Browse Prior Art Database

Method for secure payment by means of payment pictures

IP.com Disclosure Number: IPCOM000129128D
Original Publication Date: 2005-Oct-25
Included in the Prior Art Database: 2005-Oct-25
Document File: 2 page(s) / 28K

Publishing Venue

Siemens

Related People

Juergen Carstens: CONTACT

Abstract

A new method enables fast and secure local payment transactions using camera and display of the device as acquisition and transmission interfaces. The concept is a virtual credit card using a payment protocol that combines the use of (invisible) watermarking and digital signatures (private key encryption) for payment data embedding and information origin authentication on a payment picture. The corresponding virtual credit card issuer provides this picture template. The payment picture acts as a virtual credit card that has been profiled to a particular payment transaction. The payment transaction will be completed according to a procedure and protocol that includes at least the following steps: Delivery of the virtual credit card: The user gets an image template by the virtual credit card issuer. The template can be delivered using simple means such MMS (Multimedia Messaging Service). This template contains branding information as well as a picture selected by the user from a selection provided by the card issuer and that is valid for digital invisible watermarking for picture payment. Also, the issuer provides a PKI (Public Key Infrastructure) certificate for the corresponding key used in the payment pictures and the payment private key. The certificate also contains a copy of some of the information embedded by the issuer in the virtual credit card (e.g. Credit Card Number, User ID, etc.).

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

S

Method for secure payment by means of payment pictures

Idea: Carmen Santa-Cruz, DK-Aalborg

A new method enables fast and secure local payment transactions using camera and display of the device as acquisition and transmission interfaces. The concept is a virtual credit card using a payment protocol that combines the use of (invisible) watermarking and digital signatures (private key encryption) for payment data embedding and information origin authentication on a payment picture. The corresponding virtual credit card issuer provides this picture template. The payment picture acts as a virtual credit card that has been profiled to a particular payment transaction.

The payment transaction will be completed according to a procedure and protocol that includes at least the following steps: Delivery of the virtual credit card: The user gets an image template by the virtual credit card issuer. The template can be delivered using simple means such MMS (Multimedia Messaging Service). This template contains branding information as well as a picture selected by the user from a selection provided by the card issuer and that is valid for digital invisible watermarking for picture payment. Also, the issuer provides a PKI (Public Key Infrastructure) certificate for the corresponding key used in the payment pictures and the payment private key. The certificate also contains a copy of some of the information embedded by the issuer in the virtual credit card (e.g. Credit Card Number, User ID, etc.).

The confidential issuer information will be encrypted with the issuer's private key (so it can be decrypted with the public key of the issuer) and watermarked in the picture. The issuer's confidential information contains (among others) the following items:

   - Payment instrument issuer ID - Virtual credit card number - User name - User ID - Term and conditions of the virtual credit card In addition the following information will be watermarked as plain text to the picture

   - Address of where to find the user's certificate Use of the virtual credit card: When the user wants to complete a payment transaction:
(1) The mobile device will capture a token value provided by the merchant whose purpose will be to uniquely identify the transaction. The capture will be preferably done by taking a picture of the token. The token will comprise preferably a string of alphanumeric characters....