SK5232001A3 - Method of safety transactions by means of public networks - Google Patents

Abstract

The invention consists of the fact that the inputting of a request for a transaction and the logging-in of a user to an authorisation headquarters is preformed through a first public network, from the request for a transaction the authorisation headquarters generates an authorisation code and sends it off to the user through a second public network, the user following receipt of the authorisation headquarters by means of the first public network and the authorisation headquarters in the case of a match of the sent and received authorisation code issues the instruction for execution of the transaction. The authorisation headquarters in generating the code supplements the request for the transaction with at least one variable datum, this preferably being a time datum. From the point of view of costs for realisation of the solution it is advantageous where the first public network is the Internet network and the second public network is a mobile telephone network or paging network or RDS network.

Description

Technical field

The solution relates to a method of securing and transmitting the information necessary to authenticate a person who holds certain rights to access a secure system or to perform a transaction requiring increased security through public data networks, in particular bank card transactions.

BACKGROUND OF THE INVENTION

There are currently several ways to improve the security of transactions carried out through these networks in public networks. For the sake of clarity of understanding of the terms used in the area of public data networks (as it is currently mainly the Internet network, hereinafter referred to as the term Internet), these are briefly specified at the beginning and the individual transaction methods analyzed from the perspective of their security characteristics.

The security of the data transfer system is given by the security of the software application being used and the physical security of the hardware system, while the security of the application consists in performing client authentication, certification and verification of the transmitted data. In addition, when a client accesses a public network, data protection is encrypted.

Authentication consists in verifying the identity of the counterparty. The counterparty enters a code that uniquely verifies its identity. The code can be one unambiguously given, associated with an identity (the most common example is a credit card PIN), or generated by different code generators. The disadvantage of one clearly given code is its easy abuse. Such codes cannot be used in the Internet space for secure authentication purposes. When such a code is captured, it is possible to misuse the code without direct knowledge of its owner, who is aware of the misuse from secondary sources. Again, a typical example is banking transactions that must not be executed with a single unambiguous PIN code. The holder of the access rights realized by means of the PIN code is usually not informed about the executed transactions only from the account statements. The second method of authentication is mainly used by banks for securing bank transactions via the Internet. This is commonly referred to as Internet banking. The code generated by the code generator is passed to the bank to verify the client's identity. If the client is interested, he can also verify the identity of the counterparty, i. make sure it communicates with your bank. Generated codes bring increased security, but also increased costs associated with the production of the code generator. These are usually dedicated hardware devices and one of the communicating parties must bear the cost of their acquisition. In addition to existing hardware code generators, it is possible to integrate the function of the code generator to another device. An example is a mobile phone with integrated SIM Application Toolkit technology. It is an extension of the program placed on the SIM card of a mobile phone, usually of the GSM type. The cost of manufacturing a physical hardware code generator is eliminated, but the cost of placing the code generator program on the phone's SIM card is incurred. Programs are not standardized, therefore, for each code generator application, the program must be loaded into individual SIM cards individually. Another limitation is the placement of only one code generator per SIM card, which makes it more versatile and limited in the range of services that mobile phone operators usually integrate into this storage space. Another significant drawback of all the methods described so far is the impossibility of a comprehensive upgrade of the program or hardware part of the code generator without increased financial costs and, in particular, of human resources.

Authorization (certification) means validation of distributed data. By means of a code generator that uses input data that is directly linked to the subject of the authorization to generate the codes, it can be ensured that the distributed data is not altered by anyone during transmission. An example is a bank operation where the following information can be used to generate the certification code - client account number, counteraccount number, amount, etc. The code generator generates an authorization code (that is, a number distorted by a code encryption algorithm). The client of the bank - the initiator of the transfer sends it to the bank, which can verify the integrity of the transmitted data. The disadvantages of the authorization performed in this way are similar to those mentioned in the authentication section.

Encryption is the conversion of perceptible and understandable data into a non-sense coded form. At present, each new Internet connection usually generates and exchanges a random key between communicating subscribers, subsequently used to encrypt the ongoing communication, the number of potential keys being dependent on the strength of the encryption, i.e. the length of the encryption key. Today's most widely used standard (except the US) is 40 bit encryption, which means that there are 2 ⁴⁰ possible keys. For banking practice, however, the key length of 40 bits is insufficient and therefore 128 bit encryption is used, ie there are 2 ¹²⁸ possible keys, and such a cipher is already technologically undecipherable despite the development of computer technology and the increase in computing power. The form of changing the encryption key varies. In order for systems to communicate with each other, they need to control each other's key to the encrypted data. In principle, there are three basic ways to use an encryption key, no matter how long the encryption key is used.

Synchronous encryption is the simplest form of using encryption keys. The two communicating Tents agree on the encryption key used. The public key obtained from a publicly accessible source may be used as the encryption key. A common case of obtaining such an encryption key is a random source of data, signals, or other variables that both communicating parties have access to. The data source thus obtained is used as a key to encrypt and decrypt the transmission. It is also common to generate the encryption key by one of the parties involved in the transmission and then send it to the counterparty.

Asynchronous encryption is based on the existence of two different encryption keys. The keys are referred to as public key and private key. Depending on the usage, the data is encrypted with the appropriate key and decrypted to others. The keys are so different from each other that it is not possible to obtain the other key by knowing one of the keys. Asynchronous encryption is used for electronic signatures of documents or e-mail.

The asynchronous synchronous encryption method uses a combination of the foregoing methods. The synchronous key is encrypted with an asynchronous cipher, and after the cipher is transmitted to the counterparty, the asynchronous cipher is removed and sync cipher encryption is used for further communication. This reduces the risk of capturing the master encryption key to encrypt the master data transmission.

All of the above encryption methods have one major security deficiency, namely the need to distribute encryption keys between communicating parties over an unsecured network. To increase the security of the encryption key transmission, it would be necessary to use another, preferably secured, communication network.

By way of illustration only, some examples of the use of the above methods in current banking practice are given below.

Credit cards and Internet

The existing payment system is commonly used for a credit card cashless payment system. For payment at Internet shopping centers, the customer enters in the payment form the name and surname, the number of his credit card and the expiry date of the credit card. Merchant physical contact with customer's credit card is not required. These data are usually sent in coded form to the Internet department store system. Securing or coding of the sent data is carried out by the side of the Internet department store, which creates payment forms usually communicating via https (usually SSL method with a 40-bit encryption key length). Other types of security are also acceptable, such as: use of Java applets and the like. Especially in the area of internet commerce, a large number of unauthorized transactions arise, which are caused by the misuse of very easily accessible information necessary for the execution of the transaction. Department stores themselves refuse to place orders and deliver goods mainly to the regions of Eastern Europe, Asia, Africa and South America. They are forced to do so by the situation that arises after a claim for a completed credit card transaction. It is clear from the above that in this system its lack of security is due to the impossibility of authentication of the person making the payment by credit card.

EFT / POS payments

The payment terminal is the most widespread form of electronic cashless payment system. A necessary condition for the terminal's functionality is to build a communication route between the terminal and the bank authorization center, or the bank itself. The communication route may only be used for the transmission of authorization data and, for security reasons, no part of it may be part of another communication route. For EFT / POS transactions, the cardholder requires a PIN or a specimen signature. Transactions where a PIN is required from the payment card holder are considered more secure in banking practice. Verification of transactions in the Internet environment using EFT / POS is not possible due to the need to confirm the transaction with a sample signature or PIN code. The specimen signature excludes the very electronic nature of the sale and entering the PIN into the Internet is inaccessible for security reasons established by credit card companies.

Prepaid reload (Recharge prepaid cards)

The payment system allows you to pay only a selected number of services or goods that are pre-defined by the GSM operator. The customer confirms the payment by sending an SMS message containing the authorization RPIN. The main drawback of the prepaid reload payment system is the small amount of goods and services offered. Goods and services are tied to prepaid services at GSM perators, in order to expand the range of services it would be necessary to introduce a complex coding system for offered goods and services.

Internet banking

Modern form of bank transactions and related operations. The service is realized in the area of public data networks, the authentication and authorization of executed transactions is confirmed by a code. The codes can be generated by an electronic code generator, but a grid card solution is also used, where the codes are pre-generated. The problem with this form of banking is the cost of code generators and the low flexibility of the system to change the code generator requirements. The method based on grid cards is cheaper but significantly less secure.

A number of inventions have been made to overcome the shortcomings of known methods of transactions over public networks. For example, WO 0077697 (S. Prisant) discloses a remote payment method for purchasing from a vending machine that includes the steps;

1) contacting a vending machine via a cellular telephone;

2) recognizing the cellular telephone identification feature (wherein said identifying property is preferably a telephone ID number recorded with the cellular network operator) and subscriber authentication via a PIN number sent thereto, the cellular network operator preferably performing said operation by comparing said PIN number to its PIN database;

(3) determining whether the requested transaction is feasible;

4) executing said transaction by the machine, i. the issuing of the requested goods or the provision of the requested service, which preferably also includes a transaction requesting confirmation of said transaction; and

(5) posting the amount transferred in said transaction to the account of said cellular telephone.

While this method solves the problem of reducing the cost of building a communication route, as it uses the existing mobile phone network, it has the disadvantage that it uses a unique predefined PIN (code), which has a very negative impact on the security of the transaction being carried out.

Another solution is the subject of WO 0070512 (G. Holm and J. Hultman) and is directed to a method of direct payment via an open computer network in electronic commerce. It includes subscriber subscribing to a specific transaction service with a telecommunications operator, the open network being the Internet, which is connected to the mobile or fixed network of the telecommunications operator, and at the same time the e-commerce system is connected to the Internet bank. Increasing security is solved by centrally generating a specific code, which is sent to the subscriber via SMS or email and which is subsequently used several times to log in to the said transaction service. However, the security of the underlying transactions is determined by the security of the respective Internet bank. From the point of view of the security of the executed transaction, the benefit of this solution is minimal since the code is used only to access the service, but does not contain transaction-specific features and therefore does not allow authorization.

A method for preventing unauthorized use of payment cards is disclosed in WO 0010140 (J. Shem-ur et al.). The essence of the solution is that for each transaction one of a set of predefined and subscriber codes is selected, but which has no relation to the content of the transaction. While this will ensure that the subscriber is verified and authorized to execute the transaction, it does not resolve the security of the transaction.

The solution according to WO 9745814 (B. Vazvan) is aimed at increasing the security of transactions realized through the public network. The principle is that the transaction request can be made by the subscriber via any communication path, but the transaction is then required to be authorized by entering a defined P-PIN, which must be sent via a suitable wireless / cellular terminal, e.g. mobile phone. The benefit is the possibility of using one transmission path to enter a transaction request and another transmission path to authorize the transaction. The drawback of the solution is that the security of the entire transaction is determined by the security of the network to which the said wireless / cellular terminal is connected and the authorization uses a predefined code that is not unique to the transaction.

It is clear from the above that there is a real need to find a secure transaction through public networks, which will allow the subscriber to authenticate the transaction, increase the security of the transaction itself without disproportionately high financial costs, allow the transaction contents to be authorized by the subscribers before and will enable the Council to modernize easily and inexpensively in the future.

SUMMARY OF THE INVENTION

Suggested method of secure transactions, which can be eg. cashless transfer of funds or login to a secure network, using public networks using a centralized method of authorization and consisting of steps of subscribing the subscriber to the authorization center and entering the transaction request, verifying the subscriber's identity by the authorization center and assessing the eligibility of the transaction request; subscriber transactions and, finally, the execution of the transaction, the essence of the solution being that

a) Subscriber login to the authorization center takes place via the first public network (eg via the Internet),

(b) from the transaction request, the authorization center generates an authorization code in accordance with a predetermined procedure, said authorization center being the only place where said authorization code is generated and where all input and code generation data are collected and sent to the client via a second a public network (e.g., via a mobile phone or paging network or Radio Data System RDS)

(c) the subscriber receives an authorization code through the second public network and confirms the requested transaction by returning it to the authorization center via the first public network; and

(d) the authorization center compares the authorization code sent and received and, in the event of a match, instructs the transaction to be executed.

In order to increase the security of the transaction, it is advantageous for the authorization center to supplement the transaction request with at least one variable value, most preferably a unique value (e.g., a registration time of the request) or a value of another suitable time-dependent variable (e.g. (random number generator output).

It is further preferred that in the transaction request, the subscriber specifies his unique identifier, transaction type and transaction content, wherein the data on said type and transaction content is preferably also contained in an authorization code generated by the authorization center, thereby providing subscriber protection, e.g. the buyer, before unauthorized intervention by the verifying party, e.g. the merchant, to the information you send.

A further significant increase in transaction security is achieved by returning the authorization code to the authorization center within a set time limit, the size of which is chosen to allow a comfortable execution of the authorization code return operation, but at the same time makes possible or at least difficult to manipulate the authorization code. .

The present solution has a number of advantages over the current state of the art, both in terms of transaction security and in terms of the financial costs necessary to implement the transaction method in question. The most important are:

- there is a single authorization center for the whole system, which in itself represents a low investment cost to build a secure transaction system through public networks, while allowing simple and cost-effective system innovations in the future, using two independent public networks to realize the transaction security of the whole transaction, the public networks that already exist are used for the transaction, which significantly reduces the costs of building the system, the authorization code is generated only in one place - in the authorization center, which can be located in a secure location, high degree of security and confidentiality of the authorization code, the generated authorization code contains characters unique to a particular transaction, which makes it impossible to change the content of the transaction during its execution, authorization of the transaction performs within the specified time limit, thereby minimizing the time space for possible manipulation of the authorization code.

DETAILED DESCRIPTION OF THE INVENTION

Example 1

A typical example of the implementation of the presented solution is the purchase of a subscriber in an online store, where the whole transaction consists of the following steps:

1. The subscriber orders goods in an internet store with an established secure transaction system through public networks according to the present invention (hereinafter referred to as SP - Secure Pay) and writes his ID into the payment electronic form of the internet store. he / she sends his / her payment card number and the form filled in, including the amount of the requested payment, via the Internet to the bank's authorization center (hereinafter referred to as ACB).

2. ACB searches for the subscriber in the database by credit card number. If the subscriber's credit card number is not in the database, ACB sends back the error information of the entered credit card number and repeats step 1. If the credit card number is in the ACB subscriber database, the communication proceeds to step 3.

3. The ACB generates an authorization code, the data required to generate the authorization code are as follows: subscriber card number, e-shop account number, and required payment amount.

4. The generated authorization code is sent via SMS message to the subscriber's mobile phone, the number of which has been reported by the subscribers at the conclusion of the SP contract. In addition to the authorization code, the SMS message contains an information block consisting of the amount paid and the e-shop address.

5. After receiving the SMS message, the subscriber decides whether the information in the information block is true and if agreed, the subscriber enters the given authorization code into the electronic form on the website of the Internet department store and sends it via the Internet to the ACB.

6. The ACB compares the received authorization code with the code sent to the subscriber in the form of an SMS message and, in case of a code mismatch, sends the authorization code error information to the subscriber and to the Internet store. If the codes match, step 7 follows.

7. The ACB verifies the possibility of making a payment for the specified amount and account and, if the result is positive, realizes the required payment. In the case of a negative result, no payment will be made.

8. ACS sends a report on the outcome of the payment to the Subscriber and the Internet Department Store via the Internet and terminates the transaction.

Example 2

Another embodiment of the invention is substantially identical to the subscription of a subscriber in an online store paid for by a payment card according to Example 1, but differs in the following steps:

3. The ACB generates an authorization code using the system time value, the subscriber card number, the e-shop account number, and the requested amount of payment as input data.

4. The generated authorization code is sent via the public paging network to the subscriber's receiver, whose number was entered by the subscribers at the conclusion of the SP contract. In addition to the authorization code, the paging report contains an information block consisting of the amount paid and the e-shop address.

5. Upon receipt of the paging message, the subscriber verifies the veracity of the data in the information block, enters the said authorization code into an electronic form, and sends the form electronically via the Internet to the ACB within 2 minutes of receiving the authorization code.

6. The ACB compares the received code with the code sent to the subscriber in the form of a paging message and evaluates whether the authorization code has returned from the subscriber within a set time limit of 5 minutes. In case of a code mismatch or timeout, it sends the transaction error information to the subscriber and to the online store. If the conditions are met, step 7 follows.

Example 3

Another embodiment of the method of the invention is practically identical to the method of Example 2, but it differs in that the authorization code is sent via the RDS network and is received by the subscriber via the receiver

RDS.

Example 4

A method of secure transactions over public networks, the content of which is access to a secured network of internet banking services, the whole transaction consists of the steps:

1. The subscriber contacts the internet banking service (SIB) via the Internet network, enters into the login electronic form its ID number assigned by the bank to access the secure SIB network, defines the type and content of the requested transaction and sends the completed form after encryption via the Internet to ACB.

2. The ACB searches for the subscriber ID number in the database. If the ID number is not in the database, the ACB sends the error ID of the specified ID and repeats step 1. If the ID number is in the ACB subscriber database, the transaction proceeds to step 3.

3. The ACB generates an authorization code, the input data being the Subscriber ID number, the type and content of the requested transaction, and the system time value upon receipt of the generation request.

4. The generated authorization code is sent via SMS to the subscriber's mobile phone, the number of which was entered by the subscriber at the conclusion of the SIB contract.

5. After receiving the SMS message, the subscriber enters the received authorization code into the input electronic form and sends it via the Internet to the ACB.

6). The ACB compares the received code with the code sent to the subscriber in the form of an SMS message and sends the authorization code error information to the subscriber in case of code mismatch. If the ACB codes are accepted, it will allow the subscriber access to the secure SIB network.

Example 5

The method of secure transactions over public networks, the content of which is the submission of a cashless payment order via the internet banking service, the login to the secure SIB network is practically the same as in Example 4 (steps 1 to 6), except that the authorization code is delivered via paging networks, and the entire transaction includes the following additional steps:

7. The Subscriber fills in the non-cash payment order form, defining the content of the transaction and sending it to the SIB provider's ACB after encryption.

8. The ACB generates an authorization code, the data used to generate the authorization code being the content of the transaction and the time of receipt of the payment order.

9. The generated authorization code is sent via the paging network to the subscriber receiver, whose number was entered by the subscriber at the conclusion of the SIB contract.

10. Upon receiving the paging message, the subscriber enters the received authorization code in the authorization code field in the electronic form and sends it over the Internet to the ACB.

11. The ACB compares the received code with the code sent to the subscriber by the paging network, and in case of disagreement sends the authorization code error information to the subscriber. If the codes are identical, the actual transfer of funds follows.

Claims (8)

PATENT CLAIMS 1) A method of secure public network transactions, comprising the steps of: subscribing to the authorization center and submitting the transaction request, verifying the identity of the subscriber by the authorization center, and assessing the eligibility of the transaction request, the authorization center requires the subscriber to confirm the transaction and execute the transaction. , from the transaction request, the authorization center generates an authorization code according to the specified procedure and sends it to the subscriber through the second public network, the subscriber receives the authorization code through the second public network and confirms the requested transaction by sending it back to the authorization center through the first public network. code and, if they match, gives the order to execute the transaction. 2. The secure transaction method of claim 1, wherein in the transaction request, the subscriber specifies its unique identifier, transaction type, and transaction content. The secure transaction method according to claim 1 or 2, characterized in that the authorization center, when generating the code, complements said transaction request by at least one variable. A secure transaction method according to claim 3, characterized in that the variable value to which the authorization center supplements the transaction request is a time or value of a time-dependent variable. A secure transaction method according to any one of claims 2 to 4, characterized in that the authorization code generated by the authorization center contains information about the type and content of the requested transaction. The secure transaction method according to claims 1 to 5, characterized in that the subscriber returns the authorization code to the authorization center within a predetermined time limit. * The secure transaction method according to claims 1 to 6, characterized in that an Internet network is used as the first public network and a mobile telephony or paging network or RDS network is used as the second public network. The secure transaction method according to claims 1 to 7, characterized in that the transaction realizes a cashless transfer of funds or login to a secured network.