| 摘要 |
Authorising a payment using a card e.g. debit, credit and store cards, between a user having a wireless device 2 e.g. a mobile phone, and a remote registration location B e.g. a registration database, comprises using four codes to generate a unique authorisation code. The first code is associated with the device 2, e.g. produced from an IMEI or serial number and a licence code. On registration this is transmitted to the registration location B with returns a registration code to be stored on the device. The device 2 may generate a test message using the two codes to confirm registration. A third code is read from the card 26 by a device 25 integral with or connected to the wireless device 2 e.g. using a magnetic strip or chip reader or using near field detection and a fourth code is entered by the user, e.g. a PIN or biometric data. The wireless device transmits the third and fourth codes using a predetermined card registration call number, these being checked at the registration location which may check the card has not previously been registered, and returns card registration information to the wireless device including encryption instructions and a call number to use for that particular card. To process a payment the wireless device uses in part a standard encryption key and in part an encryption key constructed from the four codes to encrypt an authorisation code for sending to the remote location via the predetermined number. |
