1. Patent Search
  2. Details

Method and device for transmitting an identifier of a user during an electronic payment made by the user.

20220383327 · 2022-12-01

    Inventors

    Cpc classification

    International classification

    Abstract

    A method for transmitting, during an electronic payment made by at least one user, at least one second identifier of the at least one user. The method is implemented by a transmitting device and includes: obtaining at least one first identifier of the at least one user from at least one electronic payment element of the at least one user, the at least one first identifier being used for the electronic payment; generating the at least one second identifier of the user, the second identifier comprising at least one datum and one portion of the at least one first identifier; and when the electronic payment has completed, transmitting the at least one second identifier to a device for managing at least one electronic proof of purchase.

    Claims

    1. A method for transmitting, during an electronic payment made by at least one user, a second identifier of said at least one user, said method being implemented by a transmitting device and comprising: of obtaining at least one first identifier of said at least one user from at least one electronic payment means of said at least one user, said at least one first identifier being used for said electronic payment; of generating said at least one second identifier of said user, said second identifier comprising at least one datum and one portion of said at least one first identifier; and on completion of said electronic payment, transmitting said at least one second identifier to a device for managing at least one electronic proof of purchase.

    2. The method according to claim 1, wherein said at least one datum comprises at least one digital fingerprint of said at least one first identifier.

    3. The method according to claim 1, wherein said at least one datum comprises a third identifier obtained from a bank server.

    4. The method according to claim 1, wherein said at least one datum comprises a third identifier obtained from a bank server and a digital fingerprint of said at least one first identifier.

    5. A method for managing at least one electronic proof of purchase, said method being implemented by a managing device comprising: of receiving, from a till device, at least one identifier of at least one user and the at least one proof of purchase, said at least one proof of purchase and said at least one identifier being received subsequent to an electronic payment made by said at least one user; of obtaining at least one electronic address of said at least one user, said address being obtained using said at least one received identifier; and a first step of sending said at least one proof of purchase to said at least one obtained electronic address.

    6. The method according to claim 5, wherein the obtaining comprises a second step of sending a request to at least one recipient determined depending on said at least one received identifier, said request comprising at least said received identifier, and of receiving, in response to said request, at least one electronic address.

    7. A transmitting device comprising: a processor; and a non-transitory computer-readable medium comprising instructions stored thereon which when executed by the processor configure the transmitting device to: obtain at least one first identifier of said at least one user from at least one electronic payment means of said at least one user, said at least one first identifier being used for said electronic payment; generate said at least one second identifier of said user, said second identifier comprising at least one digital fingerprint of said at least one first identifier and one portion of said at least one first identifier; and transmit said at least one second identifier to a device for managing at least one electronic proof of purchase.

    8. A managing device comprising: a processor; and a non-transitory computer-readable medium comprising instructions stored thereon which when executed by the processor configure the managing device to: receive, from a till device, at least one identifier of at least one user and at least one proof of purchase, said at least one proof of purchase and said at least one identifier being sent subsequent to an electronic payment made by said at least one user; obtain at least one electronic address of said at least one user, said address being obtained using said at least one received identifier; and send said at least one proof of purchase to said at least one obtained electronic address.

    9. The transmitting device of claim 7, wherein the transmitting device is implemented in an electronic.

    10. (canceled)

    Description

    LIST OF THE FIGURES

    [0048] Other features and advantages of the invention will become more clearly apparent upon reading the following description of particular embodiments, provided by way of simple illustrative and non-limiting examples, and the appended drawings, in which:

    [0049] FIG. 1 illustrates an example of an environment of implementation according to one particular embodiment of the invention;

    [0050] FIG. 2 illustrates the hardware architecture of a device configured to implement the transmitting method according to one particular embodiment of the invention;

    [0051] FIG. 3 illustrates the hardware architecture of a device configured to implement the managing method according to one particular embodiment of the invention;

    [0052] FIG. 4 illustrates steps of the transmitting and managing methods according to one particular embodiment of the invention.

    DESCRIPTION OF ONE EMBODIMENT OF THE INVENTION

    [0053] FIG. 1 illustrates an example of an environment of implementation of the invention according to one particular embodiment of the invention. The environment shown in FIG. 1 comprises an electronic payment terminal 101 (EPT) that executes the transmitting method, a till device 102, a bank server 105 and an application server 106 that executes the managing method. FIG. 1 also shows an electronic payment means 103 belonging to a user 104. The payment means shown here is a bank card but the invention is applicable to any electronic payment means (virtual-bank-card number, mobile terminal comprising a secure element, barcode, instant-messaging address, etc.).

    [0054] The payment terminal 101 and the bank server 105, the payment terminal 101 and the till device 102, the till device 102 and the application server 106, and the application server 106 and the bank server 105, may be connected to each other via one or more communication networks. The communication networks used are for example public communication networks such as the Internet, or indeed private communication networks. These communication networks may be accessible via an access network (not shown) such as a wired network, a wireless (Wi-Fi, Bluetooth, etc.) network or a 2G, 3G, 4G or 5G cellular data network.

    [0055] When a bank transaction is performed between the customer 104 and the merchant 107, a customer identifier containing a portion encrypted by the electronic payment terminal is transmitted to the till device 102. This identifier and a proof of purchase generated by the till device 102 are then sent by the latter to the application server 106. Depending on the received identifier, the application server 106 obtains a digital address of the customer 103. The proof of purchase is then sent by the application server 106 to the obtained electronic address.

    [0056] As known, the payment terminal 101 may, during the transaction, make an authorization request to the bank server 105 in order to obtain or not a validation of the payment.

    [0057] According to one particular embodiment of the invention, the server 106 and the till device 102 may be one and the same device.

    [0058] According to one particular embodiment of the invention, the payment terminal 101 may comprise the till device 102. In this particular case, the user identifier will be received by the till device 102 via messages internal to the terminal 101. The same terminal may also be contained within a computer or any other device having the architecture of a computer, such as a smartphone, a tablet, a voice assistant, etc. thus making it possible to make purchases on-line. Concretely, the user may, for example, input information present on his bank card (PAN, CVV, expiry date) into a graphical interface displayed by an Internet browser in order to make the payment.

    [0059] According to one particular embodiment of the invention, the servers 105 and 106 may be one and the same server.

    [0060] According to one particular embodiment of the invention, the payment may involve a plurality of payment means and a plurality of users (payment shared between a number of people).

    [0061] According to one particular embodiment of the invention, all of the messages exchanged between the payment terminal 101 and the bank server 105, the payment terminal 101 and the till device 102, the till device 102 and the application server 106, and between the application server 106 and the bank server 105, may be messages that are encrypted/ciphered for example via private/public key encryption mechanisms.

    [0062] According to one particular embodiment of the invention, the environment may comprise a plurality of EPTs 101 connected to the till device 102.

    [0063] According to one particular embodiment of the invention, the environment may comprise a plurality of EPTs 101 connected to the bank server 105.

    [0064] According to one particular embodiment of the invention, the environment may comprise a plurality of till devices 102 connected to the application server 106.

    [0065] According to one particular embodiment of the invention, the environment may comprise a plurality of bank servers 105 connected to the application server 106.

    [0066] According to one particular embodiment of the invention, the environment may comprise a plurality of application servers 106 connected to the bank server 105.

    [0067] FIG. 2 illustrates a device TPE that implements the invention according to one particular embodiment. The device TPE has the conventional architecture of a computer, and comprises in particular a memory MEM1, and a processing unit UT1 that is equipped for example with a processor PROC1, and that is driven by the computer program PG1 stored in the memory MEM1. The computer program PG1 comprises instructions for implementing the steps of the transmitting method such as described below with reference to FIG. 4, when the program is executed by the processor PROC1.

    [0068] On initialization, the code instructions of the computer program PG1 are for example loaded into a memory, before being executed by the processor PROC1. The processor PROC1 of the processing unit UT1 in particular implements the steps of the enrichment method according to any one of the particular embodiments described with reference to FIGS. 1 and 4 according to the instructions of the computer program PG1.

    [0069] The device TPE also comprises an obtaining module OBT1 able to obtain an identifier of a user who has completed a payment to a trader. This identifier is for example obtained from the electronic payment means used by the user during the payment. The device TPE further comprises a generating module GEN1 able to generate a new user identifier depending on the identifier obtained via the module OBT1. This module may for example carry out: [0070] operations to encrypt all or some of the obtained identifier (digital fingerprint); [0071] operations to assemble/concatenate portions (whether encrypted or not) of the obtained identifier; [0072] operations to add strings of characters to the obtained identifier, i.e. strings such as a prefix, a suffix or a new identifier; [0073] operations to delete a portion of the identifier; [0074] or any other operation to manipulate the string of characters representing the obtained identifier.

    [0075] The device TPE in addition comprises a transmitting/sending module SND1 able to send messages via for example an IP network. The sending module SND1 is for example used to send to a managing device the identifier generated by the module GEN1.

    [0076] FIG. 3 illustrates a device RSP that implements the invention according to one particular embodiment. The device RSP has the conventional architecture of a computer, and comprises in particular a memory MEM2, and a processing unit UT2 that is equipped for example with a processor PROC2, and that is driven by the computer program PG2 stored in the memory MEM2. The computer program PG2 comprises instructions for implementing the steps of the transmitting method such as described below with reference to FIG. 4, when the program is executed by the processor PROC2.

    [0077] On initialization, the code instructions of the computer program PG2 are for example loaded into a memory, before being executed by the processor PROC2. The processor PROC2 of the processing unit UT2 in particular implements the steps of the managing method according to any one of the particular embodiments described with reference to FIGS. 1 and 4 according to the instructions of the computer program PG2.

    [0078] The device RSP also comprises a communication module RECV2 configured to receive, for example via an IP network, an identifier of a user from a till device when the user has completed a payment to a trader.

    [0079] The device RSP further comprises an obtaining module OBT2 able to obtain, depending on the identifier received by the module RECV2, an electronic address of the user. In addition, the device RSP comprises a module SND2 able to send a message comprising a proof of purchase to the electronic address obtained by the module OBT2.

    [0080] According to one particular embodiment the invention, the modules RECV2 and SND2 are one and the same communication module.

    [0081] According to one particular embodiment of the invention, the module RECV2 is also able to receive a message comprising an electronic address of the user in response to a request sent by the module SND2 to for example a bank server and comprising the identifier received by the module RECV2.

    [0082] FIG. 4 illustrates steps of the transmitting and managing methods according to one particular embodiment of the invention, and illustrates the particular case of an electronic transaction in the context of the environment of FIG. 1.

    [0083] In step 404 a user (i.e. a customer) uses an electronic payment means to make a purchase from a trader. To do this, he inserts a bank card into an electronic payment terminal (EPT) 420 (101 in FIG. 1) and enters his personal identification number to validate the transaction. If the code entered is valid, then the EPT generates a user identifier on the basis of an identifier obtained from the bank card. The obtained identifier is for example the PAN of the bank card.

    [0084] Concretely, during the payment, the EPT retrieves the complete PAN of the bank card of the user, which consists of an IIN (Issuer Identification Number) that corresponds to the digits allowing the bank that issued the bank card to be identified, and of a number identifying the user. The EPT then generates a digital fingerprint HPAN using all or some of the PAN, by virtue of a cryptographic function with which it is provided.

    [0085] The EPT then transmits an identifier that comprises the IIN and the HPAN to the till system 422. It will be noted that generating an identifier on the basis of the PAN allows the security rules in force, which forbid the transmission of the PAN outside of the EPT (in particular, when the EPT is connected to a till system), to be respected.

    [0086] Alternatively, the method separately transmits, in the same message or in different messages, the IIN and the HPAN to the till system 422.

    [0087] The till system 422 receives the identifier in step 405 and generates the electronic receipt.

    [0088] The till system 422 then transfers (step 406) the electronic receipt and the received identifier to the application server 423.

    [0089] In step 407, the application server 423 is able to determine which bank issued the bank card of the user, especially by virtue of the received identifier and more precisely of the IIN.

    [0090] Once the bank that issued the bank card has been determined, the application server 423 sends a request (step 408) comprising the HPAN to a server 421 of the bank. In step 410, the bank server 421 transmits, to the application server 423, in response to the received request (step 409), an electronic address of the user. Specifically, the bank hosts internally a lookup table that allows it to find an electronic address of the customer depending on information such as the HPAN. Of course, this table was constructed using the same cryptographic function that was in applied by the EPT to generate the HPAN. In step 411, the application server 423 receives the electronic address of the user from the bank server 421 then sends the electronic receipt received in step 407 to the electronic address of the user (step 412).

    [0091] According to one particular embodiment of the invention, whether or not the bank server 421 transmits the electronic address of the user may be dependent on rights attributed to the application server 423.

    [0092] According to one particular embodiment of the invention, whether or not the bank server 421 transmits the electronic address of the user may be dependent on validation by the customer. This validation may be made permanent, for example by setting a parameter of the user account of the customer to a particular value, or given on request (on each transaction).

    [0093] According to one particular embodiment of the invention, the servers 421 and 422 are one and the same server.

    [0094] According to one particular embodiment of the invention, the EPT may communicate with the bank of the customer before the completion of the payment. This communication (steps 400 to 403), which is for example required for a payment via a bank card requiring a systematic bank authorization, may allow the EPT to obtain, from the bank server 421, a single-use temporary user identifier (Hid).

    [0095] Alternatively, the bank server that delivers the single-use temporary user identifier to the EPT may be a second bank server, other than the bank server 421.

    [0096] The EPT then transmits the IIN and the Hid to the till system in step 404. The till system then generates (step 406) the electronic receipt, which it transfers with the IIN and the Hid to the application server 423. In step 407, the application server 423 is able to determine which bank issued the bank card of the user, especially by virtue of the IIN. Once the bank that issued the bank card has been determined, the application server 423 sends a request (step 408) comprising the Hid to the bank server 421 of the bank of the user.

    [0097] The bank may first verify that the application server 423 is indeed permitted to make such a request then transmit, to the application server 423 (step 410), in response to the request, an electronic address of the user. Specifically, the bank hosts internally a lookup table that allows it to find an electronic address of a customer depending on the Hid. In step 411, the application server 423 receives the electronic address of the user from the bank server 421 then sends the electronic receipt received in step 407 to the electronic address of the user (step 412).

    [0098] According to one particular embodiment of the invention, the electronic receipt generated by the till system may be complemented or replaced by a content (an email, a URL/URI, etc.) allowing information such as a way of accessing a digital service provided by the trader (promotions, offers, etc.) to be delivered.

    [0099] According to one particular embodiment of the invention, the payment means of the user may correspond to a string of characters, i.e. a string such as a number, a reference/a code or an email address, comprising at least one identifier of the bank of the user and one user identifier. It will be noted that the string of characters may be encoded into the form of a barcode.

    [0100] According to one particular embodiment of the invention, the payment means of the user may correspond to the user identifier obtained in step 404. For example, if the user makes the payment by entering into the EPT an electronic address delivered by its bank, for example in the format: “userid@bank.com”, the EPT then generates a digital fingerprint Hid using the local portion of the electronic address (the “userid”). The EPT then transmits, to the till system 422, the domain name “bank.com” and the digital fingerprint Hid (step 404). The till system generates (step 406) the electronic receipt, which it transfers with the digital fingerprint Hid and the domain name to the application server 423. In step 407, the application server 423 is able to determine which bank is the bank of the user, especially by virtue of the domain name. Steps 408 to 413 then remain identical.

    [0101] According to one particular embodiment of the invention, the payment means of the user may correspond to a pair of user identifiers obtained in step 404. For example an identifier of the banking establishment of the user and a digital representation of a biometric characteristic (fingerprint, voice, face, etc.) thereof may be used. It will be noted that the identifier of the banking establishment may be entered by the user into the EPT via a touch user interface or a voice user interface.

    [0102] It goes without saying that the completely non-limiting embodiment that was described above was given purely by way of indication, and that many modifications may easily be made thereto by those skilled in the art without, however, departing from the scope of the invention.