System and method for effecting secure online payment using a client payment card
First Claim
1. Payment service equipment operable for completing online payment transactions using a client payment card, comprising:
- a first access interface for connection to a payment system;
a second access interface for connection to an authentication system;
a third access interface for connection to a telecommunication network;
a certificate database for storing certificates associated with clients;
a service provider database for storing information relating to registered service providers from which the clients can purchase goods and services in online transactions;
a client database for storing information relating to the clients, said information relating to the clients comprising, for each client, at least one of a client mobile number and information relating to the payment card of the each client;
a transaction database for storing information relating to the payment transactions;
a verification database for storing a listing of suspicious payment cards;
a generation block for generating billing tickets associated with the payment transactions;
a telecommunication block for sending and receiving a confirmation of order associated with a payment transaction;
an identification block for identifying a client based on an electronic identity and digital signature of the client;
an information retrieval block for determining payment card information for the clients; and
a fourth access interface for connection between the payment service equipment and the mobile communication network.
0 Assignments
0 Petitions
Accused Products
Abstract
Payment using a payment card for goods and/or services ordered online via an information network such as the Internet is implemented in a notably secure manner without the need to transmit the client'"'"'s payment card number over the data transmission network. A separate confirmation for effecting the payment for an order is requested from the client. The information to be confirmed is transmitted to the terminal device of the client, such as a mobile station, by means of which the client confirms the order by digitally signing the confirmation request. The digitally signed confirmation and the electronic identity information associated with the client are then returned to the payment service equipment, which verifies the client'"'"'s identity, checks the validity of the client'"'"'s payment card, and then transmits the necessary payment information to the payment system.
-
Citations
35 Claims
-
1. Payment service equipment operable for completing online payment transactions using a client payment card, comprising:
-
a first access interface for connection to a payment system;
a second access interface for connection to an authentication system;
a third access interface for connection to a telecommunication network;
a certificate database for storing certificates associated with clients;
a service provider database for storing information relating to registered service providers from which the clients can purchase goods and services in online transactions;
a client database for storing information relating to the clients, said information relating to the clients comprising, for each client, at least one of a client mobile number and information relating to the payment card of the each client;
a transaction database for storing information relating to the payment transactions;
a verification database for storing a listing of suspicious payment cards;
a generation block for generating billing tickets associated with the payment transactions;
a telecommunication block for sending and receiving a confirmation of order associated with a payment transaction;
an identification block for identifying a client based on an electronic identity and digital signature of the client;
an information retrieval block for determining payment card information for the clients; and
a fourth access interface for connection between the payment service equipment and the mobile communication network. - View Dependent Claims (2, 3, 4)
-
-
5. A method for secure online payment in a telecommunication system that includes a mobile communication network, a telecommunication network, a payment terminal device connected to the mobile communication network and that includes a smart card, a display terminal device connected to one of the mobile communication network and the telecommunication network, a trusted third party, a payment system, a service provider, and an authentication system, said method comprising the steps of:
-
generating and issuing, by the trusted third party, a certificate associated with a client;
selecting, and thereby ordering from the service provider by the client, one of a product and a service using the terminal display device via one of the telecommunication network and the mobile communication network;
using one of a payment card of the client and client payment card information to pay for the ordered one of a product and a service;
generating, by payment service equipment, a billing ticket associated with the ordered one of a product and a service;
sending a confirmation of order associated with the ordered one of a product and a service to the payment terminal device of the client via the mobile communication network for receipt by the client;
at least one of digitally signing and encrypting the received confirmation of order using the payment terminal device of the client;
sending the at least one of digitally signed and encrypted confirmation of order and electronic identity information associated with the client from the payment terminal device of the client to the payment service equipment via the mobile communication network;
identifying the client at the payment service equipment based on the at least one of the digital signature and the encryption of the confirmation of order sent from the payment terminal device of the client;
retrieving a number of the client payment card based on the at least one of the digital signature and the encryption of the confirmation of order sent from the payment terminal device of the client to the payment service equipment; and
verifying a right of use of the client payment card and, if the verification is successful, accepting payment for the ordered at least one of goods and services. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method for secure online payment in a telecommunication system that includes a telecommunication network, a terminal device connected to the telecommunication network and to which is attached a card reader for receiving a smart card, a trusted third party, a payment system, a service provider, and an authentication system, said method comprising the steps of:
-
generating and issuing, by the trusted third party, a certificate associated with a client;
selecting, and thereby ordering from the service provider by the client, one of a product and a service using the terminal display device via the telecommunication network;
using one of a payment card of the client and client payment card information to pay for the ordered one of a product and a service;
generating, by payment service equipment, a billing ticket associated with the ordered one of a product and a service;
sending a confirmation of order associated with the ordered one of a product and service to the terminal device of the client via the telecommunication network;
at least one of signing and encrypting the received confirmation of order using the smart card in the card reader attached to the terminal device of the client;
sending the at least one of signed and encrypted confirmation of order and electronic identity information associated with the client from the terminal device to the payment service equipment via the telecommunication network;
identifying the client at the payment service equipment based on the at least one of the digital signature and the encryption of the confirmation of order sent from the terminal device of the client;
retrieving a number of the client payment card based on the at least one of the digital signature and the encryption of the confirmation of order sent from the terminal device of the client to the payment service equipment; and
verifying a right of use of the client payment card and, if the verification is successful, accepting payment for the ordered at least one of goods and services. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
Specification