Data processing: financial – business practice – management – or co – Automated electrical financial or business practice or... – Finance
Reexamination Certificate
1998-12-18
2001-04-17
Trammell, James P. (Department: 2764)
Data processing: financial, business practice, management, or co
Automated electrical financial or business practice or...
Finance
C705S001100, C705S039000
Reexamination Certificate
active
06219651
ABSTRACT:
FIELD OF THE INVENTION
The present invention is directed to the field of protection of transaction data for cash-free payment transfers by means of chip cards, from the data's creation in the payment terminal to its processing.
BACKGROUND OF THE INVENTION
The invention refers to the protection of transaction data for cash-free payment transfers by means of chip cards, from the data's creation in the payment terminal to its processing.
Modern types of cash-free payment transfers are carried out using chip cards. In particular, these are electronic stocks, credit cards and debit cards.
Several different payment transfer applications can exist on a chip card, for example electronic stocks and credit cards.
The chip card is initialized before issue to the customer, i.e. application data and cryptographic keys for securing the transaction are stored on the chip card which allow the chip card to be used within the framework of certain applications. On being issued with the card, the customer is informed of the application for which the chip card can be used.
If a customer wishes to pay for goods at a dealer using his/her stock chip card, then this transaction can be carried out at a payment terminal. The chip card is inserted into a chip card reader arranged in the payment terminal. Using the chip card reader, data can be read from the chip card or data can be written to the chip card. With electronic stock applications, the credit stored on the chip card is reduced by the amount which is to be paid to the dealer for the goods.
To carry out the described payment procedure, the payment terminal has the following components in particular: a chip card reader, a keyboard for entering data, a network and software for controlling the corresponding transactions, a display unit to display instructions to the customer, a security module, and a communication connection to the host system, especially if credit/debit cards are supported.
In general, at each payment transfer, transaction data on the individual payment procedure is created as well as cumulative data which is brought up to date on the transactions which have occurred since the last data exchange with the clearing office.
Amongst other things, the transaction data contains:
The identification of the customer's chip card
The amount, the currency and the bank
The identification of the dealer and the payment terminal and
cryptographic security (signature advisable) of the transaction data is advisable with the transaction key of the chip card.
The transaction data is created in a cryptographically secure protocol between the chip card and the security module, using the individual transaction key on the chip card and in the security module. The transaction data is secured using the individual transaction key which is allocated to the chip card.
The transaction data is stored in the payment terminal up until the data exchange with the clearing office.
The cumulative data is held in the security module and is read out on exchanging the data with the clearing office.
Cumulative data includes, for example:
The total amounts of the transactions
The number of transactions
The identification of the dealer and the payment terminal and
cryptographic security (signature is advisable) of the cumulative data is advisable using the key allocated to the dealer or the payment terminal in the security module.
On exchanging data with the clearing office, a transaction file is transmitted to the clearing office from the payment. The transaction file consists of
Header data, which contains the last cumulative data as well as data specific to the payment terminal and
the transaction data of each transaction, if a certain minimum standard of security is required.
The transaction data is individually secured using transaction keys. The transaction key is located on the individual chip card. Transaction keys can be stolen and transaction data can be copied from other payment terminals. Therefore, whilst the transaction data is being stored in the payment terminal and during its transfer to the clearing office, transaction data can be used fraudulently to the benefit/deficit of individual card owners.
SUMMARY OF THE INVENTION
It is therefore the task of the invention presented to produce an additional procedure to protect the transaction data which increases the previous protection against fraud and greatly simplifies obtaining proof of fraud.
This task is solved with the following aspects considered with the figure:
Aspect
1
. A procedure for protecting transaction data in cash-free payment traffic by means of an electronic purse cards in a payment terminal, where the payment terminal (
1
) consists of at least a read/write device (
5
), an input device (
3
), at least a security module (
8
) and a communication module (
9
) for creating the connection to a data processing system, containing the following steps:
a) Insertion of a stock-exchange chip card (
4
) in a read and/or write device (
5
),
b) Initiation of a transaction for payment of a certain amount using the stock-exchange card (
4
)
c) Creation of the corresponding transaction data (
10
) for that payment procedure, for each payment procedure
d) Creation of the corresponding cumulative data (
81
) for each payment procedure, where the cumulative data includes the transaction data since the last data exchange with the settlement position (
11
) and
e) Creation of a cumulative signature (
82
) on each supplement to the cumulative data (
81
), where the new cumulative signature SSi (
82
) is formed from the initial value of the previous cumulative signature SSi-
1
(
82
).
Aspect
2
. A procedure according to aspect
1
characterized by the cumulative data (
81
) being reset in the security module (
8
) after a data exchange with the settlement position and an initial value for the creation of the cumulative signature (
82
) being established.
Aspect
3
. A procedure according to aspects
1
to
2
, characterized by the transaction data TDi (
10
) consisting of at least the following data:
the identification of the stock-exchange chip card of the customer
the debit amount, the currency, the bank
the identification of the dealer and the payment terminal.
Aspect
4
. A procedure according to aspects
1
to
3
, characterized by the transaction data for the transaction being created in the security module in cooperation with the chip card.
Aspect
5
. A procedure according to aspects
1
to
4
, characterized by the transaction data created TDi (
10
) being secured by the stock-exchange chip card key.
Aspect
6
. A procedure according to aspects
1
to
5
, characterized by the cumulative data SD (
81
) consisting of at least the following data:
the cumulative amount of the transactions
the number of transactions
the identification of the payment terminal
Aspect
7
. A procedure according to aspects
1
or
6
, characterized by the creation of the cumulative signature (
82
) being carried out using the cryptographic key allocated to the payment terminal or the dealer.
Aspect
8
. A procedure according to aspects
1
to
7
, characterized by the transaction data remaining stored in the payment terminal until settlement using the settlement position.
Aspect
9
. A procedure according to aspects
1
to
8
characterized by the cumulative data SD (
81
) being stored in the security module (
8
) until settlement using the settlement position.
Aspect
10
. A procedure according to aspects
1
to
9
, characterized by the cumulative signature being stored in the security module until settlement using the settlement position.
Aspect
11
. A procedure according to aspects
1
to
10
, characterized by the creation of the cumulative signature SS being able to be carried out in symmetrical and asymmetrical procedures.
Aspect
12
. A procedure according to aspects
1
to
11
, characterized by a special key being used solely for the creation of the cumulative signature SS.
Aspect
13
. A procedure according to aspects
1
to
12
, characterized by a common key and/or a common transaction file
12
Bublitz Hermann
Holloway Chris
Newth Adam
Beck Thomas A.
International Business Machines - Corporation
Morris Daniel P.
Tesfamariam Mussie
Trammell James P.
LandOfFree
Protection of transaction data does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Protection of transaction data, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Protection of transaction data will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2522445