PATENTS
ELECTRONIC PAYMENTS PLATFORM SYSTEM AND METHOD
An electronic payments platform operates by hosting a payments server
(100) accessible via the internet
(200) and storing a record of payment transactions made via merchant devices
(300) comprising merchant smartphones. Merchant devices
(300) download and install as a transaction app
(830) supported by an authentication service
(840) in communication with each other when installed in the merchant device, and also with a payments server
(100) The transaction app
(830) requests purchases initiated using a customer card or device
(300) at the merchant device (300).
BACKGROUND ART
[0002]
Retail electronic payments have conventionally involved considerable time and effort to orchestrate for accepting, processing, and reconciling payments. Physical payment infrastructure is typically purpose-built using dedicated hardware devices embodying security principles to process payment transactions to an acceptable level of security and verification.
[0003]
The PCI DSS (Payment Card Industry Data Security Standard) is a security standard developed and maintained by the PCI Council. Its purpose is to secure and protect the entire payment card ecosystem.
[0004]
There is an underlying need for flexible and safe options for contactless payment acceptance, especially as regards payment in mobile environments. This has raised the possibility of payments incorporating COTS (commercial-off-the-shelf) hardware devices. Also, the adoption of contactless payments, sometimes termed tap and go, is increasing in existing payments systems as consumer acceptance increases.
[0004]
There is an underlying need for flexible and safe options for contactless payment acceptance, especially as regards payment in mobile environments. This has raised the possibility of payments incorporating COTS (commercial-off-the-shelf) hardware devices. Also, the adoption of contactless payments, sometimes termed tap and go, is increasing in existing payments systems as consumer acceptance increases.
[0005]
Software-based PIN Entry on COTS (SPoC), and Contactless Payments on COTS (CPoC) solution certifications have allowed the possibility to build payment solutions on commercially available hardware. The PCI CPoC standard permits the possibility of using validated solutions that require no additional hardware to accept contactless transactions.
[0006]
The PCI CPoC standard includes security requirements for vendors on how to protect payment data in CPoC Solutions and test requirements to evaluate these solutions through the supporting validation program.
[0007]
The primary elements of a CPoC Solution include a COTS device with an embedded NFC interface to read the payment card or payment device; a validated payment acceptance software application that runs on the merchant COTS device initiating a contactless transaction; and back-end systems that are independent of the COTS device and support monitoring, integrity checks and payment processing.
[0008]
There are a number of limitations shared by existing electronic payments platforms. Many of these recognized limitations concern the dependence of many existing payments platforms upon dedicated and other tethered hardware.
[0009]
These dedicated hardware solutions are for various reasons generally unsuitable or at best inconvenient for use in connection with events, especially outdoor events, but also existing indoor or mixed indoor-outdoor environments.
[0010]
Retail and hospitality environments can benefit from the ability to take and process payments while with a customer, as this can be desirable for convenience and customer service reasons. Also, there is no need to return to crowd a central service counter.
[0011]
One objective of the present invention is to at least attempt to address one or more of these and other limitations of existing electronic payment solutions.
SUMMARY OF INVENTION / PATENT
[0012]
According to an aspect of the present invention, there is provided a computer-implemented method for operating an electronic payments platform comprising:
[0013]
Hosting a payments server accessible via the internet, the payments server operating a transaction service and a security service;
[0014]
Providing for download and installation to one of a plurality of merchant devices a transaction app supported by an authentication service at the merchant device, the authentication service being distinct from the transaction app and in communication with each other when installed in the merchant device, each of the transaction app and the authentication service when installed in the merchant device also being in communication with the payments server; and
[0015]
Configuring the transaction app when installed in the merchant device to transmit a request for a payment originating from the merchant device to a merchant acquirer service, wherein the transaction app authenticates payment details by invoking security services at the payments server via the authentication service at the merchant device.
[0016]
A preferred embodiment involves the payments server requesting the security service to generate a merchant ID, the merchant ID indexing at least one of merchant data, and device configuration to be stored at the security service.
[0017]
A preferred embodiment involves the transaction app installed at the merchant device requesting the transaction service to request a registration code at the security service based upon the merchant ID, the registration being returned to the transaction app via the transaction service at the payment server.
[0018]
A preferred embodiment involves the transaction app using the registration code returned from the payments server to register the transaction app at the security service via the authentication system.
[0019]
A preferred embodiment is characterized by the payments server having multiple redundancies distributed across geographically distinct locations to enable uninterrupted processing in the event of failure at any specific location.
FULL FIGURE DESCRIPTION AVAILABLE (Australian Patent Office)
Patent No: AU 2021101886 A4 / FIN-PAY TECHNOLOGY.
G06Q 20/40 (2012.01) G06Q 20/02 (2012.01)