Movatterモバイル変換

[0]ホーム
URL:

EP2810231A1 - System and method for a secure cardholder load and storage device - Google Patents

System and method for a secure cardholder load and storage device

Info

Publication number
EP2810231A1
EP2810231A1EP13743780.2AEP13743780AEP2810231A1EP 2810231 A1EP2810231 A1EP 2810231A1EP 13743780 AEP13743780 AEP 13743780AEP 2810231 A1EP2810231 A1EP 2810231A1
Authority
EP
European Patent Office
Prior art keywords
sct
card
payment
payment card
communication device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP13743780.2A
Other languages
German (de)
French (fr)
Other versions
EP2810231A4 (en
Inventor
Will Graylin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ingenico Inc
Original Assignee
Roam Data Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/756,620external-prioritypatent/US9195983B2/en
Application filed by Roam Data IncfiledCriticalRoam Data Inc
Publication of EP2810231A1publicationCriticalpatent/EP2810231A1/en
Publication of EP2810231A4publicationCriticalpatent/EP2810231A4/en
Ceasedlegal-statusCriticalCurrent

Links

Classifications

Definitions

Landscapes

Abstract

A system for a secure cardholder and storage device includes a mobile communication device and a secure card transporter (SCT). The SCT includes a Near Field Communication (NFC) chip, a microprocessor, a magnetic stripe card reader, a contact chip card reader, a contactless card reader, an audio jack interface and a micro-USB interface. The SCT interfaces with the mobile communication device via the audio jack interface or the micro-USB interface, and the SCT captures payment card data and transmits the captured payment card data to a merchant point of sale (POS) checkout system both in the physical and virtual environments. The system provides convenient buying experience for buyers, and secure and informative transaction for sellers.

Description

SYSTEM AND METHOD FOR A SECURE CARDHOLDER LOAD AND
STORAGE DEVICE
Cross Reference to related Co-Pending Applications
This application claims the benefit of U.S. provisional application Serial No. 61594474 filed on February 3, 2012 and entitled SYSTEM AND METHOD FOR A SECURE CARDHOLDER LOAD AND STORAGE DEVICE, which is commonly assigned and the contents of which are expressly incorporated herein by reference. This application is a continuation in part of U.S. application Serial No. 13080047 filed on April 5, 2011 and entitled SYSTEM AND METHOD FOR CHECKOUT AND CUSTOMER DATA CAPTURE IN COMMERCE APPLICATIONS, which is commonly assigned and the contents of which are expressly incorporated herein by reference.
Field of the Invention
The present invention relates to a system and a method for a secure cardholder load and storage device that interfaces with a consumer remote device for capturing and transmitting payment card present data to merchants via merchant point of sale (POS) checkout systems, in the physical and virtual environments.
Background of the Invention
Near Field Communication (NFC) chips have been embedded in some mobile phones directly or via SD Memory Cards, or SIM Cards, and are used by companies such as Google or ISIS as digital wallets for storing secure cardholder information. These NFC chip based digital wallets are used in contactless payment transactions with point-of-sale (POS) devices that support such contactless transactions. Mobile phones with the embedded NFC chip based digital wallets have several problems with complexity, applicability, security, and flexibility, among others. One of these problems is that not all phones have an embedded NFC chip. This severely limits penetration of this mobile wallet solution to the public. Furthermore, the process for loading the NFC chip's secure element with the payment card data is complex to implement and carry out. In particular, data loading onto the NFC chip's secure element over the air has security issues that need to be addressed. These security issues exist at every point the cardholder data touches in order to get from an issuer to the secure element. Currently, a Trusted Security Manager (TSM) is required for loading personal payment credentials onto the NFC chip's secure element over the air. Payment card issuers have to sign up for such a TSM service and to pay for such services. Furthermore, there are various technical complexities in order to make the loading process work smoothly, especially when some part of the loading process fails in the middle. Furthermore, not all standards have been worked out, and there are multiple competing parties making it more difficult to become ubiquitous. The applications and value proposition for the consumers and for the merchants are limited if the only purpose is to allow NFC to be used for contactless payment in POS devices. More value has to be created for the consumers and merchants and the process has to be much less complex for issuers, and consumers to load their digital wallet, and for them to use it with merchants. Summary of the Invention
The present invention relates to a system and a method for a secure cardholder storage and transport device that works in conjunction with an application in order to capture payment card data, to securely store the captured payment card data, and to transmit card present data to merchants via merchant point-of-sale (POS) checkout systems, both in the physical and virtual environments. The system provides convenient buying experience for buyers, and secure and informative transaction for sellers.
In general, in one aspect the invention features a system for a secure cardholder and storage device including a mobile communication device and a secure card transporter (SCT). The SCT includes a Near Field Communication (NFC) chip, a microprocessor, a magnetic stripe card reader, a contact chip card reader, a contactless card reader, an audio jack interface and a micro-USB interface. The SCT interfaces with the mobile communication device via the audio jack interface or the micro-USB interface, and the SCT captures payment card data and transmits the captured payment card data to a merchant point of sale (POS) checkout system.
Implementations of this aspect of the invention may include one or more of the following features. The mobile communication device includes a mobile wallet application that initializes and unlocks the SCT. The mobile communication device further includes a payment checkout application that interacts with the SCT and accepts payment card data from the SCT. The mobile wallet application interacts with the SCT in order to provide mode of operations including "card emulation mode", "card load mode" and "card read mode". The SCT operated in the "card emulation mode" is configured to allow a user to select a specific payment card and to change payment cards via the mobile wallet application for payment at the merchant POS system. The SCT operated in the "card load mode" is configured to allow a user to load payment card data and to store the loaded payment card data onto a secure element of the NFC chip and onto an online digital wallet via the mobile wallet application. The SCT operated in the "card read mode" is configured to allow a user to retrieve payment card data and to transmit the retrieved payment card data to the merchant POS system. The mobile communication device may be a Smartphone, a tablet, or a personal computer. The SCT further includes a battery and a charging circuit. The microprocessor is configured to provide security and communications with the mobile communication device. The e NFC chip stores payment card data and cardholder data in a secure element. The NFC chip is configured to be used as a contactless payment card that is read by the merchant POS checkout system. The NFC chip is configured to read contactless payment cards and to transmit payment card data to other SCT devices in a peer-to-peer mode.
In general, in another aspect the invention features a method for providing a secure cardholder and storage device including providing a mobile communication device and providing a secure card transporter (SCT). The SCT includes a Near Field Communication (NFC) chip, a microprocessor, a magnetic stripe card reader, a contact chip card reader, a contactless card reader, an audio jack interface and a micro-USB interface. The SCT interfaces with the mobile communication device via the audio jack interface or the micro-USB interface. The SCT captures payment card data and transmits the captured payment card data to a merchant point of sale (POS) checkout system.
Among the advantages of this invention may be one or more of the following. The mobile card reader and storage device can be used with virtually any mobile phone or PC, thereby enabling ubiquity. It is much less complex to load card data onto the secure element of the device. There is no cost to load cards onto the device. It is much less complex to load cards and it minimizes failure points in the process. It does not require standardization of multiple parties, handset makers, TSMs, Chip providers, standards bodies to agree on methodology before users can use the system. The invention also enables a host of applications and functionalities that make it more compelling and deliver value to the consumers and the merchants.
Brief Description of the Drawings
FIG. 1 is an overview diagram of the secure cardholder load and storage device system.
Detailed Description of the Invention
Referring to FIG. 1, the system 80 of the present invention includes a mobile card reader / card storage device (Secure Card Transporter (SCT)) 100 that interfaces with a remote communication device 150 via the audio jack 122 and/or USB port 124 of the device. System 80 also includes a secure mobile wallet application 130 and a payment checkout application 140. The secure mobile wallet application 130 initializes and unlocks the SCT 100 and the payment checkout application 140 interacts with the SCT and accepts card present payment data or tokens from the SCT 100. The remote communication device may be a Smartphone, a tablet, or a PC, among others.
The SCT device 100 includes a micro processor 102, an NFC chip 106, a battery 116, a charging circuit 118, a magnetic stripe reader 104, a contact chip card reader 108, a contactless stripe reader 109, a 3.5mm audio jack interface 112, and a micro USB port/jack interface 114. Microprocessor 102 handles security and communications with the remote communication device 150. The NFC chip 106 is used for storing cardholder data in its secure element. The NFC chip 106 may also be used as a tag or contactless card, that is read by POS with contactless capabilities. The NFC chip 106 may also be used for reading other contactless cards in certain circumstances, and for transmitting card data to other SCT devices in a peer-to-peer mode. The magnetic stripe reader 104 is used for loading payment card data onto the secure element of the NFC chip 106 and for capturing card track data for a POS application or checkout application on the host remote communication device 150. The remote communication device 150 includes the mobile wallet application 130, a checkout application 140, audio jack port 122, USB port 124, a screen 126 and a keyboard 128. The mobile wallet application 130 on the host device 150 interacts with the SCT 100 in order to control and provide different modes of operation including Card Emulation Mode, Card Load Mode, and Card Read Mode.
To provide better security in usage of the SCT, each SCT device is initially open to be paired with the user's wallet account, and only with one account. Once it is paired, it must be unlocked by the wallet application to change modes and parameters on the SCT. The SCT can store cardholder data by either an initial load at manufacturing, or by an over the air load after setting up a wallet account paired with the SCT, or by the consumer directly loading their SCT via the wallet application on his/her remote communication device by swiping or keying their card information into both the secure element and the user's wallet account. Wallet user is defined as a person that has setup a digital wallet account on the cloud, and has initialized a mobile wallet application on their phone.
Card Emulation Mode: Here a wallet user who enters his application with a PIN can change the modes of how the NFC chip allows the cards in the secure element to be selected and discovered for use by POS card readers. Wallet user can choose the default card being used, user can set the SCT to allow for the default card to be exposed to discovery by contactless readers, or exposed only for a limited time upon entering a PIN to unlock the default card in the mobile wallet app.
Card Load Mode: Upon initializing the SCT, the wallet user can use the Wallet Application to load his/her cards into both the digital wallet in the cloud with permanent account number (PAN) data (not track data), and it can store the track data in an encrypted manner into the secure element of the NFC chip in the SCT for use later in a secure checkout from a merchant. The Top-of-Wallet (default) card is usually the first card loaded, but can be changed by the user. The encrypted track data is not useful to hackers that obtain it by whatever means, and can only be decrypted by a corresponding payment server upon checkout and is not useful otherwise. Contactless Track Data can also be stored in the secure element of the NFC chip at manufacturing or key injection facility, or loaded by the consumer by converting his/her magnetic stripe track data into a contactless track data via the wallet application using special procedure.
Card Read Mode: This mode allows the stored encrypted track data to be retrieved and sent to a corresponding checkout application that accepts card present remote checkout. The reader can also be used by a POS application on the host device to accept payments like any merchant application, by interacting with the Swiper or NFC contactless reader to obtain cardholder data from magstripe cards or from contactless cards.
The unique elements of the invention include the following: 1) the NFC storage mechanism is connected via a ubiquitous audio jack; 2) the loading method to the NFC is much more simple when leveraging a separate magstripe card reader; 3) ability to store not just contactless credentials in the secure element but also regular magnetic stripe track data to be used later in checkout scenarios; 4) ability to change modes of emulation via wallet app as described above; 5) a personal NFC device is combined with a magnetic stripe reader so that the reader can be turned into a personal POS to pay for goods remotely, or turned into a merchant POS for acceptance of cards from other buyers or consumers.
Several embodiments of the present invention have been described. Nevertheless, it will be understood that various modifications may be made without departing from the spirit and scope of the invention. Accordingly, other embodiments are within the scope of the following claims.
What is claimed is:

Claims

1. A system for a secure cardholder and storage device comprising:
a mobile communication device;
a secure card transporter (SCT) comprising a Near Field Communication (NFC) chip, a microprocessor, a magnetic stripe card reader, a contact chip card reader, a contactless card reader, an audio jack interface and a micro-USB interface ; wherein said SCT interfaces with the mobile communication device via the audio jack interface or the micro-USB interface; and
wherein said SCT captures payment card data and transmits the captured payment card data to a merchant point of sale (POS) checkout system.
2. The system of claim 1, wherein the mobile communication device comprises a mobile wallet application that initializes and unlocks the SCT.
3. The system of claim 2, wherein the mobile communication device further comprises a payment checkout application that interacts with the SCT and accepts payment card data from the SCT.
4. The system of claim 2, wherein the mobile wallet application interacts with the SCT in order to provide mode of operations comprising "card emulation mode", "card load mode" and "card read mode".
5. The system of claim 4, wherein the SCT operated in the "card emulation mode" is configured to allow a user to select a specific payment card and to change payment cards via the mobile wallet application for payment at the merchant POS system.
6. The system of claim 4, wherein the SCT operated in the "card load mode" is configured to allow a user to load payment card data and to store the loaded payment card data onto a secure element of the NFC chip and onto an online digital wallet via the mobile wallet application.
7. The system of claim 4, wherein the SCT operated in the "card read mode" is configured to allow a user to retrieve payment card data and to transmit the retrieved payment card data to the merchant POS system.
8. The system of claim 1, wherein the mobile communication device comprises one of Smartphone, tablet, or personal computer.
9. The system of claim 1, wherein the SCT further comprises a battery and a charging circuit.
10. The system of claim 1, wherein the microprocessor is configured to provide security and communications with the mobile communication device.
11. The system of claim 1, wherein the NFC chip stores payment card data and cardholder data in a secure element.
12. The system of claim 11, wherein the NFC chip is configured to be used as a contactless payment card that is read by the merchant POS checkout system.
13. The system of claim 11, wherein the NFC chip is configured to read contactless payment cards and to transmit payment card data to other SCT devices in a peer-to- peer mode.
14. A method for providing a secure cardholder and storage device comprising: providing a mobile communication device;
providing a secure card transporter (SCT) comprising a Near Field Communication (NFC) chip, a microprocessor, a magnetic stripe card reader, a contact chip card reader, a contactless card reader, an audio jack interface and a micro-USB interface ;
wherein said SCT interfaces with the mobile communication device via the audio jack interface or the micro-USB interface; and
wherein said SCT captures payment card data and transmits the captured payment card data to a merchant point of sale (POS) checkout system.
15. The method of claim 14, wherein the mobile communication device comprises a mobile wallet application that initializes and unlocks the SCT.
16. The method of claim 15, wherein the mobile communication device further comprises a payment checkout application that interacts with the SCT and accepts payment card data from the SCT.
17. The method of claim 15, wherein the mobile wallet application interacts with the SCT in order to provide mode of operations comprising "card emulation mode", "card load mode" and "card read mode".
18. The method of claim 17, wherein the SCT operated in the "card emulation mode" is configured to allow a user to select a specific payment card and to change payment cards via the mobile wallet application for payment at the merchant POS system.
19. The method of claim 17, wherein the SCT operated in the "card load mode" is configured to allow a user to load payment card data and to store the loaded payment card data onto a secure element of the NFC chip and onto an online digital wallet via the mobile wallet application.
20. The method of claim 17, wherein the SCT operated in the "card read mode" is configured to allow a user to retrieve payment card data and to transmit the retrieved payment card data to the merchant POS system.
EP13743780.2A2012-02-032013-02-04 SYSTEM AND METHOD FOR SECURE LOADING AND STORAGE LOADING DEVICECeasedEP2810231A4 (en)

Applications Claiming Priority (3)

Application NumberPriority DateFiling DateTitle
US201261594474P2012-02-032012-02-03
US13/756,620US9195983B2 (en)2011-04-052013-02-01System and method for a secure cardholder load and storage device
PCT/US2013/024578WO2013116817A1 (en)2012-02-032013-02-04System and method for a secure cardholder load and storage device

Publications (2)

Publication NumberPublication Date
EP2810231A1true EP2810231A1 (en)2014-12-10
EP2810231A4 EP2810231A4 (en)2015-09-23

Family

ID=48905940

Family Applications (1)

Application NumberTitlePriority DateFiling Date
EP13743780.2ACeasedEP2810231A4 (en)2012-02-032013-02-04 SYSTEM AND METHOD FOR SECURE LOADING AND STORAGE LOADING DEVICE

Country Status (3)

CountryLink
EP (1)EP2810231A4 (en)
HK (1)HK1205317A1 (en)
WO (1)WO2013116817A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
DE102013103533B4 (en)2013-04-092018-08-30Bundesdruckerei Gmbh A card reader for reading value and security documents for a computer, a data processing system, and a method for communicating data between a computer and a card reader
EP4057203A1 (en)2013-12-192022-09-14Visa International Service AssociationCloud-based transactions methods and systems
US9922322B2 (en)2013-12-192018-03-20Visa International Service AssociationCloud-based transactions with magnetic secure transmission
US10846694B2 (en)2014-05-212020-11-24Visa International Service AssociationOffline authentication
US9775029B2 (en)2014-08-222017-09-26Visa International Service AssociationEmbedding cloud-based functionalities in a communication device
US10187363B2 (en)2014-12-312019-01-22Visa International Service AssociationHybrid integration of software development kit with secure execution environment

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US7143942B2 (en)*2003-09-012006-12-05Seiko Epson CorporationCard processing apparatus and system, POS terminal for card processing, and credit card processing control method
US20070075133A1 (en)*2005-08-152007-04-05Sirit Technologies, Inc.Method, System and Computer-Readable Medium for Radio Frequency Identification Device
US20090144456A1 (en)*2007-11-302009-06-04Alexander David GelfInterface Device for Securely Extending Computer Functionality
EP2088548A1 (en)*2008-02-112009-08-12Accenture Global Services GmbHPoint of sale payment method
US8662401B2 (en)*2008-07-252014-03-04First Data CorporationMobile payment adoption by adding a dedicated payment button to mobile device form factors
US8103249B2 (en)*2008-08-232012-01-24Visa U.S.A. Inc.Credit card imaging for mobile payment and other applications
US20100243732A1 (en)*2009-03-252010-09-30George WallnerAudio/acoustically coupled card reader
US7896248B2 (en)*2009-06-102011-03-01Rem Holdings 3, LlcCard reader device and method of use
US8355670B2 (en)*2010-06-222013-01-15At&T Mobility Ii LlcNear field communication adapters
KR101080306B1 (en)*2011-02-162011-11-07(주)아이윌팬시 Electronic card transmission and reception system and method through mobile device

Also Published As

Publication numberPublication date
HK1205317A1 (en)2015-12-11
EP2810231A4 (en)2015-09-23
WO2013116817A1 (en)2013-08-08

Similar Documents

PublicationPublication DateTitle
US9195983B2 (en)System and method for a secure cardholder load and storage device
CN104903925B (en)System and method for safely loading, storing and being transmitted in the magnetic stripe data in the device to be worked together with mobile Wallet System
US9842356B2 (en)System, method, apparatus and computer program product for interfacing a multi-card radio frequency (RF) device with a mobile communications device
KR101802654B1 (en)Mobile checkout systems and methods
US10445723B2 (en)NFC-transaction processing systems and methods
CN103562972A (en) Handheld self-provisioning PIN PED communicator
KR20190017746A (en) Authentication using SmartWatch
US20160189127A1 (en)Systems And Methods For Creating Dynamic Programmable Credential and Security Cards
US20150242844A1 (en)System and method for secure remote access and remote payment using a mobile device and a powered display card
EP2810231A1 (en)System and method for a secure cardholder load and storage device
TWI625684B (en) Mobile payment method and mobile payment device
US20140089169A1 (en)System and Method of Processing Payment Transactions via Mobile Devices
WO2013173339A1 (en)Nfc transaction processing systems and methods
WO2012114260A1 (en)A mobile communication device for contactless payments, a payment method
US20200327536A1 (en)Methods for conducting electronic payment transactions with scannable codes
WO2013127579A1 (en)Mobile payment method via mobile devices
US20230087051A1 (en)Methods for conducting electronic payment transactions with scannable codes
US20240086896A1 (en)Mobile wallets and companion smart cards
Sahana et al.Design of secure SMART card reader and Wi-Fi interface for Point of Sale terminal
US20190272531A1 (en)Payment device with touch screen
HK1213071B (en)System and method for securely loading, storing and transmitting magnetic stripe data in a device working with a mobile wallet system
KR200481097Y1 (en)A card reader appratus for a transaction and a portable terminal
AU2011200063B1 (en)Systems and methods of securely carrying out transactions
HK1191436A (en)Hand-held self-provisioned pin red communicator

Legal Events

DateCodeTitleDescription
PUAIPublic reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text:ORIGINAL CODE: 0009012

17PRequest for examination filed

Effective date:20140725

AKDesignated contracting states

Kind code of ref document:A1

Designated state(s):AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AXRequest for extension of the european patent

Extension state:BA ME

DAXRequest for extension of the european patent (deleted)
RA4Supplementary search report drawn up and despatched (corrected)

Effective date:20150825

RIC1Information provided on ipc code assigned before grant

Ipc:G06Q 20/36 20120101ALI20150819BHEP

Ipc:G06Q 20/32 20120101AFI20150819BHEP

Ipc:H04B 5/02 20060101ALI20150819BHEP

REGReference to a national code

Ref country code:HK

Ref legal event code:DE

Ref document number:1205317

Country of ref document:HK

STAAInformation on the status of an ep patent application or granted ep patent

Free format text:STATUS: EXAMINATION IS IN PROGRESS

17QFirst examination report despatched

Effective date:20190624

REGReference to a national code

Ref country code:DE

Ref legal event code:R003

STAAInformation on the status of an ep patent application or granted ep patent

Free format text:STATUS: THE APPLICATION HAS BEEN REFUSED

18RApplication refused

Effective date:20210201

REGReference to a national code

Ref country code:HK

Ref legal event code:WD

Ref document number:1205317

Country of ref document:HK
[8]ページ先頭
©2009-2025 Movatter.jp