Smart card purchasing transactions using wireless telecommunications network
First Claim
1. A method of purchasing an item from a merchant server computer by a user over a wireless telecommunications network using a telephone handset equipped with a subscriber identification module (SIM), said method comprising:
- reading, via an application interface, computer readable instructions stored on the SIM for formulating a draw request message at said SIM that includes a purchase amount of an item and an identifier of a smart card that is in communication with said handset via a card reader interface;
reading, via the application interface, computer readable instructions stored on the SIM for sending said draw request message over a network from said SIM of said handset through the handset to a payment server computer associated with a merchant server computer;
receiving a debit message at said smart card from said payment server computer that includes a cryptographic signature S2 resulting from a first cryptographic key shared between the smart card and its issuer, and an approval to debit said smart card by said purchase amount;
verifying said cryptographic signature S2 at said smart card using said first shared cryptographic key;
debiting a stored-value application of said smart card by said purchase amount;
sending a debit result message from said smart card to said payment server computer that includes a cryptographic signature S3 resulting from a second cryptographic key shared between the smart card and its issuer, said signature S3 uniquely identifying said smart card and indicating that said stored-value application of said smart card has been debited by said purchase amount; and
receiving said item by said user.
1 Assignment
0 Petitions
Accused Products
Abstract
A smart card transaction allows a consumer to load value onto a smart card and to make purchases using a smart card with a mobile telephone handset over the telecommunications network. For loading, the system includes: a mobile telephone handset including a card reader; a gateway computer; a funds issuer computer; and an authentication computer. The mobile telephone handset receives a request from a user to load a value onto the smart card. The handset generates a funds request message which includes the value and sends the funds request message to a funds issuer computer. The funds issuer computer debits an account associated with the user. Next, the handset generates a load request message with a cryptographic signature and sends the load request message to an authentication computer which authenticates the smart card. The handset receives a response message which includes a cryptographic signature and an approval to load. Finally, the handset validates the second cryptographic signature and loads the value onto the smart card. For payment, the system includes a merchant server and a payment server. First, the handset sends an order request message to the merchant server computer, and in return receives a purchase instruction message. The handset processes the purchase instruction message locally, and then sends a draw request message to a payment server computer. The payment server computer sends a debit message which includes a cryptographic signature and an approval to debit the smart card. Finally, the handset validates the cryptographic signature and debits the smart card.
80 Citations
20 Claims
-
1. A method of purchasing an item from a merchant server computer by a user over a wireless telecommunications network using a telephone handset equipped with a subscriber identification module (SIM), said method comprising:
-
reading, via an application interface, computer readable instructions stored on the SIM for formulating a draw request message at said SIM that includes a purchase amount of an item and an identifier of a smart card that is in communication with said handset via a card reader interface; reading, via the application interface, computer readable instructions stored on the SIM for sending said draw request message over a network from said SIM of said handset through the handset to a payment server computer associated with a merchant server computer; receiving a debit message at said smart card from said payment server computer that includes a cryptographic signature S2 resulting from a first cryptographic key shared between the smart card and its issuer, and an approval to debit said smart card by said purchase amount; verifying said cryptographic signature S2 at said smart card using said first shared cryptographic key; debiting a stored-value application of said smart card by said purchase amount; sending a debit result message from said smart card to said payment server computer that includes a cryptographic signature S3 resulting from a second cryptographic key shared between the smart card and its issuer, said signature S3 uniquely identifying said smart card and indicating that said stored-value application of said smart card has been debited by said purchase amount; and receiving said item by said user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A purchasing system for purchasing an item for a user, said purchasing system comprising:
-
a wireless telecommunications network for providing communication between entities; a telephone handset in communication with said network, said handset including; a card reader for communicating with said smart card, a subscriber identification module (SIM), and an input interface; a smart card that is in communication with said handset mobile computing device via a card reader interface, said smart card including a stored value, a cryptographic key shared with an issuer of said smart card, wherein said smart card is arranged to verify a first cryptographic signature S2 and to generate a second cryptographic signature S3; a merchant server computer arranged to generate a purchase instruction message intended for computer readable instructions stored on said SIM, said purchase instruction message including a purchase amount of said item and a merchant identifier; and a payment server computer arranged to receive a draw request message from computer readable instructions stored on said SIM through the handset, and to generate a debit message intended for said smart card that includes said first cryptographic signature S2, to verify said second cryptographic signature S3, and to generate a confirmation of payment by said smart card for said merchant server computer, whereby said item is purchased over said wireless telecommunications network and is released to said user associated with said smart card. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification