SYSTEM & METHOD FOR SMART DEVICE, POINT OF SALE DEVICE, SMART CARD AND WEBSITE PAYMENTS USING ENCRYPTED QR CODE

BACKGROUND OF THE INVENTION

[0001] 1. Field of the invention

[0002] The present invention relates to the method and system for smart device, point of sale (POS) device, smart card and website payment(s) using encrypted QR code wherein it is possible to perform daily business transactions securely, cheaply and instantly.

[0003] 2. Description of the related art

[0004] Think of three businessmen (Merchant A, B & C) who own stores, two commercial banks (Bank X & Y) and three workers (Consumer A, B & C) whose salaries get deposited to their bank accounts monthly. Merchant A, Merchant B and Consumer A have opened and operates respective accounts with Bank X. Merchant C, Consumer B and Consumer C have opened and operates respective accounts with Bank Y.

[0005] When Consumer A want to buy good(s) or service(s) at Merchant A and Merchant B stores, he first need to have physical money in hand. To get physical money he must have visited nearby branch of Bank X or located a nearby Automated Teller Machine (ATM). Now the business transaction is done between merchant and consumer. At the end of business day, Merchant A & B collects total physical money and must find secure way to transfer the money back to their account at Bank X

[0006] A lot of inconveniences (to mention a few, robbery risk and struggling for change) are faced by both merchants and consumers when handling and transferring physical money and what they all don't know is that, they've opened and operate bank accounts with Bank X. This means, very simple math needs to be applied to solve their problem(s) i.e. by transferring electronic money (e-money) from consumer to merchant account instantly and securely whenever they need to perform business trans action (s).

[0007] The same inconveniences explained above could be faced by Merchant C, Consumer B and Consumer C who altogether have opened and operate respective accounts with Bank Y.

[0008] The solution to above inconveniences faced by both merchants and consumers form the first core part and one embodiment of present invention i.e. the payment processing system. The system integrates Bank X, Bank Y and other banks to form one payment processing platform where all merchants and consumers may reside and therefore being able to perform daily business trans action(s) with ease. Using this solution, the need to directly interact with consumers or merchants account(s) at their respective banks is eliminated and therefore security to their primary bank accounts is enhanced.

[0009] Let's now go through the current two payment methods used in performing business trans action (s).

[0010] The first payment method used in performing business transaction(s) today starts with consumer presenting his payment credit card to the merchant. The merchant swipes the credit card using his Point of Sale (POS) terminal. The POS sends payment enquiry to the processor which then seeks authorization through card type network. After authorization, the enquiry is directed to the card issuing bank of consumer to verify available fund. The bank verifies fund available and return response of transaction approve or decline. The bank authorization is routed back through the card type network and is received by the processor which provides the merchant the authorization to complete business transaction. At the end of each day the merchant will batch all of the credit card transactions and send to the processor. The processor processes the transactions and the fund is finally deposited to the merchant bank account after two days.

[0011] The second payment method used in performing business transaction(s) today starts with consumer enters their card details on checkout page in merchants website and places order by pressing the "submit order" button. The web browser then encrypts the information to be sent between browser and the merchant's webserver. This is done via Secure Sockets Layer (SSL) encryption connection. The merchant's webserver then forwards the transaction details to their payment gateway via SSL encryption connection. The payment gateway also forwards the transaction information to the payment processor which then seeks authorization through card type network. After authorization, the enquiry is directed to the card issuing bank of consumer to verify available fund. The bank verifies fund available and return response of transaction approve or decline. The bank authorization is routed back through the card type network and is received by the processor which then forwards the response to the payment gateway. The payment gateway receives the response and forwards it on to the merchant website where it is interpreted as a relevant response and then relayed back to the cardholder and the merchant. At the end of each day the merchant will batch all of the credit card transactions and send to the processor. The processor processes the transactions and the fund is finally deposited to the merchant bank account after two days.

[0012] Four challenges/inconveniences are noticed from the two payment methods explained above.

[0013] The challenges/inconveniences are:

^ POS terminals used by merchants are very expensive

^ Consumer's payment data is less secured when swiping the credit card using merchants POS terminal.

^ Consumer's payment data is less secured when filling the checkout page in merchant's website and the filling process takes long time to complete.

Transaction settlement between consumer and merchant bank accounts takes long time to complete i.e. almost two days.

[0014] The solution to above challenges/inconveniences faced by both merchants and consumers form the second part and other embodiments of present invention i.e. using mobile terminals (e.g. smart phones and tablets) and smart cards (having encrypted QR code and embedded with integrated circuits) to perform daily business transactions.

SUMMARY OF THE INVENTION

[0015] One embodiment of the present invention is directed to the payment processing system comprising QR code server, authentication server and payment application(s) server as core elements. These core elements may integrate with other application (s) and system(s) resides within or outside the organization and form one functioning payment processing platform.

[0016] Another embodiment of the present invention is directed to the mobile terminals (smart device) for consumer & merchant comprising mobile payment processing application. The payment processing application(s) utilizes the built in camera and wireless communication technologies feature(s) found in mobile terminals. Typical examples of wireless technologies features found in mobile terminal(s) are near field communication (NFC), Bluetooth, Wi-Fi and 4G internet.

[0017] Another embodiment of the present invention is directed to the merchant's point of sale (POS) terminal/device comprising display area for encrypted QR code image received from payment processing system. [0018] Another embodiment of the present invention is directed to the merchant's online checkout page comprising display area for encrypted QR code image received from payment processing system.

[0019] Another embodiment of the present invention is directed to the consumer and merchant physical payment token (smart card) comprising encrypted QR code image and embedded with integrated circuits.

[0020] Another embodiment of the present invention is directed to the method(s) for point of sale (POS) device, smart device, smart card and website payment using encrypted QR code.

BRIEF DESCRIPTION OF THE DRAWINGS

[0021] In summary, FIG. 1A, FIG. IB, FIG.2 & FIG. 3, explain a first embodiment of the present invention.

[0022] FIG. 1A Illustrate an overall configuration of a payment method using encrypted QR code according to a first embodiment of the present invention.

[0023] FIG. IB shows a block diagram(s) for payment processing system 101 and mobile terminal 106a according to the first embodiment of the present invention.

[0024] FIG. 2 Illustrate payment processes in mobile terminals using encrypted QR code according to the first embodiment of the present invention.

[0025] FIG. 3 Shows a flow chart illustrating payment processes that can be followed with the payment method in FIG. 1A

[0026] In summary, FIG. 4A, FIG .4B, FIG. 5 & FIG. 6, explain a second embodiment of the present invention.

[0027] FIG. 4A Illustrate an overall configuration of a payment method using encrypted QR code according to a second embodiment of the present invention.

[0028] FIG. 4B shows block diagram(s) for payment processing system 101 and point of sale (POS) device 106b displaying encrypted QR code according to the second embodiment of the present invention.

[0029] FIG. 5 Illustrate payment processes in point of sale (POS) device using encrypted QR code according to the second embodiment of the present invention.

[0030] FIG. 6 Shows a flow chart illustrating payment processes that can be followed with the payment method in FIG. 4A

[0031] In summary, FIG. 7A, FIG .7B, FIG. 8 & FIG. 9, explain a third embodiment of the present invention.

[0032] FIG. 7A Illustrate an overall configuration of a payment method using encrypted QR code according to a third embodiment of the present invention.

[0033] FIG. 7B shows block diagram(s) for payment processing system 101 and online checkout page 106c displaying encrypted QR code according to the third embodiment of the present invention.

[0034] FIG. 8 Illustrate payment processes in website using encrypted QR code according to the third embodiment of the present invention.

[0035] FIG. 9 shows a flow chart illustrating payment processes that can be followed with the payment method in FIG. 7A

[0036] In summary, FIG. 10A, FIG .10B, FIG.ll & FIG.12, explain a fourth embodiment of the present invention.

[0037] FIG. 10A Illustrate an overall configuration of a payment method using encrypted QR code according to a fourth embodiment of the present invention.

[0038] FIG. 10B shows block diagram(s) for payment processing system 101 and physical payment token 108 which is embedded with integrated circuits and display encrypted QR code on it according to the fourth embodiment of the present invention.

[0039] FIG. 11 Illustrate payment processes in physical payment token using encrypted QR code according to the fourth embodiment of the present invention. [0040] FIG. 12 shows a flow chart illustrating payment processes that can be followed with the payment method in FIG. 10A

[0041] FIG. 13(201) & (202) shows exemplary encrypted and un-encrypted QR codes containing merchant's payment details while FIG. 13(203) & (204) shows exemplary encrypted and unencrypted QR codes containing consumer's account details.

DETAILED DESCRIPTION OF THE INVENTION

[0042] Before going into detailed description of the present invention, let's first have a quick look and describe important terminologies used herein.

[0043] One important terminology worth understanding is QR code. QR code (abbreviated from Quick Response Code) is the registered trademark for a type of matrix barcode (or two-dimensional barcode).

[0044] Denso Corporation (Automotive Components Manufacture Company headquartered in Japan) owns patent rights on QR codes. QR code is clearly defined and published as an ISO standard.

[0045] A QR code consists of black modules (square dots) arranged in a square grid on a white background, which can be read by an imaging device (such as a camera) and processed using Reed- Solomon error correction algorithm until the image can be appropriately interpreted. The required data are then extracted from patterns present in both horizontal and vertical components of the image.

[0046] Although initially used for tracking parts in vehicle manufacturing, QR codes are now used in a much broader context due to its fast readability and greater storage capacity compared to one- dimensional barcodes. QR codes may contain various types of information including not only text such as letters and numbers but also graphics, photos, voice, fingerprints and signatures.

[0047] When additional security layer (e.g. Advanced Encryption Standards Algorithms) is added to QR codes we get encrypted QR codes which then become useful to share sensitive information like government secrets or consumers bank account details.

[0048] In the present invention, the encrypted QR code images are used in consumers & merchants mobile terminals, merchants POS terminals, merchant's checkout pages (websites) and on consumers & merchants physical payment tokens.

[0049] The QR code image may be in the JPEG (Joint Photographic Experts Group) or GI (Graphics Interchange) formats.

[0050] Typical example of encrypted QR code image displayed on the mobile terminal, POS terminal and checkout page (website) of the merchant is shown in FIG. 13 (201) & (202). When the image is scanned by normal barcode reader application installed in consumer's mobile terminal, the information reads "ENC;V9C2Ev+3+Hlx/limAcDa6mfRD3qWyntlCkp4fLtwE2HtefldtdHJWy4 5bfslKj72B8e nezqIwlfogrlzLDb7EqEi6bqbCVm7S26bnLVnL0turD/V0sDlscm4mUagS8J BZ8TkPTnoxS S/R3QHxowV87QvV6yjDMBupRTamDuwEEoabeWjzCm9ocRutMInn3rNeNbW0m Erzfe 2EDOitRaK3Hv/vAVFct0/G75Gg3INJT3+2yhTFoMdsAfbcDWW251QFDX9kmD kjbtJ/vf gv+p9g=="When the same image is scanned by specialized barcode reader application which is integrated in the consumer's mobile payment application, the information reads "Merchant Name: Mlimani City Supermarket TIN: 109-584-053 VRN: 10-018535-X PAN: 01AX866356737 Order Number: 7351B Order Date: 10-10-2014 Due Amount: TSh 100,000 URL: https://75.102.23.54/". [0051] Typical example of encrypted QR code image displayed in consumers mobile payment application and printed on consumers & merchant's physical payment token is shown in FIG. 13 (203) & (204). When the image is scanned by normal barcode scanner application installed in merchant's mobile terminal, the information reads

"ENC;Td5P/+2MjTmE4EsGKNollN6KASOoAefq7FdLXsoftfRiZH8LAPwZ gjjnFW0fxU7j 8KvZ4hVN6eGDP9BmX6wAcwXzMRoKWlgJ/12Tq2pLmTpWp7bJoT35+9jnbEub N+pZw it9CB+ByInWoUcfgQHYU4JD2qmFhuJYcuMzf3yxPkftgR153tbzRJM/dgBt9 IaP". When the same image is scanned by specialized barcode reader application which is integrated in the merchant's mobile payment application, the information reads "Name: Juma Hamis Kapaya Account Number: 02XA354286945 Expiry Date: 12-2017 National Identity Card Number: 19800913-15112-00001-25".

[0052] The other important terminology to understand is Host Card Emulation.

[0053] Host Card Emulation (HCE) was the term created by founders of SimplyTapp (a startup company in USA), Doug Yeager and Ted Fifelski in 2011.

[0054] HCE is the ability for Near Field Communication information transfer to happen between a terminal configured to exchange NFC radio information with an NFC card and a mobile device application configured to act or pretend to emulate the functional responses of an NFC card. HCE requires that the NFC protocol be routed to the main operating system of the mobile device instead of being routed to a local hardware -based Secure Element (SE) chip configured to respond only as a card, with no other functionality. HCE provides virtual and exact representation of a smart card using only software and at relatively low cost.

[0055] Prior to the HCE architecture, NFC transactions were mainly carried out using the Secure Element. The Secure Element approach prevented many organizations to participate in mobile payments due to the high up-front capital costs and complex partner relationships.

[0056] Some areas the new HCE architecture can support include closed-loop contactless payments, loyalty programs, card access and transit passes.

[0057] In the present invention, HCE architecture is used to enable virtual smart card functionalities in consumer's mobile payment application.

[0058] The last terminology worth understanding is contactless smart card.

[0059] Contactless smart card is any pocket-sized card with embedded integrated circuits that can process and store data, and communicate with a card reader terminal via radio waves. Proximity Integrated Circuit Card (PICC) is a more technical term used to describe contactless smart card.

[0060] The standard for contactless smart card communications is ISO/IEC 14443.

[0061] Both reading and writing is possible on contactless smart cards and they can also perform certain on-card operations such as increasing value blocks etc. The read/write range of devices is usually between 5 cm to 10 cm.

[0062] Generally, contactless smart cards are used in payments systems, mass transit, access control, government national ID, and e-passport.

[0063] In the present invention, contactless smart cards are programmed to store monetary value (offline balance) which is used for contactless payments.

[0064] The present invention will now be described in more detail with reference to the drawings which illustrate various embodiments of the present invention.

[0065] FIG. 1A illustrates an overall configuration of a payment method which can be implemented in performing payment(s) with mobile terminals using encrypted QR code according to a first embodiment of the present invention. [0066] The payment method in FIG. 1A according to the present invention includes a merchant mobile terminal 106a, consumer mobile terminal 107, internet 105 and payment processing system 101.

[0067] Furthermore, the payment processing system 101 according to the present invention is elaborated in FIG IB and typically it comprises QR code server 102a, authentication server 103a and payment applications server 104a.

[0068] Furthermore, the merchants mobile terminal 106a according to the present invention is illustrated in FIG IB.

[0069] The merchant's mobile terminal 106a illustrated in FIG IB displays the encrypted QR code image containing payment(s) information.

[0070] The mobile terminals payment method using encrypted QR code according to the first embodiment of the present invention is described below with reference to FIG. 2

[0071] When a consumer (not shown) choose to pay by his mobile terminal 107 at a merchant store, a merchant (not shown) invoke mobile payment application installed in his mobile terminal 106a. Merchant then request for user authentication by entering his unique password in mobile payment application. The mobile payment application then encrypts the password and sends request message to authentication server 103a via secured internet 105 connections.

[0072] The authentication server 103a receive the request message from merchant's mobile terminal 106a, process the request by verifying user authentication and send approval/ reply message to merchant's mobile terminal 106a to open the mobile payment application. The reply from authentication server 103a to merchant's mobile terminal 106a is through the internet 105 using Secure Sockets Layer (SSL) connection.

[0073] The merchant's mobile payment application is also built with receipt printing feature. It utilizes the wireless communication technologies found in most smart devices (e.g. smart phone(s), tablet PC's or PDA's) to send print request to wireless thermal printer(s).

[0074] Typical example of wireless communication technology used by smart devices and thermal printer(s) is Bluetooth®.

[0075] In mean time, a consumer who chooses to pay by his mobile terminal 107 invokes mobile payment application installed in his mobile terminal 107 and request for user authentication by entering his unique password. The mobile payment application then encrypts the password and sends request message to authentication server 103a via secured internet 105 connections.

[0076] The authentication server 103a receive the request message from consumer's mobile terminal 107, process the request by verifying user authentication and send approval/reply message to consumer's mobile terminal 107 to open the mobile payment application. The reply from authentication server 103a to consumer's mobile terminal 107 is through the internet 105 using Secure Sockets Layer (SSL) connection.

[0077] During the authentication process for consumer with mobile terminal 107, the QR code server 102a also updates the QR code decryption key(s) to consumer mobile application. The QR code decryption key(s) are sent from QR code server 102a to consumer mobile payment application through the internet 105 using Secure Sockets Layer (SSL) connection.

[0078] The QR code decryption key(s) sent from QR code server 102a are stored temporarily in secure area within the consumer mobile payment application.

[0079] The authentication request message(s) from consumer's mobile terminal 107 and the authorization approval/reply message(s) from authentication server 103a may comply with ISO (International Organization for Standardization) 8583 which is a standard for systems that exchange electronic transaction(s) data originated from card (s) /payment token(s). [0080] The consumer mobile payment application is also integrated with QR code reader application. The QR code reader application utilize built in camera functionality found in most smart devices (e.g. smart phone(s), tablet PC's or PDA's) to read/ extract information kept in QR codes images.

[0081] The consumer's mobile payment application may be named as virtual payment token or virtual smart card.

[0082] Now both merchant and consumer have logged into their respective mobile payment applications.

[0083] Thereafter, merchant using mobile payment application in his mobile terminal 106a generates payment details. The generated payment details typically include the total amount that a consumer is about to pay for good(s) or service(s) at merchant's store.

[0084] The generated payment details are then combined with unique merchant identification (ID) number (stored in secure area found in merchant's mobile payment application) and sent as request message from his mobile terminal 106a through the internet 105 using Secure Sockets Layer (SSL) connections to the QR code server 102a requesting for QR code generation.

[0085] After receiving the request, the QR code server 102a process the request and reply with encrypted QR code image sent over the internet 105 using Secure Sockets Layer (SSL) connection to merchants mobile terminal 106a.

[0086] The encrypted QR code image typically contains merchants basic account details (with reference to unique merchant ID) and due amount to be paid by consumer.

[0087] The encrypted QR code image is displayed on merchants mobile terminal 106a.

[0088] To authorize payment(s), a consumer use his mobile payment application to scan the encrypted QR code image displayed on merchants mobile terminal 106a.

[0089] Using decryption key(s) updated from QR code server 102a, the consumer mobile payment application decrypt the QR code image and read/ extract payment information.

[0090] Typically, the payment information extracted from decrypted QR code image are merchants basic account details and due amount to be paid by consumer.

[0091] The payment information is now displayed on consumer's mobile payment application.

[0092] The consumer then verifies payment information and finally sends payment authorization message to payment server 104a for further processing. The payment authorization message is sent from consumer's mobile payment application to the payment server 104a through the internet 105 using Secure Sockets Layer (SSL) connections.

[0093] The payment server 104a receives the payment authorization message from consumer's mobile payment application and processes it.

[0094] The payment server 104a, verify account details and status of both merchant and consumer. Thereafter, the payment server 104a, check available fund in consumers account and finally complete the transaction by transferring the due amount into merchant's account instantly.

[0095] After completing the transaction(s), the payment server 104a send payment confirmation/notification message to both consumer and merchant.

[0096] Typically, the payment confirmation/notification message is sent from payment server 104a to merchant's mobile terminal 106a or consumer's mobile terminal 107 via secured internet connection as an electronic message.

[0097] The merchant's mobile terminal 106a receives the payment confirmation/notification message from payment server 104a and may then use the receipt printing feature found in mobile payment application to print payment receipt.

[0098] The payment receipt is printed on wireless thermal printer (not shown) and given to consumer. [0099] The payment confirmation/notification message sent from payment server 104a may also be received by merchant's mobile terminal 106a and consumer's mobile terminal 107 using the Global System for Mobile (GSM) Communication Network as Short Message Service (SMS).

[0100] In summary, a mobile terminals payment method using encrypted QR code according to the first embodiment of the present invention explained in FIG. 2 can be illustrated using flowchart shown in FIG. 3

[0101] The methods begin at step 110a for a merchant to invoke and log in to mobile payment application installed in his mobile terminal 106a when a consumer choose to pay by his mobile terminal 107 at a merchant store.

[0102] At step 115a, merchant generate payment details using his mobile payment application and then request for QR code image from QR code server 102a.

[0103] At step 120a, the QR code server 102a sends encrypted QR code image to merchant's mobile payment application.

[0104] At step 125a, the merchant's mobile payment application receives and displays the encrypted QR code image then waits for consumer to scan.

[0105] At step 130a, the consumer invokes and log in to mobile payment application installed in his mobile terminal 107. He then scans the QR code image with camera in his mobile terminal 107.

[0106] At step 135a, the consumer's mobile payment application decrypts the scanned QR code image and captures the merchant's payment details.

[0107] At step 140a, the consumer authorizes payment to the merchant.

[0108] At step 145a, the payment server 104a verify fund in consumers account and approve payment to merchant account instantly.

[0109] At step 150a, the payment server 104a sends transaction/payment notification to both consumer and merchant.

[0110] FIG. 4A illustrates an overall configuration of a payment method which can be implemented in performing payment(s) with point of sale (POS) terminals using encrypted QR code according to a second embodiment of the present invention.

[0111] The payment method in FIG. 4A according to the present invention includes a merchant's point of sale (POS) terminal 106b, consumer mobile terminal 107, internet 105 and payment processing system 101.

[0112] Furthermore, the payment processing system 101 according to the present invention is elaborated in FIG 4B and typically it comprises QR code server 102b, authentication server 103b and payment applications server 104b.

[0113] Furthermore, the merchants point of sale (POS) terminal 106b according to the present invention is illustrated in FIG 4B.

[0114] The merchant's point of sale (POS) terminal 106b illustrated in FIG 4B displays the encrypted QR code image containing payment(s) information.

[0115] The POS terminal payment method using encrypted QR code according to the second embodiment of the present invention is described below with reference to FIG. 5

[0116] When a consumer (not shown) chooses to pay by his mobile terminal 107 at a merchant store, he invokes mobile payment application installed in his mobile terminal 107 and request for user authentication by entering his unique password. The mobile payment application then encrypts the password and sends message to authentication server 103b via secured internet 105 connections.

[0117] The authentication server 103b receive the request message from consumer's mobile terminal 107, process the request by verifying user authentication and send approval/reply message to consumer's mobile terminal 107 to open the mobile payment application. The reply from authentication server 103b to consumer's mobile terminal 107 is through the internet 105 using Secure Sockets Layer (SSL) connection.

[0118] During this authentication process for consumer with mobile terminal 107, the QR code server 102b also updates the QR code decryption key(s) to consumer mobile application. The QR code decryption key(s) are sent from QR code server 102b to consumer mobile payment application through the internet 105 using Secure Sockets Layer (SSL) connection.

[0119] The QR code decryption key(s) sent from QR code server 102b are stored temporarily in secure area within the consumer mobile payment application.

[0120] The authentication request message(s) from consumer's mobile terminal 107 and the authorization approval/reply message(s) from authentication server 103b may comply with ISO (International Organization for Standardization) 8583 which is a standard for systems that exchange electronic transaction(s) data originated from card (s) /payment token(s).

[0121] The consumer mobile payment application is also integrated with QR code reader application. The QR code reader application utilize built in camera functionality found in most smart devices (e.g. smart phone(s), tablet PC's or PDA's) to read/ extract information kept in QR codes images.

[0122] Now the consumer has logged in his mobile payment application.

[0123] The consumer's mobile payment application may be named as virtual payment token or virtual smart card.

[0124] In meantime, a merchant (not shown) generates payment details using his POS terminal 106b which is installed and positioned at one point in a store. The generated payment details typically include the total amount that a consumer is about to pay for good(s) or service(s) at merchant's store.

[0125] The generated payment details are then combined with unique merchant identification (ID) number (stored in secure area found in consumer's POS terminal) and sent as request message from his POS terminal 106b through the internet 105 using Secure Sockets Layer (SSL) connections to the QR code server 102b requesting for QR code generation.

[0126] After receiving the request, the QR code server 102b process the request and reply with encrypted QR code image sent over the internet 105 using Secure Sockets Layer (SSL) connection to merchants POS terminal 106b.

[0127] The encrypted QR code image typically contains merchants basic account details (with reference to unique merchant ID) and due amount to be paid by consumer.

[0128] The encrypted QR code image is displayed on merchants POS terminal 106b.

[0129] The merchant's POS terminal 106b is also built with receipt printing feature.

[0130] To authorize payment(s), a consumer use his mobile payment application to scan the encrypted QR code image displayed on merchants POS terminal 106b.

[0131] Using decryption key(s) updated from QR code server 102b, the consumer mobile payment application decrypt the QR code image and read/ extract payment information.

[0132] Typically, the payment information extracted from decrypted QR code image are merchants basic account details and due amount to be paid by consumer.

[0133] The payment information is now displayed on consumer's mobile payment application.

[0134] The consumer then verifies payment information and finally sends payment authorization message to payment server 104b for further processing. The payment authorization message is sent from consumer's mobile payment application to the payment server 104b through the internet 105 using Secure Sockets Layer (SSL) connections.

[0135] The payment server 104b receives the payment authorization message from consumer's mobile payment application and processes it. [0136] The payment server 104b, verify account details and status of both merchant and consumer. Thereafter, the payment server 104b, check available fund in consumers account and finally complete the transaction by transferring the due amount into merchant's account instantly.

[0137] After completing the transaction(s), the payment server 104b send payment confirmation/notification message to both consumer and merchant.

[0138] Typically, the payment confirmation/notification message is sent from payment server 104b to merchant's POS terminal 106b or consumer's mobile terminal 107 via secured internet connection as an electronic message.

[0139] The payment confirmation/ notification message is received by merchant's POS terminal and triggers the inbuilt thermal printer to print the payment receipt which may be given to consumer.

[0140] The payment confirmation/notification message may also be sent from payment server 104b to consumer's mobile terminal 107 through the Global System for Mobile (GSM) Communication Network as Short Message Service (SMS).

[0141] In summary, a mobile terminals payment method using encrypted QR code according to the second embodiment of the present invention explained in FIG. 5 can be illustrated using flowchart shown in FIG. 6

[0142] The methods begin at step 110a for a consumer to invoke and log in to mobile payment application installed in his mobile terminal 107.

[0143] At step 115b, merchant input transaction amount on his POS terminal 106b and then request for QR code image from QR code server 102b.

[0144] At step 120b, the QR code server 102b sends encrypted QR code image to merchant's POS terminal.

[0145] At step 125a, the merchant's POS terminal 106b receives and displays the encrypted QR code image then waits for consumer to scan.

[0146] At step 130b, the consumer scans the QR code image with camera in his mobile terminal 107.

[0147] At step 135b, the consumer's mobile payment application decrypts the scanned QR code image and captures the merchant's payment details.

[0148] At step 140b, the consumer authorizes payment to the merchant.

[0149] At step 145b, the payment server 104b verify fund in consumers account and approve payment to merchant account instandy.

[0150] At step 150b, the payment server 104b sends transaction/payment notification to both consumer and merchant.

[0151] FIG. 7A illustrates an overall configuration of a payment method which can be implemented in performing payment(s) with merchants website using encrypted QR code according to a third embodiment of the present invention.

[0152] The payment method in FIG. 7A according to the present invention includes a merchant's online checkout page 106c, consumer mobile terminal 107, internet 105 and payment processing system 101.

[0153] Furthermore, the payment processing system 101 according to the present invention is elaborated in FIG 7B and typically it comprises QR code server 102c, authentication server 103c and payment applications server 104c.

[0154] Furthermore, the merchants online checkout page 106c according to the present invention is illustrated in FIG 7B.

[0155] The merchant's online checkout page 106c illustrated in FIG 7B displays the encrypted QR code image containing payment(s) information. [0156] The website payment method using encrypted QR code according to the third embodiment of the present invention is described below with reference to FIG. 8

[0157] When a consumer (not shown) choose to pay in merchant website using his mobile terminal 107, he first generate payment details by selecting item(s) and fill the online checkout page 106c found in merchants website. The generated payment details typically include the total amount that a consumer is about to pay for good(s) or service(s) in merchant's website.

[0158] The generated payment details are then combined with unique merchant identification (ID) number (stored in secure area found in merchant's web server) and sent as request message by consumer from merchants website through the internet 105 using Secure Sockets Layer (SSL) connections to the QR code server 102c requesting for QR code generation.

[0159] After receiving the request, the QR code server 102c process the request and reply with encrypted QR code image sent over the internet 105 using Secure Sockets Layer (SSL) connection to merchants website.

[0160] The encrypted QR code image typically contains merchants basic account details (with reference to unique merchant ID) and due amount to be paid by consumer.

[0161] The encrypted QR code image is displayed on merchant's website.

[0162] Thereafter, the consumer invokes mobile payment application installed in his mobile terminal 107 and request for user authentication by entering his unique password. The mobile payment application then encrypts the password and sends message to authentication server 103c via secured internet 105 connections.

[0163] The authentication server 103c receive the request from consumer's mobile terminal 107, process the request by verifying user authentication and send approval/ reply message to consumer's mobile terminal 107 to open the mobile payment application. The reply from authentication server 103c to consumer's mobile terminal 107 is through the internet 105 using Secure Sockets Layer (SSL) connection.

[0164] During this authentication process for consumer with mobile terminal 107, the QR code server 102c also updates the QR code decryption key(s) to consumer mobile payment application. The QR code decryption key(s) are sent from QR code server 102c to consumer mobile payment application through the internet 105 using Secure Sockets Layer (SSL) connection.

[0165] The QR code decryption key(s) sent from QR code server 102c are stored temporarily in secure area within the consumer's mobile payment application.

[0166] The authentication request message(s) from consumer's mobile terminal 107 and the authorization approval/reply message(s) from authentication server 103c may comply with ISO (International Organization for Standardization) 8583 which is a standard for systems that exchange electronic transaction(s) data originated from card(s).

[0167] The consumer mobile payment application is also integrated with QR code reader application. The QR code reader application utilize built in camera functionality found in most smart devices (e.g. smart phone(s), tablet PC's or PDA's) to read/ extract information kept in QR codes images.

[0168] Now the consumer has logged in his mobile payment application.

[0169] The consumer's mobile payment application may be named as virtual payment token or virtual smart card.

[0170] To authorize payment(s), a consumer use his mobile payment application to scan the encrypted QR code image displayed on merchants website.

[0171] Using decryption key(s) updated from QR code server 102c, the consumer mobile payment application decrypt the QR code image and read/ extract payment information. [0172] Typically, the payment information extracted from decrypted QR code image are merchants basic account details and due amount to be paid by consumer.

[0173] The payment information is now displayed on consumer's mobile payment application.

[0174] The consumer then verifies payment information and finally sends payment authorization message to payment server 104c for further processing. The payment authorization message is sent from consumer's mobile payment application to the payment server 104c through the internet 105 using Secure Sockets Layer (SSL) connections.

[0175] The payment server 104c receives the payment authorization message from consumer's mobile payment application and processes it.

[0176] The payment server 104c, verify account details and status of both merchant and consumer. Thereafter, the payment server 104c, check available fund in consumers account and finally complete the transaction by transferring the due amount into merchant's account instandy.

[0177] After completing the transaction(s), the payment server 104c send payment confirmation/notification message to both consumer's mobile terminal 107 and merchant web server.

[0178] Typically, the payment confirmation/ notification message is sent from payment server 104c to merchant's web server or consumer's mobile terminal 107 via secured internet connection as an electronic message. The payment confirmation/notification may also be sent from payment server 104c to consumer's mobile terminal 107 through the Global System for Mobile (GSM) Communication Network as Short Message Service (SMS).

[0179] In summary, the website payment method using encrypted QR code according to the third embodiment of the present invention explained in FIG. 8 can be illustrated using flowchart shown in FIG. 9

[0180] The methods begin at step 110c for consumer to visit merchant's website, select item(s) to order, fill the online checkout page 106c and then generate payment details.

[0181] At step 115c, the consumer request for QR code from QR code server 102c.

[0182] At step 120c, the QR code server 102c sends encrypted QR code image to merchant's website.

[0183] At step 125c, the merchant's website receives and displays the encrypted QR code image then waits for consumer to scan.

[0184] At step 130c, the consumer scans the QR code image with camera in his mobile terminal 107.

[0185] At step 135c, the consumer's mobile payment application decrypts the scanned QR code image and captures the merchant's payment details.

[0186] At step 140c, the consumer authorizes payment to the merchant.

[0187] At step 145c, the payment server 104c verify fund in consumers account and approve payment to merchant account instandy.

[0188] At step 150c, the payment server 104c sends transaction/payment notification to both consumer and merchant.

[0189] FIG. 10A illustrates an overall configuration of a payment method which can be implemented in performing payment(s) with consumers physical payment token using encrypted QR code according to a fourth embodiment of the present invention.

[0190] The payment method in FIG. 10A according to the present invention includes a merchant's mobile terminal 106d, consumers physical payment token 108, internet 105 and payment processing system 101. [0191] Furthermore, the payment processing system 101 according to the present invention is elaborated in FIG 10B and typically it comprises authentication server 103d and payment applications server 104d.

[0192] Furthermore, the consumers physical payment token 108 according to the present invention is illustrated in FIG 10B.

[0193] The physical payment token 108 illustrated in FIG 10B displays the encrypted QR code image 108e which contains consumers basic account details. Typical account details found in the QR code image are; consumers full name, Payment Account Number (PAN), payment card expiry date and national identity card number of consumer.

[0194] The physical payment token 108 illustrated in FIG 10B also displays the consumers Payment Account Number (PAN) 108b, consumers full name 108c and payment card expiry date 108d.

[0195] The physical payment token 108 illustrated in FIG 10B is also built with integrated circuits 108a which are programmed to store monetary value (offline balance). The stored value can be used for "contactless" payments.

[0196] The integrated circuits 108a found in the physical payment token 108 may be compatible with IS014443A & B standards and comply with ISO 14443 parts 1 , 2, 3 and 4.

[0197] The method of using physical payment token 108 with encrypted QR code on it for payment(s) according to the fourth embodiment of the present invention is described below with reference to FIG. 11

[0198] When a consumer (not shown) choose to pay by his physical payment token 108 at a merchant store, a merchant (not shown) invoke mobile payment application installed in his mobile terminal 106d. Merchant then request for user authentication by entering his unique password in mobile payment application. The mobile payment application then encrypts the password and sends message to authentication server 103d via secured internet 105 connections.

[0199] The authentication server 103d receive the request message from merchant's mobile terminal 106d, process the request by verifying user authentication and send approval/reply message to merchant's mobile terminal 106d to open the mobile payment application. The reply from authentication server 103d to merchant's mobile terminal 106d is through the internet 105 using Secure Sockets Layer (SSL) connection.

[0200] Now the merchant has logged in his mobile payment application.

[0201] The merchant's mobile payment application is built with unique QR code decryption key(s) which is stored in secure area within the application.

[0202] The merchant's mobile payment application is also integrated with QR code reader application. The QR code reader application utilize built in camera functionality found in most smart phones to read/extract information kept in QR codes images.

[0203] The merchant's mobile payment application is also built with receipt printing feature. It utilizes the built in wireless communication technologies found in most smart devices (e.g. smart phone(s), tablet PC's or PDA's) to send print request to wireless thermal printer(s).

[0204] Typical example of wireless communication technology used by smart devices and thermal printer(s) is Bluetooth ^® .

[0205] To initiate payment(s), merchant generates payment details using mobile payment application in his mobile terminal 106d. The generated payment details typically include the total amount that a consumer is about to pay for good(s) or service(s) at merchant's store.

[0206] Thereafter, the merchant request for physical payment token 108 from consumer which contain encrypted QR code. [0207] The merchant then scan the encrypted QR code image displayed on consumers physical payment token 108 using his mobile payment application.

[0208] The merchant's mobile payment application decrypts the QR code image and read/extract consumer's information using decryption key(s) stored securely in the mobile payment application.

[0209] Typically, the information extracted from decrypted QR code image is consumer's basic account details.

[0210] The generated payment details and consumers basic account details are then combined with unique merchant identification (ID) number (stored in secure area found in merchant's mobile payment application) and sent as transaction request message from merchants mobile terminal 106d through the internet 105 using Secure Sockets Layer (SSL) connections to the payment server 104d.

[0211] The payment server 104d receives the transaction request message from merchant's mobile payment application and processes it.

[0212] The payment server 104d, verify account details and status of both merchant and consumer. Thereafter, the payment server 104d, check available fund in consumers account and send transaction approval/ decline message to merchants mobile payment application.

[0213] The transaction approval/decline message is sent from payment server 104d to merchant's mobile payment application through the internet 105 using Secure Sockets Layer (SSL) connections.

[0214] The merchant's mobile payment application receives the transaction approval/ decline message from payment server 104d.

[0215] The transaction approval message received from payment server 104d triggers the merchant's mobile payment application to request for payment authorization from consumer.

[0216] The consumer then enters his unique password in merchant's mobile payment application to authorize payment.

[0217] The consumer's payment authorization message is then sent from merchant's mobile payment application to authentication server 103d through the internet 105 using Secure Sockets Layer (SSL) connections.

[0218] The authentication server 103d receives the consumer's payment authorization message from merchant's mobile payment application and processes it.

[0219] The authentication server 103d, verify consumer's payment authorization then send approval message to payment server 104d.

[0220] Finally, the payment server 104d completes the transaction by transferring the due amount into merchant's account instantly.

[0221] After completing the transaction(s), the payment server 104d send payment confirmation/notification message to merchant's mobile payment application.

[0222] Typically, the payment confirmation/ notification message is sent from payment server 104d to merchant's mobile terminal 106d via secured internet connection as an electronic message.

[0223] The merchant may then use the receipt printing feature found in his mobile payment application to print payment receipt for consumer.

[0224] The payment receipt is printed on wireless thermal printer (not shown) and given to consumer.

[0225] The payment confirmation/ notification message may also be sent from payment server 104d to merchant's mobile terminal 106d through the Global System for Mobile (GSM) Communication Network as Short Message Service (SMS).

[0226] In summary, the payment method using of using physical payment token with encrypted QR code on it according to the fourth embodiment of the present invention explained in FIG. 11 can be illustrated using flowchart shown in FIG. 12 [0227] The methods begin at step HOd for a merchant to invoke and log in to mobile payment application installed in his mobile terminal 106d.

[0228] At step 115d, the merchant generate payment details using his mobile payment application and then request for physical payment token 108 from consumer.

[0229] At step 120d, the consumer provide the physical payment token 108 having basic account details encrypted in QR code image.

[0230] At step 125d, the merchant scans the encrypted QR code image with camera in his mobile terminal 106d.

[0231] At step 130d, the merchant's mobile payment application decrypts the scanned QR code image and captures the consumer's basic account details.

[0232] At step 135d, the merchant send request to payment server 104d for transaction approval or decline.

[0233] At step 140d, the payment server 104d check consumers account status & available fund then send transaction approval/decline notification to merchant's mobile payment application.

[0234] At step 145d, the merchant requests for consumer's password to authorize payment.

[0235] At step 150d, the consumer enters password to authorize payment.

[0236] At step 155d, the payment server 104d, verify & approve payment(s) to merchant's account instantly.

[0237] At step 160d, the payment server sends payment confirmation to merchant's mobile payment application which then prints payment receipt through wireless thermal printer and finally the receipt is given to consumer.