The invention refers to a configuration of a mobile communication device that is adjusted to be able to realize cashless payment processes, especially of the EMV standard. The mobile communication device can be in the form of a mobile phone, PDA (Personal Digital Assistant), portable PC, tablet, USB key inserted into a PC and similar. Device can be used in common payment processes according to current configurations and moreover it can act as a POS terminal. The solution also describes a way of cashless payment based on this kind of device.

Present technology

Extended payment terminals, POS (Point of Sale) terminals, which are placed permanently in business premises assure transfer of money from the buying person ^' s account to the store operator ^' s account. During this process the POS terminal cooperates with payment cards belonging to buyers. It cooperates with them either through a contact or a contactless connection. The POS terminal payment was characterized until now as a payment in which the payment recipient has a POS terminal and the paying customer uses a corresponding card as a payment device. In the first phase the card holder is checked, verified. This process should be highly secure and it should be realized without either the merchant or the paying customer having to exert disproportionate big effort. It also should be realized without big complications on either the merchant ^' s or the paying customer ^' s side. Subsequently, a process is run during which the paid amount is credited to the store operator ^' s account. The card issuers Europay International, MasterCard and VISA entered into an agreement concerning creation of EMV standard (Europay MasterCard Visa), which uses a microchip located on a payment card. The EMV standard describes interactions between the payment card chip and the POS terminal. The usage of a microchip enables to protect data stored in it in such away so these are not accessible from the outside without a password. The usage of the chip also enables Cardholder Verification to take place without connecting online to a processor ^' s center.

The solution according to the patent CN101351819 mentions the possibility of using a mobile phone as a POS terminal; however it does not deal with a specific configuration of individual obligatory elements of the system. Many solutions as e.g. the patents CN 101339685, CN 101329801 , US2008270246 (A1 ), SI22595 (A), US2008059375 describe how mobile phone is used in cashless payments, however there are no independent POS terminal elements directly in the phone. Other solutions only describe how mobile phone interacts with a static POS terminal as it is the case with the patent file US2007241180 (A1 ).

The existing POS terminals that are widely spread in business premises are characterized by a stable structure, which encompasses among other things a communication channel connected to a payment processing center, a printer, an encryption key, a display, a card reader, sometimes a reader of different format card and a keyboard for PIN code entering. This technical configuration requires certain space and is relatively costly. The known POS terminal realizations are intended for stable selling points in physical shops where high costs of the purchase, installation and operation of POS terminals are in balance with the proportionate purchase turnovers.

With rising number of functions provided by mobile communication devices it will be required that mobile communication devices enable realization of cashless payments having resulting cryptograms in a format consistent with EMV standard; all this with high security, required by individual participants of the entire business relationship (payment card issuer, processing center, bank, merchant).

There are also configurations as e.g. according to Proximity Mobile Payments, Smart Card Alliance, September 2007 publication where the possibilities of placing one Secure Element in a mobile communication device are mentioned. This configuration enables to store payment card sensitive data into the mobile communication device in a secure way; however it does not enable to run a POS terminal directly in the mobile communication device. An important requirement is for the new solution to be compatible with the structure of current payment data on the payment processor level. It probably would not be possible to implement a configuration that would require a completely new hierarchy or completely new verification processes.

Subject matter of the invention

The deficiencies mentioned are to a great extent eliminated by a mobile communication device for cashless payments according to this invention the subject matter of which lies in the fact that the mobile communication device has at least two physically separate and independent chips with Secure Elements on its printed circuit board; one Secure Element contains a POS payment terminal, the second Secure Element contains a payment card and the secure elements are interconnected by a contact circuit on the board. The Secure Element contains a payment terminal in which there are all software applications and possibly even configuration data necessary for the run of payment terminal stored. The Secure element will not have outer and hardware appearance of the POS terminal as perceived by a paying customer in a physical shop. In most cases the POS payment terminal in the Secure Element will first run in the form of an indifferent payment terminal and only later the configuration data will be selected and loaded to it. The configuration data can be loaded only after a payment application is started and in the interaction with the device that sends the configuration data corresponding to the specific payment. The Secure Element will contain a POS payment terminal encompassing a unit with a payment-terminal application and in a suitable configuration even a payment controller unit and a download management unit.

A substantial characteristic of the presented solution is that the POS payment terminal chip can be located on the device ^' s board - this chip is connected to the chip with the payment card unit in a contact way, basically permanently. So, the presented solution unifies a payment card and a virtual POS terminal kernel into one carrier on the device ^' s board. The interconnection of chips with Secure Elements can be direct or over a circuit and/or calculation module. In this configuration the POS terminal will communicate with the payment card as if this one was inserted in the payment card contact reader, however in reality this connection is permanent. The second Secure Element will contain a payment card with payment data unit; however the data do not have to be exclusively of the EMV standard. The payment card in Secure Element will not be in the shape and form of a standard payment card as this one is perceived by a common user of a plastic card.

In suitable configuration a communication having a structure according to ISO 7816 will run through the contact circuit.

The device is held by a paying customer. The configuration data can be ascribed to the payment recipient and they can be stored within a mobile communication device or they can be sent there wirelessly from another device using a communication network of the mobile communication device itself, or using a NFC element. The element carrying configuration data can belong to the merchant or it can be held by the merchant and it will encompass a protected memory with identification data which above all encompass data necessary for the configuration of the POS payment terminal and its matching to the bank account of the corresponding merchant. So the mobile communication device will encompass a generic payment terminal, which will become a specific payment terminal having a unique identity only at the moment when the payment process is in progress. This phase forms something like a preparation for the start of a one-time POS terminal. Subsequently, the payment-terminal application can run during the connection; this application can be of EMV type as in today ^' s standard POS terminals.

The POS terminal on the Secure Element can encompass a memory, a microcontroller, a unit with a payment-terminal application and a unit with payment terminal configuration data. The entire process kernel of the POS terminal can be located on the printed circuit board of the mobile communication device. Data that the terminal needs to have its identity created are stored in the Secure Element; basically these are the data saying to whom the terminal with the corresponding data belongs.

In the second Secure Element there is a payment card or several payment cards of the user. This kind of payment card unit will encompass hardware and software tools for the assurance of similar functions as the payment cad chip has according to the EMV standard. The interfaces of this unit can be different since the unit is not designed to be read in readers of common formats, but it will be firmly, undetachably connected with the mobile communication device ^' s board. If the communication between the payment card and the POS terminal is narrowed for the transmission of data within one hardware device it will not possible to monitor and misuse this communication without permission.

The displaying tools of the mobile communication device can be used to display the course of the POS terminal payment application including the amount being paid.

So, the solution presented enables to place POS terminals belonging to different operators on one hardware device. Also it enables to place one user ^' s payment cards that is to say payment cards from different banks issued to the same person on one hardware device. These configuration and payment data belonging to different companies must be placed separately from the access point of view. By using the solution presented here it can be reached that payment terminals are held personally by the user and then it is possible to combine a payment terminal and a payment card into one hardware device. From the configuration identity point of view, however, the payment terminal will belong to a specific bank or processing institution as it is the case now in case of terminals held by a merchant. A specific POS terminal is created from a general, generic, indifferent terminal and payments from this specific payment POS terminal are credited to the corresponding payment recipient in the payment system. The term indifferent used in this file is used above all to describe the fact that the terminal is free and that it is not linked to a specific entity when not in the course of a specific payment process. So this means that the POS terminal is linked to a specific payment recipient and to a specific bank or a payment processor during one payment process. In the course of a next payment process, the recipient, bank or processor can be both a different one and the same one.

In the Secure Element, the payment terminal can have even several independent units with configuration data of independent terminals. These will be stored in independent domains of the Secure Element. This technical solution will enable payment terminal to be activated in the form of a terminal belonging to different payment processor depending on the user ^' s choice or some other commands. Under the term Secure Element we can envision something like, however not exclusively, a secured memory with a necessary interface which can be in the shape of an independent chip with a corresponding calculation capacity. The Secure Element can be configured in such a way so the data that are stored in it are not freely accessible from the outside, however these data can be used as input parameters for the realization of calculation operation within Secure Element and only the results of these calculation e.g. in the form of cryptograms get outside.

The encryption of POS terminal configuration data can run using a

MasterKey, which, in general can be and mostly even is different from encryption keys that are subsequently used by the payment terminal application itself for the creation of the payment cryptogram. The Master Key can originate from the hardware supplier and the encryption keys of the payment-terminal application can be issued by a bank or a payment processor. Figures overview

The invention is explained in more detail on the Figure 1 where is a block scheme showing two Secure Elements that communicate with each other using the ISO 7816 standard.

Example

In this example there is a description of a configuration of a mobile communication device 4, which is in the form of a mobile phone. On the mobile phone printed circuit board there is a Secure Element 2 containing an indifferent POS payment terminal and Secure Element 3 containing units of several payment cards. The circuit 1 is formed by the ISO 7816 contact interface. The usage of Secure Elements 2, 3 that are in separate hardware parts simplifies certification demands of individual participants of the payment system (card issuer, processing center operator) on storage of sensitive data to secure elements 2, 3.

Apart from the payment process, POS payment terminal is indifferent and adjusted to be configured according to payment data recipient.

In this example, the Secure Element 3 is divided into independent domains that can be provided to various card issuers. A payment-terminal application runs in the circuits on the mobile communication device ^' s 4 printed circuit board. This payment-terminal application runs in such a way as if it was a relationship between a standard POS payment terminal and a payment card, which is inserted in the reader of a POS terminal. After the payment-terminal application is ended, the connection between the POS payment terminal and payment card is disconnected on the software level.

The mobile communication device 4 has a specialized button to start the payment-terminal application and this button is equipped with the currency symbol.

The mobile communication device 4 in this example has even a NFC contactless communication element located on the removable memory card, in which there is also an antenna. The payment-terminal application is controlled over a keyboard and a display of the mobile communication device 4.

The POS payment terminal is launched on the Secure Element 2; the payment terminal communicates over the circuit 1 with the payment card on the Secure Element 3 in a way as if it was a payment card inserted in a payment card contact reader. The originally indifferent POS terminal is configured during each payment individually for the benefit of payment recipient according to the currently received payment data; subsequently the POS payment-terminal application is run; it uses the payment card data from the Secure Element 3 and the resulting payment cryptogram is sent to be processed outside the mobile communication device; in this example it is sent to the payment processing center in a bank.

The configuration data entering indifferent POS terminal are encrypted, preferably using Master Key that is different from the encryption keys of the POS payment-terminal application. The mobile telecommunication device 4 can be used even in the configuration when the secured part of the memory with POS terminal configuration data is separate e.g. is held by the payment recipient. This kind of memory is interconnected with the mobile communication device 4 in a contactless way on the beginning of the payment processes, which enables to configure the originally indifferent POS terminal.

Industrial usability

The industrial usability is obvious. According to this solution it is possible to industrially and repeatedly produce and use a mobile communication device with two independent Secure Elements especially for the creation of payment cryptograms within POS payment application, which runs directly in the mobile communication device. List of related symbols

1- circuit

2- secure element of the POS terminal 3- secure element of the payment card

4- mobile communication device