SMART CARD LOADING TRANSACTIONS USING WIRELESS TELECOMMUNICATIONS NETWORK
First Claim
1. A method of loading value onto a smart card that is in communication with a mobile telephone handset of a user, said method comprising:
- sending a funds request message from said handset to a bank system that controls an account of said user, said funds request message including a load value and a funding account identifier that identifies said account of said user;
sending a funds response message from said bank system to said handset indicating an approval to debit said user account by said load value;
sending a load request message from said handset to an issuer system, said load request message including a first cryptographic signature, wherein said first cryptographic signature is generated using a first cryptographic key shared between said smart card and an issuer of said smart card;
validating said first cryptographic signature by said issuer system and authenticating said smart card;
sending a load response message from said issuer system to said handset including a second cryptographic signature, wherein said second cryptographic signature is generated using a second cryptographic key shared between said smart card and said issuer of said smart card;
validating, by said smart card, said second cryptographic signature; and
loading said load value into a stored-value application of said smart card.
0 Assignments
0 Petitions
Accused Products
Abstract
A smart card transaction allows a consumer to load value onto a smart card and to make purchases using a smart card with a mobile telephone handset over the telecommunications network. For loading, the system includes: a mobile telephone handset including a card reader; a gateway computer; a funds issuer computer; and an authentication computer. The mobile telephone handset receives a request from a user to load a value onto the smart card. The handset generates a funds request message which includes the value and sends the funds request message to a funds issuer computer. The funds issuer computer debits an account associated with the user. Next, the handset generates a load request message with a cryptographic signature and sends the load request message to an authentication computer which authenticates the smart card. The handset receives a response message which includes a cryptographic signature and an approval to load. Finally, the handset validates the second cryptographic signature and loads the value onto the smart card. For payment, the system includes a merchant server and a payment server. First, the handset sends an order request message to the merchant server computer, and in return receives a purchase instruction message. The handset processes the purchase instruction message locally, and then sends a draw request message to a payment server computer. The payment server computer sends a debit message which includes a cryptographic signature and an approval to debit the smart card. Finally, the handset validates the cryptographic signature and debits the smart card.
48 Citations
21 Claims
-
1. A method of loading value onto a smart card that is in communication with a mobile telephone handset of a user, said method comprising:
-
sending a funds request message from said handset to a bank system that controls an account of said user, said funds request message including a load value and a funding account identifier that identifies said account of said user; sending a funds response message from said bank system to said handset indicating an approval to debit said user account by said load value; sending a load request message from said handset to an issuer system, said load request message including a first cryptographic signature, wherein said first cryptographic signature is generated using a first cryptographic key shared between said smart card and an issuer of said smart card; validating said first cryptographic signature by said issuer system and authenticating said smart card; sending a load response message from said issuer system to said handset including a second cryptographic signature, wherein said second cryptographic signature is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; validating, by said smart card, said second cryptographic signature; and loading said load value into a stored-value application of said smart card. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of loading value over a wireless telecommunications network onto a smart card using a mobile telephone handset, said method comprising:
-
receiving at a subscriber identification module (SIM) within said mobile telephone handset a request from a user to load a load value onto said smart card that communicates with said handset via a card reader interface; generating, by said smart card, a cryptographic signature S1 using a first cryptographic key shared between said smart card and an issuer of said smart card; sending a funding account identifier from said smart card to said SIM; preparing a load data message that includes said load value, said funding account identifier, and said cryptographic signature S1; sending said load data message over said telecommunications network from said SIM of said handset to a gateway server computer; receiving an approval response message from said gateway server computer at said SIM of said handset, said approval response message including a cryptographic signature S2 and an approval to load said load value onto said smart card, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; validating, by said smart card, said cryptographic signature S2; and loading said load value into a stored-value application of said smart card. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method of loading value over a wireless telecommunications network onto a smart card using a mobile telephone handset, said method comprising:
-
receiving, at a gateway server computer, a load data message over said wireless telecommunications network from a subscriber identification module (SIM) within said mobile telephone handset, wherein said load data message includes a load value, a funding account identifier, and a cryptographic signature S1; sending a funds request message over a network to a bank system that controls an account of said user, said funds request message including said load value and said funding account identifier that identifies said account of said user; receiving a funds response message over said network from said bank system indicating an approval to debit said user account by said load value; sending a load request message over said network to an issuer system arranged to authenticate said smart card, said load request message including said first cryptographic signature, wherein said cryptographic signature S1 is generated using a first cryptographic key shared between said smart card and an issuer of said smart card; receiving a load response message over said network from said issuer system indicating validation of said smart card and a cryptographic signature S2, wherein said cryptographic signature S2 is generated using a second cryptographic key shared between said smart card and said issuer of said smart card; and sending an approval response message from said gateway server computer to said SIM of said handset over said wireless telecommunications network, said approval response message including said cryptographic signature S2 and an approval to load said load value onto said smart card that is in communication with said handset. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification