Smart card purchasing transactions using wireless telecommunications network

US 8,805,746 B2
Filed: 10/06/2008
Issued: 08/12/2014
Est. Priority Date: 07/30/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method of purchasing an item from a merchant server computer by a user over a wireless telecommunications network using a mobile telephone handset equipped with a subscriber identification module (SIM), said method comprising:

formulating a draw request message, by said SIM, that includes a purchase amount of an item and an identifier of a smart card that is in communication with said handset via a card reader interface;

sending, by said SIM, said draw request message over a telecommunications network through the handset to a payment server computer associated with a merchant server computer;

receiving a debit message, by said smart card, from said payment server computer that includes a cryptographic signature S2 resulting from a first cryptographic key shared between the smart card and its issuer, and an approval to debit said smart card by said purchase amount;

verifying, by said smart card, said cryptographic signature S2 using said first shared cryptographic key;

debiting, by said smart card, a stored-value application of said smart card by said purchase amount;

sending, by said smart card, a debit result message to said payment server computer that includes a cryptographic signature S3 resulting from a second cryptographic key shared between the smart card and its issuer, said signature S3 uniquely identifying said smart card and indicating that said stored-value application of said smart card has been debited by said purchase amount; and

receiving said item by said user.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A smart card transaction allows a consumer to load value onto a smart card and to make purchases using a smart card with a mobile telephone handset over the telecommunications network. For loading, the system includes: a mobile telephone handset including a card reader; a gateway computer; a funds issuer computer; and an authentication computer. The mobile telephone handset receives a request from a user to load a value onto the smart card. The handset generates a funds request message which includes the value and sends the funds request message to a funds issuer computer. The funds issuer computer debits an account associated with the user. Next, the handset generates a load request message with a cryptographic signature and sends the load request message to an authentication computer which authenticates the smart card. The handset receives a response message which includes a cryptographic signature and an approval to load. Finally, the handset validates the second cryptographic signature and loads the value onto the smart card. For payment, the system includes a merchant server and a payment server. First, the handset sends an order request message to the merchant server computer, and in return receives a purchase instruction message. The handset processes the purchase instruction message locally, and then sends a draw request message to a payment server computer. The payment server computer sends a debit message which includes a cryptographic signature and an approval to debit the smart card. Finally, the handset validates the cryptographic signature and debits the smart card.

Citations

28 Claims

1. A method of purchasing an item from a merchant server computer by a user over a wireless telecommunications network using a mobile telephone handset equipped with a subscriber identification module (SIM), said method comprising:
- formulating a draw request message, by said SIM, that includes a purchase amount of an item and an identifier of a smart card that is in communication with said handset via a card reader interface;
  
  sending, by said SIM, said draw request message over a telecommunications network through the handset to a payment server computer associated with a merchant server computer;
  
  receiving a debit message, by said smart card, from said payment server computer that includes a cryptographic signature S2 resulting from a first cryptographic key shared between the smart card and its issuer, and an approval to debit said smart card by said purchase amount;
  
  verifying, by said smart card, said cryptographic signature S2 using said first shared cryptographic key;
  
  debiting, by said smart card, a stored-value application of said smart card by said purchase amount;
  
  sending, by said smart card, a debit result message to said payment server computer that includes a cryptographic signature S3 resulting from a second cryptographic key shared between the smart card and its issuer, said signature S3 uniquely identifying said smart card and indicating that said stored-value application of said smart card has been debited by said purchase amount; and
  
  receiving said item by said user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method as recited in claim 1 further comprising:
    - sending an order request message to said merchant server computer from said handset for the purchase of said item; and
      
      receiving a purchase instruction message at said SIM of said handset from said merchant server computer, said purchase instruction message including said purchase amount of said item.
  - 3. A method as recited in claim 2 further comprising:
    - including a merchant identifier in said purchase instruction that identifies said merchant server computer; and
      
      including said merchant identifier in said draw request message, said merchant identifier being used by said payment server computer to identify said merchant server computer.
  - 4. A method as recited in claim 1 further comprising:
    - decrementing a value of said smart card in a database of an administration system computer by said purchase amount using said identifier of said smart card; and
      
      transferring said purchase amount to an acquiring bank associated with said merchant server computer.
  - 5. A method as recited in claim 1 further comprising:
    - sending said draw request message, receiving said debit message and sending said debit result message via a processing gateway computer, said gateway computer using a different message protocol for communication with said handset than with said payment server computer.
  - 6. A method as recited in claim 1 further comprising:
    - said user confirming said purchase amount before said sending of said draw request message.
  - 7. A method as recited in claim 1 further comprising:
    - initializing said smart card for purchase; and
      
      receiving an answer to reset (ATR) from said smart card before said sending of said draw request message.
  - 8. A method as recited in claim 1 wherein said first cryptographic key and said second cryptographic key are the same key.
  - 9. A method as recited in claim 1 further comprisingdisplaying said item on a display of said handset;
    - andreceiving an indication from said user to purchase said item via said display or a keypad of said handset.
  - 10. A method as recited in claim 1 further comprising:
    - validating a confirmation message from said payment server computer by said merchant server computer; and
      
      releasing said item to said user only if said confirmation message is validated.
  - 11. The method of claim 1, further comprising:
    - displaying, to the user, at least one item available for purchase on the handset;
      
      receiving, from the user and via a display or keyboard on the handset, an indication of interest in at least one item available for purchase;
      
      processing the indication of interest to initiate formulation of the draw request message to purchase the at least one item.

12. A method of processing a purchase of an item from a merchant server computer by a user over a wireless telecommunications network using a mobile telephone handset equipped with a subscriber identification module (SIM), said method comprising:
- receiving, by a payment server computer associated with said merchant server computer, a draw request message over said telecommunications network through the handset from said SIM of said handset, wherein said draw request message includes a purchase amount for said item and an identifier of a smart card that is in communication with said handset via a card reader interface and said draw request is formulated by said SIM;
  
  generating, by said payment server computer, a cryptographic signature S2 using a first cryptographic key shared between said smart card and an issuer of said smart card;
  
  sending a debit message, by said payment server computer, to said smart card, wherein said debit message includes said cryptographic signature S2 and an approval to debit said smart card by said purchase amount;
  
  generating, by said smart card, a cryptographic signature S3 using a second cryptographic key shared between said smart card and said issuer of said smart card, said cryptographic signature S3 uniquely identifying said smart card;
  
  receiving, by said payment server computer, a debit result message from said smart card that includes a cryptographic signature S3;
  
  verifying, by said payment server computer, said cryptographic signature S3 from said smart card using said second shared cryptographic key, wherein verification of said signature S3 indicates that said signature S2 has been verified by said smart card and that a stored-value application of said smart card has been debited by said purchase amount; and
  
  sending, by said payment server computer, a confirmation message to said merchant server computer indicating that said smart card has been debited by said purchase amount, whereby said merchant server computer releases said item to said user.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. A method as recited in claim 12 further comprising:
    - receiving an order request message at said merchant server computer from said handset for the purchase of said item; and
      
      executing computer executable instructions stored on the SIM for sending a purchase instruction message from said merchant server computer to said SIM of said handset through the handset, said purchase instruction message including said purchase amount of said item.
  - 14. A method as recited in claim 13 further comprising:
    - including a merchant identifier in said purchase instruction that identifies said merchant server computer; and
      
      including said merchant identifier in said draw request message, said merchant identifier being used by said payment server computer to identify said merchant server computer.
  - 15. A method as recited in claim 12 further comprising:
    - decrementing a value of said smart card in a database of an administration system computer by said purchase amount using said identifier of said smart card; and
      
      transferring said purchase amount to an acquiring bank associated with said merchant server computer.
  - 16. A method as recited in claim 12 further comprising:
    - receiving said draw request message, sending said debit message and sending said debit result message via a processing gateway computer, said gateway computer using a different message protocol for communication with said handset than with said payment server computer.
  - 17. A method as recited in claim 12 further comprising:
    - said user confirming said purchase amount before said receiving of said draw request message.
  - 18. A method as recited in claim 12 further comprising:
    - initializing said smart card for purchase; and
      
      receiving an answer to reset (ATR) at said SIM from said smart card before said receiving of said draw request message.
  - 19. A method as recited in claim 12 wherein said first cryptographic key and said second cryptographic key are the same key.
  - 20. A method as recited in claim 12 further comprising:
    - displaying said item on a display of said handset; and
      
      receiving an indication from said user to purchase said item via said display or a keypad of said handset.
  - 21. A method as recited in claim 12 further comprising:
    - validating said confirmation message by said merchant server computer; and
      
      releasing said item to said user only if said confirmation message is validated.

22. A purchasing system for purchasing an item for a user, said purchasing system comprising:
- a wireless telecommunications network for providing communication between entities;
  
  a mobile telephone handset in communication with said telecommunications network, said handset including a card reader for communicating with said smart card, a subscriber identification module (SIM), and an input interface;
  
  a smart card that is in communication with said handset via a card reader interface, said smart card including a stored value, a cryptographic key shared with an issuer of said smart card, wherein said smart card is programmed to verify a first cryptographic signature S2 and to generate a second cryptographic signature S3;
  
  a merchant server computer programmed to generate a purchase instruction message intended for said SIM, said purchase instruction message including a purchase amount of said item and a merchant identifier; and
  
  a payment server computer programmed to receive a draw request message formulated by said SIM from said SIM through the handset, to generate a debit message intended for said smart card that includes said first cryptographic signature S2, to verify said second cryptographic signature S3, and to generate a confirmation of payment by said smart card for said merchant server computer, whereby said item is purchased over said wireless telecommunications network and is released to said user associated with said smart card.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. A system as recited in claim 22 further comprising:
    - an administration system computer having a database that holds a value of said smart card using said smart card identifier, wherein said value of said smart card in said database is decremented by said purchase amount; and
      
      a processor at an acquiring bank associated with said merchant server computer to which is transferred said purchase amount.
  - 24. A system as recited in claim 22 further comprising:
    - a gateway computer that provides an interface between said handset and said merchant and payment server computers, said gateway computer using a different message protocol for communication with said handset than with said merchant and payment server computers.
  - 25. A system as recited in claim 22 wherein said first cryptographic key and said second cryptographic key are the same key.
  - 26. A system as recited in claim 22 further comprising:
    - a display of said handset onto which is displayed said item; and
      
      a keypad of said handset programmed to receive an indication from said user to purchase said item.
  - 27. A system as recited in claim 22 wherein said merchant server computer is further programmed to validate said confirmation of payment from said payment server computer and to release said item to said user only if said confirmation of payment is validated.
  - 28. A system as recited in claim 22 wherein said smart card is disconnected from said handset without affecting the telecommunication functionality of said handset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Cutino, Suzanne C, Hoffman, Steven R
Primary Examiner(s)
KIM, STEVEN S

Application Number

US12/246,233
Publication Number

US 20090030842A1
Time in Patent Office

2,136 Days
Field of Search

705 65- 67, 705/41, 455/558
US Class Current

705/67
CPC Class Codes

G06Q 20/04   Payment circuits

G06Q 20/10   specially adapted for elect...

G06Q 20/105   involving programming of a ...

G06Q 20/28   Pre-payment schemes, e.g. "...

G06Q 20/32   using wireless devices

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3229   Use of the SIM of a M-devic...

G06Q 20/325   using wireless networks

G06Q 20/3255   using mobile network messag...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/349   Rechargeable cards

G06Q 20/353   Payments by cards read by M...

G06Q 20/36   using electronic wallets or...

G06Q 20/363   with the personal data of a...

G06Q 20/3672   initialising or reloading t...

G06Q 20/3674   involving authentication

G06Q 20/3829   involving key management

G06Q 2220/12   Usage or charge determination

G07F 7/0866   by active credit-cards adap...

G07F 7/0886   the card reader being porta...

G07F 7/1008 : Active credit-cards provide...

View All

Smart card purchasing transactions using wireless telecommunications network

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Smart card purchasing transactions using wireless telecommunications network

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links