Customer identification and authentication procedure for online internet payments using mobile phone
First Claim
1. A method for operating a mobile terminal device in a user identification and authentication payment procedure comprising:
- in step 1;
selecting an online payment method by a user during a payment at a checkout;
redirecting the user to a WEB page of an authorization and processing center by a merchant of a virtual WEB shop;
sending information from a virtual WEB shop to said authorization and processing center, wherein said information includes a name of a retailer, a bill number, and a cost;
in step 2;
storing the information and asking the user to select a mobile operator;
providing a message which is displayed on a WEB or wireless access point (WAP) browser;
selecting a mobile operator by said user and waiting until the user click next;
sending a message from said mobile terminal device to a WEB server of said authorization and processing center regarding which mobile operator was selected by the user;
forwarding all information gathered by the WEB server of said authorization and processing center to all subsystems of the authorization and processing center;
in step 3;
sending a message for providing information ready for input, including said selected mobile operator, a name of the WEB shop site, said bill number and said cost generating a transaction ID code with a predetermined time set forth by said authorization and processing center by using said information;
looking up for the dialing code and prefix by said authorization and processing center, based on the mobile operator of the user;
generating a Unstructured Supplementary Service Data code for said user;
in step 4;
sending a message from said authorization and processing center to said WEB server of said authorization and processing center for providing an Unstructured Supplementary Service code or a dialing number to the user;
displaying the Unstructured Supplementary Service code or the dialing number and a plurality of payment instruments to the user by the WEB server of said authorization and processing center;
providing an option to the user not to use default payment instruments and an option to select a different payment instrument from a plurality of payment instruments;
in step 5;
entering a requested information which is displayed on the WEB or WAP page by said user on the mobile terminal device by following instructions;
sending a message for transferring said transaction ID code to a mobile network gateway of said authorization and processing center;
receiving a request from said user including the transaction ID code and an optional payment instrument number;
in step 6;
verifying whether the transaction ID code was submitted to said authorization and processing center;
when the transaction ID code is sent correctly and on time;
informing the mobile operator by said authorization and processing center that the transaction ID code was sent correctly;
informing the user that an identification was successful; and
requesting the user to proceed inputing information by following instructions;
when the transaction ID code is not sent correctly and on time;
informing the mobile operator by said authorization and processing center that the transaction ID code was not send correctly;
informing the user that the transaction ID code entered was invalid; and
requesting the user to proceed inputing information following instructions;
in step 7;
when identification fails by the time the user clicks next;
requesting a status from said authorization and processing center by said WEB server of said authorization and processing center;
sending a message from said WEB server to said authorization and processing center for determining the transaction ID code is correct;
informing the WEB server of said authorization and processing center by said authorization and processing center that the transaction ID code was not sent correctly;
sending a message from said authorization and processing center to said WEB server of said authorization and processing center that the transaction ID code was not received; and
informing the user that the transaction ID code was not sent correctly and asking the user to repeat a procedure by said WEB server of said authorization and processing center;
when the transaction ID code is not submitted before the transaction ID code expires;
providing a message to said user in the WEB or WAP browser that the transaction ID code was not sent correctly,waiting until the user clicks next; and
repeating the procedure by the user by going to step 3;
in step 8;
waiting until the user clicks next and matching the user as a mobile subscriber with the online user;
requesting a status from said authorization and processing center by said WEB server of said authorization and processing center;
sending a message from said WEB server of said authorization and processing center to said authorization and processing center for asking the transaction ID code is correct;
proceeding after said identification is successful by said authorization and processing center; and
asking the user to enter a Personal Identification Number for a selected account;
in step 9;
requesting the Personal Identification Number from the user;
asking the user to enter the Personal Identification Number of the selected payment instrument;
entering the Personal Identification Number by the user in his WEB or WAP browser;
sending a message from the mobile terminal device to said WEB Server of said authorization and processing center for transferring said Personal Identification Number;
receiving the Personal Identification Number from said user by the WEB server of the authorization an processing center and transferring the Personal Identification Number to said authorization and processing center;
sending a message from WEB Server of said authorization and processing center to said authorization and processing center for transferring said Personal Identification Number; and
proceeding and checking a defrayal of costs of the selected payment instrument of said user by said authorization and processing center;
in step 10;
sending a message from said authorization and processing center to a financial institution for transferring transaction data, including an account number, Personal Identification Number and cost;
receiving by said financial institution said transaction data and determining whether the Personal Identification Number is correct;
when the Personal Identification Number is correct;
proceeding to step 11,when the Personal Identification Number is not correct;
sending an error message from said financial institution to said authorization and processing center that said Personal Identification Number is incorrect;
transferring said error message from said authorization and processing center to said WEB server of said authorization and processing center;
sending an error message from said authorization and processing center to said WEB server of said authorization and processing center that said Personal Identification Number is incorrect;
receiving said error message and informing the user that the Personal Identification Number by said WEB server of said authorization and processing center is incorrect;
issuing a request to the user to re-enter the Personal Identification Number;
displaying a message to the user that the Personal Identification Number entered is incorrect;
asking the user to re-enter the Personal Identification Number; and
returning to step 9 by asking the user to enter the Personal Identification Number of the selected payment instrument;
in step 11;
determining whether an account balance is sufficient for defrayal;
when the account balance is sufficient proceeding to step 12;
when the account balance is not sufficient;
sending the error message from the financial institution to the authorization and processing center for informing that the account balance is insufficient for defrayal;
transferring said error message from said authorization and processing center to said WEB server of said authorization and processing center;
sending said error message from said authorization and processing center to said WEB server of said authorization and processing center that the account balance is insufficient for defrayal;
receiving said error message from the financial institution and informing said user about the account balance status by said WEB server of said authorization and processing center;
displaying to said user said error message from the financial institution;
displaying to said user an option to choose another type of payment and an option to cancel the payment; and
determining the choice of the user;
when the user has chosen to cancel the payment, ending the payment procedure; and
when the user has not chosen to cancel the payment and selected another type of payment, returning to step 1;
in step 12;
sending a message from the financial institution to the authorization an processing center for informing that the account balance is sufficient for defrayal;
transferring said message from said authorization and processing center to said WEB server of said authorization and processing center;
sending a message from said authorization an processing center to said WEB server of said authorization and processing center for informing that the account balance is sufficient for defrayal;
receiving said message by the WEB server and asking said user to confirm his payment by said WEB server of said authorization and processing center;
waiting until receiving a confirmation of the payment by the user; and
exiting the payment process upon the confirmation of the payment by the user.
3 Assignments
0 Petitions
Accused Products
Abstract
This invention shows a mobile terminal device (3) having a memory unit (3a) and an interface device (3b) which is releasably connectable to a multiple partner system (7, 9, 15) and capable for a communication therein, wherein said communication is provided by a front-end formed by said mobile terminal device (3) in combination with a personal computer device (2) and a back-end formed by a partner of said multiple partner system via communication ways, said communication being suitable for performing data transactions with variant security requirements, such that complementary parts of, or parts within a distributed application, running within a multi partner system, are performed dependent on their current security requirements, wherein said communication is used to exchange information by using said communication ways of different and variant characteristics (4, 6, 12, 17, 13) by using different communication channels and different interface standards or protocols.
253 Citations
1 Claim
-
1. A method for operating a mobile terminal device in a user identification and authentication payment procedure comprising:
-
in step 1; selecting an online payment method by a user during a payment at a checkout; redirecting the user to a WEB page of an authorization and processing center by a merchant of a virtual WEB shop; sending information from a virtual WEB shop to said authorization and processing center, wherein said information includes a name of a retailer, a bill number, and a cost; in step 2; storing the information and asking the user to select a mobile operator; providing a message which is displayed on a WEB or wireless access point (WAP) browser; selecting a mobile operator by said user and waiting until the user click next; sending a message from said mobile terminal device to a WEB server of said authorization and processing center regarding which mobile operator was selected by the user; forwarding all information gathered by the WEB server of said authorization and processing center to all subsystems of the authorization and processing center; in step 3; sending a message for providing information ready for input, including said selected mobile operator, a name of the WEB shop site, said bill number and said cost generating a transaction ID code with a predetermined time set forth by said authorization and processing center by using said information;
looking up for the dialing code and prefix by said authorization and processing center, based on the mobile operator of the user;
generating a Unstructured Supplementary Service Data code for said user;in step 4; sending a message from said authorization and processing center to said WEB server of said authorization and processing center for providing an Unstructured Supplementary Service code or a dialing number to the user; displaying the Unstructured Supplementary Service code or the dialing number and a plurality of payment instruments to the user by the WEB server of said authorization and processing center; providing an option to the user not to use default payment instruments and an option to select a different payment instrument from a plurality of payment instruments; in step 5; entering a requested information which is displayed on the WEB or WAP page by said user on the mobile terminal device by following instructions; sending a message for transferring said transaction ID code to a mobile network gateway of said authorization and processing center; receiving a request from said user including the transaction ID code and an optional payment instrument number; in step 6; verifying whether the transaction ID code was submitted to said authorization and processing center; when the transaction ID code is sent correctly and on time; informing the mobile operator by said authorization and processing center that the transaction ID code was sent correctly; informing the user that an identification was successful; and requesting the user to proceed inputing information by following instructions; when the transaction ID code is not sent correctly and on time; informing the mobile operator by said authorization and processing center that the transaction ID code was not send correctly; informing the user that the transaction ID code entered was invalid; and requesting the user to proceed inputing information following instructions; in step 7; when identification fails by the time the user clicks next; requesting a status from said authorization and processing center by said WEB server of said authorization and processing center; sending a message from said WEB server to said authorization and processing center for determining the transaction ID code is correct; informing the WEB server of said authorization and processing center by said authorization and processing center that the transaction ID code was not sent correctly; sending a message from said authorization and processing center to said WEB server of said authorization and processing center that the transaction ID code was not received; and informing the user that the transaction ID code was not sent correctly and asking the user to repeat a procedure by said WEB server of said authorization and processing center; when the transaction ID code is not submitted before the transaction ID code expires; providing a message to said user in the WEB or WAP browser that the transaction ID code was not sent correctly, waiting until the user clicks next; and repeating the procedure by the user by going to step 3; in step 8; waiting until the user clicks next and matching the user as a mobile subscriber with the online user; requesting a status from said authorization and processing center by said WEB server of said authorization and processing center; sending a message from said WEB server of said authorization and processing center to said authorization and processing center for asking the transaction ID code is correct; proceeding after said identification is successful by said authorization and processing center; and asking the user to enter a Personal Identification Number for a selected account; in step 9; requesting the Personal Identification Number from the user; asking the user to enter the Personal Identification Number of the selected payment instrument; entering the Personal Identification Number by the user in his WEB or WAP browser; sending a message from the mobile terminal device to said WEB Server of said authorization and processing center for transferring said Personal Identification Number; receiving the Personal Identification Number from said user by the WEB server of the authorization an processing center and transferring the Personal Identification Number to said authorization and processing center; sending a message from WEB Server of said authorization and processing center to said authorization and processing center for transferring said Personal Identification Number; and proceeding and checking a defrayal of costs of the selected payment instrument of said user by said authorization and processing center; in step 10; sending a message from said authorization and processing center to a financial institution for transferring transaction data, including an account number, Personal Identification Number and cost; receiving by said financial institution said transaction data and determining whether the Personal Identification Number is correct; when the Personal Identification Number is correct;
proceeding to step 11,when the Personal Identification Number is not correct; sending an error message from said financial institution to said authorization and processing center that said Personal Identification Number is incorrect; transferring said error message from said authorization and processing center to said WEB server of said authorization and processing center; sending an error message from said authorization and processing center to said WEB server of said authorization and processing center that said Personal Identification Number is incorrect; receiving said error message and informing the user that the Personal Identification Number by said WEB server of said authorization and processing center is incorrect; issuing a request to the user to re-enter the Personal Identification Number; displaying a message to the user that the Personal Identification Number entered is incorrect; asking the user to re-enter the Personal Identification Number; and returning to step 9 by asking the user to enter the Personal Identification Number of the selected payment instrument; in step 11; determining whether an account balance is sufficient for defrayal; when the account balance is sufficient proceeding to step 12; when the account balance is not sufficient; sending the error message from the financial institution to the authorization and processing center for informing that the account balance is insufficient for defrayal; transferring said error message from said authorization and processing center to said WEB server of said authorization and processing center; sending said error message from said authorization and processing center to said WEB server of said authorization and processing center that the account balance is insufficient for defrayal; receiving said error message from the financial institution and informing said user about the account balance status by said WEB server of said authorization and processing center; displaying to said user said error message from the financial institution; displaying to said user an option to choose another type of payment and an option to cancel the payment; and determining the choice of the user; when the user has chosen to cancel the payment, ending the payment procedure; and when the user has not chosen to cancel the payment and selected another type of payment, returning to step 1; in step 12; sending a message from the financial institution to the authorization an processing center for informing that the account balance is sufficient for defrayal; transferring said message from said authorization and processing center to said WEB server of said authorization and processing center; sending a message from said authorization an processing center to said WEB server of said authorization and processing center for informing that the account balance is sufficient for defrayal; receiving said message by the WEB server and asking said user to confirm his payment by said WEB server of said authorization and processing center; waiting until receiving a confirmation of the payment by the user; and exiting the payment process upon the confirmation of the payment by the user.
-
Specification