Existing credit and/or debit card retail transaction systems typically require the use of a point-of-sale (POS) terminal. Typically, the POS terminal comprises electronic hardware apparatus configured with the encryption keys and the certificates associated with the supported transaction protocols. The primary role of the POS is to securely transmit credit and/or debit card details and transaction details to a remote issuer server for processing, in order to execute a desired retail transaction. Existing, known POS terminals are provided with a card reader, which typically relates to any one of: a magnetic stripe reader, an integrated circuit chip (ICC) reader, or a contactless front-end. The card reader enables a secure data connection to be established between the POS and the credit/debit card, such that confidential account information associated with the credit/debit card that is required to carry out the retail transaction can be accessed by the POS terminal.
For illustrative purposes only and to facilitate the reader's understanding of the prior art, a conventional credit/debit card retail transaction system is now described with reference to FIG. 1a. To effect a transaction the smartcard 130, which may comprise an ICC 132, is brought into operative communication with the POS terminal 134. This is conventionally achieved by inserting the smartcard 130 into a card reader 136 comprised within the POS terminal 134. The card reader operatively powers the smartcard's ICC 132, such that the required transaction protocol may be executed. To this end, the smartcard's ICC 132 is provided with a Payment Application (PA) 138, and the POS terminal 134 is provided with a Terminal Payment Application (TPA) 140. When run in combination, the PA 138 and the TPA 140 enable the desired transaction protocol, such as the EMV protocol based on ISO/IEC 7816, to be carried out between the smartcard 130 and the POS terminal 134. This comprises executing a plurality of data exchanges between the smartcard's PA 138 and the POS′ TPA 140. On completion of the EMV protocol a digital transaction receipt is generated at the POS terminal 134. This digital transaction record is subsequently forwarded to the acquirer 142 by the POS terminal 134, and serves as a proof of transaction. The digital transaction receipt is forwarded to the acquirer 142 via an acquirer communication network 144, which the POS terminal 134 is configured to communicate with. To this end, the POS terminal 134 is provided with a Network Access Device (NAD) 146, which relates to an electronic circuit that automatically connects the POS terminal to the acquirer's communications network 144. The digital transaction receipt may subsequently be forwarded to a card issuer 148 for settlement.
Given the confidential nature of the data processed by the POS terminal 134, frequent maintenance is required to ensure the faultless operation of the terminal. Frequent firmware and/or software updates are required to ensure that the POS terminal 134 is provided with the latest up-to-date encryption keys and certificates, without which, it would not be possible to execute the transaction. The software and/or firmware updates are also required to ensure that the POS terminal 134 is resistant to newly identified security threats, which may relate to newly uncovered security weaknesses present in the adopted transaction protocol. Furthermore, periodic hardware certification is required to ensure the correct and faultless operation of the terminal.
The running maintenance costs required to ensure secure and faultless operation of the POS terminal can be significant, and are often passed to the retailer. When new technology standards are adopted, often wholescale replacement of POS terminal hardware is required, at significant expense to the retailer. Whilst a large multi-national retailer may be able to absorb such expenses, the economic burden on small retailers, with low turnover, can be prohibitive.
In recent times, the payments industry has experienced a paradigm shift towards mobile payment solutions. The objective of such solutions is to enable the use of mobile devices in effecting financial transactions, including retail transactions. For example, the use of mobile telephones and/or smartphones to effect payment for a consumer goods item. Significant amounts of time and effort have been expended by the payments industry (e.g. MasterCard®, Visa®, American Express®) to make existing transaction protocols secure for use by mobile devices. This in turn has resulted in an increase in the functional complexity of POS terminals, which are now required to support secure communication with mobile devices. This can be achieved through use of short distance communication protocols that support data transactions over short distances. Near field communication (NFC), and Bluetooth®, are some non-limiting examples of short distance communication protocols. Extending short distance communication protocol functionality to POS terminals requires updating both the hardware and software, and ultimately increases the cost of the POS terminal to the retailer.
FIG. 1b is a schematic illustration of an existing virtual POS transaction system, which enables a smartphone 150 to participate in a financial transaction, for example a credit and/or debit card transaction. The smartphone 150 comprises a contactless front end 152, which may relate to NFC or Bluetooth for example. The contactless front end 152 enables a communication channel 154 to be established between the smartphone 150 and the POS terminal 156, when the smartphone 150 is located in the vicinity of the POS terminal 156. The POS terminal 156 is commonly referred to as an M-POS (Mobile Point of Sale) terminal. Establishing the communication channel 154 may comprise an initial handshake exchange between the smartphone 150 and the POS terminal 156, which handshake may comprise the exchange of cryptographic keys and/or certificates suitable for ensuring that data communications between the smartphone 150 and the POS terminal 156 are securely encrypted. The POS terminal 156 also comprises a transceiver 158 and a NAD 162 for communicating over an existing communications network such as the illustrated mobile telephone network 160. All data communications associated with the implemented payment transaction protocol are routed through the POS terminal 156 for the duration of the protocol.
In order to execute a payment transaction protocol, such as the EMV protocol, the smartphone 150 is provided with a PA 166, the POS terminal 156 is provided with a “thin TPA” 168, and the PSP 164 is provided with a “thick TPA” 170. In contrast with the example illustrated in FIG. 1a, the functionality of the TPA is now provided by the POS terminal's thin TPA 168 in combination with the PSP's thick TPA 170. The thin TPA 168 is a scaled back version of the TPA 140 of the traditional POS terminal 134 of FIG. 1a and is configured to execute very simple commands, whereas the thick TPA 170 executes the majority of the EMV commands and processing, and is complex and prone to modifications. Some of the EMV commands are shared between the thin TPA 168 and the thick TPA 170 within a secure channel established over the mobile telephone network 160 and the shared communications network 172, between the POS terminal 156 and the PSP 164. The secure channel is established using conventional cryptographic means, for example via cryptographic key/certificate exchange. All data transmissions and commands transmitted from the smartphone's PA 166 to the POS terminal's thin TPA 168, are forwarded to the PSP's thick TPA 170 using the POS terminal's telephone network 160, and the shared communications network 172, which the PSP 164 is operatively connected to. In this way all transaction protocol data exchanges are transmitted between the POS terminal 156 and the PSP 164. The majority of the functionality of the traditional POS terminal 134 as illustrated in FIG. 1a is now provided by the remotely located PSP 164 running the thick TPA 170. The transaction protocol, such as the EMV protocol is executed between the smartphone's PA 166, the POS′ think TPA 168, and the PSP's thick TPA 170.
The POS terminal's software requirements are simplified and reduced by effectively outsourcing the conventional TPA functionality to the remotely located PSP 164, and using the POS terminal's native communication means, in particular the telecommunications network 160, to relay data exchanges between the POS terminal 156 and the PSP 164. However, this configuration requires robust security features in place within the POS terminal 156 to protect the security of confidential information. For example, PIN verification. The payment card industry (PCI) adopt standards, referred to as PIN Transaction Security (PTS) that define how PIN confidentiality and security are to be maintained during the payment transaction. Ensuring compatibility with these standards increases the technical complexity of the POS terminals and also increases costs.
It is an object of the present invention to provide an alternative method and system for executing retail transactions, which solution is secure, supports mobile transactions and reduces the hardware burden on the retailer.