WO2002063574A1 - System for making electronic payments via a telecommunication network - Google Patents

System for making electronic payments via a telecommunication network Download PDF

Info

Publication number
WO2002063574A1
WO2002063574A1 PCT/FR2002/000365 FR0200365W WO02063574A1 WO 2002063574 A1 WO2002063574 A1 WO 2002063574A1 FR 0200365 W FR0200365 W FR 0200365W WO 02063574 A1 WO02063574 A1 WO 02063574A1
Authority
WO
WIPO (PCT)
Prior art keywords
payment
server
wah
protocol
home
Prior art date
Application number
PCT/FR2002/000365
Other languages
French (fr)
Inventor
Eric Hannecart
Stéphane Petit
Original Assignee
France Telecom Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by France Telecom Sa filed Critical France Telecom Sa
Priority to EP20020701357 priority Critical patent/EP1358638A1/en
Publication of WO2002063574A1 publication Critical patent/WO2002063574A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0873Details of the card reader
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption

Definitions

  • the invention relates to an electronic payment system through a telecommunications network and finds a particularly advantageous application in the field of electronic commerce.
  • the development of telecommunications via the World Wide Web (commonly known as the "Web") and the Internet has resulted in the promotion of electronic commerce on a large scale.
  • an electronic commerce transaction is carried out by means of an electronic payment system through the telecommunications network, in this case Internet on the Web, between a seller equipped with a server connected to said network. and a customer provided with means of navigation and electronic payment capable of establishing a link on the network with the seller's server and making a payment with said seller.
  • the means of navigation and payment are constituted by a computer (PC-type microcomputer for example) used for browsing the network, and by a smart card reader connected to said computer and ensuring the function of electronic payment.
  • a remote payment manager connected by network to the seller's server allows all the authentication checks necessary for this type of operation to be carried out. It is obvious that the transactions carried out on the telecommunications network must be highly secure so as to avoid any interception or modification of the messages exchanged between the seller, the customer and the remote payment manager.
  • various secure payment protocols have been proposed such as for example the protocol known as SET for "Secured Electronic Transaction" which meets the security requirements and constitutes an international standard.
  • the seller's server is configured so that it can implement the chosen secure payment protocol.
  • this secure payment protocol must be included in payment management software installed on the client computer in order to ensure transaction security.
  • This client payment management software is also able to perform other operations such as client history management and has a smart card reader interface in order to take into account the extension of the SET protocol which allows the use of smart cards as an electronic means of payment.
  • the aim of the present invention is to propose an electronic payment system through a telecommunications network according to a secure protocol which allows both a certain mobility of the client, a simplification of the configuration of the client computer and total confidentiality of the private customer data.
  • the invention proposes to transfer the secure payment management software to a “relay” server known by the English term “wallet” (wallet server) which will ensure the progress of the secure transaction according to the chosen protocol (SET for example).
  • this relay server permanently connected to the network, is specific to each client and better known under the term of WAH for Wallet At Home (home server).
  • the WAH is able to communicate with all the terminals connected to the network and referenced by it, whether they are in the customer's home or outside. The customer can thus access his WAH for the progress of a secure transaction, whether he is at home or not.
  • the invention more particularly relates to an electronic payment system through a telecommunications network between, on the one hand, a seller equipped with a server connected to said network and capable of implementing a secure payment protocol by credit cards. puce, and, on the other hand, a customer provided with means of navigation and electronic payment able to establish a link on the network with the seller's server and to make a payment to said seller according to a payment management client software including said secure payment protocol, characterized in that said payment management client software is installed on a "server at home ”(WAH) specific to the home of each client, and in that said home server (WAH) includes message redirecting means capable of picking up messages specific to the secure payment protocol and of redirecting said messages to the means of payment.
  • WAH home server
  • said means for redirecting messages from the home server consist of: - locating the first message specific to the secure payment protocol and redirecting said first message to a means of payment, recognizing the acceptance of payment by means of payment, - take charge of communications relating to said payment according to the secure payment protocol.
  • the navigation means is a terminal of the customer's home, the message redirection means being implemented automatically by the home server (WAH).
  • the navigation means is a terminal outside the customer's home, the message redirection means being associated with external redirection software for messages capable of redirecting messages specific to the secure payment protocol to the home server (WAH).
  • WAH home server
  • the home server comprises a permanent link to the telecommunications network with a fixed address on said network.
  • the home server constitutes an obligatory passage point between the means of navigation of the customer's home and the telecommunications network.
  • the navigation means is a fixed or mobile terminal and the payment means is a fixed or mobile terminal.
  • the secure payment protocol is the SET protocol (from the English Secured Electronic Transaction for Secure Electronic Transaction).
  • the present invention also relates to a payment server for an electronic payment system through a telecommunications network between, on the one hand, a seller equipped with a server connected to said network and able to implement a secure payment protocol by smart cards, and, on the other hand, a customer provided with means of navigation and electronic payment able to establish a connection on the network with the seller's server and to make a payment with said seller according to client management software payment including said secure payment protocol, characterized in that said payment server comprises said client management software secure payment and in that said payment server is a home server (WAH) capable of managing the connection to the telecommunications network of a plurality of terminals of the customer's home.
  • WAH home server
  • the system according to the invention allows a high level of security, the payment process being advantageously taken care of by the WAH.
  • the WAH is in fact specific to each client and makes it possible to store all of the private data relating to the client with a high degree of confidence and security.
  • FIG. 1 schematically illustrates the electronic payment system according to the invention.
  • FIG. 2 is an information exchange diagram relating to the embodiment of FIG. 1.
  • telecommunications networks allows a permanent connection of terminals to the Internet on the Web. This is the case, for example, of new technologies such as DSL (Digital Subscriber Line) which allows a permanent broadband connection on a fixed station, or the UMTS (Universal Mobile Telecommunication System) which allows a broadband connection on a mobile station.
  • DSL Digital Subscriber Line
  • UMTS Universal Mobile Telecommunication System
  • these techniques will be deployed in private homes to allow a permanent connection of the home to the Internet.
  • equipment such as household appliances, IT or home automation can be connected to the network in order to be able to be supervised and controlled remotely through the network.
  • the WAH acts as a relay server in order to be able to chat with all the terminals connected to the Internet and referenced, whether they are inside or outside the home. All the terminals in a customer's home are thus connected to the WAH by a wired link or via a local radio network (bluetooth link). The WAH thus becomes the obligatory passage from any home terminal to the Internet (this function being known by the term of proxy).
  • FIG. 1 schematically represents an electronic payment system according to the invention.
  • a merchant is equipped with a server 10 connected to the telecommunications network, such as for example the Internet network on the Web.
  • the seller's server is able to implement a secure payment protocol by smart card, such as for example the SET protocol mentioned above, the specifications of which are public and available at the Internet address. www.setco.org.
  • An extension of this protocol to smart cards has been developed by the company Cybercom.
  • a customer has fixed and / or mobile means of navigation and electronic payment 21-25.
  • the customer must also have payment management software including, among other things, the SET protocol with extension to smart cards.
  • This client software is also capable of performing other operations, such as the management of data relating to the client such as histories, payment ceilings, loyalty points or the like.
  • the client software including the SET protocol is installed on the client's WAH 20.
  • the WAH can for example be a PC with Windows server 2000 software. It is permanently connected to the Internet via the Web network, for example via an ADSL link, and has a fixed IP address. The customer can therefore access their WAH through the network from any fixed or mobile terminal.
  • the navigation means 21-25 capable of establishing a link on the network with the seller's server 10, is essentially used for searching on the network, consulting the seller's site and placing orders. It can, for example, consist of a fixed station such as a PC or television computer, or a mobile station such as a telephone of the GSM or UMTS type or a personal assistant known by the acronym of PDA for "Personal Digital Assistant".
  • the electronic means of payment consists of a terminal capable of establishing a link on the network and comprising a smart card reader.
  • the payment terminal can be mobile such as a dual-slot GSM for example, or fixed such as a PC associated with a smart card box.
  • FIG. 2 illustrates the exchange of information between the different terminals.
  • An Internet user browses the Internet using a PC, for example.
  • the user becomes a customer by sending a purchase order to the site of a seller by a message 0 transmitted according to a conventional HTTP protocol or according to a WAP protocol (Wireless Application Protocol) if navigation is done from a mobile terminal .
  • WAP protocol Wireless Application Protocol
  • the merchant responds to this purchase order with an initial message 1 (wake up message) comprising a specific header in order to initialize the secure payment protocol, such as for example a MIME header specific to the SET standard.
  • This message 1 is intercepted by the WAH which does not transmit it to the terminal initiating the order but to the payment terminal. The payer can thus be distinct from the initiator of the order.
  • redirection software (known under the term of "thin wallet” in technical jargon) is associated with WAH. This redirection software is installed on the navigation terminal, fixed or mobile, used outside the home and makes it possible to redirect the initial message 1 (wake up) to the personal WAH of the customer. This redirection operation is transparent to the user.
  • Messages 2 and 3 constitute, on the one hand a payment request 2 from WAH to the payment terminal, and on the other hand a validation of the purchase 3 by the payer.
  • These messages 2 and 3 are exchanged according to various possible protocols, such as the SMS (Short Message Service), WAP (Wireless Application Protocol) or HTTP protocols.
  • the protocol for exchanging messages 2 and 3 depends essentially on the payment terminal used (GSM, box associated or not with a PC) and on the type of connection connecting the payment terminal to the WAH (wired link, radio or Internet connection).
  • the communications relating to the payment, between the WAH and the seller's server, are then governed by the secure protocol PS, such as the SET protocol in the example described.
  • the secure protocol PS such as the SET protocol in the example described.
  • compensation communications between the seller's server and the telepayment manager are exchanged according to the standards of the SET protocol.
  • exchanges between the WAH and the payment terminal take place outside SET security, which does not has few disadvantages because the risk of interception at this level is low.
  • the WAH informs the initiating terminal by a message 4 of the good progress of the payment transaction.
  • the internet user can also chat directly with their WAH to consult private data contained in the payment management software, or to choose their payment terminal. This communication takes place according to any protocol (the same as that used in the sending of message 0 for example).
  • several payment terminals can be listed by the WAH and the user chooses the one by which he wishes to pay for his purchase.

Abstract

The invention relates to a system for making electronic payments via a telecommunication network between (i) a vendor equipped with a server which is connected to said network and which can implement a chip card-secured payment protocol and (ii) a customer equipped with navigation and electronic payment means which can establish a link with the vendor's server over the network and make a payment to said vendor using a payment management client software program comprising said secure payment protocol. The inventive system is characterised in that said payment management client software is installed on a home server (WAH) in the home of each client, said server (WAH) comprising message redirection means which can pick up messages specific to the secure payment protocol and redirect said messages to the payment means.

Description

SYSTEME DE PAIEMENT ELECTRONIQUE A TRAVERS UN RESEAU DEELECTRONIC PAYMENT SYSTEM THROUGH A NETWORK OF
TELECOMMUNICATIONTELECOMMUNICATION
L'invention concerne un système de paiement électronique à travers un réseau de télécommunication et trouve une application particulièrement avantageuse dans le domaine du commerce électronique. Le développement des télécommunications via le World Wide Web (communément appelé le « Web ») et l'Internet a eu pour conséquence de promouvoir le commerce électronique sur une vaste échelle. D'une manière générale, une transaction de commerce électronique s'effectue au moyen d'un système de paiement électronique à travers le réseau de télécommunication, dans le cas présent Internet sur le Web, entre un vendeur équipé d'un serveur connecté audit réseau et un client muni de moyens de navigation et de paiement électronique aptes à établir une liaison sur le réseau avec le serveur du vendeur et à effectuer un paiement auprès dudit vendeur. Le plus souvent, les moyens de navigation et de paiement sont constitués par un ordinateur (micro-ordinateur de type PC par exemple) utilisé pour la navigation sur le réseau, et par un lecteur de carte à puce relié audit ordinateur et assurant la fonction de paiement électronique. Un gestionnaire de télépaiement connecté par le réseau au serveur du vendeur permet de procéder à toutes les vérifications d' authentification nécessaires à ce type d' opération. Il est évident que les transactions réalisées sur le réseau de télécommunication doivent être hautement sécurisées de manière à éviter toute interception ou modification des messages échangés entre le vendeur, le client et le gestionnaire de télépaiement. Ainsi, divers protocoles de paiement sécurisé ont été proposés comme par exemple le protocole connu sous le nom de SET pour « Secured Electronic Transaction » qui répond aux exigences de sécurité et constitue un standard international.The invention relates to an electronic payment system through a telecommunications network and finds a particularly advantageous application in the field of electronic commerce. The development of telecommunications via the World Wide Web (commonly known as the "Web") and the Internet has resulted in the promotion of electronic commerce on a large scale. Generally, an electronic commerce transaction is carried out by means of an electronic payment system through the telecommunications network, in this case Internet on the Web, between a seller equipped with a server connected to said network. and a customer provided with means of navigation and electronic payment capable of establishing a link on the network with the seller's server and making a payment with said seller. Most often, the means of navigation and payment are constituted by a computer (PC-type microcomputer for example) used for browsing the network, and by a smart card reader connected to said computer and ensuring the function of electronic payment. A remote payment manager connected by network to the seller's server allows all the authentication checks necessary for this type of operation to be carried out. It is obvious that the transactions carried out on the telecommunications network must be highly secure so as to avoid any interception or modification of the messages exchanged between the seller, the customer and the remote payment manager. Thus, various secure payment protocols have been proposed such as for example the protocol known as SET for "Secured Electronic Transaction" which meets the security requirements and constitutes an international standard.
Dans ce contexte, le serveur du vendeur est configuré de manière à pouvoir mettre en œuvre le protocole de paiement sécurisé choisi. De même, du côté client, ce protocole de paiement sécurisé doit être inclus dans un logiciel de gestion de paiement installé sur l'ordinateur client de manière à assurer la sécurisation des transactions. Ce logiciel client de gestion de paiement est également apte à effectuer d'autres opérations comme la gestion des historiques du client et possède une interface de lecteur de carte à puce afin de prendre en compte l'extension du protocole SET qui permet d'utiliser les cartes à puce comme moyen de paiement électronique.In this context, the seller's server is configured so that it can implement the chosen secure payment protocol. Likewise, on the client side, this secure payment protocol must be included in payment management software installed on the client computer in order to ensure transaction security. This client payment management software is also able to perform other operations such as client history management and has a smart card reader interface in order to take into account the extension of the SET protocol which allows the use of smart cards as an electronic means of payment.
Toutefois, ces systèmes connus de paiement électronique à travers un réseau de télécommunication présentent certains inconvénients.However, these known systems of electronic payment through a telecommunications network have certain drawbacks.
D'une part, l'installation d'un logiciel lourd, comme le logiciel client de gestion de paiement, sur l'ordinateur du client pose des problèmes au niveau du téléchargement, de la mise à jour et de la taille occupée en mémoire et sur le disque dur. D'autre part, ce système est entièrement installé sur un poste fixe, à savoir l'ordinateur du client, ce qui représente un frein à la mobilité du client.On the one hand, the installation of heavy software, such as client payment management software, on the client's computer poses problems in terms of downloading, updating and the size occupied in memory and on the hard drive. On the other hand, this system is entirely installed on a fixed station, namely the customer's computer, which represents a brake on customer mobility.
Le but de la présente invention est de proposer un système de paiement électronique à travers un réseau de télécommunication selon un protocole sécurisé qui permette à la fois une certaine mobilité du client, une simplification de la configuration de l'ordinateur client et une confidentialité totale des données privées relatives au client.The aim of the present invention is to propose an electronic payment system through a telecommunications network according to a secure protocol which allows both a certain mobility of the client, a simplification of the configuration of the client computer and total confidentiality of the private customer data.
A cet effet, l'invention propose de déporter le logiciel de gestion de paiement sécurisé sur un serveur « relais » connu sous le terme anglais de « wallet » (serveur portefeuille) qui assurera le déroulement de la transaction sécurisée selon le protocole choisi (SET par exemple). Selon l'invention, ce serveur relais, connecté en permanence au réseau, est propre à chaque client et plus connu sous le terme de WAH pour Wallet At Home (serveur à domicile) . Le WAH est apte à communiquer avec tous les terminaux connectés au réseau et référencés par lui, qu'ils soient dans le domicile du client ou à l'extérieur. Le client peut ainsi accéder à son WAH pour le déroulement d'une transaction sécurisée, qu'il se trouve à son domicile ou non. L'invention a plus particulièrement pour objet un système de paiement électronique à travers un réseau de télécommunication entre, d'une part, un vendeur équipé d' un serveur connecté audit réseau et apte à mettre en œuvre un protocole de paiement sécurisé par cartes à puce, et, d'autre part, un client muni de moyens de navigation et de paiement électronique aptes à établir une liaison sur le réseau avec le serveur du vendeur et à effectuer un paiement auprès dudit vendeur selon un logiciel client de gestion de paiement incluant ledit protocole de paiement sécurisé, caractérisé en ce que ledit logiciel client de gestion de paiement est installé sur un « serveur à domicile » (WAH) propre au domicile de chaque client, et en ce que ledit serveur à domicile (WAH) comporte des moyens de redirection de messages aptes à capter des messages spécifiques au protocole de paiement sécurisé et à rediriger lesdits messages vers les moyens de paiement.To this end, the invention proposes to transfer the secure payment management software to a “relay” server known by the English term “wallet” (wallet server) which will ensure the progress of the secure transaction according to the chosen protocol (SET for example). According to the invention, this relay server, permanently connected to the network, is specific to each client and better known under the term of WAH for Wallet At Home (home server). The WAH is able to communicate with all the terminals connected to the network and referenced by it, whether they are in the customer's home or outside. The customer can thus access his WAH for the progress of a secure transaction, whether he is at home or not. The invention more particularly relates to an electronic payment system through a telecommunications network between, on the one hand, a seller equipped with a server connected to said network and capable of implementing a secure payment protocol by credit cards. puce, and, on the other hand, a customer provided with means of navigation and electronic payment able to establish a link on the network with the seller's server and to make a payment to said seller according to a payment management client software including said secure payment protocol, characterized in that said payment management client software is installed on a "server at home ”(WAH) specific to the home of each client, and in that said home server (WAH) includes message redirecting means capable of picking up messages specific to the secure payment protocol and of redirecting said messages to the means of payment.
Selon une caractéristique, lesdits moyens de redirection de messages du serveur à domicile consistent à : - repérer le premier message spécifique au protocole de paiement sécurisé et à rediriger ledit premier message vers un moyen de paiement, reconnaître l'acceptation de paiement par le moyen de paiement, - prendre en charge les communications relatives audit paiement selon le protocole de paiement sécurisé . Selon une première application, le moyen de navigation est un terminal du domicile du client, les moyens de redirection de messages étant mis en œuvre automatiquement par le serveur à domicile (WAH) .According to one characteristic, said means for redirecting messages from the home server consist of: - locating the first message specific to the secure payment protocol and redirecting said first message to a means of payment, recognizing the acceptance of payment by means of payment, - take charge of communications relating to said payment according to the secure payment protocol. According to a first application, the navigation means is a terminal of the customer's home, the message redirection means being implemented automatically by the home server (WAH).
Selon une deuxième application, le moyen de navigation est un terminal extérieur au domicile du client, les moyens de redirection de messages étant associés à un logiciel extérieur de redirection de messages apte à rediriger les messages spécifiques au protocole de paiement sécurisé vers le serveur à domicile (WAH) .According to a second application, the navigation means is a terminal outside the customer's home, the message redirection means being associated with external redirection software for messages capable of redirecting messages specific to the secure payment protocol to the home server (WAH).
Selon une caractéristique, le serveur à domicile (WAH) comporte une liaison permanente au réseau de télécommunication avec une adresse fixe sur ledit réseau.According to one characteristic, the home server (WAH) comprises a permanent link to the telecommunications network with a fixed address on said network.
Selon une autre caractéristique, le serveur à domicile (WAH) constitue un point de passage obligé entre les moyens de navigation du domicile du client et le réseau de télécommunication.According to another characteristic, the home server (WAH) constitutes an obligatory passage point between the means of navigation of the customer's home and the telecommunications network.
Selon les modes de réalisation, le moyen de navigation est un terminal fixe ou mobile et le moyen de paiement est un terminal fixe ou mobile. Selon un mode de mise en œuvre, le protocole de paiement sécurisé est le protocole SET (de l'anglais Secured Electronic Transaction pour Transaction Electronique Sécurisée) .According to the embodiments, the navigation means is a fixed or mobile terminal and the payment means is a fixed or mobile terminal. According to one mode of implementation, the secure payment protocol is the SET protocol (from the English Secured Electronic Transaction for Secure Electronic Transaction).
La présente invention concerne également un serveur de paiement pour un système de paiement électronique à travers un réseau de télécommunication entre, d'une part, un vendeur équipé d'un serveur connecté audit réseau et apte à mettre en œuvre un protocole de paiement sécurisé par cartes à puce, et, d'autre part, un client muni de moyens de navigation et de paiement électronique aptes à établir une liaison sur le réseau avec le serveur du vendeur et à effectuer un paiement auprès dudit vendeur selon un logiciel client de gestion de paiement incluant ledit protocole de paiement sécurisé, caractérisé en ce que ledit serveur de paiement comprend ledit logiciel client de gestion de paiement sécurisé et en ce que ledit serveur de paiement est un serveur à domicile (WAH) apte à gérer la connexion au réseau de télécommunication d'une pluralité de terminaux du domicile du client.The present invention also relates to a payment server for an electronic payment system through a telecommunications network between, on the one hand, a seller equipped with a server connected to said network and able to implement a secure payment protocol by smart cards, and, on the other hand, a customer provided with means of navigation and electronic payment able to establish a connection on the network with the seller's server and to make a payment with said seller according to client management software payment including said secure payment protocol, characterized in that said payment server comprises said client management software secure payment and in that said payment server is a home server (WAH) capable of managing the connection to the telecommunications network of a plurality of terminals of the customer's home.
Le système selon l'invention permet un niveau de sécurité élevé, le déroulement des paiements étant avantageusement pris en charge par le WAH.The system according to the invention allows a high level of security, the payment process being advantageously taken care of by the WAH.
Le WAH est en effet propre à chaque client et permet de conserver l'ensemble des données privées relatives au client avec un haut degré de confiance et de sécurité.The WAH is in fact specific to each client and makes it possible to store all of the private data relating to the client with a high degree of confidence and security.
En outre, le déport du logiciel client de gestion des paiements sur le WAH permet d'alléger considérablement la configuration du système côté client .In addition, the transfer of the client payment management software to the WAH considerably simplifies the configuration of the client-side system.
D'autres particularités avantageuses de l'invention apparaîtront clairement à la lecture de la description qui suit, faite à titre d'exemple illustratif et non limitatif et en regard aux figures annexées sur lesquels : la figure 1 illustre schématiquement le système de paiement électronique selon l'invention. la figure 2 est un diagramme d'échange d'informations relatif au mode de réalisation de la figure 1.Other advantageous features of the invention will appear clearly on reading the description which follows, given by way of illustrative and nonlimiting example and with reference to the appended figures in which: FIG. 1 schematically illustrates the electronic payment system according to the invention. FIG. 2 is an information exchange diagram relating to the embodiment of FIG. 1.
L'évolution des réseaux de télécommunication permet une connexion permanente de terminaux au réseau Internet sur le Web. C'est le cas, par exemple, des nouvelles technologies telles que le DSL (Digital Subscriber Line) qui permet une liaison haut débit permanente sur poste fixe, ou l'UMTS (Universal Mobile Télécommunication System) qui permet une liaison haut débit sur poste mobile. Progressivement, ces techniques vont être déployées chez des particuliers pour permettre une connexion permanente de l'habitation à Internet. Ainsi, des matériels tels que l'électroménager, l'informatique ou la domotique pourront être connectés au réseau afin de pouvoir être supervisés et commandés à distance à travers le réseau.The evolution of telecommunications networks allows a permanent connection of terminals to the Internet on the Web. This is the case, for example, of new technologies such as DSL (Digital Subscriber Line) which allows a permanent broadband connection on a fixed station, or the UMTS (Universal Mobile Telecommunication System) which allows a broadband connection on a mobile station. Gradually, these techniques will be deployed in private homes to allow a permanent connection of the home to the Internet. Thus, equipment such as household appliances, IT or home automation can be connected to the network in order to be able to be supervised and controlled remotely through the network.
C'est dans un tel contexte que se développe le concept de serveur à domicile, plus connu sous le terme de WAH pour Wallet At Home. Le WAH assure une fonction de serveur relais afin de pouvoir discuter avec tous les terminaux connectés à Internet et référencés, qu'ils se trouvent à l'intérieur ou à l'extérieur du domicile. Tous les terminaux du domicile d'un client sont ainsi reliés au WAH par une liaison filaire ou via un réseau local radio (liaison bluetooth) . Le WAH devient ainsi le passage obligé d'un quelconque terminal du domicile vers le réseau Internet (cette fonction étant connu sous le terme de proxy) .It is in this context that the concept of home server, better known under the term of WAH for Wallet At Home, is developing. The WAH acts as a relay server in order to be able to chat with all the terminals connected to the Internet and referenced, whether they are inside or outside the home. All the terminals in a customer's home are thus connected to the WAH by a wired link or via a local radio network (bluetooth link). The WAH thus becomes the obligatory passage from any home terminal to the Internet (this function being known by the term of proxy).
La figure 1 représente schématiquement un système de paiement électronique selon l'invention. D'un côté, un commerçant est équipé d'un serveur 10 connecté au réseau de télécommunication, comme par exemple le réseau Internet sur le Web. Le serveur du vendeur est apte à mettre en œuvre un protocole de paiement sécurisé par carte à puce, comme par exemple le protocole SET cité plus haut dont les spécifications sont publiques et disponibles à l'adresse Internet www.setco.org. Une extension de ce protocole aux cartes à puce a été développée par la société Cybercom.FIG. 1 schematically represents an electronic payment system according to the invention. On the one hand, a merchant is equipped with a server 10 connected to the telecommunications network, such as for example the Internet network on the Web. The seller's server is able to implement a secure payment protocol by smart card, such as for example the SET protocol mentioned above, the specifications of which are public and available at the Internet address. www.setco.org. An extension of this protocol to smart cards has been developed by the company Cybercom.
De l'autre côté, un client dispose de moyens de navigation et de paiement électronique fixes et/ou mobiles 21-25. Pour réaliser des transactions sécurisées avec le vendeur sur Internet, le client doit également disposer d'un logiciel de gestion de paiement incluant, entre autre, le protocole SET avec extension aux cartes à puce. Ce logiciel client est également capable d'effectuer d'autres opérations, telles que la gestion de données relatives au client comme les historiques, les plafonds de paiement, les points de fidélité ou autre.On the other hand, a customer has fixed and / or mobile means of navigation and electronic payment 21-25. To carry out secure transactions with the seller on the Internet, the customer must also have payment management software including, among other things, the SET protocol with extension to smart cards. This client software is also capable of performing other operations, such as the management of data relating to the client such as histories, payment ceilings, loyalty points or the like.
Selon l'invention, le logiciel client incluant le protocole SET est installé sur le WAH 20 du client. Le WAH peut être par exemple un PC muni du logiciel Windows server 2000. Il est connecté à Internet par le réseau Web en permanence, via une liaison ADSL par exemple, et possède une adresse IP fixe. Le client peut donc accéder à son WAH à travers le réseau à partir de n'importe quel terminal fixe ou mobile.According to the invention, the client software including the SET protocol is installed on the client's WAH 20. The WAH can for example be a PC with Windows server 2000 software. It is permanently connected to the Internet via the Web network, for example via an ADSL link, and has a fixed IP address. The customer can therefore access their WAH through the network from any fixed or mobile terminal.
Le moyen de navigation 21-25, apte à établir une liaison sur le réseau avec le serveur du vendeur 10, est essentiellement utilisé pour la recherche sur le réseau, la consultation du site du vendeur et la passation de commandes. Il peut, par exemple, être constitué d'un poste fixe tel qu'un ordinateur PC ou une télévision, ou d'un poste mobile tel qu'un téléphone du type GSM ou UMTS ou un assistant personnel connu sous le sigle de PDA pour « Personal Digital Assistant ». Le moyen de paiement électronique est constitué d'un terminal apte à établir une liaison sur le réseau et comportant un lecteur de carte à puce. Le terminal de paiement peut être mobile tel qu'un GSM bi-fentes par exemple, ou fixe tel qu'un PC associé à un boîtier carte à puce.The navigation means 21-25, capable of establishing a link on the network with the seller's server 10, is essentially used for searching on the network, consulting the seller's site and placing orders. It can, for example, consist of a fixed station such as a PC or television computer, or a mobile station such as a telephone of the GSM or UMTS type or a personal assistant known by the acronym of PDA for "Personal Digital Assistant". The electronic means of payment consists of a terminal capable of establishing a link on the network and comprising a smart card reader. The payment terminal can be mobile such as a dual-slot GSM for example, or fixed such as a PC associated with a smart card box.
Le déroulement cinématique de l'opération de paiement du système selon l'invention va être détaillé en regard de la figure 2 qui illustre les échanges d'information entre les différents terminaux.The kinematic sequence of the payment operation of the system according to the invention will be detailed with reference to FIG. 2 which illustrates the exchange of information between the different terminals.
Un internaute navigue sur le réseau Internet au moyen d'un PC par exemple. L'internaute devient client en envoyant une commande d' achat au site d' un vendeur par un message 0 transmis selon un protocole classique HTTP ou selon un protocole WAP (Wireless Application Protocol) si la navigation se fait à partir d'un terminal mobile.An Internet user browses the Internet using a PC, for example. The user becomes a customer by sending a purchase order to the site of a seller by a message 0 transmitted according to a conventional HTTP protocol or according to a WAP protocol (Wireless Application Protocol) if navigation is done from a mobile terminal .
Le commerçant répond à cette commande d'achat par un message initial 1 (wake up message) comportant un en-tête spécifique afin d' initialiser le protocole de paiement sécurisé, comme par exemple un en-tête MIME spécifique au standard SET. Ce message 1 est intercepté par le WAH qui ne le transmet pas au terminal initiateur de la commande mais au terminal de paiement. Le payeur peut ainsi être distinct de l'initiateur de la commande.The merchant responds to this purchase order with an initial message 1 (wake up message) comprising a specific header in order to initialize the secure payment protocol, such as for example a MIME header specific to the SET standard. This message 1 is intercepted by the WAH which does not transmit it to the terminal initiating the order but to the payment terminal. The payer can thus be distinct from the initiator of the order.
Si l'internaute se trouve à son domicile, la prise en charge par le WAH est automatique puisque sa navigation transite par le WAH. Par contre, s'il se trouve en situation de mobilité, un logiciel de redirection (connu sous le terme de « thin wallet » dans le jargon de la technique) est associé au WAH. Ce logiciel de redirection est installé sur le terminal de navigation, fixe ou mobile, utilisé hors du domicile et permet de rediriger le message initial 1 (wake up) vers le WAH personnel du client. Cette opération de redirection est transparente pour l'utilisateur.If the Internet user is at his home, the treatment by the WAH is automatic since his navigation transits by the WAH. On the other hand, if it is in a situation of mobility, redirection software (known under the term of "thin wallet" in technical jargon) is associated with WAH. This redirection software is installed on the navigation terminal, fixed or mobile, used outside the home and makes it possible to redirect the initial message 1 (wake up) to the personal WAH of the customer. This redirection operation is transparent to the user.
Les messages 2 et 3 constituent, d'une part une demande de paiement 2 du WAH au terminal de paiement, et d'autre part une validation de l'achat 3 par le payeur. Ces messages 2 et 3 sont échangés selon divers protocoles possibles, tels que les protocoles SMS (Short Message Service) , WAP (Wireless Application Protocol) ou HTTP. Le protocole d'échange des messages 2 et 3 dépend essentiellement du terminal de paiement utilisé (GSM, boîtier associé ou non à un PC) et du type de connexion reliant le terminal de paiement au WAH (liaison filaire, radio ou connexion Internet) .Messages 2 and 3 constitute, on the one hand a payment request 2 from WAH to the payment terminal, and on the other hand a validation of the purchase 3 by the payer. These messages 2 and 3 are exchanged according to various possible protocols, such as the SMS (Short Message Service), WAP (Wireless Application Protocol) or HTTP protocols. The protocol for exchanging messages 2 and 3 depends essentially on the payment terminal used (GSM, box associated or not with a PC) and on the type of connection connecting the payment terminal to the WAH (wired link, radio or Internet connection).
Lorsque le WAH a reconnu l'acceptation de paiement du message 3, il prend en charge le paiement sécurisé PS entre le domicile du client et le serveur du vendeur.When the WAH has recognized the acceptance of payment for message 3, it takes charge of the secure payment PS between the customer's home and the seller's server.
Les communications relatives au paiement, entre le WAH et le serveur du vendeur, sont alors régies par le protocole sécurisé PS, tel que le protocole SET dans l'exemple décrit. De même, les communications de compensation entre le serveur du vendeur et le gestionnaire de télépaiement (une banque par exemple) sont échangées selon les standards du protocole SET. Par contre, les échanges entre le WAH et le terminal de paiement se font hors sécurisation SET, ce qui ne présente que peu d' inconvénients car le risque d'interception à ce niveau est faible.The communications relating to the payment, between the WAH and the seller's server, are then governed by the secure protocol PS, such as the SET protocol in the example described. Likewise, compensation communications between the seller's server and the telepayment manager (a bank for example) are exchanged according to the standards of the SET protocol. On the other hand, exchanges between the WAH and the payment terminal take place outside SET security, which does not has few disadvantages because the risk of interception at this level is low.
Lorsque le paiement est réalisé, le WAH informe le terminal initiateur par un message 4 du bon déroulement de l'opération de paiement.When the payment is made, the WAH informs the initiating terminal by a message 4 of the good progress of the payment transaction.
L' internaute peut également converser directement avec son WAH pour consulter des données privées contenues dans le logiciel de gestion de paiement, ou pour choisir son terminal de paiement. Cette communication se déroule selon un protocole quelconque (le même que celui utilisé dans l'envoie du message 0 par exemple) .The internet user can also chat directly with their WAH to consult private data contained in the payment management software, or to choose their payment terminal. This communication takes place according to any protocol (the same as that used in the sending of message 0 for example).
Selon un mode de réalisation possible, plusieurs terminaux de paiement peuvent être répertoriés par le WAH et l'utilisateur choisit celui par lequel il souhaite régler son achat. According to a possible embodiment, several payment terminals can be listed by the WAH and the user chooses the one by which he wishes to pay for his purchase.

Claims

REVENDICATIONS
1. Système de paiement électronique à travers un réseau de télécommunication entre, d'une part, un vendeur équipé d'un serveur (10) connecté audit réseau et apte à mettre en œuvre un protocole de paiement sécurisé (PS) par cartes à puce, et, d'autre part, un client muni de moyens de navigation (21,22,23,24,25) et de paiement électronique (21,22) aptes à établir une liaison sur le réseau avec le serveur du vendeur (10) et à effectuer un paiement auprès dudit vendeur selon un logiciel client de gestion de paiement incluant ledit protocole de paiement sécurisé (PS) , caractérisé en ce que ledit logiciel client de gestion de paiement est installé sur un « serveur à domicile » (WAH) (20) propre au domicile de chaque client, et en ce que ledit serveur à domicile (WAH) (20) comporte des moyens de redirection de messages aptes à capter des messages spécifiques (1) au protocole de paiement sécurisé (PS) et à rediriger lesdits messages vers les moyens de paiement (21,22).1. Electronic payment system through a telecommunication network between, on the one hand, a seller equipped with a server (10) connected to said network and able to implement a secure payment protocol (PS) by smart cards , and, on the other hand, a client provided with navigation (21,22,23,24,25) and electronic payment (21,22) means capable of establishing a link on the network with the seller's server (10 ) and to make a payment to said seller according to a payment management client software including said secure payment protocol (PS), characterized in that said payment management client software is installed on a "home server" (WAH) (20) specific to the home of each client, and in that said home server (WAH) (20) includes message redirection means capable of picking up specific messages (1) to the secure payment protocol (PS) and to redirect said messages to means of payment nt (21.22).
2. Système selon la revendication 1, caractérisé en ce que les moyens de redirection de messages du serveur à domicile (WAH) consistent à : - repérer le premier message spécifique (1) au protocole de paiement sécurisé (PS) et à rediriger ledit premier message vers un des moyens de paiement (2), reconnaître l'acceptation de paiement par le moyen de paiement (3) , prendre en charge les communications relatives audit paiement selon le protocole de paiement sécurisé (PS) avec le serveur du vendeur (10).2. System according to claim 1, characterized in that the means for redirecting messages from the home server (WAH) consist in: - locating the first specific message (1) in the secure payment protocol (PS) and in redirecting said first message to one of the means of payment (2), recognize acceptance of payment by means of payment (3), take charge of communications relating to said payment according to the secure payment protocol (PS) with the seller's server (10).
3. Système selon l'une des revendications 1 à 2, caractérisé en ce que le moyen de navigation (22,23,24,25) est un terminal du domicile du client et en ce que les moyens de redirection de messages sont mis en œuvre automatiquement par le serveur à domicile (WAH) (20) .3. System according to one of claims 1 to 2, characterized in that the navigation means (22,23,24,25) is a terminal of the customer's home and in that the message redirection means are set works automatically by the home server (WAH) (20).
4. Système selon l'une des revendications 1 à 2, caractérisé en ce que le moyen de navigation (21) est un terminal extérieur au domicile du client et en ce que les moyens de redirection de messages sont associés à un logiciel extérieur de redirection de messages apte à rediriger les messages spécifiques (1) au protocole de paiement sécurisé (PS) vers le serveur à domicile (WAH) (20) .4. System according to one of claims 1 to 2, characterized in that the navigation means (21) is a terminal outside the customer's home and in that the message redirection means are associated with external redirection software messages capable of redirecting specific messages (1) to the secure payment protocol (PS) to the home server (WAH) (20).
5. Système selon l'une des revendications précédentes, caractérisé en ce que le serveur à domicile (WAH) comporte une liaison permanente au réseau de télécommunication avec une adresse fixe sur ledit réseau.5. System according to one of the preceding claims, characterized in that the home server (WAH) comprises a permanent link to the telecommunications network with a fixed address on said network.
6. Système selon l'une des revendications précédentes, caractérisé en ce que le serveur à domicile (WAH) constitue un point de passage obligé entre les moyens de navigation (22,23,24,25) du domicile du client et le réseau de télécommunication.6. System according to one of the preceding claims, characterized in that the server domicile (WAH) constitutes a compulsory crossing point between the navigation means (22,23,24,25) of the client's domicile and the telecommunications network.
7. Système selon l'une des revendications 1 à 6, caractérisé en ce que le moyen de navigation est un terminal fixe.7. System according to one of claims 1 to 6, characterized in that the navigation means is a fixed terminal.
8. Système selon l'une des revendications 1 à 6, caractérisé en ce que le moyen de navigation est un terminal mobile.8. System according to one of claims 1 to 6, characterized in that the navigation means is a mobile terminal.
9. Système selon l'une des revendications 1 à 8, caractérisé en ce que le moyen de paiement est un terminal fixe.9. System according to one of claims 1 to 8, characterized in that the means of payment is a fixed terminal.
10. Système selon l'une des revendications 1 à 8, caractérisé en ce que le moyen de paiement est un terminal mobile.10. System according to one of claims 1 to 8, characterized in that the means of payment is a mobile terminal.
11. Système selon l'une quelconque des revendications précédentes, caractérisé en ce que le protocole de paiement sécurisé (PS) est le protocole SET (Secured Electronic Transaction, Transaction électronique sécurisée) .11. System according to any one of the preceding claims, characterized in that the secure payment protocol (PS) is the SET (Secured Electronic Transaction) protocol.
12. Système selon l'une quelconque des revendications précédentes, caractérisé en ce que le serveur à domicile (WAH) informe le moyen de navigation du bon déroulement du paiement par un message (4). 12. System according to any one of the preceding claims, characterized in that the home server (WAH) informs the navigation means of the correct progress of the payment by a message (4).
13. Serveur de paiement pour un système de paiement électronique à travers un réseau de télécommunication entre, d'une part, un vendeur équipé d'un serveur (10) connecté audit réseau et apte à mettre en œuvre un protocole de paiement sécurisé (PS) par cartes à puce, et, d'autre part, un client muni de moyens de navigation et de paiement électronique (21,22,23,24,25) aptes à établir une liaison sur le réseau avec le serveur du vendeur (10) ' et à effectuer un paiement auprès dudit vendeur selon un logiciel client de gestion de paiement incluant ledit protocole de paiement sécurisé (PS), caractérisé en ce que ledit serveur de paiement comprend ledit logiciel client de gestion de paiement sécurisé et en ce que ledit serveur de paiement est un serveur à domicile (WAH) apte à gérer la connexion au réseau de télécommunication d'une pluralité de terminaux du domicile du client.13. Payment server for an electronic payment system through a telecommunication network between, on the one hand, a seller equipped with a server (10) connected to said network and able to implement a secure payment protocol (PS ) by smart cards, and, on the other hand, a customer equipped with means of navigation and electronic payment (21,22,23,24,25) able to establish a connection on the network with the server of the seller (10 ) ' and to make a payment to said seller according to a payment management client software including said secure payment protocol (PS), characterized in that said payment server comprises said secure payment management client software and in that said payment server is a home server (WAH) capable of managing the connection to the telecommunications network of a plurality of terminals in the customer's home.
14. Serveur de paiement selon la revendication 13, caractérisé en ce qu'il est apte à gérer les données privées relatives au client. 14. Payment server according to claim 13, characterized in that it is capable of managing private data relating to the client.
PCT/FR2002/000365 2001-02-02 2002-01-31 System for making electronic payments via a telecommunication network WO2002063574A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP20020701357 EP1358638A1 (en) 2001-02-02 2002-01-31 System for making electronic payments via a telecommunication network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0101453A FR2820575B1 (en) 2001-02-02 2001-02-02 ELECTRONIC PAYMENT SYSTEM THROUGH A TELECOMMUNICATION NETWORK
FR01/01453 2001-02-02

Publications (1)

Publication Number Publication Date
WO2002063574A1 true WO2002063574A1 (en) 2002-08-15

Family

ID=8859575

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FR2002/000365 WO2002063574A1 (en) 2001-02-02 2002-01-31 System for making electronic payments via a telecommunication network

Country Status (3)

Country Link
EP (1) EP1358638A1 (en)
FR (1) FR2820575B1 (en)
WO (1) WO2002063574A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6029151A (en) * 1996-12-13 2000-02-22 Telefonaktiebolaget L M Ericsson Method and system for performing electronic money transactions
US6044403A (en) * 1997-12-31 2000-03-28 At&T Corp Network server platform for internet, JAVA server and video application server

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6029151A (en) * 1996-12-13 2000-02-22 Telefonaktiebolaget L M Ericsson Method and system for performing electronic money transactions
US6044403A (en) * 1997-12-31 2000-03-28 At&T Corp Network server platform for internet, JAVA server and video application server

Also Published As

Publication number Publication date
EP1358638A1 (en) 2003-11-05
FR2820575A1 (en) 2002-08-09
FR2820575B1 (en) 2003-04-18

Similar Documents

Publication Publication Date Title
EP2795551B1 (en) Method for routing within a mobile terminal emulating a contactless payment card
US7610340B2 (en) Method, system and storage medium for providing interoperability of email and instant messaging services
WO2002065414A1 (en) Telepayment method and system
FR2711026A1 (en) System for managing the consumption of data consultations over a telecommunications network.
EP2039114A2 (en) Method of application control in an nfc chip set comprising several host processors
EP1050145A1 (en) Smart card, cordless telephone, system and method for access and communication by internet
WO2006087438A1 (en) Method and device for accessing a sim card housed in a mobile terminal by means of a domestic gateway
EP1236185B1 (en) Electronic payment system through a telecommunication network
WO2011039123A1 (en) Matching method, system and device for data exchange between a communication object and a processing unit
FR2837953A1 (en) DATA EXCHANGE SYSTEM
WO2007125252A1 (en) Method and system for managing an electronic payment
EP1479212A1 (en) Device and method for intermediation between service providers and their users
FR2878677A1 (en) Application service e.g. secured web page opening service, communicating method for personal computer, involves establishing data identifying application services to transmit reply message with identification data, from card to terminal
WO2002063574A1 (en) System for making electronic payments via a telecommunication network
KR100832234B1 (en) Advertising system for communication apparatus using cord and cordless network and method thereof
EP1737191B1 (en) Method for creating a user equipment split between a terminal equipment and serially connected equipments
FR3057689A1 (en) METHOD AND SYSTEM FOR PROVIDING TOKEN IN A HOST CARD EMULATION SYSTEM HAVING A FIRST AND A SECOND DEVICE
EP0928445A1 (en) Method for conditionally accessing an internet resource from a terminal equipped with a microcircuit reader card
WO2005079038A1 (en) Method, terminal mobile, system and equipment for the provision of a local service which can be accessed by means of a mobile terminal
KR100587158B1 (en) Method And Apparatus For Automatically Authentication at Wireless Internet
US20090127334A1 (en) Method for Processing Settlement by VoIP Terminal and Recording Medium
EP1280368A1 (en) Method for secure exchange between an informatic terminal and a distant equipment
WO2001020565A1 (en) System and method for loading data in a smart card through a telecommunication network using e-mails
WO2004093427A1 (en) Wireless public internet access system
EP1282090A1 (en) Method and apparatus for securing transactions

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2002701357

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2002701357

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP