The invention relates to the field of payment devices. More particularly, the invention relates to a method and a system for watching the use of payment devices or placing such use under surveillance.
In the past decade, e-commerce has experienced significant expansion. In particular, it is a powerful engine of growth in many industrialized countries. To make payment through e-commerce sites, customers are predominantly using credit cards. Although users are increasingly better informed on the security of e-commerce sites, especially when making payment, the amounts involved in bank card fraud every year are constantly increasing. In this bank card fraud, electronic fraud now amounts to more than three quarters of the total figure.
It has indeed become frequent to read press reports about theft from databases containing credit-card numbers and about the exposure of millions of credit-card numbers to fraudulent uses. Besides, there are Internet sites that are used as exchanges for the purchase and sale of stolen credit-card numbers.
At present, there are technical solutions to combat these data thefts. These solutions are generally based on the encryption of bank-card data in servers and on controls over access to this bank-card data. These solutions are different from the ones in which the transaction is encrypted at the time of payment. Indeed, although very many sites implement encryption solutions at the time of the transaction, the number of sites that protect data stored after the transaction has been made is relatively small.
Indeed, these solutions are costly and discourage certain commercial sites.
Thus, at the present time, a person who discovers that his or her credit card number has been misused can make a complaint and ask for the replacement of his credit card from the credit-card issuer. However, no solution is provided to the original problem. Thus, the card issuer cannot know when and where the bank-card data was misused. There are many solutions for tracking the use of credit cards. These solutions are generally intended for credit institutions and payment service providers. They work on the basis of bank authorizations which are required from the institution to validate a given transaction. More particularly, when a transaction exceeds a predetermined amount, an authorization is required from the credit institution in order to continue or not continue the transaction. It is therefore possible to detect the use of bank cards if the predetermined amount is exceeded. However, this solution is limited because it does not enable the detection of transactions whose amount is smaller than the authorized amount. This solution besides does not offer the possibility of detecting a source of fraud.
There is therefore a need to provide a solution to this problem in order to provide bank card issuers with the means to trace the source of thefts of bank-card data and combat the networks that distribute such data.
The proposed technique resolves at least a part of these problems. More particularly, the proposed technique pertains to a system for processing data for surveillance bank cards. Such a system comprises:
According to one particular embodiment, the module for introducing inputs a list of data for surveillance bank cards to be inserted, this list comprising records of data for surveillance bank cards, each record comprising at least one bank card number and a date of expiry in the year/month format.
According to one particular characteristic, each record further comprises a ceiling on the amount of a unit transaction and an overall ceiling.
According to one particular characteristic, said module for introducing comprises means of connection, by means of a pre-defined connection interface, to a bank-card database of said platform for payment by bank card.
According to one particular embodiment, said surveillance module comprises means of connection, by means of a pre-defined connection interface, to at least one transaction server of a payment service provider and means for controlling the use of bank-card data, by means of data obtained through these connection means.
According to one particular characteristic, said means for controlling comprise:
According to one particular characteristic, said means of verification further comprise means for obtaining at least one piece of complementary data associated with the use of said bank cards.
According to one particular embodiment, said piece of complementary data belongs to the group comprising:
The technique described also relates to a method for processing data for surveillance bank cards in a system as described here above. Such a method comprises:
According to a preferred implementation, the different steps of the methods according to the invention are implemented by one or more software programs or computer programs comprising software instructions intended for execution by a data processor of a relay module according to the invention and being designed to command the execution of the different steps of the method.
As a consequence, the invention also concerns a program that can be executed by a computer or by a data processor, this program comprising instructions to command the execution of the steps of a method as mentioned here above.
This program can use any programming language whatsoever and can be in the form of source code, object code or intermediate code between source code and object code such as in a partially compiled form, or in any other requisite form whatsoever.
The invention also relates to an information carrier readable by a data processor and comprising the instructions of a program as mentioned here above.
The information carrier can be any entity or device whatsoever capable of storing the program. For example, the carrier can comprise a storage means such as a ROM for example, a CD ROM or a microelectronic circuit ROM or again a magnetic recording means, for example a floppy disk or a hard disk drive.
Besides, the information carrier can be a transmissible carrier such as an electrical or optical signal which can be conveyed via an electrical or optical cable, radio or other means. The program according to the invention can in particular be uploaded to an Internet type network.
As an alternative, the information carrier can be an integrated circuit into which the program is incorporated, the circuit being adapted to executing or being used to execute the method in question.
According to one embodiment, the invention is implemented by means of software and/or hardware components. In this respect, the term “module” can correspond in this document equally well to a software component as to a hardware component or to a set of hardware and software components.
A software component corresponds to one or more computer programs, one or more sub-programs of a program or more generally to any element of a program or a software program capable of implementing a function or a set of functions according to what is described here below for the module concerned. Such a software component is executed by a data processor of a physical entity (terminal, server, gateway, router, etc) and is capable of accessing the hardware resources of this physical entity (memories, recording media, communications buses, input/output electronic boards, user interfaces, etc).
In the same way, a hardware component corresponds to any element of a hardware assembly capable of implementing a function or a set of functions according to what is described here below for the module concerned. It may be a programmable hardware component or a component with an integrated processor for the execution of the software, for example an integrated circuit, a smartcard, a memory card, an electronic card for executing firmware, etc.
Each component of the system described here above of course implements its own software modules.
The different embodiments mentioned here above can be combined with one another to implement the invention.
Other features and advantages of the invention shall appear more clearly from the following description of a preferred embodiment given by way of a simple, illustratory and non-exhaustive example and from the appended drawings, of which:
5.1. Reminder of the General Principle of the Invention
As explained here above, the proposed technique is based on a creation and an injection, into the processing circuit, of data for surveillance bank cards specifically prepared for use for purposes of tracking. More particularly, the proposed invention relies on the tracking of transactions carried out by means of said bank-card data.
The proposed technique provides means for a bank-card issuer to place the e-commerce sites under active surveillance and detect whether a theft, an infringement of security rules or any other fraudulent behavior has occurred.
Besides, this surveillance can be carried out without approaching the administrators of the sites or platforms of services under surveillance or under watch. The proposed technique can also be used to verify and infiltrate fraudulent sites. More particularly, the proposed technique can be used to trace the location of fraudulent operations when these operations occur.
To this end, the proposed technique, described with reference to
The pieces of bank-card data of the list (ListDC) inserted into a website are saved in a tracking database (BDD). Such a system also comprises a surveillance module (MS). This module makes it possible to track the activity of the previously introduced data for surveillance bank cards. It is interfaced with the tracking database (BDD) comprising bank data inserted by the introduction module. It is in charge of accepting or rejecting the use of the bank cards. It is also in charge of recording, within the lists and tables of this database (BDD), successive uses of the data of bank cards, in the form of tracking record (EnrSuiv). A tracking record (EnrSuiv) comprises for example a date of use of the card, a business identifier or website identifier at which the data has been used, a transaction amount, an IP address of the website at which the data has been used and/or a physical address of a business at which the data has been used. The surveillance module (MS) is interfaced by means of a pre-defined interface (Ipd2) with at least one server of a payment services provider (FSP) (a bank transaction server for example) to receive, from this provider, data on the transactions using bank cards. According to a first possibility, the surveillance module MS is interposed with the FSP server and “sees” all the transactions that use bank-card data. According to a second embodiment, the surveillance module receives only transactions on bank-card data inserted into the platform for payment by bank card (PFP). This second possibility is simpler to implement. However, it requires the communicating of the list of data inserted into the FSP server. In one particular embodiment, the surveillance module (MS) is directly integrated into the FSP server. The surveillance module (MS) includes a control module (MC) for the use of the bank data. This control module (MC) comprises:
The system furthermore comprises an analysis module (MIA). This analysis module comprises a sub-module for identifying commerce sites in which data theft has been recorded (SMIS) and a correlation sub-module (SMC). This correlation sub-module combines the uses of different pieces of bank-card data that are listed in the tracking records in order to determine an origin of use and a pattern of use or theft.
5.2. Description of One Embodiment
In this embodiment, described with reference to
These pieces of bank card data are then injected (200) into e-commerce databases (BDc) (such as merchant websites) by the insertion module. This can be done by one of the following two methods, using two different predefined interfaces for the insertion of data:
In the former case, the cards are used to make purchases in online stores which are under surveillance or under watch. This is done by using the APIs (application programming interfaces) or web interfaces of the sites that are under surveillance or under watch.
In the latter case, a merchant's site receives a list of payment data to be inserted and this list is injected into the database of the e-commerce site itself.
An alert (A) is created (300) in the issuer's system by means of the surveillance module (MS). This alert is triggered by any subsequent use of this card data. If an alert is triggered, then steps can be taken first of all to identify a breach in the electronic commerce site and secondly to warn the competent authorities. The e-commerce site concerned can then be notified and the manner in which the infringement has occurred can then be investigated.
5.3. Description of a Second Embodiment
In this embodiment, the proposed technique takes the form of the creation of a set of fictitious data for surveillance bank cards. In this embodiment, the numbers generated cannot be used to make transactions; these numbers are thus rejected by the credit institution or by the issuing organization depending on the transaction validating architecture used.
The advantage of this embodiment is that it makes it possible to detect an “attempt” to use a card without the need to make available funds (real goods) serving to detect fraudulent activity.
To enable the injection of these fictitious numbers into the information system of an online commerce site, two different methods can be used. In the first method, this data is directly inserted into the database of the online commerce site. This however requires that the administrators and the managers of this online commerce site should cooperate to carry out this insertion. On the one hand it is not certain that the administrators and the managers will agree to this approach and, on the other hand, this method makes it an obligation to furnish this data to third parties (the administrators and the managers) who could be implicated in the theft of this data.
In another more discreet method, a request is made for the cooperation of the credit institution with which the bank-card data is recorded. Indeed, a “bank code” is routinely included among the pieces of data of a bank card. This bank code designates the credit institution (or payment institution) that is the owner of the card. The idea is to inform the institution in question that the pieces of fictitious bank-card data are associated with it and to request this institution for temporary authorization with respect to these pieces of fictitious data. Thus, the fictitious data can be injected into the system by means of orders for goods and services. To avoid having to spend excessively large sums of money with the merchants under surveillance or under watch, these orders for goods and services can be routinely cancelled after they are made: thus, the data is present in the system without any need to spend money.
5.4. Description of a Case of Use
In this case of use, a robotic system that is entrusted with the data for surveillance bank cards on the one hand and the electronic commerce sites on the other hand, distributes data for surveillance bank cards to these electronic commerce sites. In this case of use, the pieces of bank-card data are distributed linearly between the sites to be put under surveillance or under watch (there is no probabilistic implementation). The system uses pre-programmed actions to make a search, on each site to be put under surveillance or under watch, for one or more articles of a value lower than the predetermined amount. This is done by pre-programming a certain number of actions in a man/machine interface-handling automaton. Naturally, this can also be done by hand, by a data entry operator. The main characteristic of this distribution is that a given bank-card number is used only once for a given website.
The robotic system (or data entry operator) inserts the following into a tracking database: pieces of bank data, the date on which they have been used, the website on which they have been used and the supplies purchased. The pieces of inserted bank data are then eliminated from the list of bank data available for insertion.
Working continuously, in being linked or not linked with a payment file of the banking institutions, the system identifies the fraudulently used pieces of bank data among the bank data of the tracking database. When a purchase is identified with pieces of bank data coming from the tracking database, the system creates a list of operations made with these pieces of bank-card data. The operations are identified by their date and time, the name of the business with which the operations are made (physical business entity, online business entity). The pieces of data that are also saved are the amount of the transaction, the business entity's transaction reference and the country in which the business entity is located (when this piece of data is accessible). When this piece of data is not accessible, there is an additional step for making a search, in one or more databases, for the domain name associated with the merchant with whom the fraudulent action has been performed in order to identify the owner of the domain name associated with the merchant and associate a country with this domain name. When the pieces of bank data are not used with an online merchant, the additional search step is carried out among names of business firms.
In this case of use, when one number in the list of numbers under surveillance has been used, then:
Thus, taking the second assumption, when a request for authorization before payment is requested, the system:
In a complementary manner, when a total outstanding amount is reached on a card under surveillance, the data of the card is invalidated.
The system also continuously carries out an analysis of the tracking data. The purpose of this analysis is, on the one hand, to identify the online business site or sites that have been subjected to a theft of banking data. Through the technique of the invention, this is a simple operation since it entails verifying the number of operations performed in each tracking list associated with the banking data and then identifying the website in which this data has been used. The website in question can be alerted as soon as the second use is identified so that it takes security steps as soon as possible.
When the card data is not immediately invalidated, subsequent to the second use of these cards, the system implements an analysis module in which the transactions are time-stamped and, as far as possible, localized (using especially the IP address of the transaction sender). This module delivers a map of use of the bank-card data.
5.5. Other Features and Advantages
Referring to
These means are driven by the microprocessor using the program loaded into the memory of the terminal. Depending on the embodiments, the system also comprises other means used to carry out exchanges with one or more bank servers such as means for blocking bank-card data.
Number | Date | Country | Kind |
---|---|---|---|
13 62191 | Dec 2013 | FR | national |
Number | Name | Date | Kind |
---|---|---|---|
6029154 | Pettitt | Feb 2000 | A |
6363363 | Haller | Mar 2002 | B1 |
7096192 | Pettitt | Aug 2006 | B1 |
20010044787 | Shwartz | Nov 2001 | A1 |
20020091646 | Lake | Jul 2002 | A1 |
20020178071 | Walker | Nov 2002 | A1 |
20030009426 | Ruiz-Sanchez | Jan 2003 | A1 |
20030233278 | Marshall | Dec 2003 | A1 |
20040039686 | Klebanoff | Feb 2004 | A1 |
20040243478 | Walker | Dec 2004 | A1 |
20050246292 | Sarcanin | Nov 2005 | A1 |
20060080230 | Freiberg | Apr 2006 | A1 |
20060236395 | Barker | Oct 2006 | A1 |
20060237531 | Heffez | Oct 2006 | A1 |
20070250441 | Paulsen | Oct 2007 | A1 |
20070288394 | Carrott | Dec 2007 | A1 |
20080040275 | Paulsen | Feb 2008 | A1 |
20080288405 | John | Nov 2008 | A1 |
20080319914 | Carrott | Dec 2008 | A1 |
20090102712 | Heffez | Apr 2009 | A1 |
20090307028 | Eldon | Dec 2009 | A1 |
20100106611 | Paulsen | Apr 2010 | A1 |
20100327056 | Yoshikawa | Dec 2010 | A1 |
20110125638 | Davis | May 2011 | A1 |
20110246372 | Zloth | Oct 2011 | A1 |
20110270752 | Neto | Nov 2011 | A1 |
20120101930 | Li | Apr 2012 | A1 |
20120101938 | Kasower | Apr 2012 | A1 |
20120130853 | Petri | May 2012 | A1 |
20120136704 | Carlson | May 2012 | A1 |
20120158590 | Salonen | Jun 2012 | A1 |
20120173570 | Golden | Jul 2012 | A1 |
20120203632 | Blum | Aug 2012 | A1 |
20130117186 | Weinstein | May 2013 | A1 |
20130332344 | Weber | Dec 2013 | A1 |
20140032410 | Georgiev | Jan 2014 | A1 |
20140137199 | Hefetz | May 2014 | A1 |
20140162598 | Villa-Real | Jun 2014 | A1 |
20140330713 | Isaacson | Nov 2014 | A1 |
20140330729 | Colangelo | Nov 2014 | A1 |
20150248664 | Makhdumi | Sep 2015 | A1 |
Number | Date | Country |
---|---|---|
2009055785 | Apr 2009 | WO |
Entry |
---|
French Search Report dated Jun. 2, 2014 for corresponding French Patent Application No. 1362191, filed Dec. 5, 2013. |
Shujun Li et. al.: “A novel anti-phishing framework based on honeypots”, ECRIME Researchers Summit, 2009. ECRIME '09, IEEE, Piscataway, NJ, USA, Sep. 20, 2009 (Sep. 20, 2009), pp. 1-13, XP031572065. |
Number | Date | Country | |
---|---|---|---|
20150161744 A1 | Jun 2015 | US |