Method, device and secure element for conducting a secured financial transaction on a device
First Claim
1. A method of operating a mobile device used as a payment terminal by a merchant, the mobile device being distinct from a dedicated payment terminal, the mobile device being configured to run a point of sale (POS) application for receiving a payment from a customer and to operate a secure element, the mobile device comprising a central processing unit, a contactless interface and a communication interface, the secure element being characterized by software components operating a secured environment, the POS application comprising a payment control application configured to interact with the secure element, the method comprising:
- receiving user input comprising an amount corresponding to the payment;
activating the contactless interface of the mobile device;
receiving, via the contactless interface of the mobile device and from a payment apparatus of the customer, an indication of one or more payment applications supported by the payment apparatus;
selecting a payment application of the one or more payment applications supported by the payment apparatus;
acquiring, by the secure element, via the contactless interface of the mobile device, data associated with the payment apparatus, wherein the data associated with the payment apparatus identifies the customer'"'"'s financial account, and wherein at least a portion of the data associated with the payment apparatus is solely accessible by the secure element;
encrypting, by the secure element, the at least the portion of the data associated with the payment apparatus, thereby generating encrypted data;
establishing, through the communication interface of the mobile device, a secured communication channel between the secure element and a remote server; and
sending over the secured communication channel, to the remote server, the encrypted data and an identifier corresponding to the merchant so that a transaction authorization request may be processed.
6 Assignments
0 Petitions
Accused Products
Abstract
A device and a secure element for conducting a secured financial transaction are disclosed. The device comprises a central processing unit; a communication interface for establishing a communication between the device and a financial institution related to a financial account; an interface for acquiring data relating to the financial account; the secure element for processing at least a portion of the data relating to the financial account acquired by the interface; and control logic for acquiring a purchase amount to be debited from the financial account and for obtaining a transaction authorization from the financial institution related to the financial account, the transaction authorization being based, at least partially, on data processed solely by the secure element independently of data processed by the central processing unit. A method of conducting the secured financial transaction, and a computer program product for execution by the secure element are also disclosed.
113 Citations
19 Claims
-
1. A method of operating a mobile device used as a payment terminal by a merchant, the mobile device being distinct from a dedicated payment terminal, the mobile device being configured to run a point of sale (POS) application for receiving a payment from a customer and to operate a secure element, the mobile device comprising a central processing unit, a contactless interface and a communication interface, the secure element being characterized by software components operating a secured environment, the POS application comprising a payment control application configured to interact with the secure element, the method comprising:
-
receiving user input comprising an amount corresponding to the payment; activating the contactless interface of the mobile device; receiving, via the contactless interface of the mobile device and from a payment apparatus of the customer, an indication of one or more payment applications supported by the payment apparatus; selecting a payment application of the one or more payment applications supported by the payment apparatus; acquiring, by the secure element, via the contactless interface of the mobile device, data associated with the payment apparatus, wherein the data associated with the payment apparatus identifies the customer'"'"'s financial account, and wherein at least a portion of the data associated with the payment apparatus is solely accessible by the secure element; encrypting, by the secure element, the at least the portion of the data associated with the payment apparatus, thereby generating encrypted data; establishing, through the communication interface of the mobile device, a secured communication channel between the secure element and a remote server; and sending over the secured communication channel, to the remote server, the encrypted data and an identifier corresponding to the merchant so that a transaction authorization request may be processed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A mobile device to be used as a payment terminal by a merchant, the mobile device being distinct from a dedicated payment terminal, the mobile device being configured to run a point of sale (POS) application for receiving a payment from a customer and to operate a secure element, the mobile device comprising a non-transitory computer readable storage medium comprising computer-executable instructions, a central processing unit, a contactless interface and a communication interface, the secure element being characterized by software components operating a secured environment, the POS application comprising a payment control application configured to interact with the secure element, the computer-executable instructions, upon execution, causing to execute:
-
receiving user input comprising an amount corresponding to the payment; activating the contactless interface of the mobile device; receiving, via the contactless interface of the mobile device and from a payment apparatus of the customer, an indication of one or more payment applications supported by the payment apparatus; selecting a payment application of the one or more payment applications supported by the payment apparatus; acquiring, by the secure element, via the contactless interface of the mobile device, data associated with the payment apparatus, wherein the data associated with the payment apparatus identifies the customer'"'"'s financial account, and wherein at least a portion of the data associated with the payment apparatus is solely accessible by the secure element; encrypting, by the secure element, the at least the portion of the data associated with the payment apparatus, thereby generating encrypted data; establishing, through the communication interface of the mobile device, a secured communication channel between the secure element and a remote server; and sending over the secured communication channel, to the remote server, the encrypted data and an identifier corresponding to the merchant so that a transaction authorization request may be processed. - View Dependent Claims (14, 15, 16)
-
-
17. A non-transitory computer readable storage medium comprising computer-executable instructions for execution by a mobile device used as a payment terminal by a merchant, the mobile device being distinct from a dedicated payment terminal, the mobile device being configured to run a point of sale (POS) application for receiving a payment from a customer and to operate a secure element, the mobile device comprising a central processing unit, a contactless interface and a communication interface, the secure element being characterized by software components operating a secured environment, the POS application comprising a payment control application configured to interact with the secure element, the computer-executable instructions, upon execution, causing to execute:
-
receiving user input comprising an amount corresponding to the payment; activating the contactless interface of the mobile device; receiving, via the contactless interface of the mobile device and from a payment apparatus of the customer, an indication of one or more payment applications supported by the payment apparatus; selecting a payment application of the one or more payment applications supported by the payment apparatus; acquiring, by the secure element, via the contactless interface of the mobile device, data associated with the payment apparatus, wherein the data associated with the payment apparatus identifies the customer'"'"'s financial account, and wherein at least a portion of the data associated with the payment apparatus is solely accessible by the secure element; encrypting, by the secure element, the at least the portion of the data associated with the payment apparatus, thereby generating encrypted data; establishing, through the communication interface of the mobile device, a secured communication channel between the secure element and a remote server; and sending over the secured communication channel, to the remote server, the encrypted data and an identifier corresponding to the merchant so that a transaction authorization request may be processed. - View Dependent Claims (18, 19)
-
Specification