WO2002037355A2 - A method to carry out economic transactions through a telecommunications network - Google Patents

A method to carry out economic transactions through a telecommunications network Download PDF

Info

Publication number
WO2002037355A2
WO2002037355A2 PCT/IB2001/002752 IB0102752W WO0237355A2 WO 2002037355 A2 WO2002037355 A2 WO 2002037355A2 IB 0102752 W IB0102752 W IB 0102752W WO 0237355 A2 WO0237355 A2 WO 0237355A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
issuing entity
code
codes
transactions
Prior art date
Application number
PCT/IB2001/002752
Other languages
French (fr)
Other versions
WO2002037355A3 (en
Inventor
Tomas Mulet Valles
Original Assignee
Tomas Mulet Valles
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from ES200002648A external-priority patent/ES2172438B1/en
Application filed by Tomas Mulet Valles filed Critical Tomas Mulet Valles
Priority to AU2002226599A priority Critical patent/AU2002226599A1/en
Publication of WO2002037355A2 publication Critical patent/WO2002037355A2/en
Publication of WO2002037355A3 publication Critical patent/WO2002037355A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems

Definitions

  • This invention refers, as the title suggests, to a method to carry out economic transactions through a telecommunications network and whose aim is to prevent the fraudulent use by third parties of the identification codes assigned to any of the users by an issuing entity, whether this be financial or credit.
  • the user must provide a series of identification data, generally the credit card number or current account number, and these are used by the provider to carry out the relative charge or deposit.
  • a user code is normally used to consult balances or order any type of account movement .
  • Carrying out these operations through a communications network has the disadvantage of transmitting the identification data mentioned, which can be intercepted in the network and used fraudulently by third parties or even by the actual provider.
  • This method includes the following steps or phase: a.
  • Each user is assigned an identification code and/or a generic code by the issuing entity, which permits the identification of this issuing entity by any other issuing entity or organisation and the identification of the relative user only by his issuing entity and, optionally a password or access key to establish a secure connection through a telecommunication network, b.
  • the handing over of the operation and/or transaction codes to the user, either directly or either through a third party (customer or supplier of the user) d.
  • e. The execution by the user's issuing entity of those operations and transactions authorised by the user by validating codes.
  • This method is applicable both to carrying out purchases on the Internet, and in brick and mortar business, telephone bookings or purchases, as well as carrying out transactions with banking and financial entities.
  • the terms used respond to the following definitions: OPERATION: Group of one or more transactions, managed simultaneously or during the same connection.
  • TRANSACTION Each one of the payments, collections, corrections or movements of any other kind requested.
  • ISSUING ENTITY Entity through which the economic transactions are carried out. This may be a banking or financial entity, a telephony operator or a management centre that one or more of the above are attached to.
  • a first case considers that an operation code and/or individual transaction codes can be generated by the user's issuing entity following notification to the issuing entity by the user, either directly or through a third party, of the possible operation and/or transactions to be carried out.
  • the validation of the codes corresponding to the operations or transactions to be authorised can be carried out by the user obtaining a validation code through a code management program provided by the issuing entity, after entering a password or access key into this identification code management program assigned to the user by the issuing entity, and the operation or transaction code to validate.
  • the user uses a code management program to obtain validation codes he must give the issuing entity the validation codes provided by the code management program and obtained from those operation or transaction codes corresponding to the operations or transactions the user wishes to authorise.
  • the user may hand over the validation codes by the issuing entity by any means, as these codes can only be related to the relative operation codes by the issuing entity.
  • the validation by the user, of the code assigned to a certain operation or transaction by means of a different validation code to the previous one and which is obtained through a specific code management program based on some fixed and other variable parameters, so that this validation code can be related unequivocally by the issuing entity to the relative operation or transaction code, permits authorising a certain transaction by means of a validation code, which does not include the user's identification data.
  • This code management program will be given to the user by the entity in charge of assigning the operation or transaction codes and carrying out the operations or transactions assigned to them once the respective validation codes have been received from the user.
  • the aforementioned code management program can be installed in a telephony terminal, in a computer terminal, in a card reader or in any other appliance equipped with the necessary hardware to be able to execute it.
  • the code management program In order for the code management program to be able to generate the validation code of a certain operation or transaction it will be necessary to enter a series of identification data, the password or access key provided by the issuing entity and the transaction or operation code to be validated, the aforementioned program carrying out, with its specific software, the calculation of the validation code corresponding to the operation or transaction code.
  • the invention method considers that the generation of operation codes by the user's issuing entity or by any other issuing entity or organisation and its delivery, on the user's or a third party's request, is carried out based on the prior identification of the user's generic code.
  • the generic code mentioned only permits the identification of the user by his own issuing entity it is necessary to notify the user's issuing entity of those operation codes provided by other issuing entities or
  • the aforementioned generic code provides other advantages such as the possibility of establishing a route to the user's issuing entity with it, as if it were his payment data, with the difference that this generic Q code only permits obtaining operation or transaction codes that must be validated or accepted later by the user in order to carry out the operations associated with them.
  • this generic code has an essential 5 difference, with respect to the payment data or a customer or user. This is that it cannot be used to order an operation, but only to obtain operation codes, which will not become effective if the issuing entity does not receive their validation by the relative user. 0 ⁇ he use or this generic code means that the operation or transaction code can be the same as that used by the card payment entities for their internal communication and that the procedure in question can be applied to any commercial transaction without modifying 5 the seller's collection terminals, either by purchases in brick and mortar businesses, telephone bookings or purchases or by Internet, as the user's generic code may coincide in its configuration, with those used to pay with card or payment against accounts related to normal Q mobile devices today.
  • the generic code can be presented to a third party for him to order a collection or payment against the user's account, the user authorising this collection or payment by means

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer And Data Communications (AREA)

Abstract

This method considers: - an issuing entity assigning each user with an identification code and/or a generic code, and optionally a password or access key, - the generation by an issuing entity of some codes to identify the possible operation and/or transactions to be carried out, - the delivery of the codes to the user, either directly or through a third party, - the validation by the user of those codes corresponding to the operations or transactions to be carried out and - the execution by the user's issuing entity of those operations and transactions authorised by the user.

Description

DESCRIPTION
A METHOD TO CARRY OUT ECONOMIC TRANSACTIONS THROUGH A TELECOMMUNICATIONS NETWORK.
OBJECT OF THE INVENTION.
This invention refers, as the title suggests, to a method to carry out economic transactions through a telecommunications network and whose aim is to prevent the fraudulent use by third parties of the identification codes assigned to any of the users by an issuing entity, whether this be financial or credit.
BACKGROUND OF THE INVENTION.
It is a well-known fact that nowadays the possibility exists of carrying out economic operations through telecommunications networks, either from a computer terminal or from a telephony terminal .
Currently to carry out this type of operation, the user must provide a series of identification data, generally the credit card number or current account number, and these are used by the provider to carry out the relative charge or deposit. In addition, in operating procedures with financial entities a user code is normally used to consult balances or order any type of account movement .
Carrying out these operations through a communications network has the disadvantage of transmitting the identification data mentioned, which can be intercepted in the network and used fraudulently by third parties or even by the actual provider.
Therefore, currently carrying out economic operations through open telecommunications networks does not give the users the necessary security and confidentiality with respect to transmitting their identification codes or data. DESCRIPTION OF THE INVENTION
To solve the problem set out, a method to carry out economic transactions through a telecommunications network has been designed, being able to carry out these transactions between companies, between companies and individuals or with bank or credit entities .
This method includes the following steps or phase: a. Each user is assigned an identification code and/or a generic code by the issuing entity, which permits the identification of this issuing entity by any other issuing entity or organisation and the identification of the relative user only by his issuing entity and, optionally a password or access key to establish a secure connection through a telecommunication network, b. The generation by the user's issuing entity or by any other issuing entity or organisation of an operation code and/or individual transaction codes so as to identify the possible operation and/or transactions to be carried out, c. The handing over of the operation and/or transaction codes to the user, either directly or either through a third party (customer or supplier of the user) , d. The validation by the user of those codes that only correspond to the operation or transactions he wishes to authorise. e. The execution by the user's issuing entity of those operations and transactions authorised by the user by validating codes.
This method is applicable both to carrying out purchases on the Internet, and in brick and mortar business, telephone bookings or purchases, as well as carrying out transactions with banking and financial entities. The terms used respond to the following definitions: OPERATION: Group of one or more transactions, managed simultaneously or during the same connection.
TRANSACTION: Each one of the payments, collections, corrections or movements of any other kind requested. ISSUING ENTITY: Entity through which the economic transactions are carried out. This may be a banking or financial entity, a telephony operator or a management centre that one or more of the above are attached to.
Several operating procedures are permitted in the invention method. A first case considers that an operation code and/or individual transaction codes can be generated by the user's issuing entity following notification to the issuing entity by the user, either directly or through a third party, of the possible operation and/or transactions to be carried out.
In this case the validation by the user of those codes corresponding to the operations or transactions he wishes to authorise, can be carried out by later safe connection of the user with the issuing entity.
It has also been foreseen that the validation of the codes corresponding to the operations or transactions to be authorised can be carried out by the user obtaining a validation code through a code management program provided by the issuing entity, after entering a password or access key into this identification code management program assigned to the user by the issuing entity, and the operation or transaction code to validate.
If the user uses a code management program to obtain validation codes he must give the issuing entity the validation codes provided by the code management program and obtained from those operation or transaction codes corresponding to the operations or transactions the user wishes to authorise. The user may hand over the validation codes by the issuing entity by any means, as these codes can only be related to the relative operation codes by the issuing entity.
The validation, by the user, of the code assigned to a certain operation or transaction by means of a different validation code to the previous one and which is obtained through a specific code management program based on some fixed and other variable parameters, so that this validation code can be related unequivocally by the issuing entity to the relative operation or transaction code, permits authorising a certain transaction by means of a validation code, which does not include the user's identification data.
This code management program will be given to the user by the entity in charge of assigning the operation or transaction codes and carrying out the operations or transactions assigned to them once the respective validation codes have been received from the user.
The aforementioned code management program can be installed in a telephony terminal, in a computer terminal, in a card reader or in any other appliance equipped with the necessary hardware to be able to execute it.
In order for the code management program to be able to generate the validation code of a certain operation or transaction it will be necessary to enter a series of identification data, the password or access key provided by the issuing entity and the transaction or operation code to be validated, the aforementioned program carrying out, with its specific software, the calculation of the validation code corresponding to the operation or transaction code.
In a second operating procedure the invention method considers that the generation of operation codes by the user's issuing entity or by any other issuing entity or organisation and its delivery, on the user's or a third party's request, is carried out based on the prior identification of the user's generic code. As the generic code mentioned only permits the identification of the user by his own issuing entity it is necessary to notify the user's issuing entity of those operation codes provided by other issuing entities or
5 organisation, for their later validation by the user
The aforementioned generic code provides other advantages such as the possibility of establishing a route to the user's issuing entity with it, as if it were his payment data, with the difference that this generic Q code only permits obtaining operation or transaction codes that must be validated or accepted later by the user in order to carry out the operations associated with them.
Therefore, this generic code has an essential 5 difference, with respect to the payment data or a customer or user. This is that it cannot be used to order an operation, but only to obtain operation codes, which will not become effective if the issuing entity does not receive their validation by the relative user. 0 τhe use or this generic code means that the operation or transaction code can be the same as that used by the card payment entities for their internal communication and that the procedure in question can be applied to any commercial transaction without modifying 5 the seller's collection terminals, either by purchases in brick and mortar businesses, telephone bookings or purchases or by Internet, as the user's generic code may coincide in its configuration, with those used to pay with card or payment against accounts related to normal Q mobile devices today.
In a user's operating procedure with his bank, the generic code can be presented to a third party for him to order a collection or payment against the user's account, the user authorising this collection or payment by means

Claims

C L A I M S
1. - Method to carry out economic transactions through a telecommunications network: these transactions may be of the kind carried out between companies, between companies and individuals or with banking entities; characterised because it includes: a. An issuing entity assigns each user an identification code and/or a generic code that permits the identification of this issuing entity by any other issuing entity or organisation and the identification of the relative user only by his issuing entity and optionally a password or access key to establish a safe connection through a telecommunications network, b. The generation by the user's issuing entity or any other issuing entity or organisation of an operation code and/or individual transaction codes to identify the possible operation and/or transactions to be carried out, c. The presentation of the operation and/or transaction codes to the user, either directly or through a third party (user's customer or supplier), d. The validation by the user of those codes that only correspond to the operations or transactions he wishes to authorise. e. The execution by the user's issuing entity of those operations and transactions authorised by the user by means of the code validation.
2.- Method, according to claim 1, characterised because the generation by an issuing entity of an operation code and/or some individual transaction codes is carried out based on the user notifying this issuing entity, either directly or through a third party, of the possible operation and/or transactions to be carried out.
3. - Method, according to claims 1 and 2 characterised because the validation by the user of those codes corresponding to the operations or transactions he wishes to authorise, is carried out by later safe connection of the user with the issuing entity,
4.- Method, according to claims 1 and 2, characterised because the validation by the user of the operation or transaction codes includes: the user obtaining a validation code through a code management program provided by his issuing entity, after entering into this management program some identification codes, a password or access key, assigned to the user by the issuing entity, and the operation or transaction code to be validated and, . the handing over by the user to his issuing entity, either directly or through a third party, of the validation codes provided by the code management program.
5.- Method, according to claim 1, characterised because the generation of operation codes by the user's issuing entity or of any other issuing entity or organisation and their delivery, on the user's or third party's request, is carried out based on the prior identification of the user's generic code; if appropriate the notification to the user's issuing entity of those operation codes provided by other issuing entities or organisations being carried out in order for the user to later validate them.
PCT/IB2001/002752 2000-11-03 2001-11-02 A method to carry out economic transactions through a telecommunications network WO2002037355A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002226599A AU2002226599A1 (en) 2000-11-03 2001-11-02 A method to carry out economic transactions through a telecommunications network

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
ES200002648A ES2172438B1 (en) 2000-11-03 2000-11-03 METHOD FOR PERFORMING ECONOMIC TRANSACTIONS THROUGH A TELECOMMUNICATIONS NETWORK.
ESP200002648 2000-11-03
ESP200100560 2001-03-12
ES200100560A ES2184599B1 (en) 2000-11-03 2001-03-12 IMPROVEMENTS INTRODUCED IN THE PATENT OF INVENTION 200002648 BY METHOD FOR PERFORMING ECONOMIC TRANSACTIONS THROUGH A TELECOMMUNICATIONS NETWORK.
ES200101360A ES2189647B1 (en) 2000-11-03 2001-06-13 PERFECTION IN THE PATENT OF INVENTION 200002648 BY METHOD FOR THE PERFORMANCE OF ECONOMIC TRANSACTIONS THROUGH A TELECOMMUNICATIONS NETWORK.
ESP200101360 2001-06-13

Publications (2)

Publication Number Publication Date
WO2002037355A2 true WO2002037355A2 (en) 2002-05-10
WO2002037355A3 WO2002037355A3 (en) 2002-07-11

Family

ID=27240813

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2001/002752 WO2002037355A2 (en) 2000-11-03 2001-11-02 A method to carry out economic transactions through a telecommunications network

Country Status (2)

Country Link
AU (1) AU2002226599A1 (en)
WO (1) WO2002037355A2 (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5371797A (en) * 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
WO1998030964A2 (en) * 1997-01-09 1998-07-16 Buyonet International Ab A system for secure data transmission over an electronic link
WO1998042173A2 (en) * 1997-03-24 1998-10-01 Fd Finanssidata Oy Use of banking services in a digital cellular radio system
WO1998054943A2 (en) * 1997-05-14 1998-12-10 Ho Keung Tse Universal electronic transaction system and method therefor
EP0926611A2 (en) * 1997-12-23 1999-06-30 AT&T Corp. Method for validation of electronic transactions
US6067621A (en) * 1996-10-05 2000-05-23 Samsung Electronics Co., Ltd. User authentication system for authenticating an authorized user of an IC card
FR2804264A1 (en) * 2000-04-19 2001-07-27 Magicaxess Method and device for electronic payment, uses once only certificate generated by user and validated by return of confidential code sent to user for that transaction by bank

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5371797A (en) * 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
US6067621A (en) * 1996-10-05 2000-05-23 Samsung Electronics Co., Ltd. User authentication system for authenticating an authorized user of an IC card
WO1998030964A2 (en) * 1997-01-09 1998-07-16 Buyonet International Ab A system for secure data transmission over an electronic link
WO1998042173A2 (en) * 1997-03-24 1998-10-01 Fd Finanssidata Oy Use of banking services in a digital cellular radio system
WO1998054943A2 (en) * 1997-05-14 1998-12-10 Ho Keung Tse Universal electronic transaction system and method therefor
EP0926611A2 (en) * 1997-12-23 1999-06-30 AT&T Corp. Method for validation of electronic transactions
FR2804264A1 (en) * 2000-04-19 2001-07-27 Magicaxess Method and device for electronic payment, uses once only certificate generated by user and validated by return of confidential code sent to user for that transaction by bank

Also Published As

Publication number Publication date
AU2002226599A1 (en) 2002-05-15
WO2002037355A3 (en) 2002-07-11

Similar Documents

Publication Publication Date Title
US10467621B2 (en) Secure authentication and payment system
RU2320014C2 (en) Electronic billing system
EP1708473B1 (en) A-computer accounting system with a lock using in a bank and the corresponding method used for secure payment by phone
US6169890B1 (en) Mobile telephone system and method for carrying out financial transactions using a mobile telephone system
JP5265602B2 (en) System and method for securely authenticating and distributing stored value card data
US7287270B2 (en) User authentication method in network
AU777762B2 (en) Electronic transactions and payments system
KR100792147B1 (en) Interactive Financial settlement service method using mobile phone number or virtual number
US20100179906A1 (en) Payment authorization method and apparatus
US20030055792A1 (en) Electronic payment method, system, and devices
US20030120592A1 (en) Method of performing a transaction
EP2080158A1 (en) A system and method for verifying a user's identity in electronic transactions
CZ20013012A3 (en) Telepayment method and system for implementing said method
JP2002245243A (en) Private and secure financial transaction system and method
KR20000037471A (en) bill-payment service method, and system for the same
EP1134707A1 (en) Payment authorisation method and apparatus
KR100862098B1 (en) Method for affiliating Financial Goodsum
KR20010087564A (en) User authentification system and the method using personal mobile device
KR100592156B1 (en) Method and system for servicing debit commerce by using mobile communication network
WO2002037355A2 (en) A method to carry out economic transactions through a telecommunications network
JP2001325439A (en) Service contracting method
KR20050106209A (en) Billing system according to ordering by telephone and method thereof
GB2360383A (en) Payment authorisation
WO2007118428A1 (en) Safety, Password-free electronic transfer service device and transfer card and method therefor
KR20010079182A (en) ARS omitted

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP