WO2010115604A2 - Method and system for contactless proximity transactions - Google Patents

Method and system for contactless proximity transactions Download PDF

Info

Publication number
WO2010115604A2
WO2010115604A2 PCT/EP2010/002151 EP2010002151W WO2010115604A2 WO 2010115604 A2 WO2010115604 A2 WO 2010115604A2 EP 2010002151 W EP2010002151 W EP 2010002151W WO 2010115604 A2 WO2010115604 A2 WO 2010115604A2
Authority
WO
WIPO (PCT)
Prior art keywords
telecommunication equipment
terminal
communication protocol
transaction
identification information
Prior art date
Application number
PCT/EP2010/002151
Other languages
French (fr)
Other versions
WO2010115604A3 (en
Inventor
Dominique Bolignano
Eric Vetillard
Original Assignee
Trusted Logic
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Trusted Logic filed Critical Trusted Logic
Publication of WO2010115604A2 publication Critical patent/WO2010115604A2/en
Publication of WO2010115604A3 publication Critical patent/WO2010115604A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/06Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices
    • H04W88/10Access point devices adapted for operation in multiple networks, e.g. multi-mode access points
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/04Interfaces between hierarchically different network devices
    • H04W92/10Interfaces between hierarchically different network devices between terminal device and access point, i.e. wireless air interface

Definitions

  • This invention concerns the field of electronic transactions and, more particularly, contactless electronic proximity transactions between, on the one hand, a user's mobile telecommunications equipment and, on the other hand, at least one electronic transaction terminal.
  • One particular application of the invention is aimed at electronic transactions carried out using a mobile/portable telephone.
  • the ISO 14443 standard relates to smart cards having a contactless operating mode. In particular it describes the operation of such smart cards placed close to the aerial of a contactless smart card reader. It defines communication standards and transmission protocols between contactless smart cards and readers.
  • So-called NFC (Near Field Communication) technology is a high frequency (13.56 MHz), proximity, contactless communication technology. It enables data exchange between devices a few centimetres away.
  • This technology is an extension of the ISO 14443 standard. It is generally implemented using an NFC integrated circuit. When a device, for example a mobile telephone, includes such an integrated circuit, it can communicate with other devices including an NFC integrated circuit, or smart cards and/or smart card readers compatible with the ISO 14443 standard.
  • NFC technology enables contactless electronic proximity transactions between a mobile telephone equipped with NFC technology and an electronic transaction terminal. Application examples for NFC technology are access to a public transport network and payment for products or services.
  • the invention is intended to solve the problem of providing a method and an electronic transaction system that enables the user experience of NFC transactions to be reproduced, however without requiring substantial modifications to equipment architecture and/or existing software needed to implement these transactions, the said transactions remaining nonetheless secure.
  • the solution to this problem offered by the invention provides a method including an identification step and the actual transaction step.
  • This identification step is separated from the transaction step by using means of communication that can be distinct.
  • the identification step uses a direct, contactless, short-range means of communication.
  • the transaction step takes place using any other means of communication, at least partially contactless.
  • the invention relates to transaction method comprising the following steps: the identification of mobile telecommunication equipment including the transmission of at least one security identification information element from the said mobile telecommunication equipment to an electronic transaction terminal according to a first contactless proximity communication protocol when the said security element is placed in a detection zone of the electronic transaction terminal; and electronic transaction between the said mobile telecommunication equipment and the said electronic transaction terminal according to a second communication protocol.
  • the invention relates to a transaction system comprising an electronic transaction terminal and mobile telecommunication equipment, in which: the said mobile telecommunication equipment includes a security element provided to transmit at least one piece of identification information from the telecommunication equipment to the terminal according to a first contactless proximity communication protocol when the security element is placed in a detection zone of the terminal; and the said electronic transaction terminal includes at least a means of reading the said identification information and a means of communication to relay an electronic transaction between the telecommunication equipment and the electronic transaction terminal according to a second communication protocol. More interestingly, - the first and second communication protocols are distinct communication protocols; - the identification information transmitted to the terminal according to the first communication protocol is used to conduct the transaction according to the second communication protocol;
  • the method also includes an authentication step for the telecommunication equipment; - the first communication protocol is uni-directional; - the second communication protocol is bi-directional; - the identification information includes a unique identifier for the telecommunication equipment associated directly or indirectly with a telephone number for the telecommunication equipment; - the identification information also includes additional information enabling the terminal to determine the second communication protocol; - the identification information also includes additional location information for the telecommunication equipment;
  • the second communication protocol is a contactless protocol, which employs a mobile telephone network to local wireless telecommunication network
  • the security element is an RFID transponder built into or fixed onto the telecommunication equipment
  • - the security element is a contactless smart card built into the communication equipment or inserted removably into the telecommunication equipment
  • - the system also includes a server relaying the electronic transaction between the terminal and the telecommunication equipment according to the second communication protocol.
  • figure 1 is a schematic illustration of the transaction system according to a first embodiment of the invention
  • figure 2 is a schematic illustration of the transaction method according to the first embodiment of the invention
  • figure 3 is a schematic illustration of the transaction system according to a second embodiment of the invention
  • figure 4 is a schematic illustration of the transaction method according to the second embodiment of the invention.
  • telecommunication equipment In the description that follows, the terminology "telecommunication equipment" will be used in its broadest definition.
  • An item of telecommunication equipment is a portable or mobile multi-function device.
  • the telecommunication equipment can be a mobile/portable telephone, a PDA personal assistant, a PC personal microcomputer, etc., equipped with means of connection to a telecommunications network.
  • the telecommunication network can be a mobile telecommunication network, for example of type GSM, 3G, GPRS, EDGE, UMTS, CDMA or CDMA2000, or a local wireless telecommunication network such as WLAN, WPAN, WiFiTM, ZigbeeTM, BluetoothTM or WiMAXTM, etc.
  • Figures 1 and 2 are schematic illustrations of the first embodiment of the invention.
  • Transaction system 1 shown in figure 1 includes an electronic transaction terminal 2 and a user's mobile telecommunication equipment 3.
  • the mobile telecommunication equipment 3 for example a mobile telephone, includes an information display device 4, an information input device 5, a security element 6, and a first transaction module 7.
  • the information display device 4 can be a screen or loudspeaker, for example.
  • the information input device 5 can be a keyboard or touch screen, for example.
  • the security element 6 includes identification information ID for the telecommunication equipment.
  • the security element 6 can be permanently fixed or removable in or on the surface of the telecommunication equipment.
  • the first transaction module 7 performs the actual transaction for the telecommunication equipment by enabling interaction with the user by means, for example, of the screen and information input device 4. This transaction module 7 can be made in the form of a software application loaded into a memory and executed by a micro-processor (not shown) in the mobile telecommunication equipment 3.
  • the security element 6 can be a uni-dimensional or bi-dimensional bar code printed on the telecommunication equipment 3, fixed for example glued on the said equipment or displayed on the screen 4.
  • the bar codes include identification information ID for the telecommunication equipment.
  • the security element 6 can be an RFID transponder (Radio Frequency Identification) built into the telecommunication equipment 3 or fixed to equipment 3.
  • the security element 6 can be a contactless smart card built into telecommunication equipment 3 or inserted removably into the telecommunication equipment 3.
  • the electronic transaction terminal 2 is fixed or mobile. It includes a reader 8, a means of communication 9 and a second transaction module 10.
  • the reader 8 defines a detection zone ZD for terminal 2.
  • the reader 8 When security element 6 in the mobile telecommunication equipment 3 is placed in this detection zone ZD, the reader 8 is able to read the identification information of the said security element 6.
  • the reader 8 can be an optical detector to detect a security element such as a bar code.
  • the reader 8 can be an aerial to detect a security element such as an RFID transponder or contactless smart card.
  • the detection zone ZD is preferably short-range. Typically it extends over a few centimetres.
  • the means of communication 9 enables direct or indirect bi-directional contactless communication with the telecommunication equipment 3.
  • the second transaction module carries out the actual transaction for the terminal. It can be made in the form of a software application loaded into a memory and executed by a micro-processor (not shown) in the terminal.
  • the transaction method shown in figure 2 includes an identification step S1 for mobile telecommunication equipment 3 and an electronic transaction step S2.
  • identification step S1 identification information ID from the telecommunication equipment is sent to the electronic transaction terminal. This transmission is performed according to a first contactless proximity communication protocol P1. It requires telecommunication equipment 3 to be placed in the detection zone ZD of electronic transaction terminal 2. Identification is carried out when the mobile telecommunication equipment 3 and terminal 2 are close to one another, in practice a few centimetres apart. The identification information is temporarily or permanently associated with the telecommunication equipment.
  • the identification information ID can be included in a unique identifier for the telecommunication equipment, for example a telephone number, an IMSI (International Mobile Subscriber Identity), an IMEI (International Mobile Equipment Identity), a MAC (Media Access Control) address, or an IP (Internet Protocol) address or a customer code associated with the telecommunication equipment (for example a season ticket number for a public transport network) or a user name.
  • IMSI International Mobile Subscriber Identity
  • IMEI International Mobile Equipment Identity
  • MAC Media Access Control
  • IP Internet Protocol
  • any identification information ID enabling direct or indirect identification of the telecommunication equipment and subsequently the user of this equipment is suitable.
  • the first communication protocol P1 can also be used to transmit additional information IS.
  • the additional information IS can include a second communication protocol P2 to be used to continue the transaction, and/or data forming part of the authentication process for the transaction (public key encryption, random code), etc.
  • the first communication protocol P1 is used by security element 6 in telecommunication equipment 3 combined with the appropriate reader 8 in the electronic transaction terminal 2.
  • Different communication protocols are possible depending on the different security elements described above.
  • the first communication protocol P1 uses a short-range contactless communication technique over less than 10 cm. In this way the risks of MITM-type attacks (Man In The Middle) are reduced.
  • third parties will not be able to interfere, or indeed take over, in the transaction between the telecommunication equipment and the terminal from the start of the transaction, the telecommunication equipment, in order to hijack the transaction for fraudulent purposes.
  • the first communication protocol P1 can be implemented by means of a uni- dimensional or bi-dimensional bar code combined with a terminal equipped with a suitable optical reader.
  • the identification information is contained in the bar code that is read by the optical reader when the said code is placed in the optical reader's detection zone.
  • This first communication protocol P1 is unidirectional.
  • the detection zone ZD of the reader is directional in the case of an optical reader.
  • this first example of communication protocol is highly resistant to an MITM attack because the optical technique is short range and directional.
  • the first communication protocol P1 can be implemented by means of an RFID tag or similar passive integrated circuit combined with a terminal equipped with a suitable receiving aerial.
  • the identification information contained in the radio signal sent by the RFID tag is detected by the aerial when the RFID transponder is placed in the aerial's detection zone.
  • This first communication protocol P1 is also uni-directional.
  • the first communication protocol P1 can be implemented by means of a smart card or similar active integrated circuit combined with a terminal equipped with a suitable receiving aerial.
  • the smart card is authenticated by the terminal, that is it sends identification information to the terminal; the identification information may be accompanied by elements enabling its authentication such as an encrypted signature proving knowledge of a secret obtained using any known encryption algorithm.
  • This first communication protocol P1 can be bi-directional.
  • the actual electronic transaction for example access to a public transport network or payment for a product or service, etc.
  • the electronic transaction terminal During this transaction, data are exchanged according to a second contactless communication protocol P2.
  • the means of communication 9 in the terminal enables communication with the telecommunication equipment through a second communication protocol P2.
  • This second communication protocol P2 is preferably bi-directional.
  • communication according to the second communication protocol P2 is performed by exchange of SMS (Short Message Service) type messages.
  • SMS Short Message Service
  • the means of communication 9 in the terminal sends a first SMS message to the telephone number contained in the identification number information received during the identification step.
  • the SMS message is viewed by the user of the telecommunication equipment.
  • the user replies to the terminal with a second SMS message that may include information required to continue the transaction to its completion.
  • the SMS messages are processed in the telecommunication equipment by the first transaction module 7 and in the terminal by the second transaction module 10.
  • communication according to the second communication protocol P2 is performed by GPRS (General Packet Radio Service) or Internet.
  • the interaction is performed by means of messages sent to the telephone number or IP address contained in the identification number information received during the identification number step.
  • the rest of the transaction is performed in a similar way to the first example above.
  • the two previous examples do not exclude the use of voice messages or e-mails to send certain information required for the transaction.
  • communication according to the second communication protocol P2 is performed by means of a local protocol of type BluetoothTM, ZigbeeTM, WiFiTM, etc.
  • the terminal is connected to the telecommunication equipment according to one of these protocols using the identification information and automatically starts execution of the first transaction module 7.
  • the rest of the transaction is performed in a similar way to the first example above.
  • a direct or indirect link is established between the terminal and the security element in the form of a SIM (Subscriber Identity Module) smart card, communication by the second communication protocol P2 being performed by means of the standardised protocol used by the SIM smart card.
  • SIM Subscriber Identity Module
  • FIGS 3 and 4 are schematic illustrations of the second embodiment of the invention.
  • the second implementation method differs from the first implementation method in that the second communication protocol P2 does not directly link terminal 2 to the telecommunication equipment 3.
  • an external telecommunication network TN is used to complete the electronic transaction step S2. Only the elements/steps that differ from the first implementation method will now be described.
  • Transaction system 1 shown in figure 3 also includes an application server 11.
  • the application server includes a third transaction module 12.
  • the transaction module 12 can be made in the form of a software application loaded into a memory and executed by a micro-processor (not shown) in the application server.
  • the identification step S1 for telecommunication equipment by the terminal is performed in the same way as the first implementation method.
  • the electronic transaction step S2 involves the application server 11 that relays information exchanges and messages between the terminal and the telecommunication equipment and vice-versa by means of the second communication protocol.
  • Communication between the terminal and the telecommunication equipment is established by means of the telecommunication network TN.
  • the application server 11 communicates with terminal 2 and the telecommunication equipment using SMS type messages.
  • the transaction module 12 can be used to decode the identification information when this does not enable the terminal to contact the telecommunication equipment directly. This can be the case if the identifier contained in the identification information matches a customer code or when it is encrypted.
  • the two implementation methods presented above can also include an additional authentication step.
  • the authentication step is includes between the identification step and the actual electronic transaction step. It can be an integral part of one or the other.
  • the authentication step is intended to reduce or indeed avoid cloning or MITM type attacks already described above. In fact, if the identification information is cloned, it becomes possible for a third party to carry out a transaction without the knowledge of the telecommunication equipment's authorised user.
  • the security element 6 is a bar code or a passive integrated circuit, for example an RFID transponder
  • the terminal can send the telecommunication equipment a message including data describing the purpose and amount of the transaction as well as data authenticating the terminal (merchant name of service supplier).
  • the transaction will actually be initiated after the terminal receives confirmation sent by the user of the telecommunication equipment.
  • these data can also contain random data (digital code, colour code, etc.) presented (for example by display on the screen) both on the telecommunication equipment and on the terminal, in order to enable the user to confirm the consistency of the information showing on their telecommunication equipment and on the terminal.
  • the authentication step can be performed at the same time as the identification step.
  • the security element like the terminal systematically uses diversification data in the messages exchanged in order to provide joint authentication.
  • the diversification data avoids cloning and replaying a message from a previous identification step.
  • biometric data stored in the telecommunication equipment or in the application server.
  • the photograph of the authorised user of the telecommunication equipment can easily be authenticated by the terminal operator before continuing the transaction. This additional security measure is particularly effective against cloning.
  • the identification information ID can also include additional information IS, for example a unique transaction number generated randomly that will also be sent back during all exchanges in the transaction step.
  • additional information exchanged IS locating the telecommunication equipment and/or the transaction terminal can be exchanged during the transaction phase by means of the second communication protocol P2.
  • the telecommunication equipment can have location information, for example if it is equipped with a GPS (Global Positioning System) module, by triangulation from known positions of relay antennae of a mobile telephone network or WiFi TM access point, or by approximate determination of the relay antenna of the nearest mobile telephone network operator or nearest WiFi TM access point.
  • GPS Global Positioning System
  • the location information can be used to avoid cloning of identification information for the telecommunication equipment that could be reused in another place.
  • the method and system of the invention are used to pay for products or services from a merchant.
  • the user of the telecommunication equipment sends identification information by bar code reader or RFID transponder through the merchant's payment terminal.
  • the user can run an application displaying identification information (for example a bar code) on the telecommunication equipment's screen.
  • This identification information can depend on environmental parameters (transaction data and time, location, etc.).
  • This identification information can be completed by cryptographic authentication.
  • the payment terminal sends the identification information to a server.
  • the server links the identification information to a telephone number of the telecommunication equipment, and sends an SMS message to this telecommunication equipment.
  • the SMS message runs the transaction module of the telecommunication equipment.
  • the transaction module contacts the merchant's payment terminal via the server.
  • the transaction can be undertaken directly between the payment terminal and the telecommunication equipment by using a local connection, for example BluetoothTM.
  • Transaction information is sent by the terminal and presented to the users on the screen of their telecommunication equipment.
  • the transaction information may also include authentication information from the payment terminal (for example, a random character) also displayed on the payment terminal's screen.
  • the user confirms the transaction by authenticating it with a password, biometric data or some other means.
  • the transaction module in the telecommunication equipment sends the payment terminal information confirming the transaction. This transaction may be accompanied by additional authentication information from the user (for example, the user's photo).
  • the merchant can then approve the transaction.
  • Data exchange can be done according to a proprietary protocol or according to an existing protocol, for example following the
  • the method and system of the invention are used to pay for products or services at a merchant, payment made by a first person, for example a child, is supervised and approved remotely by a second person, for example a responsible adult.
  • the transaction is made in a similar way to the first application except that the identification step is carried out using the first person's telecommunication equipment, while the actual transaction step and in particular its approval is carried out remotely through the second person's telecommunication equipment.
  • the transaction can be approved by double confirmation of the transaction, that is by both the first and the second persons. For example, confirmation by the child initiates the confirmation request from the responsible adult.
  • the method and system of the invention are used to access a public transport network and pay for journeys on this network.
  • the network is equipped with contactless terminals at the entrance and exit to the network.
  • the telecommunication equipment enables the user to be identified and to manage debits and recharges to his network access account.
  • the user of the telecommunication equipment sends identification information by bar code reader or RFID transponder through the network access terminal.
  • identification number information can include the user's season ticket account number for the public transport network.
  • the user can run an application displaying identification information (for example a bar code) on the telecommunication equipment's screen. This identification information can also depend on environmental parameters (entry/exit data and time, location, etc.). This identification information can be completed by cryptographic authentication.
  • the network access terminal sends the identification information to a server.
  • the server links the identification number information to the telephone number of the telecommunication equipment and can send messages to this telecommunication equipment in order to allow users to manage their season ticket account for the public transport network.
  • an SMS message sent by the server can run the transaction module in the telecommunication equipment in order to request the account to be recharged.
  • the transaction module can also be used by the telecommunication equipment user to check debits from the account. Cloning can be combated by detecting duplicates in the public transport network, possibly by interacting with the telecommunication equipment.
  • the user has both a mobile telephone and a contactless card for access to the transport network, for example a NavigoTM type card.
  • the card then constitutes the security element including identification data required when using the first protocol. It identifies the mobile telephone, although not being physically associated to it.
  • the user passes the card in front of a specific terminal.
  • An SMS is then sent to the mobile telephone. This SMS launches a mobile application allowing the card to be recharged. Later on the user passes the card in front of another specific terminal. This time the card is actually credited.
  • a message can be sent to the mobile telephone, which launches a specific application in the telephone in order to recharge the card.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A transaction method comprising an identification step (S1) and an electronic transaction step (S2). The identification step identification (S1) of mobile telecommunication equipment (3) includes the transmission of at least one piece of identification information (ID) from the mobile telecommunication equipment (3) to an electronic transaction terminal (2) according to a first contactless proximity communication protocol (P1) when the telecommunication equipment (3) is placed in a detection zone (ZD) of the terminal (2). The electronic transaction step (S2) between the telecommunication equipment (3) and the electronic transaction terminal (2) is carried out according to a second contactless communication protocol (P2).

Description

METHOD AND SYSTEM FOR CONTACTLESS PROXIMITY TRANSACTIONS
TECHNICAL FIELD OF THE INVENTION This invention concerns the field of electronic transactions and, more particularly, contactless electronic proximity transactions between, on the one hand, a user's mobile telecommunications equipment and, on the other hand, at least one electronic transaction terminal. One particular application of the invention is aimed at electronic transactions carried out using a mobile/portable telephone. PRIOR STATE OF THE ART
The ISO 14443 standard relates to smart cards having a contactless operating mode. In particular it describes the operation of such smart cards placed close to the aerial of a contactless smart card reader. It defines communication standards and transmission protocols between contactless smart cards and readers. So-called NFC (Near Field Communication) technology is a high frequency (13.56 MHz), proximity, contactless communication technology. It enables data exchange between devices a few centimetres away. This technology is an extension of the ISO 14443 standard. It is generally implemented using an NFC integrated circuit. When a device, for example a mobile telephone, includes such an integrated circuit, it can communicate with other devices including an NFC integrated circuit, or smart cards and/or smart card readers compatible with the ISO 14443 standard. NFC technology enables contactless electronic proximity transactions between a mobile telephone equipped with NFC technology and an electronic transaction terminal. Application examples for NFC technology are access to a public transport network and payment for products or services.
Only users of mobile telephones including an NFC integrated circuit can carry out such electronic transactions. Mobile telephones including an NFC integrated circuit currently remain rare. As a result these transactions are not available to the majority of people.
CONFIRMATION COPV EXPOSITION OF THE INVENTION
In consideration of the above, the invention is intended to solve the problem of providing a method and an electronic transaction system that enables the user experience of NFC transactions to be reproduced, however without requiring substantial modifications to equipment architecture and/or existing software needed to implement these transactions, the said transactions remaining nonetheless secure. The solution to this problem offered by the invention provides a method including an identification step and the actual transaction step. This identification step is separated from the transaction step by using means of communication that can be distinct. The identification step uses a direct, contactless, short-range means of communication. The transaction step takes place using any other means of communication, at least partially contactless. More precisely, according to a first aspect, the invention relates to transaction method comprising the following steps: the identification of mobile telecommunication equipment including the transmission of at least one security identification information element from the said mobile telecommunication equipment to an electronic transaction terminal according to a first contactless proximity communication protocol when the said security element is placed in a detection zone of the electronic transaction terminal; and electronic transaction between the said mobile telecommunication equipment and the said electronic transaction terminal according to a second communication protocol.
According to a second aspect, the invention relates to a transaction system comprising an electronic transaction terminal and mobile telecommunication equipment, in which: the said mobile telecommunication equipment includes a security element provided to transmit at least one piece of identification information from the telecommunication equipment to the terminal according to a first contactless proximity communication protocol when the security element is placed in a detection zone of the terminal; and the said electronic transaction terminal includes at least a means of reading the said identification information and a means of communication to relay an electronic transaction between the telecommunication equipment and the electronic transaction terminal according to a second communication protocol. More interestingly, - the first and second communication protocols are distinct communication protocols; - the identification information transmitted to the terminal according to the first communication protocol is used to conduct the transaction according to the second communication protocol;
- the method also includes an authentication step for the telecommunication equipment; - the first communication protocol is uni-directional; - the second communication protocol is bi-directional; - the identification information includes a unique identifier for the telecommunication equipment associated directly or indirectly with a telephone number for the telecommunication equipment; - the identification information also includes additional information enabling the terminal to determine the second communication protocol; - the identification information also includes additional location information for the telecommunication equipment;
- the second communication protocol is a contactless protocol, which employs a mobile telephone network to local wireless telecommunication network; the security element is an RFID transponder built into or fixed onto the telecommunication equipment; - the security element is a contactless smart card built into the communication equipment or inserted removably into the telecommunication equipment; and - the system also includes a server relaying the electronic transaction between the terminal and the telecommunication equipment according to the second communication protocol. In this way the invention enables contactless transactions to be implemented simply, securely and at low cost as part of an existing architecture with few modifications and without equipment modifications. In particular, users of standard mobile telecommunication equipment can have a user experience similar to those equipped with NFC technology. DESCRIPTION OF THE DIAGRAMS
The invention will be better understood on reading the following non-exhaustive description, which has been written in relation to the attached diagrams, in which: figure 1 is a schematic illustration of the transaction system according to a first embodiment of the invention; figure 2 is a schematic illustration of the transaction method according to the first embodiment of the invention; figure 3 is a schematic illustration of the transaction system according to a second embodiment of the invention; and figure 4 is a schematic illustration of the transaction method according to the second embodiment of the invention.
DETAILED DESCRIPTION OF THE INVENTION
In the description that follows, the terminology "telecommunication equipment" will be used in its broadest definition. An item of telecommunication equipment is a portable or mobile multi-function device. As an example, the telecommunication equipment can be a mobile/portable telephone, a PDA personal assistant, a PC personal microcomputer, etc., equipped with means of connection to a telecommunications network. The telecommunication network can be a mobile telecommunication network, for example of type GSM, 3G, GPRS, EDGE, UMTS, CDMA or CDMA2000, or a local wireless telecommunication network such as WLAN, WPAN, WiFi™, Zigbee™, Bluetooth™ or WiMAX™, etc. Figures 1 and 2 are schematic illustrations of the first embodiment of the invention. Transaction system 1 shown in figure 1 includes an electronic transaction terminal 2 and a user's mobile telecommunication equipment 3.
The mobile telecommunication equipment 3, for example a mobile telephone, includes an information display device 4, an information input device 5, a security element 6, and a first transaction module 7. The information display device 4 can be a screen or loudspeaker, for example. The information input device 5 can be a keyboard or touch screen, for example. The security element 6 includes identification information ID for the telecommunication equipment. The security element 6 can be permanently fixed or removable in or on the surface of the telecommunication equipment. The first transaction module 7 performs the actual transaction for the telecommunication equipment by enabling interaction with the user by means, for example, of the screen and information input device 4. This transaction module 7 can be made in the form of a software application loaded into a memory and executed by a micro-processor (not shown) in the mobile telecommunication equipment 3.
The security element 6 can be a uni-dimensional or bi-dimensional bar code printed on the telecommunication equipment 3, fixed for example glued on the said equipment or displayed on the screen 4. The bar codes include identification information ID for the telecommunication equipment. Alternatively the security element 6 can be an RFID transponder (Radio Frequency Identification) built into the telecommunication equipment 3 or fixed to equipment 3. Or alternatively the security element 6 can be a contactless smart card built into telecommunication equipment 3 or inserted removably into the telecommunication equipment 3. The electronic transaction terminal 2 is fixed or mobile. It includes a reader 8, a means of communication 9 and a second transaction module 10. The reader 8 defines a detection zone ZD for terminal 2. When security element 6 in the mobile telecommunication equipment 3 is placed in this detection zone ZD, the reader 8 is able to read the identification information of the said security element 6. In practice, the reader 8 can be an optical detector to detect a security element such as a bar code. Alternatively the reader 8 can be an aerial to detect a security element such as an RFID transponder or contactless smart card. The detection zone ZD is preferably short-range. Typically it extends over a few centimetres. The means of communication 9 enables direct or indirect bi-directional contactless communication with the telecommunication equipment 3.
The second transaction module carries out the actual transaction for the terminal. It can be made in the form of a software application loaded into a memory and executed by a micro-processor (not shown) in the terminal. The transaction method shown in figure 2 includes an identification step S1 for mobile telecommunication equipment 3 and an electronic transaction step S2. During identification step S1 , identification information ID from the telecommunication equipment is sent to the electronic transaction terminal. This transmission is performed according to a first contactless proximity communication protocol P1. It requires telecommunication equipment 3 to be placed in the detection zone ZD of electronic transaction terminal 2. Identification is carried out when the mobile telecommunication equipment 3 and terminal 2 are close to one another, in practice a few centimetres apart. The identification information is temporarily or permanently associated with the telecommunication equipment. The identification information ID can be included in a unique identifier for the telecommunication equipment, for example a telephone number, an IMSI (International Mobile Subscriber Identity), an IMEI (International Mobile Equipment Identity), a MAC (Media Access Control) address, or an IP (Internet Protocol) address or a customer code associated with the telecommunication equipment (for example a season ticket number for a public transport network) or a user name. In general terms, any identification information ID enabling direct or indirect identification of the telecommunication equipment and subsequently the user of this equipment is suitable.
The first communication protocol P1 can also be used to transmit additional information IS. As an example, the additional information IS can include a second communication protocol P2 to be used to continue the transaction, and/or data forming part of the authentication process for the transaction (public key encryption, random code), etc.
The first communication protocol P1 is used by security element 6 in telecommunication equipment 3 combined with the appropriate reader 8 in the electronic transaction terminal 2. Different communication protocols are possible depending on the different security elements described above. In order to reduce the risks associated with transaction security, the first communication protocol P1 uses a short-range contactless communication technique over less than 10 cm. In this way the risks of MITM-type attacks (Man In The Middle) are reduced. In fact, third parties will not be able to interfere, or indeed take over, in the transaction between the telecommunication equipment and the terminal from the start of the transaction, the telecommunication equipment, in order to hijack the transaction for fraudulent purposes.
The first communication protocol P1 can be implemented by means of a uni- dimensional or bi-dimensional bar code combined with a terminal equipped with a suitable optical reader. In this case, the identification information is contained in the bar code that is read by the optical reader when the said code is placed in the optical reader's detection zone. This first communication protocol P1 is unidirectional. The detection zone ZD of the reader is directional in the case of an optical reader. As a result, this first example of communication protocol is highly resistant to an MITM attack because the optical technique is short range and directional.
Alternatively, the first communication protocol P1 can be implemented by means of an RFID tag or similar passive integrated circuit combined with a terminal equipped with a suitable receiving aerial. In this example, the identification information contained in the radio signal sent by the RFID tag is detected by the aerial when the RFID transponder is placed in the aerial's detection zone. This first communication protocol P1 is also uni-directional. Alternatively, the first communication protocol P1 can be implemented by means of a smart card or similar active integrated circuit combined with a terminal equipped with a suitable receiving aerial. In this example, the smart card is authenticated by the terminal, that is it sends identification information to the terminal; the identification information may be accompanied by elements enabling its authentication such as an encrypted signature proving knowledge of a secret obtained using any known encryption algorithm. This first communication protocol P1 can be bi-directional.
During the electronic transaction step S2, the actual electronic transaction, for example access to a public transport network or payment for a product or service, etc., is carried out between the mobile telecommunication electronic and the electronic transaction terminal. During this transaction, data are exchanged according to a second contactless communication protocol P2. The means of communication 9 in the terminal enables communication with the telecommunication equipment through a second communication protocol P2. This second communication protocol P2 is preferably bi-directional. According to a first example, communication according to the second communication protocol P2 is performed by exchange of SMS (Short Message Service) type messages. Typically, the means of communication 9 in the terminal sends a first SMS message to the telephone number contained in the identification number information received during the identification step. The SMS message is viewed by the user of the telecommunication equipment. The user replies to the terminal with a second SMS message that may include information required to continue the transaction to its completion. In such a case, the SMS messages are processed in the telecommunication equipment by the first transaction module 7 and in the terminal by the second transaction module 10.
According to a second example, communication according to the second communication protocol P2 is performed by GPRS (General Packet Radio Service) or Internet. In this case, the interaction is performed by means of messages sent to the telephone number or IP address contained in the identification number information received during the identification number step. The rest of the transaction is performed in a similar way to the first example above. It will be noted that the two previous examples do not exclude the use of voice messages or e-mails to send certain information required for the transaction. According to a third example, communication according to the second communication protocol P2 is performed by means of a local protocol of type Bluetooth™, Zigbee™, WiFi™, etc. The terminal is connected to the telecommunication equipment according to one of these protocols using the identification information and automatically starts execution of the first transaction module 7. The rest of the transaction is performed in a similar way to the first example above.
According to a fourth example, a direct or indirect link is established between the terminal and the security element in the form of a SIM (Subscriber Identity Module) smart card, communication by the second communication protocol P2 being performed by means of the standardised protocol used by the SIM smart card.
Figures 3 and 4 are schematic illustrations of the second embodiment of the invention. The second implementation method differs from the first implementation method in that the second communication protocol P2 does not directly link terminal 2 to the telecommunication equipment 3. In the second implementation method, an external telecommunication network TN is used to complete the electronic transaction step S2. Only the elements/steps that differ from the first implementation method will now be described. Transaction system 1 shown in figure 3 also includes an application server 11. The application server includes a third transaction module 12. The transaction module 12 can be made in the form of a software application loaded into a memory and executed by a micro-processor (not shown) in the application server. The identification step S1 for telecommunication equipment by the terminal is performed in the same way as the first implementation method. The electronic transaction step S2 involves the application server 11 that relays information exchanges and messages between the terminal and the telecommunication equipment and vice-versa by means of the second communication protocol. The examples described above apply except in regard to local communication protocols. Communication between the terminal and the telecommunication equipment is established by means of the telecommunication network TN. As an example, the application server 11 communicates with terminal 2 and the telecommunication equipment using SMS type messages. Preferably, the transaction module 12 can be used to decode the identification information when this does not enable the terminal to contact the telecommunication equipment directly. This can be the case if the identifier contained in the identification information matches a customer code or when it is encrypted. The two implementation methods presented above can also include an additional authentication step. Typically, the authentication step is includes between the identification step and the actual electronic transaction step. It can be an integral part of one or the other. The authentication step is intended to reduce or indeed avoid cloning or MITM type attacks already described above. In fact, if the identification information is cloned, it becomes possible for a third party to carry out a transaction without the knowledge of the telecommunication equipment's authorised user.
When the security element 6 is a bar code or a passive integrated circuit, for example an RFID transponder, the user of the telecommunication equipment is asked to confirm their transaction request at the start of the electronic transaction step. For example, the terminal can send the telecommunication equipment a message including data describing the purpose and amount of the transaction as well as data authenticating the terminal (merchant name of service supplier). The transaction will actually be initiated after the terminal receives confirmation sent by the user of the telecommunication equipment. To improve security, in particular regarding MITM type attacks, these data can also contain random data (digital code, colour code, etc.) presented (for example by display on the screen) both on the telecommunication equipment and on the terminal, in order to enable the user to confirm the consistency of the information showing on their telecommunication equipment and on the terminal.
When the security element 6 is an active integrated circuit, for example a contactless smart card, the authentication step can be performed at the same time as the identification step. For example, the security element like the terminal systematically uses diversification data in the messages exchanged in order to provide joint authentication. The diversification data avoids cloning and replaying a message from a previous identification step. In all the above cases, if the terminal requires the use of a human operator, it is possible to complete the authentication process by sending biometric data stored in the telecommunication equipment or in the application server. For example, the photograph of the authorised user of the telecommunication equipment can easily be authenticated by the terminal operator before continuing the transaction. This additional security measure is particularly effective against cloning. Finally, to ensure that the telecommunication equipment communicating during the transaction step using the second protocol P2 is indeed the same as that identified by the first protocol P1 , the identification information ID can also include additional information IS, for example a unique transaction number generated randomly that will also be sent back during all exchanges in the transaction step. Optionally, the additional information exchanged IS locating the telecommunication equipment and/or the transaction terminal can be exchanged during the transaction phase by means of the second communication protocol P2. The telecommunication equipment can have location information, for example if it is equipped with a GPS (Global Positioning System) module, by triangulation from known positions of relay antennae of a mobile telephone network or WiFi ™ access point, or by approximate determination of the relay antenna of the nearest mobile telephone network operator or nearest WiFi ™ access point. The location information can be used to avoid cloning of identification information for the telecommunication equipment that could be reused in another place. A few application examples for the invention will now be described. According to a first application, the method and system of the invention are used to pay for products or services from a merchant. The user of the telecommunication equipment sends identification information by bar code reader or RFID transponder through the merchant's payment terminal. Alternatively, the user can run an application displaying identification information (for example a bar code) on the telecommunication equipment's screen. This identification information can depend on environmental parameters (transaction data and time, location, etc.). This identification information can be completed by cryptographic authentication. The payment terminal sends the identification information to a server. The server links the identification information to a telephone number of the telecommunication equipment, and sends an SMS message to this telecommunication equipment. Once received, the SMS message runs the transaction module of the telecommunication equipment. The transaction module contacts the merchant's payment terminal via the server. Alternatively, the transaction can be undertaken directly between the payment terminal and the telecommunication equipment by using a local connection, for example Bluetooth™. Transaction information is sent by the terminal and presented to the users on the screen of their telecommunication equipment. The transaction information may also include authentication information from the payment terminal (for example, a random character) also displayed on the payment terminal's screen. The user confirms the transaction by authenticating it with a password, biometric data or some other means. The transaction module in the telecommunication equipment sends the payment terminal information confirming the transaction. This transaction may be accompanied by additional authentication information from the user (for example, the user's photo). The merchant can then approve the transaction. Data exchange can be done according to a proprietary protocol or according to an existing protocol, for example following the EMV standard used in banking.
According to a second application, the method and system of the invention are used to pay for products or services at a merchant, payment made by a first person, for example a child, is supervised and approved remotely by a second person, for example a responsible adult. In this case, the transaction is made in a similar way to the first application except that the identification step is carried out using the first person's telecommunication equipment, while the actual transaction step and in particular its approval is carried out remotely through the second person's telecommunication equipment. Alternatively, the transaction can be approved by double confirmation of the transaction, that is by both the first and the second persons. For example, confirmation by the child initiates the confirmation request from the responsible adult. According to a third application, the method and system of the invention are used to access a public transport network and pay for journeys on this network. The network is equipped with contactless terminals at the entrance and exit to the network. The telecommunication equipment enables the user to be identified and to manage debits and recharges to his network access account. The user of the telecommunication equipment sends identification information by bar code reader or RFID transponder through the network access terminal. For example, identification number information can include the user's season ticket account number for the public transport network. Alternatively, the user can run an application displaying identification information (for example a bar code) on the telecommunication equipment's screen. This identification information can also depend on environmental parameters (entry/exit data and time, location, etc.). This identification information can be completed by cryptographic authentication. The network access terminal sends the identification information to a server. The server links the identification number information to the telephone number of the telecommunication equipment and can send messages to this telecommunication equipment in order to allow users to manage their season ticket account for the public transport network. For example, an SMS message sent by the server can run the transaction module in the telecommunication equipment in order to request the account to be recharged. The transaction module can also be used by the telecommunication equipment user to check debits from the account. Cloning can be combated by detecting duplicates in the public transport network, possibly by interacting with the telecommunication equipment. In a fourth application, the user has both a mobile telephone and a contactless card for access to the transport network, for example a Navigo™ type card. The card then constitutes the security element including identification data required when using the first protocol. It identifies the mobile telephone, although not being physically associated to it. In this application, to recharge the card, ie. to credit a number of units or tickets to the user account allowing access to the network, the user passes the card in front of a specific terminal. An SMS is then sent to the mobile telephone. This SMS launches a mobile application allowing the card to be recharged. Later on the user passes the card in front of another specific terminal. This time the card is actually credited. In the event that the account limit is exceeded, a message can be sent to the mobile telephone, which launches a specific application in the telephone in order to recharge the card.

Claims

1. Transaction method comprising the following steps: identification (S1) of mobile telecommunication equipment (3) including the transmission of at least one security element (6) identification information (ID) from the said mobile telecommunication equipment (3) to an electronic transaction terminal (2) according to a first contactless proximity communication protocol (P1) when the said security element is placed in a detection zone (ZD) of the electronic transaction terminal (2); and electronic transaction (S2) between the said mobile telecommunication equipment (3) and the said electronic transaction terminal (2) according to a second communication protocol (P2).
2. Method according to the previous claim, in which the first (P1) and second (P2) communication protocols are distinct communication protocols.
3. Method according to one of claims 1 or 2, in which the identification information (ID) transmitted to the terminal (2) according to the first communication protocol (P1) is used to conduct the transaction according to the second communication protocol (P2).
4. Method according to one of the previous claims, comprising an additional authentication step for the telecommunication equipment (3).
5. Method according to one of the previous claims, in which the first communication protocol (P1) is uni-directional.
6. Method according to one of the previous claims, in which the second communication protocol (P2) is bi-directional.
7. Method according to one of the previous claims, in which the identification information (ID) includes a unique identifier for the telecommunication equipment (3) directly or indirectly associated with a telephone number for the telecommunication equipment (3).
8. Method according to one of the previous claims, in which the identification information (ID) also includes additional information (IS) enabling the terminal (2) to determine the second communication protocol (P2).
9. Method according to one of the previous claims, in which the identification information (ID) also includes additional information (IS) to locate the telecommunication equipment (3).
10. Method according to one of the previous claims, in which the second communication protocol (P2) is a contactless protocol that employs a mobile telecommunication network or a local wireless telecommunication network.
11. Transaction system (1) including an electronic transaction terminal (2) and mobile telecommunication equipment (3), in which: the mobile telecommunication equipment (3) includes a security element (6) provided to transmit at least one piece of identification information (ID) from the telecommunication equipment (3) to the terminal (2) according to a first contactless proximity communication protocol (P1) when the security element (6) is placed in a detection zone (ZD) of the terminal (2); and the electronic transaction terminal (2) includes a reader (8) defining the detection zone (ZD) of the terminal (2) and a means of communication (9) to relay an electronic transaction between the telecommunication equipment (3) and the electronic transaction terminal (2) according to a second contactless communication protocol (P2).
12. System according to claim 11 , in which the security element (6) is a bar code printed on the telecommunication equipment (3) or glued to the telecommunication equipment (3) or displayed on a screen (4) of the telecommunication equipment (3), the bar code including the identification information (ID).
13. System according to claim 11 , in which the security element (6) is an RFID transponder built into or fixed onto the telecommunication equipment (3).
14. System according to claim 11 , in which the security element (6) is a contactless smart card built into the telecommunication equipment (3) or inserted removably into the telecommunication equipment (3).
15. System according to one of claims 11 to 14, also including a server (11) relaying the electronic transaction between the terminal (2) and the telecommunication equipment (3) according to a second communication protocol (P2).
PCT/EP2010/002151 2009-04-07 2010-04-06 Method and system for contactless proximity transactions WO2010115604A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0901702 2009-04-07
FR0901702A FR2944177A1 (en) 2009-04-07 2009-04-07 NON-CONTACT PROXIMITY TRANSACTION METHOD AND SYSTEM

Publications (2)

Publication Number Publication Date
WO2010115604A2 true WO2010115604A2 (en) 2010-10-14
WO2010115604A3 WO2010115604A3 (en) 2010-12-02

Family

ID=41490403

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2010/002151 WO2010115604A2 (en) 2009-04-07 2010-04-06 Method and system for contactless proximity transactions

Country Status (2)

Country Link
FR (1) FR2944177A1 (en)
WO (1) WO2010115604A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015106798A1 (en) * 2014-01-14 2015-07-23 Telefonaktiebolaget L M Ericsson (Publ) Access control for a wireless network
US10025963B2 (en) 2014-06-30 2018-07-17 Symbol Technologies, Llc System for, and method of, detecting the presence of a mobile communication device in proximity to an imaging reader and for automatically configuring the reader to read an electronic code displayed on the device upon such detection

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3014590B1 (en) * 2013-12-05 2017-04-28 Anse Tech MODULE FOR CONTROLLING MULTIMEDIA CONTENT RECEIVER, SERVER AND METHODS OF MAKING CONTENT AND ASSOCIATED MESSAGES
EP3345361B1 (en) * 2015-11-19 2021-12-29 Hewlett-Packard Development Company, L.P. Communication link establishment using a global unique identifier
EP3486830A1 (en) * 2017-11-21 2019-05-22 Gemalto Sa Method of managing profiles in a secure element comprising several software containers

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1237333A1 (en) * 2000-10-24 2002-09-04 Sony Corporation Information processing method and information processing apparatus having communication function
WO2005079038A1 (en) * 2004-01-14 2005-08-25 France Telecom Method, terminal mobile, system and equipment for the provision of a local service which can be accessed by means of a mobile terminal
US20050245235A1 (en) * 2004-04-29 2005-11-03 Sarosh Vesuna System and method for wireless network security
US20070241189A1 (en) * 2005-05-26 2007-10-18 Codebroker Llc Using validity events to control the use of coupons containing barcodes in mobile devices that display the barcodes for reading by barcode readers

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1237333A1 (en) * 2000-10-24 2002-09-04 Sony Corporation Information processing method and information processing apparatus having communication function
WO2005079038A1 (en) * 2004-01-14 2005-08-25 France Telecom Method, terminal mobile, system and equipment for the provision of a local service which can be accessed by means of a mobile terminal
US20050245235A1 (en) * 2004-04-29 2005-11-03 Sarosh Vesuna System and method for wireless network security
US20070241189A1 (en) * 2005-05-26 2007-10-18 Codebroker Llc Using validity events to control the use of coupons containing barcodes in mobile devices that display the barcodes for reading by barcode readers

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JOSEF NOLL: "Services and Applications in Future Wireless Networks" TELEKTRONIKK, [Online] no. 3/4, 2006, XP002563233 Retrieved from the Internet: URL:http://www.telenor.com/en/resources/images/Page_061-071_tcm28-44860.pdf> [retrieved on 2010-01-13] *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015106798A1 (en) * 2014-01-14 2015-07-23 Telefonaktiebolaget L M Ericsson (Publ) Access control for a wireless network
CN106465116A (en) * 2014-01-14 2017-02-22 瑞典爱立信有限公司 Access control for a wireless network
US10244395B2 (en) 2014-01-14 2019-03-26 Telefonaktiebolaget Lm Ericsson (Publ) Access control for a wireless network
CN106465116B (en) * 2014-01-14 2020-07-07 瑞典爱立信有限公司 Access control for wireless networks
US10025963B2 (en) 2014-06-30 2018-07-17 Symbol Technologies, Llc System for, and method of, detecting the presence of a mobile communication device in proximity to an imaging reader and for automatically configuring the reader to read an electronic code displayed on the device upon such detection
US10417468B2 (en) 2014-06-30 2019-09-17 Symbol Technologies, Llc System for, and method of, detecting the presence of a mobile communication device in proximity to an imaging reader, and for automatically configuring the reader to read an electronic code displayed on the device upon such detection

Also Published As

Publication number Publication date
FR2944177A1 (en) 2010-10-08
WO2010115604A3 (en) 2010-12-02

Similar Documents

Publication Publication Date Title
US7458510B1 (en) Authentication of automated vending machines by wireless communications devices
CN101615322B (en) Mobile terminal payment method and mobile terminal payment system for realizing magnetic payment function
US8963717B2 (en) Mobile device initiated retail transaction using wireless communication for security tag detachment
US9047497B2 (en) Method and system for authenticating a user by means of an application
US20090023474A1 (en) Token-based dynamic authorization management of rfid systems
EP2365469A1 (en) Method for performing payment transaction using personal mobile device and arrangement for personal mobile device
CN105493116A (en) Methods and systems for provisioning payment credentials
US20150294304A1 (en) Secure payment methods, system, and devices
CN105308898B (en) For executing system, the method and apparatus of password authentification
KR20150072438A (en) System and method for secure remote access and remote payment using a mobile device and a powered display card
WO2013034192A1 (en) Method for validating an electronic transaction, and system thereof
KR20140058442A (en) System and method for performing a secure transaction
KR20070047264A (en) The pin applet for verifying and delivering pin on celluar phone in mobile commerce
US20150339658A1 (en) Method of authentication between a mobile terminal and a processing terminal
WO2010115604A2 (en) Method and system for contactless proximity transactions
CN102892096B (en) System, method, business operation support system (BOSS) and equipment for realizing account recharge
CN103150650A (en) Processing method, mobile terminal and system for remote payment
KR20120087198A (en) Method and System for Accumulating Loyalty of Store, Smart Phone
US8290870B2 (en) Method and device for exchanging values between personal portable electronic entities
KR101972972B1 (en) Method for Operating Medium Division Style One Time Code by using Near Field Communication
KR20150101016A (en) Method for Controlling Transaction Means by using End-To-End Mutual Authentication based on Near Field Communication
KR20160093197A (en) Method for Processing Mobile Payment by using Contactless Media
KR101183714B1 (en) Method and system for certificating by media combination, smart phone
US20230027731A1 (en) Method and system for completing a transaction
KR20180006602A (en) Method for Providing Asynchronous Reverse Direction Payment based on Application Interlocking by using Radio Signal Device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10716284

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10716284

Country of ref document: EP

Kind code of ref document: A2