Title of Invention

PAYMENT SERVICE EQUIPMENT DEVICE AND A METHOD FOR TRANSMITTING INFORMATION SECURELY IN A TELECOMMUNICATION SYSTEM.

Abstract The invention relates to implementing paying with a payment card via an information network so that the payment is secure and that the number of the client's payment card needs not to be transmitted over a data transmission network. The client is requested for a separate confirmation for effecting the payment. The piece of information to be confirmed is sent to a terminal device (PTE) of the client by means of which the client confirms the order by digitally signing the confirmation. The signed confirmation and electronic identity information associated with the client is sent back to a payment service equipment (PS). The payment service equipment (PS) verifies the client's identity, checks the validity of the client's payment card and transmits the payment information to a payment system (BANK).
Full Text PAYMENT SERVICE EQUIPMENT DEVICE AND A METHOD FOR
TRANSMITTING INFORMATION SECURELY IN A
TELECOMMUNICATION SYSTEM.
FIELD OF THE INVENTION
The present invention relates to a payment service equipment device and
in particular, a method for transmitting information securely in a
telecommunication system, and method by means of which the security of use of
a payment card ..especially a credit card.
BACKGROUND OF THE INVENTION
In a traditional payment transaction, the
client visits the offices of a merchant, chooses the
desired products from the shelves and eventually pays
his/her purchases, e.g. in cash or with a bank or
credit card. Besides the traditional commerce there is
the purchasing and paying of trade or different serv-
ices via different telecommunication networks. In a
mobile communication network, e.g. in the GSM system
(GSM, Global System for Mobile communications), it is
possible to make and pay different purchases with the
mobile station. In addition, the mobile station may be
used to digitally sign and/or encrypt outgoing traffic
for different operating applications. This practice
helps to improve the data security in measures requir-
ing it. In encryption and signing, a so-called public
key infrastructure is often used (PKI, Public Key In-
frastructure) .
In the public key infrastructure, the user
has got two keys, a public key and a private key. If
the user wishes to send encrypted information to some-
body, then he or she encrypts the information with the
recipient's public key. The information encrypted with
the public key may be transformed into a readable form
only with a private key associated with the public
key. The digital signature is used to mean a way of
action in which one acts exactly contrary to the en-
cryption of the message. The sender signs the message
with his or her own private signing key and the re-
cipient may in turn decode the message into a readable
form with the sender's public signing key. This is to
make sure that the sender really is the person he or
she claims to be.
The paying via the Internet has been possible
for a long time. The general practice is that the cli-
ent visits the www sites (WWW, World Wide Web) of a
merchant or other service provider, chooses the de-
sired products and effects the payment for the chosen
products. One possibility of effecting the payment is
to transmit the credit card number directly to the
merchant over the Internet without any encryption op-
erations at all. This alternative, does not, however,
take any stand on the security of the effecting of the
payment.
On the whole, there are several electronic
payment modes differing from one another developed in
conjunction with the Internet. Examples of these are,
for instance, Ecash, solo of the Merita Bank, Kulta-
raha of the bank Osuuspankki and the SET (SET, Secure
Electronic Transaction) of credit card companies. SET
is an international payment system developed together
by VISA and MasterCard for secure purchasing on the
Internet. SET is based on certificates issued by a
trusted third party and on encrypted transmission of
information. SET uses a symmetric and asymmetric en-
cryption, digital signature as well as a SRA-1 algo-
rithm (SHA, Secure Hash Algorithm) . The SET standard
aims at the encryption of information, confidential-
ity, checking of the integrity of the information,
authentication of the sender and indisputability.
The symmetric encryption is used to mean an
encryption method in which the encrypted message may
be decoded with the same key as the message was en-
crypted. One example of this kind of method is DES
(DES, Data Encryption Standard). The asymmetric en-
cryption is used to mean that the message is encrypted
and decoded using different keys. One example of this
kind of method is the public key method RSA (RSA,
Rivest, Shamir, Adleman).
In the present practices of purchasing on the
Internet there are several problem points. The systems
supporting the cards are often card-specific. The same
applications cannot be used for paying with a credit
card issued by another company. Therefore, the commer-
cial centres have to support the payment practice of
several different systems.
In order that the security of paying with a
credit card can be improved, all the parties associ-
ated with the payment transaction - both the client
and the merchant - have to often make investments in
reliable software. If the investments required are too
high, then this for its part is an obstacle to the
spreading of commerce in the network.
There are methods in which both of the par-
ties of the commerce, the client and the merchant,
have got their own certificates. The certificate is
used to mean a kind of identification information is-
sued by a trusted third party (TTP, Trusted Third
Party) . In the case of a credit card payment, the
meaning of the certificate is that it indicates that
the user has got a credit card valid for paying. A
certificate issued to the merchant gives in turn proof
of the fact that the merchant is an authorized mer-
chant. By means of certificates, both the client and
the merchant can make sure of the identity of one an-
other. The use of certificates, digital signature and
encryption remarkably adds to the security of paying
with the credit card on the Internet.
The known modes of credit card payments have,
however, weak points. The complexity of the payment
system and the heavy investments were already dis-
cussed above. The biggest problem is, however, the
fact that the credit card number of the client is sent
over the data transmission network. Furthermore, some**
known methods require the use of a so-called digital
wallet (Digital Wallet). The digital wallet includes
client-specific information, e.g. the certificate of
the client, credit card number, the validity of the
card, etc. The requirement for a successful payment
transaction is that the digital wallet is in the ter-
minal device by means of which the client is making
the purchase.
OBJECTIVE OF THE INVENTION
The objective of the invention is to elimi-
nate the drawbacks referred to above or at least sig-
nificantly to alleviate them. One specific objective
of the invention is to disclose a new type of payment
service equipment and method which enable one to se-
curely pay with a payment card, especially with a
credit card, in an information network such as the
Internet. The credit card number of the client is not
sent over the data transmission network at all. In ad-
dition, the method in accordance with the invention
does not take any stand on the fact who has issued the
payment card, instead the method functions regardless
of the card.
BRIEF DESCRIPTION OF THE INVENTION
The invention relates to the improvement of
the security of a payment transaction effected with a
payment card via the Internet. The payment service
equipment and method in accordance with the invention
enable the fact that the client may pay the produces
or services desired by him or her with his or her pay-
ment card via the Internet without having to send his
or her credit card number over the telecommunication
network at all. In addition, the method in accordance
with the invention is in no way bound to the use of a
payment card issued by a particular computer or com-
pany.
Accordingly, the present invention provides - a payment service
equipment comprising : a first access interface (1) to the payment system
(BANK) ; a second access interface (2) to the authentication system (AUT) ; a
third access interface (3) to the telecommunication network (NET) ; a certificate
database (CERT) for storing the certificates associated with the clients ; a service
provider database (RET) for storing the information relating to the registered
service providers ; a client database (DB) for storing the information relating to
the clients ; a transaction database (TRANS) for storing the information relating
to the payment transactions ; a verification database (BL) which comprises an
auxiliary list of suspicious payment cards ; a generation block (PAY) for
generating the billing ticket connected with the payment transaction ; a
telecommunication block (PB) for sending and receiving the confirmation of order
connected with the billing ticket; and identification ticket (ID) for identifying the
client based on the electronic identity and signature ; and an information retrieval
block (IP) for finding out the payment card information of the client ;
characterized in that : the client database (DB) comprises at least one of the
client's mobile number and information relating to the payment card of the client;
and the payment service equipment comprises a fourth access interface (4) to
the mobile communication network.
The present invention also provides a method of transmitting information
securely in a telecommunication system, comprising : a mobile communication
network (PLMN) ; a telecommunication network (NET) ; a payment terminal
device (PTE) which comprises a smart card (SIM) and which is connected to the
mobile communication network (PLMN); a display terminal device (DTE) which is
connected to the mobile communication network (PLMN) and/or to the
telecommunication network (NET) ; a trusted third party equipment (TTP) ; a
payment system (BANK); a service provider equipment (SP) ; an authentication
system (AUT); which method comprises the steps of: generating and issuing by
means of the trusted third party equipment (TTP) the certificate associated with
the client; choosing the product or service to be ordered by means of the display
terminal device (DTE) from the service provider equipment (SP) via the
telecommunication network (NET) and/or the mobile communication network
(PLMN) ; using at least one of the client's payment card and payment card
information for the paying of the product or service ordered ; characterized in that
the method comprises the steps of: generating by means of the payment service
equipment the billing ticket connected with the product or service ordered ;
sending a confirmation of order to the payment terminal device (PTE) of the client
via the mobile communication network (PLMN) ; performing at least one of
signing and encrypting the aforementioned confirmation of order by means of the
payment terminal device (PTE) ; sending the aforementioned at least one of
signed and encrypted confirmation of order and the electronic identity information
associated with the client from the payment terminal device (PTE) to the payment
service equipment (PS) by way of the mobile communication network (PLMN) ;
identifying the client by means of the payment service equipment (PS) based on
the aforementioned at least one of signature and electronic identity information ;
retrieving the payment card number associated with the client based on the
aforementioned at least one of signature and electronic identity information ;
checking the use of right of the payment card and accepting the payment, if the
payment card was successfully verified.
The payment service equipment in accordance
with the invention comprises a first access interface
to the payment system, a second access interface to
the authentication system and a third access interface
to the telecommunication network. The payment service
equipment further comprises a certificate database for
saving the certificates associated with the clients, a
service provider database for saving information re-
lating to the registered service providers, a client
database for saving information relating to the cli-
ents, a transaction database for saving information
relating to the payment transactions and a verifica-r
tion database which includes an auxiliary list of sus-
picious payment cards.
According to the invention, the client data-
base comprises, e.g. the mobile number of the client
and information relating to the payment card of the
client. The payment card of the client is advanta-
geously used to mean a credit card. The payment card
information of the client may be included also as a
part of the certificate associated with the client.
The payment service equipment further comprises a gen-
eration block for generating the billing ticket con-
nected with the payment transaction, a telecommunica-
tion block for sending and receiving the confirmation
of purchase connected with the billing ticket, an
identification block for identifying the client based
on the electronic identity and signature, and an in-
formation retrieval block for checking the credit card
information of the client.
It is possible to encrypt the information in-
cluded in the client database and service provider da-
tabase, e.g. using a public key of the service payment
equipment.
In an embodiment of the invention, the serv-
ice payment equipment comprises a fourth access inter-
face to the mobile communication network.
The present invention also relates to a
method for secure paying in a telecommunication system
comprising a mobile communication network, a telecom-
munication network, a payment terminal device which
comprises a smart card and which is connected to the
mobile communication network or to the telecommunica-
tion network, a trusted third party, a payment system,
service provider and an authentication system. In the
method, a certificate associated with the client is
generated and issued by the trusted third party, the
product or service to be ordered is chosen via the
service provider by means of a display terminal device
via the telecommunication and/or mobile communication
network and the client's payment card and/or payment
card information is used for the paying of the product
or service ordered.
According to the invention, the payment serv-
ice equipment is used to generate a billing ticket. A
confirmation of order is sent to the payment terminal
device of the client via the mobile communication net-
work. The payment terminal device is advantageously
used to mean a mobile station. The smart card is ad-
vantageously used to mean a subscriber identity module
(SIM, Subscriber Identity Module) inserted into the
mobile station. The aforementioned confirmation of or-
der is signed and/or encrypted in the payment terminal
device. The signature and/or encryption is carried out
by means of a smart card. Stored on the smart card are
the necessary keys for carrying out the signing and/or
encryption. Stored on the smart card is preferably the
electronic identity of the client, the private key as-
sociated with the client and the public key associated
with the payment service equipment.
The signed and/or encrypted confirmation of
order and the electronic identity associated with the
client are sent from the payment terminal device to
the payment service equipment via the mobile communi-
cation network. The client is identified by the pay-
ment service equipment based on the electronic iden-
tity. The client is identified, e.g. based on the in-
formation included in the certificate database. The
payment card number associated with the client is re-
trieved and the use of right of the payment card is
verified. The payment is accepted, if the verification
of the payment card was successful. Prior to accepting
the payment one may check in the verification database
attached to the payment service equipment that the
client's payment card is not among suspicious or for-
bidden payment cards. The request for the debiting of
the payment is sent further to be implemented in the
payment system.
The validity of the payment card is checked,
e.g. in a separate authentication system. The payment
card information associated with the client is re-
trieved, e.g. from the database of the payment service
equipment. In an embodiment of the invention, the pay-
ment card number of the client is retrieved from a
certificate database attached to the payment service
equipment. The payment card is advantageously used to
mean a Visa, MasterCard or Diners Club card or a bank
card.
When the use of the client's payment card has
been accepted, the service provider may be sent a con-
firmation of the fact that the payment associated with
the order has been effected. A similar confirmation
may also be sent to the display terminal device or
payment terminal device of the client.
In an embodiment of the invention, the pay-
ment terminal device and display terminal device are
used to mean a mobile station which comprises both fa-
cilities .
In an embodiment of the invention, the pay-
ment terminal device is used to mean a mobile station
and the display terminal device a computer.
In an embodiment of the invention, the
trusted third party updates the certificate database.
The trusted third party is used to mean, e.g. a cer-
tificate authority (CA, Certificate Authority) .
In an embodiment of the invention, the mobile
communication network is used to mean a mobile commu-
nication network consistent with the GSM system.
In an embodiment of the invention, the tele-
communication network is used to mean a packet -
switched network, e.g. an Internet network.
The present invention also relates to a
method for secure paying in a telecommunication system
comprising a telecommunication network, a terminal de-
vice into which there is a card reader inserted and
into which card reader it is possible to input a smart
card and which terminal device is connected to the
telecommunication network, a trusted third party, a
payment system, a service provider and an authentica-
tion system. In the method, the trusted third party
generates and issues the certificate associated with
the client, the product or service to be ordered is
chosen from the service provider by means of the ter-
minal device via the telecommunication network, and
the client's payment card and/ or payment card infor-
mation is used for paying the ordered product or serv-
ice.
According to the invention, the payment serv-
ice equipment is used to generate a billing ticket. A
confirmation of the order that was made is sent to the
terminal device of the client via the telecommunica-
tion network. The terminal device is advantageously
used to mean a computer. The confirmation of order is
signed and/or encrypted by means of the terminal de-
vice. The signing and/or encryption is enabled by
means of a card reader attached to the terminal device
and by means of a smart card inserted into it. The
client inputs into the card reader his or her own
smart card on which there are the necessary keys
stored for carrying out the signing and/or encryption.
Stored on the smart card is preferably the electronic
identity of the client, the private key associated
with the client and the public key associated with the
payment service equipment.
The signed and/or encrypted confirmation of
order and the electronic identity associated with the
client are sent from the payment terminal device to
the payment service equipment via the telecommunica-
tion network. The client is identified by the payment
service equipment based on the signature and/or elec-
tronic identity. The client is identified, e.g. based
on the information included in the certificate data-
base. The payment card number associated with the cli-
ent is retrieved and the use of right of the payment
card is verified. The payment is accepted, if the
verification of the payment card was successful. Prior
to accepting the payment one may check in the verifi-
cation database attached to the payment service equip-
ment that the clien'ts payment card is not among sus-
picious or forbidden payment cards. The request for
the debiting of the payment is sent further to be im-
plemented in the payment system.
The validity of the payment card is advanta-
geously checked in a separate authentication system.
The payment card information associated with the cli-
ent is retrieved, e.g. from the database of the pay-
ment service equipment. In an embodiment of the inven-
tion, the payment card number of the client is re-
trieved from the certificate database attached to the
payment service equipment. The payment card is advan-
tageously used to mean a Visa, MasterCard or Diners
Club card or a bank card.
When the use of the client's payment card has
been accepted/ the service provider may be sent a con-
firmation of the fact that the payment associated with
the order has been effected. A similar confirmation
may also be sent to the terminal device of the client.
In an embodiment of the invention, the
trusted third party updates the certificate database.
The trusted third party is used to mean, e.g. a cer-
tificate authority (CA, Certificate Authority).
In an embodiment of the invention, the tele-
communication network is used to mean a packet -
switched network, e.g. an Internet network.
As compared to prior art the present inven-
tion provides several advantages. Thanks to the pres-
ent invention, information proceeding in an open tele-
communication network does not include the actual
piece of information connected with the mode of debit-
ing. This is used to mean that when the client pays
his or her purchases with a credit card, the credit
card number of the client is not sent over the tele-
communication network at all. Due to this, the secu-
rity level of the method presented by the invention is
remarkably high.
Furthermore, the present invention is in no
way restricted to a certain payment mode or payment
system. It can be used in all payment modes.
Thanks to the present invention, the parties
of a payment transaction do not need to make big in-
vestments in hardware or software improving the secu-
rity.
BRIEF DESCRIPTION OF THE DRAWINGS
In the following section, the invention will
be described in detail by the aid of a few examples of
its embodiments, in which
Fig. 1 represents one embodiment of the sys-
tem in accordance with the invention,
Pig. 2 represents one embodiment of the sys-
tem in accordance with the invention,
Fig. 3 represents one signaling flow chart in
accordance with the invention, and
Fig. 4 represents one signaling flow chart in
accordance with the invention.
DETAILED DESCRIPTION OF THE INVENTION
The system as shown in Fig. 1 comprises pay-
ment service equipment PS. Connected to the payment
service equipment are five different databases: a cli-
ent database DB, a service provider database RET, a
transaction database TRANS, a verification database BL
and a certificate database CERT. The client database
DB comprises information relating to the clients. Cli-
ent information may include, e.g. the name of the cli-
ent, address, identity number, mobile number and the
piece of information connected with the client's pay-
ment cards. The service provider database RET com-
prises information about registered service providers.
The information relating to the service providers may
include, e.g. the IP address of the service provider
(IP, Internet Protocol) . Further, the information re-
lating to service providers may include, e.g. the pay-
ment cards accepted by the service provider and the
bankers of the service provider.
To the transaction database TRANS, vouchers
of the orders of products or services made via the
payment service equipment PS are stored. The responsi-
bility of the transaction database TRANS is to act as
a kind of a voucher storage which enables one to af-
terwards unambiguously verify the purchases made, if
necessary. The responsibility of the verification da-
tabase BL is to save information about suspicious pay-
ment cards, thus acting as a kind of a black list. The
certificate database CERT comprises certificates gen-
erated to the clients that include, e.g. information
relating to the clients and information relating to
the issuer of the certificate. This kind of informa-
tion may include, e.g. the name of the client and
identity number, the address of the client, the public
key of the client and the electronic identity. The
certificate is issued by the trusted third party TTP,
which also updates the certificate database CERT. The
trusted third party TTP is advantageously used to mean
a certificate authority.
The example as shown in Fig 1 comprises four
access interfaces: a first access interface 1 to the
payment system BANK, a second access interface 2 to
the authentication system AUT, a third access inter-
face 3 to the telecommunication network NET and a
fourth access interface to the mobile communication
network PL.MN. The aforementioned systems, the database
and the networks are connected to the payment service
equipment PS via the relevant access interfaces. The
mobile communication network PLMN is advantageously
used to mean a mobile communication network consistent
with the GSM system. The telecommunication network NET
is primarily used to mean a packet-switched data
transmission network, e.g. the Internet. The telecom-
munication network NET may, however, be any other
packet-switched data transmission network.
The payment service equipment PS further com-
prises a generation block PAY for generating the bill-
ing ticket connected with the payment transaction. The
telecommunication block PB is used to send and receive
the confirmation of order connected with the billing
ticket. The identification block ID is used to iden-
tify the client based on the electronic identity
and/or signature. The information retrieval block. IR
is used to find out the payment card information re-
lating to the client.
Connected to the mobile communication network
PLMN is the payment terminal device PTE which is ad-
vantageously used to mean a mobile station. Connected
to the mobile station PTE is the smart card SIM which
is advantageously a subscriber identity module. Stored
on the subscriber identity module SIM are, e.g. the
electronic identity associated with the holder of the
subscriber identity module SIM, the holder's private
key and the public key associated with the payment
service equipment. The private key is advantageously
used to refer to the private key consistent with the
PKI system.
Connected to the network NET are the service
provider SP and the display terminal device DTE. The
service provider SP is used to mean an entity which
offers the clients a possibility of making purchases
via the telecommunication network NET. The purchases
are debited by means of the payment card of the cli-
ent. The display terminal device DTE is advantageously
used to mean an ordinary computer which comprises the
necessary facilities and devices for using the service
offered by the service provider PS.
Connected to the payment service equipment PS
is an authentication system AUT. By means of the
authentication system AUT, the payment service equip-
ment PS may check the validity of the client'ts pay-
ment cards. In this example, the authentication system
AUT consists of relevant data transmission networks.
Via each data transmission network, the payment serv-
ice equipment PS has the access to information systems
of each company offering a payment card.
Connected to the payment service equipment PS
is also a payment system BANK. The payment system BANK
is generally used to mean a system which actually deb-
its the client's payment card and correspondingly
credits the account of the service provider SP with
the same sum.
The payment service equipment PS may, when
required, be separated from the telecommunication net-
work NET by using a firewall. The firewall is used to
mean a software or hardware configuration which is
used to try to prevent the unauthorized access of ex-
traneous entities to the resources of some company or
to the ones of one's own telecommunication network. """""
The system as shown in Fig. 2 comprises pay-
ment service equipment PS. Connected to the payment
service equipment are five different databases: a cli-
ent database DB, a service provider database RET, a
transaction database TRANS, a verification database BL
and a certificate database CERT. The client database
DB comprises information relating to the clients. Cli-
ent information may include, e.g. the name of the cli-
ent, address, identity number, mobile number and the
piece of information connected with the client's pay-
ment cards. The service provider database RET com-
prises information about registered service providers.
The information relating to the service providers may
include, e.g. the IP address of the service provider
(IP, Internet Protocol). Further, the information re-
lating to service providers may include, e.g. the pay-
ment cards accepted by the service provider and the
bankers of the service provider. To the transaction
database TRANS, vouchers of the orders of products or
services made via the payment service equipment PS are
stored. The responsibility of the transaction database
TRANS is to act as a kind of a voucher storage which
enables one to afterwards unambiguously verify the
purchases made, if necessary. The responsibility of
the verification database BL is to save information
about suspicious payment cards, thus acting as a kind
of a black list. The certificate database CERT com-
prises certificates generated to the clients that in-
clude, e.g. information relating to the clients and
information relating to the issuer of the certificate.
This kind of information may include, e.g. the name of
the client and identity number, the address of the
client, the public key of the client and the elec-
tronic identity. The certificate is issued by the
trusted third party TTP, which also updates the cer-
tificate database CERT. The trusted third party TTP is
advantageously used to mean a certificate authority.
In the example as shown in Pig. 2 the payment
service equipment comprises three access interfaces: a
first access interface 1 to the payment system BANK, a
second access interface 2 to the authentication system
AUT and a third access interface 3 to the telecommuni-
cation network NET. The aforementioned systems and the
telecommunication network NET are connected to the
payment service equipment PS via the relevant access
interfaces. The telecommunication network NET is pri-
marily used to mean a packet-switched data transmis-
sion network, e.g. the Internet. The telecommunication
network NET may, however, be any other packet-switched
data transmission network.
The payment service equipment PS further com-
prises a generation block PAY for generating the bill-
ing ticket connected with the payment transaction. The
telecommunication block PB is used to send and receive
the confirmation of order connected with the billing
ticket. The identification block ID is used to iden-
tify the client based on the electronic identity
and/or signature. The information retrieval block IR
is used to find out the payment card information con-
nected with the client.
Connected to the telecommunication network
NET are the service provider SP and the terminal de-
vice TE. The service provider SP is used to mean an
entity which offers the clients a possibility of mak-
ing purchases via the telecommunication network NET .
The purchases are debited from the payment card of the
client. The terminal device TE is advantageously used
to mean an ordinary computer which comprises the nec-
essary facilities and devices for using the service
offered by the service provider SP. Connected to the
terminal device TE is a smart card reader SCR. Into
the card reader SCR, the smart card of the client may
be input. Stored on the smart card SC are, e.g. the
electronic identity associated with the holder of the
smart card SC, the private key of the holder and the
public key connected with the payment service equip-
ment . The private key is preferably used to refer to
the private key consistent with the PKI system. The
card reader SCR may also be used to mean a facility
internally installed in the terminal device TE
Connected to the payment service equipment PS
is an authentication system AUT. By means of the
authentication system AUT, the payment service equip-
ment PS may check the validity of the client's payment
cards. In this example, the authentication system AUT
consists of relevant data transmission networks. Via
each data transmission network, the payment service
equipment PS has the access to the information system
of each company offering a payment card.
Connected to the payment service equipment PS
is also a payment system BANK. The payment system BANK
is generally used to mean a system which actually deb-
its the client's payment card and correspondingly
credits the account of the service provider SP with
the same sum.
The payment service equipment PS may, when
required, be separated from the telecommunication net-
work NET by using a firewall. The firewall is used to
mean a software or hardware configuration which is
used to try to prevent the unauthorized access of ex-
traneous entities to the resources of some company or
system.
Fig. 3 is one advantageous flow chart illus-
tratinq *->^ fnnrt-inn of the present invention. The ex-
ample as shown in Fig. 3 comprises a display device
DTE, a payment terminal device PTE, a smart card SIM
inserted into the payment terminal device PTE, a serv-
ice provider SP, payment service equipment PS, a cer-
tificate database CERT, an authentication system AUT
and a payment system BANK. The display terminal device
DTE is advantageously used to mean an ordinary com-
puter. The payment terminal device PTE is advanta-
geously used to mean a mobile station and the smart
card SIM the subscriber identity module of the mobile
station.
The rhomb 3 0 is used to describe the actions
the client takes via the computer DTE. The client
chooses the www site connected with the service of-
fered by the service provider SP. The service provided
by the service provider may require a registration. In
conjunction with the registering to the service the
client transmits information about himself/herself to
the service provider SP. The information may include,
e.g. a name, address and mobile number. The access to
the www sites required by the service may require that
the client inputs a client identifier and a password.
In addition, the client has got a certificate issued
by a trusted third party. The certificate has been
saved, e.g. to the certificate database of the payment
service equipment PS. The payment service equipment PS
comprises, for instance, a database which comprises
all the service providers who have made a contract
about the use of the payment service equipment PS. The
service provider database includes, e.g. information
about the payment cards accepted by the service pro-
vider and about the bankers of the service provider.
The information included in the service provider data-
base may be encrypted, e.g. with the public key of the
payment service equipment, if required.
The arrow 31 is used to describe the informa-
tion which the client transmits to the service pro-
vider SP via the www site. This is used to mean that
the client has chosen the desired products and/or
services via the www site of the service provider SP.
In addition, he or she chooses the desired payment
mode, which in this example is a Visa card. The client
may be requested to fill in also his or her mobile
number on the form. When all the necessary information
has been filled in/chosen, the client sends the order,
e.g. by pushing the pay button on the www site. As a
consequence of pushing the pay button, the client may
be displayed the www site produced by the payment
service equipment.
The service provider SP sends the information
received from the client to the payment service equip-
ment PS, arrow 32. The service provider SP may send to
the payment service equipment PS also information
which the user himself/herself has not input into the
www site. This kind of information may be, e.g. the
mobile number included in the registration information
of the client, the name or identifier of the service
provider SP, the total sum of the products or services
ordered and the date. The information sent by the
service provider SP to the payment service equipment
PS may be encrypted, if required, or a check sum may
be computed at it using, e.g. a hash function. The
Hash function is used to mean a function which gener-
ates an individual check sum from a given input. This
enables one to make sure of the integrity of the in-
formation transferred. The generation of an encryption
or check sum is, however, not necessary because the
information sent by the service provider SP is not
sensitive in itself. Let it be mentioned that the
service provider SP does not at any point send to the
payment service equipment PS more detailed information
relating to the payment card of the client, e.g. the
number of the payment card or its validity. As con-
cerns the payment card of the client, the service pro-
vider SP may send to the payment service equipment PS
only the piece of information concerning the payment
card company, i.e. that the payment card is, e.g.
Visa, MasterCard, Diners Club or a bank card.
The payment service equipment PS sends the
confirmation of order to the mobile station PTE of the
client, e.g. as a short message based on the informa-
tion received from the service provider SP, arrow 33a.
The confirmation of order includes information relat-
ing to the order made by the client. This kind of in-
formation is, e.g. the date, the products and services
ordered, the total sum etc. The client checks the in-
formation of the confirmation of order. If the infor-
mation included in the confirmation of order is cor-
rect, the client signs the confirmation of order with
his or her own private signing key. It is possible to
store to the subscriber identity module SIM the elec-
tronic identity associated with the holder and the
private key of the holder. The private key is advanta-
geously used to refer to the private key consistent
with the PKI system. The signing with the mobile sta-
tion may require that the client inputs into his or
her mobile station a predetermined code, e.g. a PIN
code (PIN, Personal Identification Number).
In addition to the confirmation of order, the
client sends to the payment service equipment his or
her own electronic identity from his or her mobile
station PTE, arrow 3 3b. The payment service equipment
PS receives the information sent from the mobile sta-
tion PTE and checks the signature of the client in the
certificate database CERT connected to the payment
service equipment PS, arrows 34a and 34b. The right to
read the certificate database CERT belongs solely to
the payment service equipment PS. The payment service
equipment PS further authenticates the client's signa-
ture and electronic identity, e.g. by utilizing the
client database.
When the clien'ts identity has been verified,
the payment service equipment PS finds out the credit
card number of the client. This functionality is de-
scribed by rhomb 35. The payment card number is
checked, e.g. in the client database attached to the
payment service equipment PS. The information included
in the client database has been encrypted with the
public key of the payment service equipment PS. In
this way, only the payment service equipment PS can
decode the information included in the client database
into a readable form with its own private key. The
client's payment card number may alternatively be
saved to the client-specific certificate of the cer-
tificate database CERT.
When the payment service equipment PS has
found the client's payment card number, it is sent to
the authentication system AUT to be checked, arrow
36a. The authentication system AUT checks that the
card indicated by the payment card number is valid.
The authentication system AUT returns the result of
the validity checking back to the payment service
equipment PS, arrow 3 6b.
The payment connected with the order made by
the client may now be effected. Prior to accepting the
payment, it is possible to check in the verification
database attached to the payment service equipment PS
that the client's payment card is not among suspicious
or forbidden cards. The payment service equipment PS
sends a confirmation of the effecting of the payment
both to the service provider SP and to the client, ar-
rows 3 7a and 3 7b. The command to effect the payment
may now be sent to the payment system BANK, arrow 38.
The payment system BANK debits the client's payment
card with the sum shown by the order and correspond-
ingly credits the account of the service provider SP
with the same sum.
Vouchers of all the orders made may be stored
to the transaction database attached to the payment
service equipment PS. The data record to be stored to
the database includes, e.g. the following information:
the electronic identity information of the cli-
ent, the payment card details, account number,
name and address,
total sum of the order,
recipient,
date
client's signature,
authentication code,
time stamp which has been received from a cer-
tificate authority.
In an embodiment as shown in Fig. 3, the pay-
ment service equipment PS may comprise a functionality
that the use of a certain payment card requires the
use of a certain mobile number. This is used to mean
that if the client wishes to pay his or her purchases,
e.g. with a VISA card, he or she has to have a certain
subscriber identity module SIM inserted into his or
her mobile station.
In an embodiment as shown in Fig. 3, both the
payment terminal device PTE and the display device DTE
are used to mean physically the same device, prefera-
bly a mobile station.
Fig. 4 is one advantageous signaling flow
chart illustrating the function of the present inven-
tion. The example as shown in Fig. 4 comprises a ter-
minal device TE, a card reader SRC attached to the
terminal device and a smart card SC compatible with
it, a service provider SP, payment service equipment
PS, a certificate database CERT, an authentication
system AUT and a payment system BANK. The terminal de-
vice TE is advantageously used to mean a computer.
The rhomb 4 0 is used to describe the actions
the client takes via the computer TE. The client
chooses the www site connected with the service of-
fered by the service provider SP. The service provided
by the service provider may require a registration, in
conjunction with the registering to the service the
client transmits information about himself/herself to
the service provider SP. This kind of information may
include, e.g. a name, address and mobile number. The
access to the www sites required by the service may
require that the client inputs a client identifier and
a password. In addition, the client has got a certifi-
cate issued by a trusted third party. The certificate
has been saved, e.g. to the certificate database of
the payment service equipment PS. The payment service
equipment PS comprises, for instance, a database which
comprises all the service providers who have made a
contract about the use of the payment service equip-
ment PS. The service provider database includes, e.g.
information about the payment cards accepted by the
service provider and about the bankers of the service
provider. The information included in the service pro-
vider database may be encrypted, e.g. with the public
key of the payment service equipment, if required.
The arrow 41 is used to describe the informa-
tion which the client transmits to the service pro-
vider SP via the www site. This is used to mean that
the client has chosen the desired products and/or
services via the www site of the service provider SP.
In addition, he or she chooses the desired payment
mode, which in this example is a Visa card. The client
may be requested to fill in also his or her mobile
number on the form. When all the necessary information
has been filled in/chosen, the client sends the order,
e.g. by pushing the pay button on the www site. As a
consequence of pushing the pay button, the client may
be displayed the www site produced by the payment
service equipment.
The service provider SP sends the information
received from the client to the payment service equip-
ment PS, arrow 42. The service provider SP may send to
the payment service equipment PS also information
which the user himself/herself has not input into the
www site. This kind of information may be, e.g. the
mobile number included in the registration information
of the client, the name or identifier of the service
provider SP, the total sum of the products or services
ordered and the date. The information sent by the
service provider SP to the payment service equipment
PS may be encrypted, if required, or a check sum may
be computed at it using, e.g. a hash function. The
Hash function is used to mean a function which gener-
ates an individual check sum from a given input. This
enables one to make sure of the integrity of the in-
formation transferred. The generation of an encryption
or check sum is, however, not necessary because the
information sent by the service provider SP is not
sensitive in itself. Let it be mentioned that the
service provider SP does not at any point send to the
payment service equipment PS more detailed information
relating to the payment card of the client, e.g. the
number of the payment card or its validity. As con-
cerns the payment card of the client, the service pro-
vider SP may send to the payment service equipment PS
only the piece of information concerning the payment
card company, i.e. that the payment card is, e.g.
Visa, MasterCard, Diners Club or a bank card.
The payment service equipment PS sends the
confirmation of order to the terminal device TE of the
client based on the information received from the
service provider SP, arrow 43a. The confirmation of
order includes information relating to the order made
by the client. This kind of information is, e.g. the
date, the products and services ordered, the total sum
etc. The client checks the information of the confir-
mation of order. If the information included in the
confirmation of order is correct, the client signs the
confirmation of order with his or her own private
signing key. The signature is carried out by means of
a card reader SCR attached to the computer TE and by
means of a client's smart card compatible with it.
Stored on the smart card SC are the electronic iden-
tity associated with the holder of the smart card SC
and the private key of the holder. The private key is
advantageously used to refer to the private key con-
sistent with the PKI system. The signing by means of
the terminal device TE and the card reader SCR may re-
quire that the client inputs into his or her mobile
station a predetermined code, e.g. a PIN code (PIN,
Personal Identification Number).
In addition to the confirmation of order, the
client sends to the payment service equipment PS his
or her own electronic identity from his or her mobile
station PTE, arrow 43b. The payment service equipment
PS receives the information sent by the computer TE
and checks the signature of the client in the certifi-
cate database CERT attached to the payment service
equipment PS, arrows 44a and 4 4b. The right to read
the certificate database CERT belongs solely to the
payment service equipment PS. The payment service
equipment PS further authenticates the client's signa-
ture and electronic identity, e.g. by utilizing the
client database.
When the client's identity has been verified,
the payment service equipment PS finds out the credit
card number of the client. This functionality is de-
scribed by rhomb 45. The payment card number is
checked, e.g. in the client database attached to the
payment service equipment PS. The information included
in the client database has been encrypted with the
public key of the payment service equipment PS. In
this way, only the payment service equipment PS can
decode the information included in the client database
into a readable form with its own private key. The
client's payment card number may alternatively be
saved to the client-specific certificate of the cer-
tificate database CERT.
When the payment service equipment PS has
found the client's payment card number, it is sent to
the authentication system AUT to be checked, arrow
46a. The authentication system AUT checks that the
card indicated by the payment card number is valid.
The authentication system AUT returns the result of
the validity checking back to the payment service
equipment PS, arrow 4 6b.
The payment connected with the order made by
the client may now be effected. Prior to accepting the
payment, it is possible to check in the verification
database attached to the payment service equipment PS
that the client's payment card is not among suspicious
or forbidden cards. The payment service equipment PS
sends a confirmation of the effecting of the payment
both to the service provider SP and to the client, ar-
rows 4 7a and 4 7b. The command to effect the payment
may now be sent to the payment system BANK, arrow 48.
The payment system BANK debits the client's payment
card with the sum shown by the order and correspond-
ingly credits the account of the service provider SP
with the same sum.
Vouchers of all the orders made may be stored
to the transaction database attached to the payment
service equipment PS. The data record to be stored to
the database includes, e.g. the following information:
- the electronic identity information of the cli-
ent, the payment card details, account number,
name and address,
total sum of the order,
recipient,
date
client's signature,
authentication code,
time stamp which has been received from a cer-
tificate authority.
The invention is not restricted merely to the
embodiments referred to above, instead many variations
are possible within the scope of the inventive idea
defined by the claims.
WE CLAIM :
1. Payment service equipment comprising :
a first access interface (1) to the payment system (BANK);
a second access interface (2) to the authentication system (AUT);
a third access interface (3) to the telecommunication network (NET);
a certificate database (CERT) for storing the certificates associated with
the clients;
a service provider database (RET) for storing the information relating to
the registered service providers ;
a client database (DB) for storing the information relating to the clients ;
a transaction database (TRANS) for storing the information relating to
the payment transactions;
a verification database (BL) which comprises an auxiliary list of
suspicious payment cards;
a generation block (PAY) for generating the billing ticket connected with
the payment transaction ;
a telecommunication block (PB) for sending and receiving the
confirmation of order connected with the billing ticket ;
and identification ticket (ID) for identifying the client based on the
electronic identity and signature ; and
an information retrieval block (IP) for finding out the payment card
information of the client;
characterized in that:
the client database (DB) comprises at least one of the client's mobile
number and information relating to the payment card of the client; and
the payment service equipment comprises a fourth access interface (4)
to the mobile communication network.
2. Payment service equipment as claimed in claim 1, wherein the payment
card is a credit card.
3. Payment service equipment as claimed in claim 1 or 2, wherein the
information provided in the client database (DB) and/or in the service provider
database (RET) is encrypted.
4. Payment service equipment as claimed in claim 1 or 2, wherein the
payment card information is provided in the certificate of the client in the
rification database (CERT).
.tX i£ A method of transmitting information securely in a telecommunication
f system, comprising:
a mobile communication network (PLMN);
a telecommunication network (NET);
a payment terminal device (PTE) which comprises a smart card (SIM)
and which is connected to the mobile communication network (PLMN);
a display terminal device (DTE) which is connected to the mobile
communication network (PLMN) and/or to the telecommunication network (NET);
a trusted third party equipment (TTP);
a payment system (BANK);
a service provider equipment (SP);
an authentication system (AUT);
which method comprises the steps of:
generating and issuing by means of the trusted third party equipment
(TTP) the certificate associated with the client;
choosing the product or service to be ordered by means of the display
terminal device (DTE) from the service provider equipment (SP) via the
telecommunication network (NET) and/or the mobile communication network
(PLMN);
using at least one of the client's payment card and payment card
information for the paying of the product or service ordered ;
characterized in that the method comprises the steps of:
generating by means of the payment service equipment the billing ticket
connected with the product or service ordered ;
sending a confirmation of order to the payment terminal device (PTE) of
the client via the mobile communication network (PLMN);
performing at least one of signing and encrypting the aforementioned
confirmation of order by means of the payment terminal device (PTE);
sending the aforementioned at least one of signed and encrypted
confirmation of order and the electronic identity information associated with the
client from the payment terminal device (PTE) to the payment service equipment
(PS) by way of the mobile communication network (PLMN);
identifying the client by means of the payment service equipment (PS)
based on the aforementioned at least one of signature and electronic identity
information;
retrieving the payment card number associated with the client based on
the aforementioned at least one of signature and electronic identity information ;
checking the use of right of the payment card and accepting the
payment, if the payment card was successfully verified.
6. A method as claimed in claim 5, wherein the client is identified based on
the information included in the certificate database (CERT).
7. A method as claimed in claim 5, wherein the payment card number
associated with the client is retrieved from the client database (DB) of the
payment service equipment (PS).
8. A method as claimed in claim 5, wherein the payment card number of
the client is retrieved from the certificate database (CERT) attached to the
payment service equipment (PS).
9. A method as claimed in claim 5, wherein the validity of the payment
card is checked in the authentication system (AUT).
10. A method as claimed in claim 5, wherein one checks in the verification
database (BL) that the payment card is not among suspicious or forbidden
cards.
11. A method as claimed in any one of the preceding claims 5, 9 or 10,
wherein the request for the debiting of the payment is sent to the payment
system (BANK) after the validity of the payment card has been checked.
12. A method as claimed in claim 5, wherein the confirmation of the
succeeding of the order is sent to the client's display terminal device (DTE) or
payment terminal device (PTE) and to the service provider (SP).
13. A method as claimed in claim 5 or 6, wherein the certificate database
is updated by the trusted third party (TTP).
14. A method as claimed in claim 5, wherein the payment terminal device
(PTE) and the display terminal device (DTE) are used to mean a mobile station.
15. A method as claimed in claim 5, wherein the payment terminal device
(PTE) is used to mean a mobile station and the display terminal device (DTE) a
computer.
16. A method as claimed in claim$ 5, wherein the payment card is used to
mean a Visa, MasterCard or Diners Club card or a bank card.
17. A method as claimed in any one of the preceding claims 5, 14 or 15,
wherein the smart card (SIM) is used to mean a subscriber identity module.
18. A method as claimed in any one of the preceding claims 5, 14 or 15,
wherein stored on the smart card (SIM) are the electronic identity of the client
and the client's private key.
19. A method as claimed in any one of the preceding claims 5, 14 or 15,
wherein stored on the smart card (SIM) is the public key associated with the
payment service equipment (PS).
20. A method as claimed in any one of the preceding claims 5, 14, or 15,
wherein the mobile communication network (PLMN) is used to mean a mobile
communication network consistent with the GSM system.
21. A method as claimed in claim 5, wherein the telecommunication
network (NET) is used to mean a packet-switched network, e.g. the Internet
network.
22. A method for secure paying in a telecommunication network
comprising :
a telecommunication network (NET);
a terminal device (TE) to which terminal device there is a card reader
(SCR) attached and into which card reader it is possible to input a smart card
(SC) and which terminal device (TE) is connected to the telecommunication
network (NET);
a trusted third party (TTP) ;
a payment system (BANK);
a service provider (SP);
an authentication system (AUT);
which method comprises the steps of :
generating and issuing by the trusted third party (TTP) the certificate
associated with the client;
choosing the product or service to be ordered by means of the terminal
device (TE) from the service provider (SP) via the telecommunication network
(NET);
using the client's payment card and/or payment card information for
the paying of the product or service ordered ;
characterised in that the method further comprises
the steps of:
generating by means of the payment service equipment (PS) the billing
ticket connected with the product or service ordered ;
sending a confirmation of order to the terminal device (TE) of the client
via the telecommunication network (NET);
signing and/or encrypting the aforementioned confirmation of order with
the terminal device (TE) by means of a card reader (SCR) attached to it and by
means of a smart card (SC) inserted into the card reader;
sending the aforementioned signed and/or encrypted confirmation of
order and the electronic identity information associated with the client from
the terminal device (TE) to the payment service equipment (PS) by way of the
telecommunication network (NET);
identifying the client by the payment service equipment (PS) based on
the aforementioned signature and/or electronic identity information ;
retrieving the payment card number associated with the client based
on the aforementioned signature and/or electronic identity information ;
checking the use of right of the payment card and accepting the
payment, if the payment card was successfully verified.
23. A method as claimed in claim 22, wherein the client is identified based
on the information included in the certification database (CERT).
24. A method as claimed in claim 22, wherein the payment card number
associated with the client is retrieved from the database (DB) of the payment
service equipment (PS).
25. A method as claimed in claim 22, wherein the payment card number of
the client is retrieved from the certificate database (CERT) attached to the
payment service equipment (PS).
26. A method as claimed in claim 22, wherein the validity of the payment
card is checked in the authentication system (AUT).
27. A method as claimed in claim 22, wherein one checks in the
verification database (BL) that the payment card is not among suspicious or
forbidden cards.
28. A method as claimed in any one of the preceding claims 22, 26 or 27,
wherein the request for the debiting of the payment is sent to the payment
system (BANK) after the validity of the payment card has been checked.
29 A method as claimed in claim 22, wherein a confirmation of the
succeeding of the order is sent to the terminal device (TE) of the client and to
the service provider (SP).
30. A method as claimed in claim 22 or 23, wherein the certificate
database is updated by the trusted third party (TTP).
31. A method as claimed in claim 22, wherein the terminal device (TE) is
used to mean a computer.
32. A method as claimed in claim 22, wherein the payment card is used to
mean a Visa, MasterCard or Diners Club card or a bank card.
33. A method as claimed in claim 22, wherein stored on the smart card
(SC) are the client's electronic identity and private key.
34. A method as claimed in claim 22 or 33, wherein stored on the smart
card (SC) is the public key associated with the payment service equipment
(PS).
35. A method as claimed in claim 22, wherein the telecommunication
network (NET) is used to mean a packet-switched network, e.g. the Internet
network.
The invention relates to implementing paying with a payment card via an
information network so that the payment is secure and that the number of the
client's payment card needs not to be transmitted over a data transmission
network. The client is requested for a separate confirmation for effecting the
payment. The piece of information to be confirmed is sent to a terminal device
(PTE) of the client by means of which the client confirms the order by digitally
signing the confirmation. The signed confirmation and electronic identity
information associated with the client is sent back to a payment service
equipment (PS). The payment service equipment (PS) verifies the client's
identity, checks the validity of the client's payment card and transmits the
payment information to a payment system (BANK).

Documents:


Patent Number 225464
Indian Patent Application Number IN/PCT/2002/00925/KOL
PG Journal Number 46/2008
Publication Date 14-Nov-2008
Grant Date 12-Nov-2008
Date of Filing 16-Jul-2002
Name of Patentee SMARTTRUST SYSTEMS OY ,
Applicant Address ELIMAENKATU 17-19 FIN-00510, HELSINKI
Inventors:
# Inventor's Name Inventor's Address
1 BLUMENTHAL HENRIK SONERA SMARTTRUST OY P.O. BOX 425, FIN-00051, SONERA
PCT International Classification Number G07F 7/10,G06F 17/60
PCT International Application Number PCT/FI2001/00063
PCT International Filing date 2001-01-24
PCT Conventions:
# PCT Application Number Date of Convention Priority Country
1 20000135 2000-01-24 Finland