A number of proposals have been made to enable electronic financial transactions to be conducted using mobile phones. Some of these involve the transmission of a customer's mobile telephone number over the internet to a supplier's website. In such a system, the supplier's site transmits the telephone number, a supplier identifier and a relevant product reference to a management server which then contacts the customer by sending an SMS message to the mobile telephone number. The customer then provides his or her consent to the transaction and may provide an identifying authentication. The management server then sends a message to the supplier's site confirming the customer's consent and the supplier may then arrange for delivery of the relevant product (eg, see PCT/FR00/03440). Such a system has a very low level of security and, therefore, users of such a system run a significant risk that messages transmitted over the system (which may include confidential identifying criterion, such as a PUV) may be intercepted and used fraudulently.
Another system which has been developed is one in which the circuitry of the mobile telephone is programmed to incorporate the customer's bank account number and may contain “consistency information” of the customer's bankcard. Accordingly, the system functions by means of the bank account number (or bankcard number) being transmitted by the mobile telephone for the purposes of effecting the financial transactions (eg. see PCT/FR99/01605). A problem with this system is that it also involves a low level of security with the relevant bank account details being transmitted and subject to interception by unauthorised persons.
Another example is the system described in Australian Patent Application Number AU 200051840 entitled “System and process for remote payments and transactions in real time by mobile telephone”. This system also provides for the processing of payments and transactions between consumers and service providers, by way of a mobile telephone network. However, this system has a number of disadvantages, namely:                1. The telecommunication and account management functions are performed by the same server. In many countries, government regulations prohibit telecommunication carriers from functioning as financial institutions. In order for this system to work as claimed, it has to perform both telecommunication and banking functions.        2. Having the telecommunication and account management functions performed by the same server compromises the security of the system and renders the accounts of users more vulnerable to being accessed by unauthorised persons than is the case if the telecommunication and account management functions are performed by (more secure) server which is separate from the telecommunication server. This is a concern given that the server contains confidential information of the customer (eg a PIN).        3. The user's PIN (or “secret identification code”) is transmitted over the wireless network from the user's mobile phone to the main server. This provides the opportunity for third parties to tap into the wireless transaction and learn the user's PIN. They can then use the PIN to fraudulently conduct further transactions.        4. The system is a simple browser-based system, with the messages to and from the system server being sent over the network as text messages (eg, SMS messages). The procedure for verifying the user's identity is effected by a text message being sent from the system server to the customer's mobile telephone, requesting the customer to enter his or her personal identification code (eg, PIN). The PIN is transmitted over the network and the verification is conducted within the system server. Again, this gives rise to a low level of security with the danger that the PIN could be intercepted by an unauthorised person.        5. The system is very network-dependent and, for it to work effectively, a complex arrangement of data storage means and checks need to be conducted to identify the type of mobile phone of the user and then to determine the relevant network on which the mobile phone operates.        6. The system involves a complicated and expensive arrangement of verification means, databases, account management means, confirmation messages and acceptances messages which interact in a complex manner. This has the effect of slowing down the system and increasing the likelihood of errors or failures occurring.        