1. Field of the Invention
The present invention relates to a system of secured payment by the transfer of electronic money through an interbank network.
The term "electronic money" is understood to mean a digital piece of information representing a sum of money.
For users, this sum is recorded in a portable carrier that is conventionally called an electronic wallet.
The electronic wallet is an electronic device that usually takes the form of a microprocessor-based card. The internal working of the electronic wallet and its architecture are presently the subject of many publications and, hence, no further details shall be given about this device. What must be known is that, during an operation for loading or replenishing the wallet, the bank machine authorized to carry out this loading records a sum that makes the user's balance positive. This sum is reduced by the internal electronic circuitry as and when payments are made by the user. The sum is increased when he receives money.
The term "interbank network" is understood to mean the digital data transmission network that enables the transfer of electronic money which goes from a payment terminal up to an interbank monetary compensation unit. This unit sends an account credit message to the bank of the provider of the service and a debit message to the bank issuing electronic money.
2. Description of the Prior Art
Even though work on the development of electronic wallets is now reaching its final stages, it is still the case today that, apart from using coins and banknotes, there are only two possible modes of paying a tradesman or a provider of services: these are payment by cheque or payment order and payment by bank card. These modes are distinguished from each other by the form taken by the money (paper in one case and an electronic format in the other), but the principle of their use is the same.
The payment orders are given by the customer's bank. During a purchase, the customer issues a payment order for a given amount on behalf of the tradesman or provider of services. The tradesman or provider of services sends this order to his bank which is generally different from the customer's bank. The compensation system makes it possible to credit the tradesman's account and to debit the customer's account at their respective banks.
In compensation systems used at present, the customer's bank does not actually transfer the money to the tradesman's bank whenever a payment is recorded. If the two banks have set up bilateral contractual links, each of them records the amount that it owes the other. At the end of a predefined period, only the difference between the two sets of amounts totalized by each bank is transferred from one to the other. This difference is generally small as compared with the total flow of money theoretically exchanged between the two banks. This makes it possible to limit transfers of money.
In a multinational context such as exists at present, the agreements are not made on a bilateral bank-to-bank basis. Rather, each bank participating in the system enters into a comprehensive agreement with the compensation system. Each bank keeps an account with the compensation system, the balance of which is increased by the total amount of payment orders presented to this bank and decreased by the total amount of the payment orders issued by this bank and received by the other bank.
In this configuration, the bank plays the role of a collector of payment orders.
The bank that receives a payment order carries out a certain number of verifying operations: for cheques and universal payment orders, it is ascertained that there is a signature present and that there is consistency between the amount in figures and the amount in letters and, for amounts above a certain value of the cheque, the signature is verified against a reference signature of the holder of the account. For payments by bank card, a verification is carried out at the time of payment by the presenting of the confidential code (i.e. the customer's identity is verified), and the validity of the card is also verified.
However, these operations of verification are not sufficient. The signature on a cheque is authenticated only for amounts beyond a certain value (the ceiling varies according to the bank) and this verification provides no guarantee against forged signatures. In the case of the use of bank cards with magnetic tracks, false cards may be manufactured and the payment terminal may then consider the card to be authentic.
The system of compensation based on computer systems is not safe from error in the form of errors of entry on the part of an operator, embezzlement, etc. This principle of operation is furthermore based on mutual confidence among banking organizations.
This system can work only on a relatively small scale. It is difficult to have a worldwide system of compensation. It would therefore be necessary to have a distributed banking architecture and a use of payment orders that is as localized as possible.
In national electronic payment systems, whether they are currently in use or forthcoming, the transactions recorded at each payment terminal are not stored individually but totalized in what is commonly called a security module.
For the bank, it is not possible to verify each transaction individually as is done with standard methods of payment. For, with the totalizing of the transactions, the notion of a cheque and/or a payment order disappears as does the notion of individual transactions.
The integrity and authenticity of the payments rely on the customer's electronic wallet card and on the security module located in the tradesman's terminal.
Now, recent developments pertaining to the electronic wallet provide for the possibility, during an operation of loading by authorized machines placed in certain banks or public places (post offices, etc.), for the loading also of electronic payment orders.
To simplify the description, these payment orders shall hereinafter be called cheques and these authorized machines shall hereinafter be called issuing banks.
Thus, in these developments, a sum of money M will be recorded in the balance contained in the wallet and several electronic cheques will be loaded into another part of the memory of the wallet. The number of cheques could, for example, be chosen by the user or by the issuing bank within fixed limits or it could be fixed beforehand without any choice being possible.
An electronic cheque that has just been loaded takes the form of a digital information element which reflects the identity of the issuing bank and the wallet without, however, revealing it, the signature being called a blind signature.
This information element actually comprises a first electronic signature Sqb enabling the authentication of the issuing bank and a second signature Sc enabling the card to be authenticated without the identity of the card appearing in the open.
The signatures computed and recorded for each card are distinct. They are obtained by a standard electronic signature algorithm that brings into operation, in addition to a function of signature generation with a secret key and a public key, one or more different random elements for each cheque.
For the generation of signatures, an algorithm such as the RSA (Rivest-Shamir-Adleman) algorithm is used.
It is also possible to use an algorithm published by the US Institute of Standards and Technology such as the DSA (Digital Signature Algorithm) or another signature protocol such as the Schnorr algorithm.
To obtain blind signatures, an algorithm that makes the signatures blind is added to these signature generating algorithms. For this purpose, it is possible for example to use the algorithm developed by David Chaum. The generation of blind electronic signatures forms part of known techniques.
In the context of these developments, a new problem is coming up. This is the problem of verifying that the cheques are authentic and that an electronic cheque which has already travelled through the bank network is not reused after a first payment.
An object of the present invention is to resolve this problem. It makes it possible to prevent and/or detect the manufacture of counterfeit electronic money.
The present invention furthermore makes it possible to preserve an anonymous character for money in circulation.