Method and system for making card-based payments using mobile devices

US 20050250538A1
Filed: 05/07/2004
Published: 11/10/2005
Est. Priority Date: 05/07/2004
Status: Abandoned Application

First Claim

Patent Images

1. A system for making payments via a mobile device, the system comprising:

a. a Virtual PIN pad integrated with the mobile device, the Virtual PIN pad providing an interface for entering a Personal Identification Number (PIN), the PIN being entered by a customer in order to authorize a payment transaction; and

b. a transaction backend module connecting the Virtual PIN pad to a payment institution through a secure channel, the transaction backend module enabling the payment transaction by securely transferring the entered PIN from the Virtual PIN pad to the payment institution, and a payment authorization code or a payment refusal intimation from the payment institution to the Virtual PIN pad.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a system, a method and a computer program product for provisioning Virtual PIN pads on mobile devices, and for enabling customers to make payments using the provisioned Virtual PIN pads for the purchased goods and services. The system comprises a Virtual PIN pad and a transaction backend module. The Virtual PIN pad is a software emulation of a PIN Entry Device (PED) and is provisioned on the mobile device securely with all requisite keys and certificates, while conforming to all security standards of the payment domain. The transaction backend connects the Virtual PIN pad to a payment institution. The customer can make a payment by entering an account identifier card'"'"'s PIN into the Virtual PIN pad. The Virtual PIN pad encrypts the entered PIN using certified security mechanisms, and transmits it over a secure channel to the payment institution for verification and payment authorization, via the transaction backend. The backend ensures the integrity of transaction in the mobile data environment.

236 Citations

26 Claims

1. A system for making payments via a mobile device, the system comprising:
- a. a Virtual PIN pad integrated with the mobile device, the Virtual PIN pad providing an interface for entering a Personal Identification Number (PIN), the PIN being entered by a customer in order to authorize a payment transaction; and
  
  b. a transaction backend module connecting the Virtual PIN pad to a payment institution through a secure channel, the transaction backend module enabling the payment transaction by securely transferring the entered PIN from the Virtual PIN pad to the payment institution, and a payment authorization code or a payment refusal intimation from the payment institution to the Virtual PIN pad.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1 wherein the Virtual PIN pad comprises:
    - a. means for displaying a pay order received from a merchant to the customer for making a payment;
      
      b. means for allowing the user to select an appropriate account identifier card using which the customer wishes to make the payment for the pay order; and
      
      c. means for allowing the user to enter the PIN associated with the selected account identifier card.
  - 3. The system of claim 2 wherein the Virtual PIN pad further comprises a means for allowing the customer to view the transaction history of the customer, the transaction history of a customer comprising details of all transactions made by the customer using the Virtual PIN pad integrated with the mobile device.
  - 4. The system of claim 1 wherein the Virtual PIN pad comprises application logic to encrypt the entered PIN and make a secure connection to the transaction backend module.
  - 5. The system of claim 1 wherein the Virtual PIN pad comprises application logic to decrypt the information received from the payment institution during the process of executing the transaction.
  - 6. The system of claim 1 wherein the Virtual PIN pad comprises application logic for receiving a pay order comprising a payment amount sent by the merchant and displaying it to the customer.

7. A method for provisioning a Virtual PIN pad system on a mobile device for making payments to one or more merchants through the mobile device, the mobile device having access to a transaction backend through an electronic network, the method comprising the steps of:
- a. generating a PIN pad ID for the Virtual PIN pad that needs to be provisioned on the mobile device;
  
  b. registering the generated PIN pad ID;
  
  c. generating and attaching a master key for the Virtual PIN pad after registration, the master key being generated and attached to the Virtual PIN pad by the transaction backend;
  
  d. downloading the Virtual PIN pad onto the mobile device, the download being done through the electronic network onto the mobile device;
  
  e. generating a decrypting key corresponding to the PIN pad ID of the virtual PIN pad that is downloaded on the mobile device, the decrypting key being generated by the transaction backend;
  
  f. sending the decrypting key to the downloaded Virtual PIN pad, the decrypting key being sent by the transaction backend to the downloaded Virtual PIN pad through an electronic network; and
  
  g. decrypting the master key with the decrypting key sent to the downloaded Virtual PIN pad for activating the downloaded Virtual PIN pad.
- View Dependent Claims (8)
- - 8. The method of claim 7 wherein the method for provisioning the Virtual PIN pad on the mobile device for making mobile payments through the mobile device further comprises the steps of:
    - a. selecting one or more merchants with whom the transactions need to be done using the activated Virtual PIN pad; and
      
      b. registering the PIN pad ID corresponding to the activated Virtual PIN pad with the group of merchants, the registration being done through the transaction backend.

9. A method of making payments using at least one mobile device, the mobile device being used by a customer and comprising an embedded Virtual PIN pad, the payment being made by the customer to a merchant'"'"'s online portal, the method comprising the steps of:
- a. selecting an item for purchase from the merchant'"'"'s online portal, the selection being made by the customer;
  
  b. capturing a customer ID for identifying the customer;
  
  c. sending a pay order from the merchant'"'"'s online portal to a transaction backend;
  
  d. sending the received pay order from the transaction backend to the mobile device being used by the customer;
  
  e. entering a Personal Identification number (PIN) into the Virtual PIN pad integrated with the mobile device being used by the customer, the PIN being entered by the customer to authorize the payment;
  
  f. encrypting the PIN entered by the customer;
  
  g. sending the encrypted PIN from the Virtual PIN pad integrated with the mobile device being used by the customer to the transaction backend over a first secure channel;
  
  h. sending the encrypted PIN from the transaction backend to a payment institution over a second secure channel to authorize payment to the merchant'"'"'s online portal;
  
  i. verifying the encrypted PIN for authorizing the payment, the verification being done by the payment institution;
  
  if the transaction is authorized by the payment institution, j. sending a payment authorization code to the merchant'"'"'s online portal, the payment authorization code being sent by the payment institution through the transaction backend;
  
  else k. sending a payment refusal intimation to the merchant'"'"'s online portal, the payment refusal intimation being sent by the payment institution through the transaction backend.
- View Dependent Claims (10, 11, 12)
- - 10. The method of claim 9 wherein the pay order is sent by the merchant'"'"'s online portal to the transaction backend through one or more electronic networks that connect the merchant'"'"'s online portal to the mobile device being used by the customer.
  - 11. The method of claim 9 wherein the pay order comprises a payment amount and the customer ID.
  - 12. The method of claim 9 wherein the encryption of the entered PIN is done by the Virtual PIN pad integrated with the mobile device being used by the customer.

13. A method of making payments using at least one mobile device, the mobile device being used by a customer and comprising an embedded Virtual PIN pad, the payment being made by the customer to a merchant, the customer'"'"'s mobile device having access to a network that connects it to a transaction backend, the method comprising the steps of:
- a. entering a pay order comprising a payment amount into a transfer device, the transfer device being used by the merchant and the pay order being entered by the merchant into the transfer device;
  
  b. sending the pay order from the transfer device to a transaction backend;
  
  c. sending the pay order from the transaction backend to the Virtual PIN pad integrated with the mobile device being used by the customer;
  
  d. entering a Personal Identification number (PIN) into the Virtual PIN pad integrated with the mobile device being used by the customer, the PIN being entered by the customer to authorize payment to the merchant;
  
  e. encrypting the PIN entered by the customer;
  
  f. sending the encrypted PIN from the Virtual PIN pad to the transaction backend over a first secure channel;
  
  g. sending the encrypted PIN from the transaction backend to a payment institution over a second secure channel to authorize the payment to the merchant;
  
  h. verifying the encrypted PIN for authorizing the payment, the verification being done by the payment institution;
  
  if the transaction is authorized by the payment institution, i. sending a payment authorization code to the merchant and to the Virtual PIN pad integrated with the mobile device being used by the customer, the payment authorization code being sent by the payment institution through the transaction backend;
  
  else j. sending a payment refusal intimation to the merchant and to the Virtual PIN pad integrated with the mobile device being used by the customer, the payment refusal intimation being sent by the payment institution through the transaction backend.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The method of claim 13 wherein the transfer device is a computing device or a mobile device.
  - 15. The method of claim 13 wherein the pay order is sent from the transfer device being used by the merchant to the transaction backend using an electronic network.
  - 16. The method of claim 13 wherein the payment authorization code is sent by the payment institution over an electronic network.
  - 17. The method of claim 13 wherein the encryption of the entered PIN is done by the Virtual PIN pad integrated with the mobile device being used by the customer.

18. A method of making payments using a first mobile device being used by a merchant and a second mobile device being used by a customer, the second mobile device comprising a Virtual PIN pad integrated with the mobile device, the payment being made by the customer to the merchant, the second mobile device not having access to a network that can connect it to a transaction backend, the method comprising the steps of:
- a. entering a pay order comprising a payment amount into the first mobile device;
  
  b. sending the entered pay order from the first mobile device to the Virtual PIN pad integrated with the second mobile device;
  
  c. entering a Personal Identification number (PIN) into the Virtual PIN pad integrated with the second mobile device, the PIN being entered by the customer to authorize the payment to the merchant;
  
  d. encrypting the PIN entered by the customer;
  
  e. sending the encrypted PIN from the second mobile device to the first mobile device;
  
  f. sending the encrypted PIN from the first mobile device to the transaction backend over a first secure channel;
  
  g. sending the encrypted PIN from the transaction backend to a payment institution over a second secure channel to authorize the payment to the merchant;
  
  h. verifying the encrypted PIN for authorizing the payment, the verification being done by the payment institution;
  
  if the transaction is authorized by the payment institution, i. sending a payment authorization code to the first mobile device and to the Virtual PIN pad integrated with the second mobile device, the payment authorization code being sent by the payment institution through the transaction backend;
  
  else j. sending a payment refusal intimation to the first mobile device and to the Virtual PIN pad integrated with the second mobile device, the payment refusal intimation being sent by the payment institution through the transaction backend.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18 wherein information is exchanged between the first mobile device and the second mobile device using an Infrared or Bluetooth connection.
  - 20. The method of claim 18 wherein the encryption of the entered PIN is done by the Virtual PIN pad integrated with the second mobile device.
  - 21. The method of claim 18 wherein the pay order is entered manually by the merchant, or using an automated product information generation system.

22. A method of making payments using a mobile device, the mobile device being used by a customer to place a voice-based order for a product or service with a merchant, the mobile device comprising a Virtual PIN pad integrated with the mobile device, the customer having a unique customer ID and the payment being made by the customer to the merchant, the mobile device having access to a network that connects it to a transaction backend, the method comprising the steps of:
- a. contacting the merchant and placing a voice-based order, the contact being established by the customer using the mobile device;
  
  b. providing the unique customer ID of the customer to the merchant, the unique customer ID being provided by the customer;
  
  c. generating a pay order, the pay order being generated by the merchant for the customer;
  
  d. sending the pay order to the Virtual PIN pad integrated with the mobile device, the pay order being sent by the merchant to the Virtual PIN pad through the transaction backend by using the unique customer ID;
  
  e. entering a Personal Identification number (PIN) into the Virtual PIN pad integrated with the mobile device, the PIN being entered by the customer to authorize the payment to the merchant;
  
  f. encrypting the PIN entered by the customer;
  
  g. sending the encrypted PIN from the mobile device to the transaction backend over a first secure channel;
  
  h. sending the encrypted PIN from the transaction backend to a payment institution over a second secure channel to authorize the payment to the merchant;
  
  i. verifying the encrypted PIN for authorizing the payment, the verification being done by the payment institution;
  
  if the transaction is authorized by the payment institution, j. sending a payment authorization code to the first mobile device and to the Virtual PIN pad integrated with the second mobile device, the payment authorization code being sent by the payment institution through the transaction backend;
  
  else k. sending a payment refusal intimation to the first mobile device and to the Virtual PIN pad integrated with the second mobile device, the payment refusal intimation being sent by the payment institution through the transaction backend.
- View Dependent Claims (23, 24, 25)
- - 23. The method of claim 22 wherein the transfer device is a computing device or a mobile device.
  - 24. The method of claim 22 wherein the payment authorization code is sent by the payment institution through the transaction backend over an electronic network.
  - 25. The method of claim 22 wherein the encryption of the entered PIN is done by the Virtual PIN pad integrated with the mobile device being used by the customer.

26. A computer program product comprising a computer usable medium having a computer readable program code embodied therein, for making payments using at least one mobile device being used by a customer, the mobile device comprising an embedded Virtual PIN pad, the payment being made by the customer to a merchant, the computer program product comprising:
- a. program instruction means for prompting the customer to enter a Personal Identification Number (PIN) into the Virtual PIN pad integrated with the mobile device, the PIN being required for authorizing the payment;
  
  b. program instruction means for encrypting the entered PIN;
  
  c. program instruction means for sending the encrypted PIN to a transaction backend over a first secure channel;
  
  d. program instruction means for enabling the transaction backend to send the encrypted PIN to a payment institution over a second secure channel for payment authorization;
  
  e. program instruction means for enabling the payment institution to verify the encrypted PIN for authorizing the payment;
  
  f. program instruction means for enabling the payment institution to send a payment authorization code to the merchant and to the Virtual PIN pad integrated with the mobile device, if the payment is authorized; and
  
  g. program instruction means for enabling the payment institution to send a payment refusal intimation to the merchant and to the Virtual PIN pad integrated with the mobile device, if the payment is not authorized.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
July Systems, Inc. (Cisco Systems, Inc.)
Inventors
Abraham, Dax, Chakravorty, Jyothirmoy, Melton, William N., Narasimhan, Ashok, Reddy, Rajesh

Application Number

US10/841,700
Publication Number

US 20050250538A1
Time in Patent Office

Days
Field of Search
US Class Current

455/558
CPC Class Codes

G06Q 20/12   specially adapted for elect...

G06Q 20/32   using wireless devices

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4012   Verifying personal identifi...

G07F 7/0886   the card reader being porta...

G07F 7/10   together with a coded signa...

G07F 7/1008   Active credit-cards provide...

G07F 7/1025   Identification of user by a...

Method and system for making card-based payments using mobile devices

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

236 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for making card-based payments using mobile devices

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

236 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links