inc. | Methods for pre-authentication of users using one-time passwords |
| UA64840C2 (uk) * | 2001-10-12 | 2004-03-15 | Віталій Євгенович Леонідов-Каневський | Спосіб електронних платежів (варіанти) |
| US7100821B2 (en) * | 2003-05-15 | 2006-09-05 | Mehran Randall Rasti | Charge card and debit transactions using a variable charge number |
| US7472829B2 (en) * | 2004-12-10 | 2009-01-06 | Qsecure, Inc. | Payment card with internally generated virtual account numbers for its magnetic stripe encoder and user display |
| US7580898B2 (en) * | 2004-03-15 | 2009-08-25 | Qsecure, Inc. | Financial transactions with dynamic personal account numbers |
| US7347361B2 (en) * | 2005-06-13 | 2008-03-25 | Robert Lovett | System, method and program product for account transaction validation |
| US20090164381A1 (en) * | 2006-12-20 | 2009-06-25 | Brown Kerry D | Method of making secure payment cards |
| US20080288403A1 (en) * | 2007-05-18 | 2008-11-20 | Clay Von Mueller | Pin encryption device security |
-
2007
- 2007-11-16 DE DE112007002744T patent/DE112007002744T5/de not_active Withdrawn
- 2007-11-16 KR KR1020177007417A patent/KR20170034920A/ko not_active Application Discontinuation
- 2007-11-16 KR KR1020167000615A patent/KR20160011698A/ko active Search and Examination
- 2007-11-16 EP EP07849165A patent/EP2095311A2/en not_active Withdrawn
- 2007-11-16 AT AT0947807A patent/AT506775A2/de not_active Application Discontinuation
- 2007-11-16 AP AP2009004889A patent/AP3361A/xx active
- 2007-11-16 RU RU2009122578/08A patent/RU2479032C2/ru not_active IP Right Cessation
- 2007-11-16 CH CH00771/09A patent/CH698351B1/de not_active IP Right Cessation
- 2007-11-16 US US12/515,058 patent/US20100088227A1/en not_active Abandoned
- 2007-11-16 WO PCT/IB2007/054678 patent/WO2008059465A2/en active Application Filing
- 2007-11-16 CH CH01346/13A patent/CH709883B1/de not_active IP Right Cessation
- 2007-11-16 NZ NZ577677A patent/NZ577677A/en not_active IP Right Cessation
- 2007-11-16 GB GB0910305A patent/GB2457204A/en not_active Withdrawn
- 2007-11-16 BR BRPI0718902-8A patent/BRPI0718902A2/pt not_active Application Discontinuation
- 2007-11-16 CN CNA2007800427522A patent/CN101573723A/zh active Pending
- 2007-11-16 KR KR1020097012269A patent/KR20090102752A/ko active Application Filing
- 2007-11-16 AU AU2007320785A patent/AU2007320785B2/en not_active Ceased
- 2007-11-16 SE SE0950453A patent/SE0950453L/sv not_active Application Discontinuation
- 2007-11-16 CA CA2669320A patent/CA2669320C/en not_active Expired - Fee Related
- 2007-11-16 JP JP2009536857A patent/JP2010510567A/ja active Pending
- 2007-11-16 MX MX2009005257A patent/MX2009005257A/es active IP Right Grant
- 2007-11-16 MY MYPI20092017A patent/MY153194A/en unknown
-
2009
- 2009-05-14 IL IL198738A patent/IL198738A/en active IP Right Grant
- 2009-05-14 EG EG2009050715A patent/EG25664A/xx active
- 2009-06-01 ZA ZA200903802A patent/ZA200903802B/xx unknown
- 2009-06-12 FI FI20095662A patent/FI20095662L/fi not_active Application Discontinuation
- 2009-06-12 MA MA31982A patent/MA30987B1/fr unknown
-
2013
- 2013-02-22 US US13/774,804 patent/US20130297508A1/en not_active Abandoned
-
2015
- 2015-03-25 PH PH12015500674A patent/PH12015500674A1/en unknown
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6163771A (en) * | 1997-08-28 | 2000-12-19 | Walker Digital, Llc | Method and device for generating a single-use financial account number |
| US20010056409A1 (en) * | 2000-05-15 | 2001-12-27 | Bellovin Steven Michael | Offline one time credit card numbers for secure e-commerce |
| EP1265202A1 (en) * | 2001-06-04 | 2002-12-11 | Orbis Patents Limited | Business-to-business commerce using financial transaction numbers |
| WO2003038719A1 (en) * | 2001-10-31 | 2003-05-08 | Arcot Systems, Inc. | One-time credit card number generator and single round-trip authentication |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107836004A (zh) * | 2015-07-21 | 2018-03-23 | 万事达卡国际股份有限公司 | 用于处理对支付账户的交易的***和方法 |
| CN108352986A (zh) * | 2015-08-27 | 2018-07-31 | 万事达卡国际股份有限公司 | 用于增强基于云的***中的密码验证的方法和*** |
| CN109389395A (zh) * | 2017-08-09 | 2019-02-26 | 森斯通株式会社 | 虚拟代码提供***、生成装置、验证装置、提供方法及提供程序 |
| CN109389382A (zh) * | 2017-08-09 | 2019-02-26 | 森斯通株式会社 | 虚拟***生成装置及验证装置、金融交易提供***、方法及程序 |
| CN109389382B (zh) * | 2017-08-09 | 2022-05-31 | 森斯通株式会社 | 虚拟***生成装置及验证装置、金融交易提供***、方法及程序 |
| US11354401B2 (en) | 2017-08-09 | 2022-06-07 | SSenStone Inc. | System, method, and program for providing virtual code, virtual code generating device, and virtual code verifying device |
| CN109389395B (zh) * | 2017-08-09 | 2022-06-21 | 森斯通株式会社 | 虚拟代码提供***、生成装置、验证装置、提供方法 |
| US11609983B2 (en) | 2017-08-09 | 2023-03-21 | SSenStone Inc. | System, method, and program for providing virtual code, virtual code generating device, and virtual code verifying device |
| US11960595B2 (en) | 2017-08-09 | 2024-04-16 | SSenStone Inc. | System, method, and program for providing virtual code, virtual code generating device, and virtual code verifying device |
Also Published As
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101573723A (zh) | 安全金融交易 | |
| US20220156732A1 (en) | Data protection with translation | |
| CA2691789C (en) | System and method for account identifier obfuscation | |
| EP0047285B1 (en) | A system for authenticating users and devices in on-line transaction networks | |
| US8527427B2 (en) | Method and system for performing a transaction using a dynamic authorization code | |
| EP3255600B1 (en) | Method and system for generating a dynamic verification value | |
| US20020152180A1 (en) | System and method for performing secure remote real-time financial transactions over a public communications infrastructure with strong authentication | |
| JPH0334641A (ja) | 特殊キーを用いた転送データの暗号化方法 | |
| KR20090021220A (ko) | 검증 에러 감소 시스템 | |
| AU2001257019B2 (en) | An improved method and system for conducting secure payments over a computer network | |
| AU781671B2 (en) | An improved method and system for conducting secure payments over a computer network | |
| TW202109408A (zh) | 管理帳戶支付系統及其方法 | |
| JP2003536181A (ja) | 擬似或いは代理口座番号なしでコンピュータネットワークを越えて安全な支払いを処理するための改善された方法およびシステム | |
| JP4334021B2 (ja) | 読取り装置内の累積の証明方法 | |
| AU2012201255B2 (en) | An improved method and system for conducting secure payments over a computer network | |
| AU2007216920B2 (en) | An improved method and system for conducting secure payments over a computer network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1132823 Country of ref document: HK |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20091104 |