WO1999028872A2 - Method and apparatus for money transfers - Google Patents

Method and apparatus for money transfers Download PDF

Info

Publication number
WO1999028872A2
WO1999028872A2 PCT/GB1998/003537 GB9803537W WO9928872A2 WO 1999028872 A2 WO1999028872 A2 WO 1999028872A2 GB 9803537 W GB9803537 W GB 9803537W WO 9928872 A2 WO9928872 A2 WO 9928872A2
Authority
WO
WIPO (PCT)
Prior art keywords
code
identifier code
transferor
transfer
money transfer
Prior art date
Application number
PCT/GB1998/003537
Other languages
French (fr)
Other versions
WO1999028872A8 (en
WO1999028872A1 (en
Inventor
Henry Wodehouse
Stuart Mcdonald
Jon Francis
Original Assignee
Global Money Transfer Holdings
Henry Wodehouse
Stuart Mcdonald
Jon Francis
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Global Money Transfer Holdings, Henry Wodehouse, Stuart Mcdonald, Jon Francis filed Critical Global Money Transfer Holdings
Priority to AU12515/99A priority Critical patent/AU742367B2/en
Priority to EP98955790A priority patent/EP1036381A1/en
Publication of WO1999028872A1 publication Critical patent/WO1999028872A1/en
Publication of WO1999028872A2 publication Critical patent/WO1999028872A2/en
Publication of WO1999028872A8 publication Critical patent/WO1999028872A8/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation

Abstract

A money transfer system comprises remote terminals (10) for receiving transfer request information from a transferor (14). If the transferor is a new customer, a central server (12) generates a new party identifier code (PIC) using a secure postal printer (16), to send the PIC to the transferor independently of the communication with the terminal (10). The PIC will be re-used for subsequent transfers from the transferor. For each transaction, the server (12) allocates a unique transaction code (UTC) which is outputted to the transferor at the terminal (10). The server also generates money transfer instructions (22) communicated to the remote money handling authorities (28). The instructions include the existing or newly allocated PIC, verification code (TVC) related to the UTC, but insufficient to enable the UTC to be deduced therefrom. It is the transferor's responsibility to communicate the UTC and the PIC to the transferee (18), preferably by separate routes for security. If the parties have taken place in a previous transfer, then the transferee will already know the PIC from the previous transfer. The transferee can pick up the money from the bank upon presentation of the correct PIC and PIN matching the information in the money transfer instructions.

Description


  
 



   METHOD AND APPARATS FOR MONEY TRANSFERS
 This invention relates to method and apparats for facilitating money transfer.



  The invention is particularly suitable for inter-country money   transfers,    but it is not limited exclusively to this.



   Money   transfer    services are offered by a number of organisations, for   example    banks, the Moneygram organisation, and the Western Union organisation. A transferee wishing to transfer money is able to visit a local authorised agent and   arrange    for money to be made available for collection by a transferee at another authorised agent or bank, for example, in a different country.



   In developing the present invention, it has been appreciated that conventional techniques suffer from certain problems: (i) Identification of the transferee. Normally, a transferee will be required to present proof of identification, for example, a passport or driving licence, before being permitted to   collect    the funds. However, there are a large number of countries in which many people do not holds passports or other   officially    recognisable proof of identification. In such cases, money transfer may be limited to postal transfers.



  Western Union offers a code-word facility by which a transferor can provide a code word with the initial transfer instructions. The transferee is required to present a matching code word instead of presenting proof of identification.



     (ii)    Security. Particularly when a code word is used, there is a risk of the transferee, or other parties involved in the money transfer process, committing fraud.



  It will be appreciated that, especially in certain countries,   faraud    and corruption may be commonplace, and   difficult    to control from outside the country. In general, the transferee, and the bank staff in the country of the transferor and the transferee, all have access to the code word   and sufficient    other information to   collect    the funds and to complete the transaction (since no proof of identity is required). Such fraud is very difficult to detect and to revent.



     (iii)    Accuracy of information. Often, information is passed orally within a transfer organisation by telephone. This can lead to inaccuracies in the information,  
 particularly when unfamiliar pronunciation is involved, or if two people are not fully conversant in the same langage. For example, if a the name of the transferee is misspelt, then it may be impossible for the correct transferee to collect the funds even on presentation of proper identification. Such a common error can only be correcte by the   ttansferor    complaining to the transfer organisation, when he is notifie   ouf-té    non-delivery by the   transferee;    the full   transfer    details have to be taken again from the transferor to attempt a   further    transfer.



   The present invention has been devised bearing the above problems in mind.



   Broadly speaking, a first aspect of the invention is to provide the transferor with a secret identifier code (referred to in preferred embodiments as a party identification code or PIC) which is supplie to the transferor independently of the information exchanged with the transferor when the   transferor    is making a   transfer    request (for example, in the preferred embodiment, the PIC is sent to the transferor by post). The identifier code (or at least information related thereto) can be transmitted as part of the money transfer instructions through the money handling authorities. The transferor is required to transmit the secret identifier code to the transferee, and the transferee is, in turn, required to present the identifier code as one of the conditions to be met before the money can be collecte by the transferee.

   Possession of the correct identifier by the transferee represents proof that the transferee has been authorised to receive funds by the   transferor.   



   As used herein the term"money handling   authority"refers    to any authority empowered to handle money and, where appropriate, refers to any authority empowered to provide funds to a transferee. The term may inclue, but is not limited to, banks, internet banks, post offices, etc.



   Such a technique can avoid the need for the transferee to possess official proof of identification, and can also improve security. In particular, the local handling agents at the point of sale to the transferor will not have access to sufficient information to receive the   fonds    fraudulently.  



   Preferably, the identifier code (PIC) is allocated for at least one of the parties to the transfer (i. e. the transferor and/or the transferee). In the preferred embodiment, the identifier code (PIC) for the transferor, and the same code is re-used for subsequent transfers from the   ttansferor    to any transferee. This avoids the need for new   identifier    codes to be issued to the   transferor    for each   transaction.   



   Broadly speaking, a second closely related aspect of the invention is to generate an identifier code (referred in preferred embodiments as a unique   uumction    code or   UTC),    and to provide the transferor with the code (to be forwarded by the   transferor    to the transferee), but provide the money handling authority instructed to handle the transfer with second code (referred in the preferred embodiments as a transaction verification code or TVC) related verifiably to the identifier code. The second code is sufficient to enable the money handling authority to verify that the transferee is authorised to receive the funds upon presentation of the complete code by the transferee.

   Upon collection of the funds, the money handling authority can return the complete identifier code through the banking system, as evidence that the funds have been collecte by the authorised   transferee.   



   Such a technique can provide security against a   fraudulent"collection"of    the transfer by the money handling authorities instructed to handle the transfer, since the money handling staff will not have access to the complete identifier code to complete validly the transaction by returning the full code as evidence of completion. If the funds are collecte   fraudulently    by a person who has knowledge only of the second code (i. e. the   TVC),    and has therefore had to add a guessed code to the   known    code, this will be readily noticeable when the incorrect code is received back from the money handling authority.



   Preferably, this aspect of the invention further comprises testing, at least selectively or on demand, the full identifier code information returned for each completed transfer against the originally allocated identifier code to verify that the correct transferee has collecte the   fonds.     



   Although the above aspects can be used independently, particular avantages can be achieved by using the two aspects in combination. In particular, the technique can then ensure   that    neither the handling agents at the point of sale, nor the handling agents at the point of collection, possess all of the necessary information properly to complete a transfer. Only the   transferor    and the   transferee    possess the necessary codes (i. e. the PIC identifier code of the first aspect, and the   UTC    identifier code of the second aspect) needed to complete the transfer.



   In a closely related aspect, the invention provides a method of generating a first identifier code (UTC in the   preferred    embodiments) and a second code (TVC in the preferred embodiments) related thereto, the method   comprising:   
 generating the first code such that at least one character thereof represents a function of one or more other characters of the first code;
 generating a second code   comprising    at least one, but not all, of the characters of the first code, and   comprising    information indicative of the position in said first code of said at least one character and/or of said one or more other characters.



   Preferably, the characters of the first code are   numeric.   



   Preferably, the function is a checksum (or sum) function.



   Preferably, the second code comprises one or   more"blank"characters    representing missing character or digit positions of the first code.



   Preferably, the function is based on characters in one or more predetermined positions in the first code, and said information represents the position in said first code of the result of the function.



   In the preferred embodiment, the function is numeric sum function of the first four digits in the first code, and the information identifies where the result is to be found in the last four digits of the first code; a first character   ("F")    denotes that the result is in the first one or two digits of the last four; a second character   ("M")    denotes that the result is in the middle one or two digits of the last four; and a third character   ("L")    denotes that the result is in the last one or two digits of the last four. It will be  
 appreciated that other indexing systems could be used, for   exemple,    depending on the number of character positions available for the result.



   In a closely related aspect, the invention provides a method of testing information provided by a transferee for collection of funds, the method   comprising:   
 receiving transfer instructions including a first party identifier code   allocated to    at least one of the parties to the transfer, and a second transaction verification code related to a transaction   identifier    code allocated to the   transaction;    (a)   comparing    the first party identifier code from the transfer instructions with a party identifier code provide by the transferee; and (b)   comparing    the second transaction   verification    code with a   transaction    identification code provided by the transferee.



   Preferably, the method further comprises returning the transaction identification code to the issuing   authority    as evidence that the transferee is   authorised    to receive the funds.



   Preferably, the transaction   verification    code contains some, but not au of the characters of the transaction identification code, and the method comprises comparing each known character in the   transaction verification    code for equivalency with a corresponding character of the transaction identifier code.



   Preferably, the transaction verification code inclues information associated with the result of a function based on one or more characters of the transaction identification code, and the method comprises testing whether the transaction identification code presented by the transferee matches the function.



   In a closely related aspect, the invention provides a money transfer system   comprising:   
 at least one remote input unit   operuble    to generate a money transfer request in accordance with information from a transferor; and
 processing means for communicating with each remote unit for receiving and processing money transfer requests received therefrom, the processing means   comprising:     
 means for providing a first   identifier    code associated with the   transaction    and/or with the identity of one or more parties to the transfer ;

  
 means for   outputting    first information including the first identifier code, to be communicated   directly    or indirectly to the transferor independently of the communication with the terminal; and
 means for   outputting    second information to be supplie directly or indirectly to a money handling authority as instructions to effect the   transfer    for collection, the second information including at least a portion of the first identifier code or information related thereto to enable the   authority    of the transferee to be verified.



   Preferably, the system inclues a plurality of terminals. Preferably, the processing means (also referred to herein as the server), is able to communicate with each terminal at various times during a working day, to control the terminals directly, or to upload transfer requests (and any other information) logged by the terminals while   off-line    (if   off-line    operation is supported).



   In a further closely related aspect, the invention provides a money transfer system   comprising:   
 at least one remote input unit operable to generate a money   transfer    request in accordance with information from a transferor; and
 processing means for communicating with each remote unit for receiving and processing money transfer requests received therefrom, wherein:
 the terminal and/or the processing means is operable to output for communication   directly    or indirectly to the transferor, an identifier code allocated to the money   transfer;

      and
 the processing means is operable to output money transfer instructions to be supplie directly or indirectly to a money handling   authority    as instructions to effect the transfer for collection, the instructions including only a first portion of the identifier code, whereby the money handling   authority    can   verify    a portion of the identifier code presented by the transferee.  



   Preferably, the terminal is operable to output the code to the transferor directly.



  Preferably, the terminal is operable to communicate the identifier code to or from the processing means.



   Preferably, the system comprises means for receiving a full identifier code returned by the money   handling authority    as evidence of completion of the transfer, and means for   comparing    the returned identifier code with the   originally    allocated code for the transaction.



   Preferably, the system comprises database means for storing the identifier code allocated to each transaction.



   An embodiment of the invention is now   described,    by way of example only, with reference to the accompanying drawings, in which:
 Fig. 1 is a schematic block diagram   illustradng    the principles used in the embodiment;
 Fig. 2 is a   schematic    diagram   illustrating    the information used in Fig. 1;
 Fig. 3 is a schematic diagram illustrating generation of a   UTC    and a TVC;
 Fig. 4 is a schematic block diagram of a remote input unit;
 Fig.   S    is a schematic block diagram of the central server;
 Fig. 6 is a flow diagram illustrating operation of the central server;
 Fig. 7 is a flow diagram illustrating operation of the second embodiment of terminal;

  
 Fig. 8 is a flow diagram illustrating information exchange between the terminal and the central server during a polling operation; and
 Fig. 9 is a flow diagram   illustrating    operation of the server for handling information from the second embodiment of terminal.



   The principles used in this embodiment are first   described briefly    with reference to Figs. 1 and 2. The system consists of a   plurality    of remote terminals 10 located, for example, in shops and/or banks within a local community. The terminals 10 communicate with a central processor, also referred to hereinafter as the server 12.  



   The terminals 10 may, for example, be coupled to the server 12 by conventional telephone modems which call up the server 12 to be controlled by the server 12. In this embodiment, all operations and calculations are performed by the server 12, and the terminal 10 acts as a dumb slave unit, i. e. as a remote input and display device. To improve   security,    the server 12 may caf-bac the terminal 10 at a pre-designated telephone number to ensure that third parties cannot break into the server operation.



   When a new customer desires to perform a transfer, or desires to   be"logged"    as a customer for future transfers, this can be done at any terminal 10, which calls the server 12 to perform the process under to server's control. The customer's details including his name and address are inputted through the terminal 10 and recorde by the server 12 in a customer database 12. The local agent gives the customer a swipe card (not shown) which may be coded in any suitable manner, for example,   optically,      magnetically,    or carry an electronic circuit. In this embodiment, the swipe card has a conventional magnetic strip on which is a pre-recorded code uniquely identifying the card.

   The code also doubles as a unique   identification    code for the customer (and is referred to later as the CIC, for customer-or   card-identification    code). To validate the card, the customer or the local agent is required to insert the card into the terminal so that the pre-recorded code can be read by the terminal's card reader (not shown) and communicated to the server 12 to be recorde in the customer database.



   Either immediately, or at some time later, the server 12 allocates a party identification code (PIC) for the new customer. The PIC is needed later by a transferee to   verify    that he has been   authorised    by the   ttansferor    to receive the funds. In this embodiment, the PIC is generated using a random or pseudo random generator, and consists of a numeric code, for example, a four digit code, but an   alphanumeric    or purely alphabetic code could be used instead. The PIC is printed using a secure postal printer 16, and is posted directly to the customer 14. A significant feature is that the
PIC is not communicated through the terminal 10, and so the local agent has no means of accessing a person's PIC to fraudulently intercept transfers.  



   To perform a transfer, the customer (transferor) 14 pr sents his swipe card to be inserted into the terminal's card reader. This initiates communication between the terminal 10 and the server 12 so that the transfer details can be inputted to the server 12. The transfer details include the name and address of the transferee, the amount to be transferred, and the name and address of the bank or other money handling   authority    at which the transferee will collect the transferred funds. The latter information can be selected from a list or menu of allowable collection authorities for any particular country or town.



   The server 12 calculates the amount required to be paid by the transferor, which the   transferor    pays to the local agent. The server 12 then allocates a   transaction    identification code for the transfer, in the form of a unique   uumction    code   (UTC).    In this embodiment, the UTC is based on a pseudo-random code, which is tested to ensure that it uniquely identifies the transfer (at least for the   period    in which the   transfer    is valid; the same code is available for re-use after that period). The code is   numeric,    but in alternative embodiments could be   alphanumeric,    or purely alphabetic.

   The server 12 communicates the UTC to the terminal 10, and a hard copy of the transfer details, including the   UTC,    is printed out by the terminal 10 to be given to the   transferor    as a receipt.



   It is the   transferor's    responsibility to send the PIC and the   UTC    to the transferee 18 and to ensure that only the intended transferee receives this information. Normally this would be done by sending the PIC and the UTC by separate routes (depicted as 20a and 20b in Fig. 1), for example, by separate lettes, or by communicating one by letter and the other by telephone or telex. The   UTC    and the PIC together provide the transferee with all of the   information    needed to validate the transaction, and   collect    the transferred funds.



   To effect the transfer, the server 12 communicates a transfer request 22 directly or indirectly (for example through a remote terminal) to a computer 24 of a domestic bank (assuming that the transfer system is being run by an independent   organisation    using the bank as an intermediary).

   The transfer request 22 inclues the transfer   detaids     
 supplie by the transferor, and also inclues the PIC and a   transaction verification    code   (TVC).    The TVC is related to the UTC to enable verification of the correct UTC when presented by the   transferee,    but the TVC does not itself contain sufficient information to enable the   original LJTC    to be deduced if it is not   known.    The bank computer 22 processes the   transfer    request and communicates the transfer information 26, by conventional bank transfer services, for example by telex, or by SWIFT, to the foreign bank 28 nominated by the original instructions from the transferor 14.

   The transfer information 26 supplie to the foreign bank inclues the PIC and the truncated TVC.



   In order to   collect    the transferred funds, the transferee 18 visits the foreign bank 28 and presents the PIC and full UTC. The PIC provides evidence that the person has been   authorised    by the transferor to receive funds, and the full UTC provides the necessary authorisation to complete the   transaction.    The staff at the foreign bank 28 are able to compare transferee's UTC with the TVC with which they have been supplie to   verify    that the full UTC matches the TVC. The foreign bank 28 then returns the full UTC to the domestic home bank 24 as evidence that the transfer has been properly completed, and that the correct recipient has been paid.



   Such a system offers important avantages over conventional techniques: (a) The transferee does not require any form of personal identification, such as a passport, or a driving licence.



  (b) The only parties in possession of all of the necessary information validly to complete a transaction are the transferor, and the transferee. The agents at the point of sale (10) do not have access to the PIC, since this is allocated   directly    by the server 12, and is communicated to the transferor by post. The staff at the domestic home bank 24 and at the foreign bank 28 have access to the PIC, but do not have access to the full
UTC. This will obstruct any fraudulent activity by the handling   authorities    or agents.



  (c) It is the responsibility of the transferor to transmit the PIC and the full UTC to the transferee in a secure manner. If this information is intercepted and the funds are collecte fraudulently by a third party, then neither the money handling   authorities,    nor the money transfer organisation, has to accept liability.  



   For subsequent   transfers    from the same   transferor    14, the original PIC is reused. The server 12 maintins a database of transferors and the PIC allocated to each. New PIC's are only allocated, printed and posted for new   transferors,    or if a transferor believes his PIC to have been compromised.



   In general, a   transferor    will only have to notify his PIC to a transferee once.



  Once the transferee   knows    the PIC, all he needs to receive funds is the new   UTC    associated with each individual   transaction.    This further reduces the chances of information being intercepted between the transferor 14 and the   transferee    18.



   There are numerus techniques for generating a TVC which relates   veriflably    to the UTC but does not prejudice the   security    of the   UTC.    For example, one technique is to truncate, or blank, one or more digits or characters from the UTC, leaving a code which partly matches the full UTC. The   security    can be improved by varying the number and/or the positions of the blanked characters, so that a person will not be able to predict which of the characters of the code are already   known    in the TVC.



   Another technique for generating a TVC is generate one or more checksum digits or characters. These can either be included in the UTC, or they can be included only in the TVC. The   security    can be improved by varying the number   and/or    the positions of the characters or digits on which the checksum is based, so that a person will not be able to predict which characters represent, or contribute to, the checksum.



   In a particularly preferred embodiment, the TVC is generated by a combination of the above two techniques. Referring to Fig 3, the UTC can consist of a 7,8,9 or 10 digit code, for example the code illustrated in Fig. 3a. This is based on a pseudorandom number, but tailored such that the sum of the first four digits A is represented somewhere in the last four digits, namely in the first one or two digits B of the last four, or the middle one or two digits C of the last four, or the last digit or digits D. In the illustrated code, the sum (i. e. 8+4+5+9=26) is represented in the middle two digits C of the last four.



   Fig. 3b illustrates a first TVC which may be generated from the UTC. The
TVC inclues some of the original digits, the missing digits being replace   by"blank"     
 characters. The TVC also inclues a prefix   code"F","M"or"L"to    indicate whether the sum is to be found in the First,   Middle    or Last digits of the last four digits. In the present   exemple,    the sum is in the middle digits C of the last four, and this is denoted in the TVC by   prefix"M".    It will be appreciated that the prefix code is only included in the TVC, and not in the   UTC.   



   When the   UTC    is presented for   verification,    the local bank can check firstly whether the digits in the   UTC    agree with the digits already known in the TVC, and secondly, whether the   appropdate checksum    digits denoted by the TVC's prefix correspond to the sum of the first four digits.



   Fig. 3c illustrates a second TVC which may be generated for the same   UTC.   



  The   prefix    code is, of course, the same as that for Fig. 3b, but this example illustrates that a person cannot predict which digits are known in the TVC, since this can vary.

 

   The above scheme represents a balance between security and ease of   verification    at a remote bank. Other schemes may be used which require computer   verification,    but this could restrict the banks at which the transferee is able to collect the funds.



   Referring to Fig. 4, the remote unit 10 comprises a main processor 30 to which are connecte a display screen 32, a keyboard 34, a swipe card reader 38, a receipt printer 40, a customer/transaction logger 41, and a telephone communications modem 44 coupled through an encryption/decryption unit 46 for communicating with the server 12. The display screen may, for example, be a video display unit, or it may be an alphanumeric display, for example, an LCD display. The display is used to present messages and prompts to the customer (transferor) and/or the local agent supervising th 



   The logger 41 and the encryption/decryption unit 46 are illustrated above as discret units for ease of description. However, it will be appreciated that these units may be embodied by software running on the main processor 30.



   Referring to Fig. 5, the server 12 consists generally of a central processor unit 90 to which are connecte a customer database 92, a   ummction    database 94, a reference database 96, a PIC generator 98, a UTC/TVC generator 100, a secure postal printer 102, an output system 104 (for passing transfer instructions to a bank computer), an input cache 106, and a telephone modem 108 connecte through an encryption/decryption unit 110 (which is similar to the encryption/decryption unit 46 described above for the remote terminal 10).



   The customer database 92 is a master database of all customers (transferors) who have used the system at any time. For each customer, the database also inclues full name and address information, at least limited transaction history, and the customer's PIC and CIC. The transaction database 94 is a master database of the   transactions.    This inclues all pending transactions, and possibly at least a   limite    history of completed transactions. The information in the transaction database 94 may be archive from time to time to make more memory available for new   transactions.   



  The reference database 96 is a master database of the current reference information required for the   transactions,    including, for example, the countries to which   transfers    can be sent, available recipient bank details for each country, currency exchange rates and commission rates.



   The secure postal printer 102 is of a known type which is able to produce sealed envelopes containing a printed sheet, it being possible to read the sheet only by breaking open the sealed envelope. Such printers are used in applications where it is desired to print information securely to send to a recipient, while ensuring that local staff are unable to read the contents of the envelope.



   Fig. 6 illustrates the operation of the server 12 once communication has been established between a terminal 10 and the server 12. Step 122 determines whether the information from the terminal 10 corresponds to a new or   existing    customer.   Ilis    is  
 apparent if the information contains an existing customer identification code CIC.



  Assuming as a   first    case that the information does correspond to a new customer, then the process proceeds to step 123 at   which    the server 12 controls the terminal to prompt for, and return, inputted customer information, including the customer's full name and address. At step 124 a new customer entry is created in the customer database 92.



   From step 124, the process proceeds to step 125 at which the server 12 controls the terminal to prompt for a new swipe card to be introduced into the terminal's card reader 38. As explained hereinbefore, the swipe card carries a pre-recorded CIC, which is read by the terminal 10 and returned to the server 12. At step 126, the read CIC is recorde in the customer database. This completes the introduction of a new customer at the terminal 10. The customer can then use the swipe card to initiate a transfer.



   At step 127, a PIC is generated for the new customer by the PIC generator 98.



  As explained previously, the PIC is used later by the recipient to identify himself at his local bank to   collect    the transferred funds. A separate PIC is generated for each customer. In the present embodiment, the PIC is produced as a random or pseudorandom 4-digit number, so that it is impossible to derive any relationship between the
PIC and the customer's details (which might otherwise enable PIC's to be predicted by fraudulent parties). However, in other embodiments, the PIC could be the result of a checksum or hashing function carried out on the customer's name or address, so that it is possible to   verify    whether given PIC matches given party's name.

   Alternatively, it is possible to generate a pseudo random PIC using an encryption   algorithm    which is virtually impossible to reverse or to predict, but which retains a verifiable relationship with the parties names. However, in the present embodiment, it is assumed that it may be difficult to arrange for   verification    of the PIC by the recipient's bank, and so it is preferred to   utilise    a completely random PIC.



   At step 128, the PIC is recorde in the customer database. The PIC is also printed in a sealed envelope by the secure printer 102, and the envelope is addressed and posted to the customer at his home address identifie in the customer information  
 received from the remote terminal 10 (and now stored in the customer database 92 of the server 12).



   It will be appreciated that steps 127 and 128 can be carried out either immediately after communication with the terminal 10, or at some subsequent time when the server 12 may be less busy.



   If at step 122 the received information contains an existing CIC (and therefore corresponds to an existing customer, the process proceeds to step 130 at which the customer's PIC is retrieved from the customer database. At step 132, the transfer is analyse to assess whether it is a suspicious transfer which should be stopped for legal reasons.

   Suspicious transfers may, for example, be detected as any of the following:
 (i) transfers greater than a certain allowable amount (which may vary depending on the destination country);
   (ii)    repeated transfers which accumulate to a sum greater than an allowable amount over a predetermined   period      (the    amount may vary depending on the destinationcountry);
   (iii)    repeated transfers the frequency of which exceeds an allowable figure (which may very depending on the   destination    country).



   The purpose of step 132 is to provide at least a degree of protection to prevent large scale money   laundering    or illegal funds transfer from one country to another. If a suspicious transfer is detected, then the transfer process can be aborted, or the server 12 can prompt the terminal 10 that proof of identification is   required    before the   transfer    can proceed. Details of the proof of identification (e. g. a passport number) can be entered at the terminal 10 for communication back to the server 12.



   At step 134, a check is performed on whether the customer's payment has yet cleared. If cash is used to pay for the transfer, then this step can be omitted.



  However, if payment has been made by cheque, then no   transfer    should be   authoxised    until the cheque has been cleared by the customer's bank. If the payment has not yet cleared, then the data is re-stored (for example, in the input cache 106 or in a separate pending store) to be re-processed during the next   day's    processing.  



   At step 135, the UTC and the TVC for the transfer are provided. These could either be   generated"live",    for example, by suitable   algorithms,    or the UTC and the
TVC could be obtained from a supply of pre-generated codes. Such codes could be pre-generated when the server 12 is not busy, for   exemple,    overnight, and stored in suitable memory.



   At step 136, the UTC is communicated from the server 12 to the terminal 10 to be printed by the terminal's printer 40. This provides the customer (transferor) with the UTC to send to the transferee.



   At step 137, the transfer details are issued as a transfer instruction to the intermediary bank. The transfer instructions include the transfer details   originally    inputted by the customer, the PIC, and the TVC (including the prefix   code"F","M"      or"L").   



   At step 138, the   transaction    details are stored in the   transaction    database 94 as a pending   transaction,    which completes the initial transaction processing. Although not illustrated in the drawings, additional processing can be provided when the foreign bank returns the full UTC as evidence that the   transaction    has been completed.

   The returned   UTC    can be compare to the   UTC    recorde in the transaction database to   verify    that the   transaction    has been completed   correctly.    Alternatively, this   verification    step might only be necessary if a transferor complais of non-delivery of funds to the transferee, or of collection by an   unauthorised    person.



   In Fig. 5, the encryption/decryption unit 110, the input cache 106, the PIC generator 98, the UTC generator 100, the TVC generator 101, and the databases 92,94 and 96 are illustrated as   separate"items"from    the server processor 90. This is merely to aid description of the invention. It will be appreciated that these functional parts may be implemented by software applications running on the processor.



   Although not illustrated in the drawings, it may also be possible for a customer to place a telephone order to a telephone receptionist, who would then enter the transfer details using a dedicated terminal, or directly on to the server 12. The UTC could be issued to the telephone transferor either by telephone, or by means of the secure postal  printer 102. In the latter case, it is preferred that the   UTC    be printed and posted separately from any communication of a new PIC, to reduce the chances of these items of information being intercepted together.



   The above embodiment   employs"online"operation    of the terminals 10 under the direct control of the server 12.   All    of the information processing is carried out by the server 12. This can enable relatively inexpensive and straightforward terminals to be used, and it can also enable updated information to be available   immediately    simply by changing the information   and/or    the programs on the server.



   In an alternative embodiment, it may be desirable to provide at least some of the terminals with a degree of   autonomy,    for offline operation. Referring to Fig. 4, the terminal 10 is similar to that previously   described,    but inclues the following units (shown in phantom): a   UTC/TVC    generator 48; a reference database 36; and a   customer/transaction    database 42.

   The reference database 36 provides reference information for the remote terminal, such as details of the individual countries to which   transfers    can be sent, and the individual banks in each country, the exchange and commission rates for each country, and the likely transfer delay for each country (if a   calculation    of the expected arrival date of the funds is to be provided). The reference database may also include details of public holidays in each country, and the allowable methods of payment by the customer (for example, cash, cheque, credit card, e-cash, mondex, etc.) and the clearance delay for each type of payment (if the calculation of the   expected arAval    date of the funds is to be provided).

   The information in the reference database can be updated   periodically    by the server 12, for example, at the start of a day, or during routine polling of the terminal 10 by the server,   as described    further below.



   The customer/transaction database 46 is used to store details of transfer requests, and details of any new customers, until the information can be uploaded to the server 12 for action.



     Referring    to Fig. 7, before a new customer can use the transfer system, the customer's details have to be entered into the terminal using the keyboard (step 50).  



   The customer details include the customer's name and address (or other contact details), so that the secure PIC can be sent later to the customer by the server 12. The customer details are then stored in the   customer/tmnsaction    database 42 (step 52).



  Thereafter, the customer is issued with a swipe card (step 54) which carries a unique customer identification code   (CIC),    as explained previously.



   At step 56, the customer (or the local agent) enters details of the desired   transfer.    Such details include the name and address of the recipient (transferee), the amount to be transferred (in the local currency of the customer), the method of payment by the customer, and the destination country, name and address of the bank or other money handling agent at which the recipient will   collect    the transferred funds.



   At step 58, the processor 30 calculates and displays the value of the funds in the recipient's currency, and the amount of commission charge, based on the information stored in the reference database 36. If desired, the processor may also calculate an estimated date of arrival of the   transferred    funds at the destination bank, using information in the reference database, and the   following    formula:
Arrival date = today's date + funds clearance delay + transfer delay + calendar (holiday) delay
 If the customer agrees to the transaction and makes payment to the agent, then this is confirme at step 60. (If the customer declines to proceed, then the process can be aborted at this step.) Thereafter, at step 61 the UTC and TVC for the transfer are   provided/generated    by the UTC/TVC generator 48.

   The   UTC    and TVC can either being   generated"live",    or a pre-generated UTC   and    TVC can be retrieved. Such
UTC's and TVC's may either be generated by local generators within the terminal, or they may be downloaded from the server 12 as part of the   update    information for the reference database.



   At step 62, the transfer details including the allocated   UTC    are stored in the customer/transaction database 42 to await uploading to the server 12 for processing.  



      The transfer details including the UTC are also printed out (step 64) by the terminal's    receipt printer 40 to provide a receipt for the customer.



   The above method steps apply to a new customer. An existing customer simply inserts his or her swipe card into the terminal's card reader 38 (step 66), at which stage the customer number is read from the card. This provides sufficient information for the server 12 to access the customer's details which are stored in the server 12. After step 66, the process proceeds directly to step 56 for the customer (or agent) to enter the details of the transfer, as described above.



   At various intervals during the day, the terminal 10 is polled by the server 12 by telephone, to upload money-transfer information and new customer information to the server 12, and to receive new reference information from the server 12. Referring to
Fig. 8, when a telephone call is received from the server 12 (step 70) the process proceeds to step 172 at which the terminal 10 verifies that the call is from the proper server 12, for example, by means of a secret password. The terminal also returns a secret password, so that the server 12 can verify that it is communicating with the proper terminal 10. It will be appreciated that all information sent and received through the telephone line is communicated in encrypted fors, so that the information cannot easily be intercepted.

   At the terminal end, the information is encrypted/decrypted by the encryption/decryption unit 46 connecte between the processor 30 and the modem   44.   



   Following step 72, the terminal waits to receive any new reference information (step 74) for the reference database 36. Such new information may be in the form of a   replacement"reference"file    to overwrite the entire existing contents of the reference database 36, or it may be in the form of   update"packets"to    replace only certain information in the reference database. The new   information    (if any) is then written into the database.



   At step 78, the terminal transmit the new contents of the   customer/transaction    database 42 to the server 12. This new information inclues details of any new  
 customers (including the customer identification number for each new customer), and details of transfer requests entered by   the    customers.



   Step 80 determines whether the terminal has closed at the end of the day and, if so, the process proceeds to step 82 at which   end-of-day      (EOD)    information is transmitted to the server 12. The EOD information inclues totals representing the   day's    transactions and new customers, to provide a cross-check that all of the terminal's information has been validly received by the server 12. This is   subsequently    crosschecked by the server 12. If the terminal has not yet closed at the end of the day, then the process branches past step 82, to step 84 at which the communication is terminated.



   The server 12 will normally poll each terminal 10 at several different times during the day. During each communication session, the terminal transmit only the new information contained in the customer/transaction database 42 (i. e. the information not previously communicated to the server). In this embodiment, the information remains in the customer/transaction database 42 until after the server 12 verifies, for example, by means of the EOD information, that all of the information has been uploaded correctly to the server 12. Such a technique enables all of the information to be uploaded to the server again if necessary, for example, should any discrepancies arise from the EOD information.   However,    in other embodiments, the customer/transaction database 42 could be cleared after each communication session with the server 12, if desired.



   In Fig. 4, the reference database 36, the customer/transaction database 42, the   encryption/decryption    unit 46 and the   UTC/IsVC    generator 48 have been illustrated as   distinct"items"from    the processor unit 30. This presentation is merely schematic to aid description of the invention. It will be appreciated that such items may be implemented as application software   run    by the processor unit. The reference information and the customer/transaction information may be stored as files on conventional mass storage, for   example,    a semiconductor mass memory or a magnetic disc.  



   In use, the server 12 polls each remote terminal 10 to download updated reference information to the terminal 10, and to upload new   transfer-request    information and new-customer information from the terminal. The communication procedure is complementary to that   described    above with reference to Fig. 8, and so is not expanded further here. The uploaded   information    is stored   temporarily    in the input cache 106 until it can be processed by the processing unit 90.



   Fig. 10 illustrates the manner in which   each"packet"of    information from the input cache 106 is   processed.    Where   appropriate    the same reference numerals as those in Fig. 6 are   used    to denote an equivalent operation step. The information is firstly read from the cache 106 at step 120 and, as before, step   122    determines whether the information corresponds to a new customer. Assuming as a   first    case that the information does correspond to a new customer, then the process proceeds to step 124 at which a new customer entry is created in the customer   data. base    92, containing the
CIC read from the input cache.



   From step 124, the process proceeds to step 127 at which a PIC is   generated    for the customer.



   At step 128, the PIC is printed in a sealed envelope by the secure printer 102, and the envelope is addressed and posted to the customer at his home address identifie in the customer information received from the remote terminal 10 (and now stored in the customer database 92 of the server 12). The PIC is also stored in the customer database92.



   Step 132 represents the first step for processing the transfer after the customer and recipient details have been stored. At step 132, the transfer is   analysed    to assess whether it is a suspicious transfer which should be stopped for legal   reasons,    as explained in more detail hereinbefore.



   At step 134, a check is performed on whether the customer's payment has yet cleared. Assuming that the payment has cleared, the process proceeds to step 136 at which the transfer details are issued as a transfer instruction to the intermediary bank.  



   The transfer instructions include the transfer details originally inputted by the customer, the PIC, and the TVC received from he terminal 10.



   At step 138, the   transaction    details are stored in the transaction database 94 as a pending transaction, which completes the initial   transaction    processing.



   If at step 122, the information corresponds to an existing customer, the process proceeds to through step 142 at which the   existing    PIC for the customer is read from the customer database for re-use. The process then proceeds through step 132 for processing of the   transfer    details, as described above.



   In the above embodiment, the UTC and TVC are allocated to the transaction at the point of sale terminal 10, to provide offline operation of the terminal 10. Although in the illustrated embodiment, the TVC is allocated at the terminal, this could instead be allocated by the server 12, to reduce the risk that the TVC might be available by tapping into the terminal somehow.



   In the above embodiments, the PIC is associated only with the   ttansferor.    In an alternative form, the PIC could be associated instead with each   transferor/transferee    pair.   Thus    instead of a transferor having a single PIC, the transferor would have different PIC's for his different transferees. This could provide additional security if needed, but might require the   transferor    to remember possibly a large number of PIC's.



  The customer database would also need to store all of the PIC's for each transferor, and be able to identify subsequent transactions between the same transferor and   transferee,    in order to use the correct PIC.



   In the above embodiments, swipe card is   pre-programmed    with its CIC, and this is the only information required to be read by the terminal. In other embodiments, the terminal might be equipped with a card reader/writer for writing information to the card as well as reading it from the card. This could   enable"favourite recipient"data    to be stored on the swipe card in order to simplify the operation for the transferor.



   It will be appreciated that the invention, particularly as illustrated in the preferred embodiments, can enable funds to be transferred in a logical and   secure,    manner, which allows a recipient to receive the funds without having to have official  
 proof of identity (such as a passport). Only the transferor and the intended   tcansferee    have access to   sufficient    information to complete the transfer, and it is the transferor's responsibility to ensure that the information is sent in a secure manner to the transferee.



  Neither the local handling agent for the   tcansferor,    nor the local handling agent for the transferee, have direct access to   sufficient    information to complete a valid transfer.



   While features believed to be of importance have been identifie in the foregoing description, and in the appende claims, the applicant claims protection for any novel idea, feature or combination of features described herein and/or illustrated in the drawings irrespective of whether emphasis has been placed thereon.

Claims

CLAIMS 1. A method of handling money transfer requests in a system which inclues at least one input device for receiving information directly or indirectly from a transferor, and processing means for communicating with the input device for processing money transfer requests therefrom, the method comprising: receiving at the processing means a money transfer request from the input device; providing within the processing means a first identifier code for the transfer and/or for at least one of the parties to the transfer; sending the first identifier code directly or indirectly to the transferor if the first identifier code is a new code, the sending operation to the transferor being an independent operation from the communication with the input device;
outputting money transfer instructions including at least a portion of the first identifier code or information related thereto; and communicating the money transfer instructions to a money handling authority as instructions to effect the money transfer, whereby the authority of the transferee party to receive the funds can be verified upon presentation of the first identifier code by the transferee party.
2. A method of operation in processing means for processing money transfer requests, the method comprising: receiving at the processing means information representing a money transfer request; providing within the processing means a first identifier code associated with the transfer and/or with at least one or the parties to the transfer; sending the first identifier code directly or indirectly to the transferor if the first identifier code is a new code; outputting money transfer instructions including at least a portion of the first identifier code or information related thereto;
and communicating the money transfer instructions to a money handling authority as instructions to effect the money transfer, whereby the authority of the transferee party to receive the funds can be verified upon presentation of the first identifier code by the transferee party.
3. A method of communicating information with a transferor for a money transfer operation to transfer money to a transferee, the method comprising: (a) receiving transfer instruction information directly or indirectly from the transferor; (b) providing a first identifier code associated with the transfer and/or with at least one of the parties to the transfer, the code being required by the transferee to complete the money u-ansfer operation; (c) outputting or selectively outputting the first identifier code for communication to the transferor;
wherein in step (c) the first identifier code is outputted for confidential communication to the transferor independently of the communication in step (a).
4. A method according to claim 3, wherein step (c) comprises selectively outputting the first identifier code if the code is newly allocated.
5. A method according to claim 1,2,3 or 4, wherein the step of providing the first identifier code comprises selectively allocating a new identifier code, or re-using a previously allocated identifier code.
6. A method according to claim 5, wherein the party identifier code is associated with the transferor. 7. A method according to claim 6, wherein the processing means comprises a database of tiansferors, the database containing for each transferor the or a party identification code associated therewith.
8. A method according to any preceding claim, wherein the step of allocating a new first identifier code comprises generating a random or pseudo random code.
9. A method according to any preceding claim, further comprising generating a second identifier code associated with the transaction, and outputting the second identifier code to the transferor, and wherein the step of generating the money transfer instructions at the processing means comprises including a verification code related to the second identifier code to enable the correct second identification code to be verified when presented by the transferee.
10. A method according to claim 9, wherein the second identifier code is outputted to the transferor at the or a remote terminal.
11. A method of handling money transfer requests in a system which inclues processing means for processing money transfer requests, the method comprising : generating an identifier code associated with a transfer request; outputting the identifier code for communication to the transferor; outputting from the processing means money transfer instructions including a verification code related verifiably to the identifier code; communicating the money transfer instructions to a money handling authority as instructions to effect the money transfer, whereby the authority of the transferee party to receive the funds can be verified at least partly upon presentation of the original identifier code matching the incomplet code in the money transfer instructions.
12. A method according to claim 11, wherein the identifier code is based on a random or pseudo random code.
13. A method according to claim 11 or 12, wherein the money transfer request is generated at a terminal remote from the processing means, and the identifier code is outputted at the terminal for the transferor.
14. A method of operation in a processing means for processing money transfer requests, the method comprising: receiving at the processing means information representing a money transfer request; providing an identifier code; providing a verification code related verifiably to the identifier code, the verification code being insufficient to enable the identifier code to be deduced unambiguously therefrom;
and outputting from the processing means money transfer instructions including the transaction verification code, for communication to a money handling authority as instructions to effect the money transfer, whereby the authority of the transferee party to receive funds can be verified at least partly upon presentation of the original identifier code matching the verification code in the money transfer instructions.
15. A method according to claim 11,12,13,14 or 15, wherein the identifier code is generated such that at least one character thereof represents a function of one or more other characters of the identifier code, and the step of providing the verification code comprises generating a code comprising at least one, but not all, of the characters of the identifier code and including information indicative of the position in said identifier code of said at least one character and/or of said one or more other characters.
16. A method according to claim 15, wherein the characters in the identifier code are numeric.
17. A method according to claim 15 or 16, wherein the function is a sum function.
18. A method according to claim 15,16 or 17, wherein the verification code comprises one or more blank characters representing missing character or digit positions of the identifier code.
19. A method according to claim 15,16 or 17, wherein the function is based on characters in one or more predetermined positions in the identifier code, and said information represents the position in said identification code of the result of the fiction.
20. A method according to any preceding claim, further comprising storing the or each identifier code at the processing means.
21. A money transfer system comprising: at least one input unit operable to generate a money transfer request in accordance with information from a transferor; and processing means for communicating with the or each input unit for receiving and processing money transfer requests therefrom, the processing means comprising: means for providing a fist identifier code for the transaction and/or for the one or more parties to the transfer; means operable to output first information including the first identifier code, to be communicated directly or indirectly to the transferor independently of the communication operation with the input unit;
and means for outputting money transfer instructions including at least a portion of the first identifier code or information related thereto, for communication to a money handling authority as instructions to effect the money transfer, whereby the authority of a transferee party to receive the funds can be verified at least partly by presentation of the first identifier code by the transferee party.
22. A system according to claim 21, comprising at least one remote input unit.
23. A processing system for use in a money transfer system for processing money transfer requests, the processing system comprising: means for receiving information representing a money transfer request; means for providing a fist identifier code associated with the transaction and/or with one or more parties to the transfer ; means operable to output first information including the first identifier code, to be communicated directly or indirectly to the transferor;
means for outputting money transfer instructions including at least a portion of the first identifier code or information related thereto, for communication to a money handling authority as instructions to effect the money transfer, whereby the authority of a transferee party to receive the funds can be verified at least partly by presentation of the first identifier code by the transferee party.
24. A system for communicating information with a transferor for a money transfer operation to transfer money to a transferee, the system comprising: means for receiving transfer instruction information directly or indirectly from the transferor; means for providing a first identifier code associated with the transfer and/or with at least one of the parties to the transfer, the code being required by the transferee to complete the money transfer operation; and means for outputting the first identifier code for confidential communication to the transferor.
25. A system according to claim 24, wherein the means for outputting information for the transferor comprises means for selectively outputting the first identifier code if the code is newly allocated.
26. A system according to claim 22,23,2421, or 25, wherein the means for providing the first identifier code comprises means for selectively allocating a new identifier code, or re-using a previously allocated identifier code.
27. A system according to claim 26, wherein the first identifier code comprises a party identification code associated with the transferor.
28. A system according to claim 27, wherein the processing means comprises a database of transferors, the database containing for each transferor the or a party identification code allocated thereto.
29. A system according to any of claims 21 to 28, wherein the means for allocating a new first identifier code comprises means for generating a code based on a random or pseudo random code.
30. A system according to any of claims 21 to 31, further comprising means for generating a second identifier code associated with the transaction, and outputting the second identifier code to the transferor, and wherein the means for generating the money transfer instructions at the processing means comprises means for including a verification code related to the second identifier code to enable the correct identifier code to be verified when presented by a transferee.
31. A system according to claim 32, wherein the second identifier code is outputted to the transferor at the or a remote terminal.
32. A system for handling money transfer requests, comprising: at least one input device for receiving transfer request information directly or indirectly from a transferor, means for allocating an identifier code associated with the transfer request; means for outputting the identifier code for the transferor, the code being required by a transferee to complete a valid money transfer;
and means for providing a verification code related to the identifier code, the verification code being insufficient to enable the identifier code to be deduced therefrom unambiguously, means for outputting money transfer instructions including the verification code for communication to a money handling authority, as instructions to effect the money transfer, whereby the authority of a transferee party to receive the funds can be verified at least partly upon presentation of the original identifier code matching the verification code in the money transfer instructions.
33. A system according to claim 32, wherein the identifier code is generated as, or is based on, a random or pseudo random code.
34. A system according to claim 32 or 33, wherein the input device is a remote terminal.
35. A processing system for processing money transfer requests, the system comprising: means for receiving information representing a money transfer request; means for allocating a transaction identifier code for communication directly or indirectly to a transferor; means for providing a verification code related to the transaction identifier code, the verification code being insufficient to enable the identifier code to be deduced unambiguously therefrom;
means for outputting money transfer instructions including the verification code, for communication to a money handling authority as instructions to effect the money transfer, whereby the authority of the transferee party to receive funds can be verified at least partly upon presentation of the original identifier code matching the incomplete code in the money transfer instructions.
36. A terminal for receiving money transfer requests, and for communicating n-ansfer request information to a central processor, the terminal comprising: input means for receiving information regarding the transfer and the parties to the transfer; means operable to allocate and/or to receive a transaction identifier code; means for outputting the transaction identifier code for communication to the transferor; means for storing information relating to the requested money transfer, said information including the allocated identifier code; and means for communicating with a said central processor.
37. A terminal according to claim 36, wherein the input device comprises a card reader for reading information on a card presented thereto.
38. A terminal according to claim 37, wherein the card reader comprises a magnetic card reader.
39. A method of handling a money transfer request, comprising: receiving transfer request information directly or indirectly from a transferor; allocating a transaction identification code for the transfer request; providing a party identifier code associated with one or more parties to the transaction; communicating at least the transaction identifier code to the transferor, to be forwarded by the transferor to the transferee;
communicating money transfer instructions to a money handling authority to effect the transfer, the money transfer instructions including information relating to the transaction identifier code and information relating to the party identifier code, but at least one of the codes being incomplete such that the money transfer instructions do not contain sufficient information to complete a valid transfer; whereby the authority of a transferee to receive the funds can be verified by the money handling authority upon presentation by the transferee of the original transaction identifier code and the original party identification code, which match the information in the money transfer instructions.
40. A method according to claim 39, wherein the step of communicating information to the transferor comprises selectively communicating the party identifier code.
41. A method according to claim 40, wherein the step of communicating information to the transferor comprises communicating the party identifier code if the party identifier code is newly allocated.
42. A method according to claim 40 or 41, wherein the step of communicating information to the transferor comprises not communicating the party identifier code if a party identification code has previously been allocated for an earlier transaction between the same parties, and is to be re-used for the current transaction.
43. A method according to any of claims 47 to 49, wherein the party identification code, if communicated to the transferor, is communicated independently of the transaction identifier code.
44. A method of testing information provided by a transferee for collection of funds, the method comprising: receiving transfer instructions including a first party identifier code allocated to at least one of the parties to the transfer, and a second transaction verification code related to a transaction identifier code allocated to the transaction; (a) comparing the first party identifier code from the transfer instructions with a party identifier code provided by the transferee; and (b) comparing the second transaction verification code with a transaction identification code provided by the transferee.
45. A method according to claim 44, further comprising returning the transaction identification code to the issuing authority as evidence that the transferee is authorised to receive the funds.
46. A method according to claim 44 or 45, wherein the transaction verification code contais some, but not all of the characters of the transaction identification code, and the method comprises comparing each known character in the transaction verification code for equivalency with a corresponding character of the transaction identifier code.
47. A method according to claim 44,45 or 46, wherein the transaction verification code inclues information associated with the result of a function based on one or more characters of the transaction identification code, and the method comprises testing whether the transaction identification code presented by the transferee matches the function.
48. A method or apparats for handling money transfer requests, being substantially as hereinbefore described with reference to any of the accompanying drawings.
PCT/GB1998/003537 1997-12-01 1998-11-26 Method and apparatus for money transfers WO1999028872A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU12515/99A AU742367B2 (en) 1997-12-01 1998-11-26 Method and apparatus for money transfers
EP98955790A EP1036381A1 (en) 1997-12-01 1998-11-26 Method and apparatus for money transfers

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB9725430A GB2331822B (en) 1997-12-01 1997-12-01 Method and apparatus for money transfers
GB9725430.4 1997-12-01

Publications (3)

Publication Number Publication Date
WO1999028872A1 WO1999028872A1 (en) 1999-06-10
WO1999028872A2 true WO1999028872A2 (en) 1999-06-10
WO1999028872A8 WO1999028872A8 (en) 1999-07-29

Family

ID=10822956

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB1998/003537 WO1999028872A2 (en) 1997-12-01 1998-11-26 Method and apparatus for money transfers

Country Status (5)

Country Link
EP (1) EP1036381A1 (en)
AU (1) AU742367B2 (en)
GB (2) GB2363664B (en)
HK (1) HK1042390B (en)
WO (1) WO1999028872A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1244991A1 (en) * 1999-10-26 2002-10-02 First Data Corporation Method and system for performing money transfer transactions
US9853759B1 (en) 2001-03-31 2017-12-26 First Data Corporation Staged transaction system for mobile commerce
US10311410B2 (en) 2007-03-28 2019-06-04 The Western Union Company Money transfer system and messaging system
US10558957B2 (en) 2000-07-11 2020-02-11 The Western Union Company Requestor-based funds transfer system and methods

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100582814B1 (en) 1999-05-25 2006-05-23 세이프페이 오스트레일리아 피티와이 리미티드 Method and system for handling network transactions
AU734404B3 (en) * 1999-05-25 2001-06-14 Safepay Australia Pty Limited System for handling network transactions
EP1077436A3 (en) 1999-08-19 2005-06-22 Citicorp Development Center, Inc. System and method for performing an on-line transaction using a single-use payment instrument
US7376587B1 (en) 2000-07-11 2008-05-20 Western Union Financial Services, Inc. Method for enabling transfer of funds through a computer network
US7266533B2 (en) 2000-12-15 2007-09-04 The Western Union Company Electronic gift greeting
US7107249B2 (en) 2001-03-31 2006-09-12 First Data Corporation Electronic identifier payment systems and methods
US7184989B2 (en) 2001-03-31 2007-02-27 First Data Corporation Staged transactions systems and methods
US7117183B2 (en) 2001-03-31 2006-10-03 First Data Coroporation Airline ticket payment and reservation system and methods
US8374962B2 (en) 2001-10-26 2013-02-12 First Data Corporation Stored value payouts
US8244632B2 (en) 2001-10-26 2012-08-14 First Data Corporation Automated transfer with stored value
US7933835B2 (en) 2007-01-17 2011-04-26 The Western Union Company Secure money transfer systems and methods using biometric keys associated therewith
US8818904B2 (en) 2007-01-17 2014-08-26 The Western Union Company Generation systems and methods for transaction identifiers having biometric keys associated therewith
US7783571B2 (en) 2007-05-31 2010-08-24 First Data Corporation ATM system for receiving cash deposits from non-networked clients
CN101067856A (en) * 2007-06-28 2007-11-07 向亚峰 Method and system for realizing network payment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4321672A (en) * 1979-11-26 1982-03-23 Braun Edward L Financial data processing system
US5319710A (en) * 1986-08-22 1994-06-07 Tandem Computers Incorporated Method and means for combining and managing personal verification and message authentication encrytions for network transmission
US5196840A (en) * 1990-11-05 1993-03-23 International Business Machines Corporation Secure communications system for remotely located computers
GB2261538B (en) * 1991-11-13 1995-05-24 Bank Of England Transaction authentication system
US5650604A (en) * 1995-02-22 1997-07-22 Electronic Data Systems Corporation System and method for electronic transfer of funds using an automated teller machine to dispense the transferred funds
US6085320A (en) * 1996-05-15 2000-07-04 Rsa Security Inc. Client/server protocol for proving authenticity

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1244991A1 (en) * 1999-10-26 2002-10-02 First Data Corporation Method and system for performing money transfer transactions
EP1244991A4 (en) * 1999-10-26 2005-12-07 First Data Corp Method and system for performing money transfer transactions
US7070094B2 (en) 1999-10-26 2006-07-04 First Data Corporation Method and system for performing money transfer transactions
US7950575B2 (en) 1999-10-26 2011-05-31 The Western Union Company Method and system for performing money transfer transactions
US10558957B2 (en) 2000-07-11 2020-02-11 The Western Union Company Requestor-based funds transfer system and methods
US9853759B1 (en) 2001-03-31 2017-12-26 First Data Corporation Staged transaction system for mobile commerce
US10311410B2 (en) 2007-03-28 2019-06-04 The Western Union Company Money transfer system and messaging system

Also Published As

Publication number Publication date
GB2363664B (en) 2002-04-17
HK1042390A1 (en) 2002-08-09
WO1999028872A8 (en) 1999-07-29
EP1036381A1 (en) 2000-09-20
AU742367B2 (en) 2002-01-03
GB2331822B (en) 2002-04-17
GB2363664A (en) 2002-01-02
GB9725430D0 (en) 1998-01-28
AU1251599A (en) 1999-06-16
GB2331822A9 (en)
HK1042390B (en) 2003-01-10
GB0121971D0 (en) 2001-10-31
GB2331822A (en) 1999-06-02

Similar Documents

Publication Publication Date Title
AU742367B2 (en) Method and apparatus for money transfers
US5365046A (en) Preventing unauthorized use of a credit card
US5341428A (en) Multiple cross-check document verification system
US6282523B1 (en) Method and apparatus for processing checks to reserve funds
US7356505B2 (en) System and method for transferring funds
US4630201A (en) On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
US7505944B2 (en) Method and system of payment by electronic cheque
US6192349B1 (en) Smart card mechanism and method for obtaining electronic tickets for goods services over an open communications link
US7003501B2 (en) Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
US20090150294A1 (en) Systems and methods for authenticating financial transactions involving financial cards
US6023508A (en) Polymorphic data structures for secure operation of a virtual cash system
WO1999028872A1 (en) Method and apparatus for money transfers
US20010042785A1 (en) Method and apparatus for funds and credit line transfers
US20030130955A1 (en) Secure transaction systems
US20060190412A1 (en) Method and system for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
EP0047285A1 (en) A system for authenticating users and devices in on-line transaction networks.
WO2000002150A1 (en) Transaction authorisation method
JPH11509015A (en) Secure identification system and method
NZ535428A (en) System and method for secure credit and debit card transactions using dynamic random CVV2 code to mobile communications device
NO318559B1 (en) Electronic Transfer of Capital System and Procedure Using an Automated Cashier to Deliver Transferred Capital
EP1190396B1 (en) Payment system
EA002887B1 (en) Method for carrying out transactions and device for realising the same
US6954740B2 (en) Action verification system using central verification authority
WO2020076176A1 (en) Method for automatically transmitting and storing financial and commercial receipts in electronic format
WO2007006084A1 (en) Card processing apparatus and method

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AU CA US

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

AK Designated states

Kind code of ref document: C1

Designated state(s): AU CA US

AL Designated countries for regional patents

Kind code of ref document: C1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

CFP Corrected version of a pamphlet front page
CR1 Correction of entry in section i

Free format text: PAT. BUL. 23/99 THE CODE IDENTIFYING THE KIND OF DOCUMENT TO WHICH THE PAMPHLET RELATES SHOULD READ"A1" INSTEAD OF "A2"

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 12515/99

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 1998955790

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 09555590

Country of ref document: US

WWP Wipo information: published in national office

Ref document number: 1998955790

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: CA

WWG Wipo information: grant in national office

Ref document number: 12515/99

Country of ref document: AU

WWW Wipo information: withdrawn in national office

Ref document number: 1998955790

Country of ref document: EP