GB2348036A - Coded voucher for preventing transaction fraud - Google Patents

Coded voucher for preventing transaction fraud Download PDF

Info

Publication number
GB2348036A
GB2348036A GB9905924A GB9905924A GB2348036A GB 2348036 A GB2348036 A GB 2348036A GB 9905924 A GB9905924 A GB 9905924A GB 9905924 A GB9905924 A GB 9905924A GB 2348036 A GB2348036 A GB 2348036A
Authority
GB
United Kingdom
Prior art keywords
voucher
code
transaction
authentication
codes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB9905924A
Other versions
GB2348036B (en
GB9905924D0 (en
Inventor
Tony Evans
Kevin Hutchinson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB9905924A priority Critical patent/GB2348036B/en
Publication of GB9905924D0 publication Critical patent/GB9905924D0/en
Publication of GB2348036A publication Critical patent/GB2348036A/en
Application granted granted Critical
Publication of GB2348036B publication Critical patent/GB2348036B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • G07F7/122Online card verification

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Credit Cards Or The Like (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)

Abstract

A method for allowing a transaction comprises providing, e.g. to a sales point, a voucher bearing a voucher code, deriving an authentication code from the voucher code at a separate later stage, e.g. when it is sold to a user, and marking the voucher with the authentication code so that when the voucher is used during the transaction its validity may be ascertained by checking that the authentication code has been derived from the voucher code. Preferably the voucher represents money and the transaction includes the payment of some or all of the voucher's worth. The voucher may be marked by a plurality of authentication codes, one of which is initially hidden, e.g. by a scratch off layer or a tear off strip, and may only be revealed in an irreversible manner. The voucher's monetary worth may be derivable from the voucher code and the codes may be printed as numbers, bar codes, or stored in a chip. The transaction may be performed over a communication link, e.g. the internet, and may be a purchase, a loyalty scheme, or a corporate voucher scheme. The voucher may be a smart card, a piece of printed cardboard or paper, or may not have a physical form.

Description

Payment Instruments The Internet allows an unprecedented degree of access to information and interaction with other people, the geographical location generally being irrelevant. It has also been hailed as starting a similar commercial revolution, but as yet this has not materialised. Not only has the total amount of trade been disappointing, but much of this has relied upon the reputation of the traders outside the world of the Internet.
When a potential purchaser wishes to buy a product or service which he sees offered over the Internet, the usual method is to give details of his credit card. Understandably, people are reluctant to do this, as once a supplier has credit card details there is an opportunity for fraud, and it may be difficult to ascertain the suppliers geographical location. Additionally, credit card details may be intercepted by third parties intent on fraud. Debit cards are similarly vulnerable.
In any case, in order to effect a transaction using a credit card the purchaser must own a credit card, and the vendor must have merchant status to accept credit card transactions. A significant number of people are refused, or choose not to own a credit card, and it may be difficult for a small business persuade banks to grant them merchant status for Internet business.
To keep credit transactions on the web secure, complex encryption systems are required. Nevertheless, people remain wary of buying products over the web from unseen vendors using credit cards.
The object of the present invention is to provide a system for allowing transactions to be conducted over the web in a secure and efficient manner.
According to the present invention there is provided a method for allowing a transaction, including providing a voucher bearing a voucher code, marking said voucher by a code derivation means at a separate, later stage with a authentication code which is derivable from the voucher code, the voucher code and the authentication code being supplied to a verification means capable of checking that the authentication code has been derived from the voucher code, the verification means, on confirming this, indicating that the code is authentic.
Preferably the voucher represents a monetary denomination.
Preferably the transaction includes the authorisation of an amount equal to all or part of the voucher's denomination to be used as payment.
Preferably the voucher is marked by two separate authentication codes which are derivable from the voucher code, one of which is initially hidden, and may only be revealed in an irreversible manner. Preferably the voucher's monetary denomination is derivable from the voucher code. Preferably the payment is executed over a communication link, particularly the Internet.
According to another aspect of the present invention, there is provided a voucher as defined above.
According to another aspect of the present invention, there is provided a key derivation means as defined above.
According to another aspect of the present invention, there is provided a verification means as defined above.
A payment method will now be described, by way of example.
The voucher is a rectangular piece of cardboard, the size of a credit card, upon which is printed three labelled boxes, a Title, and a denomination. The three boxes comprise an Hidden code box, Serial code box, and Key code box, and are labelled as such. The Hidden code box and Serial code box are printed with two strings of characters, whilst at this stage the Key code is left blank. The Hidden code box is then masked by covering it with a removable surface of the scratchcard type, that is, when the surface is scratched, the printed matter beneath is revealed.
The Hidden code is a four character alphanumeric code, excluding both the letters'0'and'I'and the numbers nought and one in order to avoid confusion. The Serial code is an eight figure code uniquely identifying each card printed. The Serial codes are not a consecutive series of integers, but occur at intervals from a series of consecutive integers.
This is known as a sparse series. The intervals are either random or generated by an algorithm, but in either the case the particular series is known to scheme's organisers.
The voucher may be purchased over the counter from a shop. The cards are provided to the shop with the Key code box left empty, but the shop is equipped with a machine such as a programmed cash register or computer which will supply a Key code. Each machine uses an algorithm to generate a Key code from the Serial code, these machines hereafter being called Key Cutting machines. When a card is being purchased, the Key Cutting machine is used to obtain the Key code for the card, and written, or preferably printed, in the Key code box. The Key code, like the Hidden code, is a four character alphanumeric code.
The Serial code is simply a unique identifier allocated to each card.
Its relationship with the Key code must however be made very difficult to ascertain. The voucher may now be used to make purchases at other shops over the counter, and the Key code may be used, if necessary, to demonstrate that the card was properly issued, by entering the Serial code in the shop's Key cutting machine. In order to use the card for such a purchase, the Hidden code box must not have been revealed, as removal of the masking indicates that the card may have been used for an Internet purchase, the process of which is explained below. When the purchase is made, the voucher is surrendered, with change or lower denomination vouchers being given to make up any difference between the difference in the voucher's value and the value of the purchase. The vendor may now arrange for the voucher to be exchanged with the organisers of the voucher system.
In order to make a purchase over the Internet, the voucher holder must reveal the Hidden code printed in the Hidden code box. When the voucher holder visiting the vendor's server decides to make a purchase he is connected to the authentication scheme site run by the organisers of the voucher system, hereinafter called the Voucher Server.
The voucher holder then enters the Hidden code, the Serial code and the Key code which is sent to the Voucher Server, using a conventional encryption scheme for extra security. The Voucher Server checks that the stated Serial code is an element of the sparse series set, and that Hidden code and Key code correctly correspond to this Serial code. An account corresponding to the Serial code is set up for the voucher's monetary denomination, if no such account has already been set up. Money from this account may then be used to pay for the Internet purchase. If the full amount of the account is not spent on the first purchase, then the Voucher server may be visited on subsequent occasions, again checking that the Hidden code and Key code correspond to the Serial code, so that the voucher holder may make subsequent purchases until the account is exhausted.
Some or all the money in one account could be transferred to another account upon production of the first accounts Serial code, Key code and Hidden code, so that small amounts remaining from previous purchases can be collected up from different accounts, or a large total can be amassed for an expensive purchase.
The Hidden code is derivable from the Serial code by an algorithm in a similar way to the relationship between the Serial code and the Key code.
The Voucher Server checks that both the Key code and the Hidden code correspond to the Serial code.
Alternatively, either the Hidden code or the Key code could be derived from a table of all the Serial codes and corresponding codes, there being no algorithmic relationship between the Serial code and the corresponding code or codes. Each Key cutting machine must then be supplied with such a table, or else be equipped with a link to the Voucher server.
It will be apparent to one buying a valid voucher that it could not have been used for an Internet transaction, for the Hidden code box's mask should be intact. Also, that the clear Key box (and the fact that the vendor must exchange the voucher for payment by the organisers of the voucher system) indicate that the voucher has not been used in a over the counter purchase. It is also reassuring with a customer that even if a fraud were to be perpetrated, he could never be liable for more than the value of the voucher.
The vendor will be similarly reassured by the intact mask of the Hidden code box that it has not been previously used in an Internet purchase. Since unissued vouchers, having no Key code written upon them, cannot be used for payment, they should not attract the attentions of thieves. The security of the Key cutting machines, and their algorithms (or tables if used), is paramount. Precautions must be taken to protect the key cutting machines and the algorithms, such as monitoring the whereabouts of the Key cutting machines, and making sure that the Hidden codes are concealed as soon as possible after being printed. The algorithms or tables used by the Voucher server should also be secured, for example by keeping separate the programming from the code tables.
The Serial codes are themselves generated by an algorithm or from a table in order to achieve the sparse spacing. The Key cutting machine will also check that the Serial code submitted exists. Affirmation of this, and the giving of the Key code, will be artificially delayed, say by five seconds.
In this way, if a Key cutting machine is compromised, obtaining a list of usable Serial codes and the corresponding Key codes will be made more difficult.
The Key cutting machines, if linked to the Voucher Server or another centralised site, may also be used to audit the system, by logging the Serial code of each voucher used for over the counter purchases. This may be combined with Serial code data from vouchers used to set up accounts at the Voucher server. As an additional check a verification request may be sent from the Key cutting machine to the Voucher Server, and the Serial code checked against such data to check that the Serial code has not already been used to initiate an account.
The Serial code and a single derived code could be printed on the voucher, and the voucher confined to either a system solely for Internet transactions, or a system solely for over-the-counter transactions. The derived code could be initially masked in some way.
The vouchers could be used in a corporate voucher system within a single company, or between companies, wherein members of a company receive the vouchers as, say, an incentive or bonus, and may be used within or between companies. The voucher does not then have to be for a specific denomination, but could signify simply that the holder is entitled to some preferential treatment, the Key code showing that the voucher has been correctly issued. Such non-denomination vouchers could indeed be used in a similar way for a public voucher system.
A company having both shops and an Internet presence could issue its own vouchers to be used either in its shops or to buy products from its Internet server. The Voucher Server could then be organised by the company itself and incorporated into the company's Internet server.
Numerous variations relying upon the principles herein disclosed are possible. The physical form of the voucher could be varied considerably, for instance it could be a piece of printed paper similar in size to a banknote, or indeed need not be in a physical form at all.
The Serial code, Hidden code, and Key code could be printed as a machine-readable bar code, or supplied upon a chip incorporated in the card, in addition to or instead of being provided in a form immediately apparent to a person. The method of masking the Hidden code could be a tear of strip or other suitable means. The precise length and type of characters used in the codes could easily be adapted according to the circumstances. Other encryption techniques could if desired be incorporated into the voucher.
The voucher system could easily be adapted to allow transactions over any type of net, or even for telephone transactions.

Claims (14)

  1. CLAIMS 1. A method for allowing a transaction, including providing a voucher bearing a voucher code, marking said voucher by a code derivation means at a separate, later stage with a authentication code which is derivable from the voucher code, the voucher code and the authentication code being supplied to a verification means capable of checking that the authentication code has been derived from the voucher code, the verification means, on confirming this, indicating that the code is authentic.
  2. 2. A method according to the previous claim, wherein the voucher represents a monetary denomination.
  3. 3. A method according to claim 2, wherein the transaction includes the authorisation of an amount equal to all or part of the voucher's denomination to be used as payment.
  4. 4. A method according to any previous claim, wherein the voucher is marked by two or more separate authentication codes which are derivable from the voucher code, one of which is initially hidden, and may only be revealed in an irreversible manner.
  5. 5. A method according to any previous claim, wherein the voucher's monetary denomination is derivable from the voucher code.
  6. 6. A method according to any any of claims 3 to 5, wherein the payment is executed over a communication link, particularly the Internet.
  7. 7. A voucher according to any previous claim.
  8. 8. A key derivation means according to any of claims 1 to 6.
  9. 9. A verification means according to any of claims 1 to 6.
  10. 10. A method for allowing a transaction substantially as herein described and illustrated.
  11. 11. A voucher substantially as herein described and illustrated.
  12. 12. A key derivation means substantially as herein described and illustrated.
  13. 13. A verification means substantially as herein described and illustrated.
  14. 14. Any novel and inventive feature or combination of features specifically disclosed herein within the meaning of Article 4H of the International Convention (Paris Convention).
GB9905924A 1999-03-15 1999-03-15 Payment instruments Expired - Fee Related GB2348036B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB9905924A GB2348036B (en) 1999-03-15 1999-03-15 Payment instruments

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB9905924A GB2348036B (en) 1999-03-15 1999-03-15 Payment instruments

Publications (3)

Publication Number Publication Date
GB9905924D0 GB9905924D0 (en) 1999-05-05
GB2348036A true GB2348036A (en) 2000-09-20
GB2348036B GB2348036B (en) 2001-03-28

Family

ID=10849648

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9905924A Expired - Fee Related GB2348036B (en) 1999-03-15 1999-03-15 Payment instruments

Country Status (1)

Country Link
GB (1) GB2348036B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1276081A2 (en) * 2001-07-14 2003-01-15 Bundesdruckerei GmbH Ticket system
WO2003075231A1 (en) * 2002-02-22 2003-09-12 Handcash As Payment card and method
GB2388459A (en) * 2002-04-17 2003-11-12 Nigel Graham Walters Payment card with revealable code
GB2389693A (en) * 2002-06-10 2003-12-17 Consignia Plc Payment systems
EP1359549A3 (en) * 2002-04-29 2004-08-18 General Technology Services Company s.a.l Prepaid credit card
EP1288852A3 (en) * 2001-07-14 2006-10-25 Bundesdruckerei GmbH Ticket system
EP1717766A1 (en) * 2005-04-27 2006-11-02 Hewlett-Packard Development Company, L.P. Card kit, card system and validation method
EP1973081A3 (en) * 2007-03-19 2009-10-14 Progressive Gaming International Corporation Gaming token verification

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3833795A (en) * 1971-08-05 1974-09-03 Elscint Ltd Method and means for ascertaining the authenticity of serially numbered objects
GB2252270A (en) * 1991-01-30 1992-08-05 Wren Hilton Giles Martin Credit or phone card
US5432506A (en) * 1992-02-25 1995-07-11 Chapman; Thomas R. Counterfeit document detection system
WO1997026618A1 (en) * 1996-01-18 1997-07-24 Merrill Lynch & Co., Inc. Fraud detection data processor
WO1998043825A1 (en) * 1997-04-02 1998-10-08 Aaron Ittah Payment instrument on all types of networks and particularly on internet

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3833795A (en) * 1971-08-05 1974-09-03 Elscint Ltd Method and means for ascertaining the authenticity of serially numbered objects
GB2252270A (en) * 1991-01-30 1992-08-05 Wren Hilton Giles Martin Credit or phone card
US5432506A (en) * 1992-02-25 1995-07-11 Chapman; Thomas R. Counterfeit document detection system
WO1997026618A1 (en) * 1996-01-18 1997-07-24 Merrill Lynch & Co., Inc. Fraud detection data processor
WO1998043825A1 (en) * 1997-04-02 1998-10-08 Aaron Ittah Payment instrument on all types of networks and particularly on internet

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1276081A2 (en) * 2001-07-14 2003-01-15 Bundesdruckerei GmbH Ticket system
EP1276081A3 (en) * 2001-07-14 2004-06-09 Bundesdruckerei GmbH Ticket system
EP1288852A3 (en) * 2001-07-14 2006-10-25 Bundesdruckerei GmbH Ticket system
WO2003075231A1 (en) * 2002-02-22 2003-09-12 Handcash As Payment card and method
GB2388459A (en) * 2002-04-17 2003-11-12 Nigel Graham Walters Payment card with revealable code
EP1359549A3 (en) * 2002-04-29 2004-08-18 General Technology Services Company s.a.l Prepaid credit card
GB2389693A (en) * 2002-06-10 2003-12-17 Consignia Plc Payment systems
EP1717766A1 (en) * 2005-04-27 2006-11-02 Hewlett-Packard Development Company, L.P. Card kit, card system and validation method
EP1973081A3 (en) * 2007-03-19 2009-10-14 Progressive Gaming International Corporation Gaming token verification

Also Published As

Publication number Publication date
GB2348036B (en) 2001-03-28
GB9905924D0 (en) 1999-05-05

Similar Documents

Publication Publication Date Title
US7051929B2 (en) Secure credit card having daily changed security number
Barker et al. Credit card fraud: awareness and prevention
US6330544B1 (en) System and process for issuing and managing forced redemption vouchers having alias account numbers
US6454165B1 (en) Debit card with activation control
US8430298B2 (en) Presentation instrument package arrangement
US7896252B2 (en) Presentation instrument with user-created pin and methods for activating
US20020143703A1 (en) Internet cash card
KR100292837B1 (en) online ticket sales system and method for the same
JPH11506589A (en) Refundable prepaid telephone card
US20010047340A1 (en) Authenticity verification method and apparatus
US6832720B2 (en) Debit card with activation control
WO2019056116A1 (en) Systems, methods and devices to facilitate secure purchases of cryptocurrencies
WO2001054081A2 (en) Anonymous credit card
US10210715B2 (en) Lottery transaction mechanisms
GB2348036A (en) Coded voucher for preventing transaction fraud
NL1014440C2 (en) Voucher, in particular a gift voucher, as well as a method for issuing and collecting a physical or virtual coupon.
US6463541B2 (en) Object authentification method using printed binary code and computer registry
US20020040925A1 (en) Method and apparatus for transmission of monetary value and the payment of debts
WO2000074006A1 (en) System
US20230041655A1 (en) Slap pay and snap pay contactless payment and data systems
WO2008029141A1 (en) A debit or credit card
US20020103768A1 (en) Secure payment system allowing selection of any payable amount
KR100432528B1 (en) Management system for electronic deal use of Mondex Card
US20080173721A1 (en) Stored value card with fraud protection coded cover
KR200306385Y1 (en) The service apparatus of internet lottery

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20100315