POS payment terminal and a method of direct debit payment transaction using a mobile communication device, such as a mobile phone

Abstract

A POS payment terminal (1) using a mobile communication device (4), such as a mobile phone, is created over a temporary connection between the merchant's Sales Device (2) with the removable memory card (18), where the removable memory card (18) is inserted into the customer's slot of the mobile communication device (4). The Sales Device (2) contains a secure memory (6) with the POS terminal's identification data in the form of a SAM card or an ICC card (9) or directly in the form of a secure element on the circuit printed. The payment terminal (1) is created before or during the payment process over a temporary connection between a Sales Device (2) with a mobile communication device (4), which is held by the customer and which has a removable memory card that can have an independent communication element, especially of the NFC type. The payment cryptogram is of standard form, e.g. in the EMV format and it is sent online or offline in batches to the payment processing center (15) according to the amount paid and the preset risk management.

Claims

1. A point-of-sale (POS) terminal (1), comprising: (a) a mobile communication device (4) including a removable memory card (18), wherein the removable memory card comprises: a first secure element (31) storing a POS payment terminal application; a second secure element (32) storing payment card data; an interface (8) to circuits of said mobile communication device; a microcontroller (20); and a first near field communication (NFC) element (12) with a first antenna (21); wherein the first and second secure elements are connected with the microcontroller and the microcontroller is connected with the interface; (b) a merchant sales device terminal (2) that accepts a value of a payment, wherein the merchant sales device terminal comprises: a third secure element (6) storing POS payment terminal identification data for a merchant and an encryption key for encryption of communicated date; a second NFC element (11) with a second antenna (23); and at least one of a Security Authorization Module (SAM) card (24) or on an Integrated Circuit Card (ICC) (9), wherein the third secure element is located on the SAM card or ICC card; wherein the POS payment terminal is formed by a contactless NFC connection of the merchant sales device terminal with the removable memory card of the mobile communication device.

2. A Point-of-Sales terminal as in claim 1, wherein the merchant sales device terminal further comprises a display (14) and a keyboard (13) for the insertion and display of an amount due.

3. A method of performing a direct debit payment transaction using a mobile communication device, comprising: creating a payment terminal before or during a payment process by a temporary contactless connection of a merchant sales device terminal that accepts a value of a payment and has at least one secured section that stores point-of-sales (POS) payment terminal identification data for a merchant, said identification data serving to match the merchant's sales device terminal to a merchant's bank account, with a mobile communication device including a removable memory card storing a POS payment terminal application, the removable memory card inserted into said mobile communication device to run said POS payment terminal application and having an interface for connection to said mobile communication device, said mobile communication device being held by a customer, and performing a direct debit payment transaction in favor of the merchant according to the identification data loaded into the removable memory card during its temporary contactless connection with the merchant's sales device terminal.

4. A method of performing a direct debit payment as in claim 3, wherein creating the payment terminal comprises loading the identification data for the merchant onto the removable memory card from the merchant sales device terminal for use by the point-of-sales (POS) payment terminal application on the removable memory card.

5. A method of performing a direct debit payment as in claim 3, further comprising creating a payment cryptogram and sending the payment cryptogram into the merchant sales device terminal and storing the payment cryptogram in a memory of realized payments records.

6. A method of performing a direct debit payment as in claim 3, further comprising creating a payment cryptogram and sending the payment cryptogram over the interface to the mobile communication device and subsequently via the mobile communication device into a payment processor center.

7. A method of performing a direct debit payment as in claim 3, further comprising inserting data about a payment value into the removable memory card from the merchant sales device terminal by manual insertion using a keyboard or over a connection with a cash register.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

(1) The solution is explained in detail on the FIGS. 1 to 8.

(2) On the FIG. 1, there is schematic demonstration of the outside perspective on the mobile communication device in the form of a common mobile phone, which is placed near the Sales Device. Measurements, shape nor proportion ratio of the mobile communication device to Sales Device are not obligatory and are chosen only with the view of better clarity of the scheme. In the figure, the mobile phone and the Sales Device do not overlay for the purpose of increasing the clearness of the figure, however in reality the mobile phone can be placed directly to the surface of the Sales Device.

(3) On the FIG. 2 there is a perspective on the basic structure of the Sales Device, where it is also visible that the communication element on the side of the mobile phone is located in the removable memory card. The memory with the identification data of the POS terminal is located in the removable memory card. The memory with the identification data of the POS terminal is located in the SAM card. On the FIG. 2 there is also the NFC communication channel between the removable memory card and Sales Device.

(4) On the FIG. 3 there is schematic structure of the removable memory card with an indifferent POS payment terminal unit and with four independent payment card's units belonging to different banks. Above the scope of basic functions, the removable memory card is supplemented also for a common flash memory.

(5) On the FIG. 4 there is a scheme of the Sales Device structure in the configuration where the ICC card of the merchant is inserted into the body of the reader.

(6) On the FIG. 5 there is a configuration with the connection to cash register. The Sales Device encompasses the ICC card's reader and it also has a mini USB connector.

(7) On the FIG. 6 there is a pre-paid removable memory card with a simplified architecture in the option with two Secure Elements.

(8) On the FIG. 7 there is succession of tasks within payment application running on the removable memory card.

(9) On the FIG. 8, there is a block scheme of the memory card's individual elements with displayed connection between individual elements on the memory card with one divided Secure Element, on which there are protected data from payment POS terminal also from several payment cards.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

Example 1

(10) In this example according to the FIGS. 1, 2, 3, 6 to 8 there is described a system where a Sales Device 2, in the form of a single-purpose box, which has a numeric keyboard 13, a display 14 and its own power source in the form of rechargeable accumulator, is located on the merchant's side. The Sales Device 2 has a NFC communication element 11 with an antenna 21 under the surface of the upper cover, where the centre of the antenna 21 is graphically depicted by a guiding symbol 19 of the target on the outside of the cover. In its hardware on the SAM card 24 the Sales Device 2 encompasses a Secure Element 6 into which the POS payment terminal 1 identification and also the Master Key for the encryption of the communicated data is loaded. In other version, the data can be loaded directly in the protected memory on the Sales Device's 2 printed circuit.

(11) The merchant uses the Sales Device 2 in such a way that when selling he enters the amount he wants for his goods or his service over the keyboard 13 to the display 14. After checking the amount on the display 14, the merchant presses the confirming button. After this act, the POS payment terminal's 1 identification data is encrypted using Master Key and this encryption data, along with the payment amount is sent to the NFC communication element 11 which sends the encrypted message over antenna 21 and expects the mobile communication device 4 to be placed to the Sales Device 2. In his mobile communication device 4 the customer activates the launch of the payment application and he does that e.g. through a special hardware keyboard or over a software button. After the creation of the NFC communication channel, the encrypted data from the Sales Device 2 are read and decrypted, the result of which are the POS terminal's 1 identification data and the required payment amount.

(12) This part of the transfer can be expressed also as

(13) ##STR00001##
where 3DES means encryption over Triple Data Encryption Algorithm, where Mk is Master Key supplied by the payment processor, where Cfg means configuration data and NFC presents the transfer path between the Sales Device and the removable memory card.

(14) The paid amount can be verified by the customer on the display of his mobile communication device 4. The identification data from the Sales Device 2 serve for the indifferent POS terminal 1 on the removable memory card 18 to become a specific POS payment terminal 1 for the benefit of a given merchant.

(15) This process can be expressed as
Cfg+generic POS=ACg POS,
where Generic POS represents the identification of the indifferent, generic POS and ACg POS is the POS of a corresponding merchant.

(16) Subsequently the payment terminal application runs in the normal way, e.g. according to the EMV standard. According to preset risk management of the payment card 7 and with respect to the value of the amount being paid, it might be requested to enter the password, PIN code, which is entered by the customer on the keyboard of its mobile communication device 4. In this way high security is reached, since the payment terminal application runs directly on the removable memory card 18, where there are stored also the payment cards' 7 units and the sensitive data do not leave the hardware of the connection between the Sales Device 2 and the removable memory card 18. The result of the payment application is the creation of the payment cryptogram, which is sent to the Sales Device 2 and also in the case of online payment is sent over the interface 8 into the mobile communication device 4 and subsequently over the mobile network to the payment processor. The payment cryptogram can be also created and sent according to the relationship:

(17) ##STR00002##
pertinently to the payment processor's side as

(18) ##STR00003##
The removable memory card is in this case in the form of a microSD card.

Example 2

(19) In this example according to the FIG. 4, the Sales Device 2 is in the form of a device, which has a slot for the insertion of the ICC card 9 with the reader of the corresponding format. The merchant can buy the Sales Device 2 anywhere and this Sales Device 2 does not have its own identity. The merchant receives the ICC card 9 of the common parameters according to ISO 7810 85.6053.98 mm from the bank or the payment processor. The payment processor's Master Key and also the POS terminal's identification data for the assignment to a corresponding merchant are loaded in the Secure Element on the chip of the ICC card. By inserting the ICC card 9 into the reader, the Sales Device 2 according to our description is created. The Sales Device 2 contains also the mini-B USB connector 17, over which it is possible to connect the printer, computer and other output or input units in extended configuration. The attendance and operation of the Sales Device 2 is similar to the first case, however it is different by the fact that after realizing the change the merchant takes out his ICC card 9 and can take it e.g. to the bank for the procession of the off-line payments. It is not excluded also the procession of this kind of ICC card 9 directly in the ATM machines. This solution has the advantage also in the fact that the ICC card is easy to operate, is of practical parameters and by its taking out of the Sales Device's 2 its theft from the business premises e.g. overnight and similar is prevented. The ICC card 9 also offers the area for the subsequent operation and backup of data in the computer with a simple reader.

(20) The advantage of the configuration according to this example is also the possibility that one device with the reader, display 14 and keyboard 13 can be used by several merchants working in shifts in one business premises, while the payments are processed for the benefit of the corresponding merchant who has his ICC card 9 inserted in the reader at the moment.

Example 3

(21) Besides the elements mentioned in the previous examples, the Sales Device 2 according to the FIG. 5 contains also the RS232 (Recommended Standard 232) interface through which it can be connected to the cash registrar 10. In this example the Sales Device 2 is basically an enhancement of the merchant's existing cash registrar 10 so it becomes a POS terminal 1; however, the payment terminal application can run again on the removable memory card 18, which is held by the customer along with the mobile communication device 4.

(22) The result from the cash registrar 10 is transferred into the Sales Device 2 over the cable connection 16. There the result appears on the display 14 and the merchant confirms it by a confirming button. Subsequently the process runs in the same way as if the paid amount was entered over the Sales Device's 2 keyboard 13. In this configuration it would not even be necessary for the Sales Device 2 to contain a keyboard 13 for the entry of the paid amount, however due to the usability of the Sales Device 2 in various systems' point of view, the keyboard 13 is part of the Sales Device 2 even in this example.

INDUSTRIAL APPLICABILITY

(23) The industrial applicability is obvious. With this invention, it is possible to industrially and repeatedly manufacture and use the POS payment terminals, which are created temporarily for the purpose of a specific payment by a connection of Sales Device and the mobile communication device. The necessary structures of the merchant's POS terminal are then created only after the connection with the removable memory card in the mobile communication device of the paying user is established.

LIST OF RELATED SYMBOLS

(24) 1a POS payment terminal 2a Sales Device 3a Secure Element 31the POS terminal's Secure Element 32the payment card's Secure Element 4a mobile communication device 5a payment POS terminal application 6a memory with terminal's configuration data 7a payment card unit 8an interface 9an ICC card 10a cash registrar 11a communication element of the Sales Device 12a communication element of the removable memory card 13a keyboard 14a display 15a payment processing centre 16a connection to the cash register 17a external connector 18a removable memory card 19a target symbol 20a microcontroller 21the removable memory card's antenna 22a memory 23a Sales Device's antenna 24a SAM card 25a communication connection