[01] The present disclosure relates, generally, to the field of mobile communications and computer processing and more particularly, to a system and a method for providing an off-line banking application implemented on a client device or GSM feature phones. More specifically, it relates to a system and method for providing an off-line banking application for usage in client devices, as GSM feature phones, enabling person-to-person (P2P) and person-to-merchant (P2M) transactions utilizing unstructured supplementary service data (USSD).

BACKGROUND OF THE INVENTION
[02] With the advent of technology, the necessity of physically going to a bank in order to have access to monetary amounts has declined and now online banking has been made available to general public with direct bank-to-bank payments. Recently, we have also experienced the ease of accessing monetary amounts at the click of a button with smart-phones, although the same has to be ensured in a safe manner so that crucial details regarding bank accounts do not fall into the wrong hands or be misused.

[03] However, as the technological advancement has been progressing with new pieces of technology, all client devices, majorly smart-phones, and little to no work has been done with older versions of the mobile phone device including GSM feature phones, which are increasingly utilized by people globally. For GSM Feature phones, the initial technologies were SMS-based (Short message service) and the technology being used for banking in GSM phones has now evolved to other techniques as well.

[04] The currently available systems providing banking facilities are erroneous, continuously log out of sessions, require multiple steps for achieving menial tasks, are limited in making monetary transactions. In such, the currently available systems fail to provide the technical advancement for banking facilities available on smart-phones to GSM feature phones in a way that users would be able to benefit from the same.

[05] Understandably, providing banking facilities on a GSM feature phone does pave way to a unique set of challenges: both hardware-based as well as software-based. GSM phones may sometimes have limited internet connectivity; the developed system must provide the benefits of online banking on an off-line portal.

[06] Due to the complex parameters and effort required in assimilating off-line banking systems for GSM feature phones, there exists a need for developing a system and method for providing an off-line banking application implemented on GSM feature phones which allows GSM phone users to avail the benefits of advanced banking, providing them a quick and easier access to their bank accounts while maintaining quality security parameters. Further, there is a need of a system and method for providing an off-line banking application implemented on GSM feature phones, which utilize advanced security and encryption features.

SUMMARY OF THE INVENTION
[07] This summary is provided to introduce concepts related to systems and methods for an off-line banking application on a client device and the concepts are further described below in the detailed description. This summary is neither intended to identify essential features of the claimed subject matter nor is it intended for use in determining or limiting the scope of the claimed subject matter.

[08] In one implementation, a method for an off-line banking application on a mobile device is disclosed. The method comprising sending, by a processor, a request for initiating a first communication link with an operator server, wherein the request has banking credentials of a user, receiving, by the processor, the first communication link establishment confirmation from the operator server, wherein the operator server authenticates the banking credentials of the user before initiating the first communication link, and establishing, by the processor, a second communication link with a bank server as the expansion of the first communication link through the operator server, wherein the operator server initiates an USSD (unstructured supplementary service data) gateway to establish the second communication link with the bank server using the authenticated banking credentials of the user.

[09] In yet another implementation, the method enables the user to perform various transactional and non-transactional off-line banking activities using the mobile device.

[010] In yet another implementation, the method enables the user to access the bank server in an off-line mode.

[011] In yet another implementation, the method has the first communication link that establishes a session key.

[012] In yet another implementation, the method has the session key that is valid for one transaction.

[013] In yet another implementation, the method has the first communication link that is established utilizing unstructured supplementary service data (USSD).

[014] In yet another implementation, the method has the mobile device that sends the request for initiating the first communication link to the operator server using a base station.

[015] In yet another implementation, the method enables the operator server to use a root of trust, an OEM (original equipment manufacturer) certification, and a CSR certificate to authenticate the banking credentials of the user before initiating the first communication link.

[016] In one implementation, a method for an off-line banking application on an operator server is disclosed. The method comprising receiving, by a processor, a request for initiating a first communication link with a mobile device, wherein the request has banking credentials of a user, authenticating, by the processor, the banking credentials of the user before initiating the first communication link. Further, the method comprising, transmitting, by the processor, the first communication link establishment confirmation to the mobile device using the authenticated banking credentials of the user, and establishing, by the processor, a second communication link with a bank server as the expansion of the first communication link, wherein the operator server initiates an USSD (unstructured supplementary service data) gateway to establish the second communication link with the bank server using the authenticated banking credentials of the user.

[017] In yet another implementation, the method enables the user to perform banking activities through the second communication link.

[018] In yet another implementation, the method has the mobile device that sends the request for initiating the first communication link to the operator server using a base station.

[019] In one implementation, a system for an off-line banking application on a mobile device is disclosed. The system comprising a root module, to access a secure chip of the mobile device, wherein the secure chip is empowered with a root certificate having a root of trust to establish a public key, an OEM module, to access the secure chip, wherein the OEM access module has an OEM (original equipment manufacturer) certification of the secure chip using the root certificate. The system also comprises, a CSR module, to access the secure chip, wherein the CSR access module has a CSR certificate to ensure a unique and empowered identity of the secure chip using the OEM certification, and an authentication module, wherein the authentication module establishes a first communication link with an operator server using the CSR certificate and initiates an USSD (unstructured supplementary service data) gateway to establish a second communication link with a bank server using authenticated banking credentials of a user.

[020] In yet another implementation, the secure chip being a processor having firmware.

[021] In yet another implementation, the public key ensures security through cryptography.

[022] In yet another implementation, the original equipment manufacturer certification of the secure chip is unique and uses stored security certifications.

[023] In yet another implementation, the system comprises a fingerprint sensor module, wherein the fingerprint sensor module facilitates PIN-based authentication for unstructured supplementary service data transactions.

[024] In yet another implementation, the system comprises a QR module, wherein the QR module reads quick response (QR) codes using a mobile device camera.

[025] In yet another implementation, the system has the CSR module that contains the public key included in the certificate and uses a private key to generate a unique public private key pair as a session key.

[026] It is the primary object of the subject matter to provide a system and method for providing an off-line banking application on a client device implemented on a client device, such as a GSM feature phone, and may be used to enable person-to-person (P2P) and person to-merchant (P2M) transactions utilizing unstructured supplementary service data (USSD). The system and method for providing an off-line banking application implemented on a client device may be customized based on specific user requirements.

[027] It is the primary object of the subject matter to provide a system and method for providing an off-line banking application implemented on a client device may be utilized for making financial transactions including but not limited to sending money through a mobile number, QR code, UPI identification number, saved beneficiary settings, and IFSC code or account number. Additionally, the system and method for providing an off-line banking application implemented on a client device may also be utilized for making other financial transactions including but not limited to receiving money through a uniquely-generated QR code which links to a user’s bank account.

[028] It is the primary object of the subject matter to provide a system and method for providing an off-line banking application implemented on a client device may also be utilized for performing non-transactional banking activities including but not limited to checking balance in a specified bank account, viewing a user’s profile, managing transactions and viewing an account summary, and changing the UPI PIN for a specific bank account.
[029] It is the primary object of the subject matter to provide a system and method for providing an off-line banking application implemented on a client device may utilize additional features through hardware modifications including but not limited to the ability to scan QR codes through the modified camera or QR code reader, enhanced security and encryption features through the hardware chip as well as fingerprint based PIN authentication for USSD transactions through a fingerprint sensor.

[030] It is another object of the subject matter to provide a system and method for providing an off-line banking application implemented on a client device that reduces implementation costs, increases profitability, provides seamless environment, ease of access for users, increases the execution speed, enhances the application’s performance and enhances the application’s productivity.

[031] It is another object of the subject matter to provide a number of advantages depending on the particular aspect, embodiment, implementation and/or configuration.

[032] It is another object of the subject matter to provide a platform that can provide reliable execution, scalability, and value-added services, while controlling operating effort and costs.

[033] It is another object of the subject matter to efficiently manage numerous instances simultaneously, work in different regulatory requirements, enable resources to collaborate and work together closely, efficiently and collectively with user friendly interfaces.

[034] These and other implementations, embodiments, processes and features of the subject matter will become more fully apparent when the following detailed description is read with the accompanying experimental details. However, both the foregoing summary of the subject matter and the following detailed description of it represent one potential implementation or embodiment and are not restrictive of the present disclosure or other alternate implementations or embodiments of the subject matter.
BRIEF DESCRIPTION OF THE DRAWINGS
[035] A clear understanding of the key features of the subject matter summarized above may be had by reference to the appended drawings, which illustrate the method and system of the subject matter, although it will be understood that such drawings depict preferred embodiments of the subject matter and, therefore, are not to be considered as limiting its scope with regard to other embodiments which the subject matter is capable of contemplating. Accordingly:

[036] FIGURE.1 illustrates an environment of a system and method for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.
[037] FIGURE.2 illustrates a system diagram describing the working of an exemplary method for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[038] FIGURE.3 illustrates steps of an exemplary system for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[039] FIGURE.4 illustrates steps of another exemplary system for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.
[040] FIGURE.5 illustrates an exemplary system for securing an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[041] FIGURE.6 illustrates an exemplary flowchart of a method for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.
DETAILED DESCRIPTION OF THE INVENTION
[042] The following is a detailed description of implementations of the present disclosure depicted in the accompanying drawings. The implementations are in such detail as to clearly communicate the disclosure. However, the amount of detail offered is not intended to limit the implementations but it is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the present disclosure. While aspects of described systems and methods for off-line banking application on a client device can be implemented in any number of different computing systems, environments, and/or configurations, the embodiments are described in the context of the following exemplary system(s).

[043] The terms “a” and “an” herein do not denote a limitation of quantity, but rather denote the presence of at least one of the referenced item.

[044] The system and method for providing an off-line banking application implemented on GSM feature phones as discussed in the present disclosure may comprise of a hardware component, a software component, an operator server, a USSD or unstructured supplementary service data gateway and a bank server. further, the hardware component may comprise of a GSM feature phone onto which the system and method for providing an off-line banking application may be implemented, a hardware chip, a fingerprint sensor, and a modified camera or QR code reader. Furthermore, the software component may comprise of an off-line banking application, several software drivers compatible with the hardware elements such as the hardware chip, the fingerprint sensor, and the modified camera or QR code reader, a user interface module, an analyser module and an intelligence engine.

[045] The present disclosure provides a method and a corresponding system for an off-line banking application on a mobile device. The method comprising involves sending a request for initiating a first communication link with an operator server by a processor. The request has banking credentials of a user. The method receives the first communication link establishment confirmation from the operator server that authenticates the banking credentials of the user before initiating the first communication link and establishes a second communication link with a bank server as the expansion of the first communication link through the operator server. The operator server initiates an USSD (unstructured supplementary service data) gateway to establish the second communication link with the bank server using the authenticated banking credentials of the user.

[046] The present disclosure provides a method and a corresponding system for an off-line banking application on an operator server. The method receives a request for initiating a first communication link with a mobile device by a processor. The request has banking credentials of a user. The method authenticates the banking credentials of the user before initiating the first communication link and transmits the first communication link establishment confirmation to the mobile device using the authenticated banking credentials of the user. The method establishes a second communication link with a bank server as the expansion of the first communication link. The operator server initiates an USSD (unstructured supplementary service data) gateway to establish the second communication link with the bank server using the authenticated banking credentials of the user.

[047] The present disclosure provides a system for an off-line banking application on a mobile device. The system comprising a root module to access a secure chip of the mobile device. The secure chip is empowered with a root certificate having a root of trust to establish a public key. An OEM module, to access the secure chip, the OEM access module has an OEM (original equipment manufacturer) certification of the secure chip using the root certificate. The system also has a CSR module, to access the secure chip, the CSR access module has a CSR certificate to ensure a unique and empowered identity of the secure chip using the OEM certification, and an authentication module. The authentication module establishes a first communication link with an operator server using the CSR certificate and initiates an USSD (unstructured supplementary service data) gateway to establish a second communication link with a bank server using authenticated banking credentials of a user.

[048] FIGURE.1 illustrates an environment 100 of a system and method for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[049] It illustrates the working correlation of the various components of the exemplary system and method for providing an off-line banking application on a client device 104.

[050] In one implementation of the present disclosure, as shown in Figure.1, the system and method for providing an off-line banking application on a client device 104, and the encompassing components along with the co-relation of the encompassing components of the system and method for providing an off-line banking application is illustrated. The system and method for providing an off-line banking application system 106 comprises a hardware component, a software component, an operator server 112, an USSD or unstructured supplementary service data gateway 116 and a bank server 118. The system and method for providing an off-line banking application may also include a base station 108 or the base station 108 may be integrated in the operator server 112. The hardware component and the software component of the system and method for providing an off-line banking application is implemented on a client device 104, such as a GSM feature phone.

[051] Further, the hardware component may comprise of the GSM feature phone 104 onto which the system and method for providing an off-line banking application may be implemented, a hardware chip, a fingerprint sensor, and a modified camera or QR code reader. The GSM feature phone 104 may be an ordinary GSM feature phone or a modified GSM feature phone. Further, the hardware chip ensures advanced security and encryption features, the fingerprint sensor facilitates higher security for PIN-based authentication for Unstructured Supplementary Service Data transactions, and the modified camera or QR code reader easily reads Quick response (QR) codes.

[052] Additionally, the software component may comprise of the off-line banking application, several software drivers compatible with the hardware elements such as the hardware chip, the fingerprint sensor, and the modified camera or QR code reader, a user interface module, an analyser module and an intelligence engine. A user 102may access the off-line banking application as implemented on the GSM feature phone 104 via the user interface.

[053] The offline banking application may further utilize the analyser module to analyse data shared by the user, and the intelligence engine to overlook all activities being performed by the off-line banking application. Further, drivers compatible with the hardware elements such as the hardware chip, the fingerprint sensor, and the modified camera or QR code reader may be utilized to ensure appropriate functioning of the hardware elements such as the hardware chip, the fingerprint sensor, and the modified camera or QR code reader.

[054] As reflected in Figure.1, a first communication link 114 is established utilizing Unstructured Supplementary Service Data, which allows the initiation of a session key, which is only valid for one transaction albeit for the entire duration of one transaction thereby, when the communication link expires on the completion of the user transaction, all subsequent data including the user transaction data is deleted. The first communication link is established by sending a request from the user 102 using the client device 104 implemented with the off-line banking application system 106, to the base station 108. The base station 108 may forward the request to the operator server 112 using a network 110, which would authenticate banking credentials shared by the user 102 before initiating the first communication link.

[055] Once the banking credentials shared by the user 102 are authenticated, the operator server 112 sends a communication confirmation to the user 102 on the client device 104. Thereafter, the operator server 112 initiates the USSD (Unstructured Supplementary Service Data) Gateway 116 over a network 114 in order to expand the first communication link as a second communication link to include the bank server 118. Once the second communication link is established with the bank server 118, the user 102 may be able to perform various transactional and non-transactional banking activities through the system and method for providing an off-line banking application.

[056] Similar to the Short message service, USSD or Unstructured Supplementary Service Data is a Global System for Mobile Communications (GSM) protocol that is used to send text messages. It uses codes made up of the characters that are available on a mobile phone, establishing a real-time communication session between the phone and another device typically, a network or server. Once a connection session is established, there may be an instantaneous or near-instantaneous communication between a user and the bank server which allows a user to access relevant information.

[057] The system and method for providing an off-line banking application may be utilized for making financial transactions including but not limited to sending money through a mobile number, QR code, UPI identification number, saved beneficiary settings, and IFSC code or account number. Additionally, the system and method for providing an off-line banking application may also be utilized for making other financial transactions including but not limited to receiving money through a uniquely-generated QR code which links to a user’s bank account.

[058] Further, the system and method for providing an off-line banking application may also be utilized for performing non-transactional banking activities including but not limited to checking balance in a specified bank account, viewing a user’s profile, managing transactions and viewing an account summary, and changing the UPI PIN for a specific bank account.

[059] FIGURE.2 illustrates a system diagram 200 describing the working of an exemplary method for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[060] In one implementation, an off-line banking application system 106 implements a method for an off-line banking application on a client device 104, the system 106 includes a processor(s) 202, interface(s) 204, and a memory 206 coupled or in communication to the processor(s) 202. The processor(s) 202 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, and/or any devices that manipulate signals based on application environment migration instructions. Among other capabilities, the processor(s) 202 is configured to fetch and execute computer-readable instructions stored in the memory 206.

[061] Although the present disclosure is explained by considering a scenario that the system is implemented as an application on a device, the systems and methods can be implemented in a variety of computing systems. The computing systems that can implement the described method(s) include, but are not restricted to, mainframe computers, workstations, personal computers, desktop computers, minicomputers, servers, multiprocessor systems, laptops, tablets, SCADA systems, smart phones, mobile computing devices and the like.

[062] The interface(s) 204 may include a variety of software and hardware interfaces, for example, a web interface, a graphical user interface, etc., allowing the system 106 to interact with a user 102. Further, the interface(s) 204 may enable the system 106 to communicate with other computing devices, such as web servers and external data servers (not shown in figure). The interface(s) 204 can facilitate multiple communications within a wide variety of networks and protocol types, including wired networks, for example LAN, cable, etc., and wireless networks such as WLAN, cellular, or satellite. The interface(s) 204 may include one or more ports for connecting a number of devices to each other or to another server.

[063] A network used for communicating between all elements in the system 106 and outside the system 106 environment may be a wireless network, a wired network or a combination thereof. The network can be implemented as one of the different types of networks, such as intranet, local area network LAN, wide area network WAN, the internet, and the like. The network may either be a dedicated network or a shared network. The shared network represents an association of the different types of networks that use a variety of protocols, for example, Hypertext Transfer Protocol HTTP, Transmission Control Protocol/Internet Protocol TCP/IP, Wireless Application Protocol WAP, and the like, to communicate with one another. Further the network may include a variety of network devices, including routers, bridges, servers, computing devices. The network further has access to storage devices residing at a client site computer, a host site server or computer, over the cloud, or a combination thereof and the like. The storage has one or many local and remote computer storage media, including one or many memory storage devices, databases, and the like.

[064] The memory 206 can include any computer-readable medium known in the art including, for example, volatile memory (e.g., RAM), and/or non-volatile memory (e.g., EPROM, flash memory, etc.). In one embodiment, the memory 206 includes module(s) 208 and system data 240. The system data 240 has access to databases 244a, and 244b that can store modules data or related data.

[065] The modules 208 further includes an authentication module 210, a root module 212, an OEM module 214, a CSR module 216, a sensor module 218, a QR module 220, and other modules 222.

[066] In one implementation, the authentication module 210executesa method for an off-line banking application on a mobile device 104, by sending, by a processor 202, a request for initiating a first communication link with an operator server 112, the request has banking credentials of a user. The method receives, by the processor 202, the first communication link establishment confirmation from the operator server 112, the operator server 112 authenticates the banking credentials of the user before initiating the first communication link. The method establishes, by the processor 202, a second communication link with a bank server as the expansion of the first communication link through the operator server 112, the operator server 112 initiates an USSD (unstructured supplementary service data) gateway to establish the second communication link with the bank server 118 using the authenticated banking credentials of the user 102.

[067] The authentication module 210 enables the user 102 to perform various transactional and non-transactional off-line banking activities using the mobile device 104 and enables the user 102 to access the bank server 118 in an off-line mode. The authentication module 210 has the first communication link that establishes a session key that is valid for one transaction. The method has the first communication link that is established utilizing unstructured supplementary service data (USSD) and the method has the mobile device 104 that sends the request for initiating the first communication link to the operator server 112 using a base station 108. Further, the method enables the operator server 112 to use a root of trust, an OEM (original equipment manufacturer) certification, and a CSR certificate to authenticate the banking credentials of the user 102 before initiating the first communication link.

[068] The authentication module 210 executes a method for an off-line banking application on an operator server 112 is disclosed. The method receives, by a processor 202, a request for initiating a first communication link with a mobile device104, the request has banking credentials of a user 102. The method authenticates, by the processor 202, the banking credentials of the user 102 before initiating the first communication link. Further, the method comprising, transmitting, by the processor 202, the first communication link establishment confirmation to the mobile device 104 using the authenticated banking credentials of the user 102. The method establishes, by the processor 202, a second communication link with a bank server as the expansion of the first communication link, the operator server 112 initiates an USSD (unstructured supplementary service data) gateway 116 to establish the second communication link with the bank server 118 using the authenticated banking credentials of the user 102.

[069] The method enables the user to perform banking activities through the second communication link and the method has the mobile device 104 that sends the request for initiating the first communication link to the operator server 112 using a base station 108.An authentication module 210 that establishes a first communication link with an operator server 112 using the CSR certificate and initiates an USSD (unstructured supplementary service data) gateway 116 to establish a second communication link with a bank server 188 using authenticated banking credentials of a user 102.

[070] In one implementation, the root module 212accesses a secure chip 510 of the mobile device 104. The secure chip 510 is empowered with a root certificate having a root of trust to establish a public key.

[071] In one implementation, the OEM module 214 accesses the secure chip 510. The OEM access module 214 has an OEM (original equipment manufacturer) certification of the secure chip 510 using the root certificate.

[072] In one implementation, the CSR module 216 accesses the secure chip 510. The CSR access module 216 has a CSR certificate to ensure a unique and empowered identity of the secure chip 510 using the OEM certification.

[073] The authentication module 210 establishes a first communication link with an operator server 112 using the CSR certificate and initiates an USSD (unstructured supplementary service data) gateway 116 to establish a second communication link with a bank server 118 using authenticated banking credentials of the user 102. The secure chip being a processor 202 having firmware. The public key ensures security through cryptography. The original equipment manufacturer certification of the secure chip is unique and uses stored security certifications.

[074] The hardware secure chip 510 is empowered by a root certificate authority with the root of trust which establishes a public key ensuring security through cryptography and computer security. The hardware secure chip 510 is then provided with an original equipment manufacturer certification which ensures that every GSM feature phone 104 with the hardware secure chip 510 is unique and uses stored security certifications for its exceptional encryption services. Thereafter, the hardware secure chip 510 is provided with a CSR certificate which ensures a unique and empowered identity of each individual hardware secure chip 510.

[075] In one implementation, the fingerprint sensor module 218, wherein the fingerprint sensor module 218 facilitates PIN-based authentication for unstructured supplementary service data transactions.

[076] In one implementation, the QR module 220, wherein the QR module reads quick response (QR) codes using a mobile device camera. The system has the CSR module 216 that contains the public key included in the certificate and uses a private key to generate a unique public private key pair as a session key.

[077] In one implementation, the other modules 218 have modules, such as an analyser module and an intelligence engine. The user 102 may access the off-line banking application as implemented on the client device 104 via the user interface 204. The offline banking application may further utilize the analyser module to analyse data shared by the user, and the intelligence engine to overlook all activities being performed by the off-line banking application

[078] FIGURE.3 illustrates steps of an exemplary system 300 for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[079] It illustrates a flowchart describing the various steps followed while transferring money via a UPI identification number or bank transfer by the exemplary system and method for providing an off-line banking application on a client device 104.

[080] In one implementation, the various steps followed while transferring money via a UPI identification number or bank transfer are depicted. This engages the multiple components and entailing modules of the system and method for providing an off-line banking application. As mentioned above, a client device 104 is implemented with the off-line banking application system 106. When a first communication link is established, a user 102 may be able to perform various transactional and non-transactional banking applications using an interface 204. The user 102 may be able to choose from various activities (304a1, 304b1) including but not limited to sending money, checking account balance, generating or changing UPI PIN, set a lock on the off-line banking application, recharge a mobile or a phone and register complaints.

[081] In order to send money via UPI identification 304a1, the user 102 must input the UPI identification number 304a2 along with the amount that the user 102 wishes to transfer. On doing so, the user 102 would be made to confirm transaction details by entering their UPI PIN 304a3. This confirmation successfully transfers 304an the money to the designated account through the communication link established with the bank server 118.

[082] Otherwise, for sending money through bank transfer 304b1, the user 102 must input 304b2 the Beneficiary account number along with the IFSC code for the beneficiary account, as well as the amount that the user 102 wishes to transfer. On doing so, the user 102 would be made to confirm transaction details by entering their UPI PIN 304b3. This confirmation successfully transfers 304bn the money to the designated account through the communication link established with the bank server 118.

[083] FIGURE.4 illustrates steps of another exemplary system 400 for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[084] It illustrates a flowchart describing the various steps followed while transferring and receiving money via QR code by the exemplary system and method for providing an off-line banking application on a client device 104.

[085] In one implementation, the various steps followed while transferring and receiving money via a QR code by the exemplary system and method for providing an off-line banking application are illustrated. As mentioned above, a client device 104 is implemented with the off-line banking application system 106. When a first communication link is established, a user 102 may be able to perform various transactional and non-transactional banking applications using an interface 204.

[086] The user 102 may be able to send 404a1 or receive 404b1 monetary amounts through the offline banking application. For sending money 404a1, the user 102 may scan the QR code 404a2 via the modified camera 402 or QR code reader 404a3 embedded in the client device 104. When the QR code is scanned, the off-line banking application system 106 automatically gathers the UPI identification number 404a4 embedded in the QR code, and prompts the user to enter the amount the user 102 wishes to transfer. On doing so, they would be made to confirm transaction details by entering their UPI PIN 404a5. This confirmation successfully transfers 404an the money to the designated account through the communication link established with the bank server 118.

[087] Additionally, for receiving money, the off-line banking application generates a unique QR code encrypted with the user’s UPI identification number via the system and method for providing an off-line banking application, which is then displayed 404b2 on the client device 104 being used by the user 102, which may be scanned 404bn by a secondary device in order to transfer money to the user’s bank account.

[088] FIGURE.5 illustrates an exemplary system 500 for securing an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[089] In one implementation of the present disclosure, Figure.5 illustrates the public key infrastructure 502 empowered by a hardware secure chip for securing transactions of the exemplary system and method for providing an off-line banking application on a client device. The system comprises a GSM feature phone 104, a hardware secure chip 510, a fingerprint sensor 218, and a modified camera or QR code reader 220. The hardware secure chip 510 (510, 510b, 510c, 510d, 510e, …, 510n) ensures advanced security and encryption features. The fingerprint sensor 218 facilitates higher security for PIN-based authentication for Unstructured Supplementary Service Data (USSD) transactions.

[090] At step 504, a root module 212 to access a secure chip 510 of the mobile device 104. The secure chip 510 is empowered with a root certificate having a root of trust to establish a public key.

[091] At step 506, an OEM module 214 to access the secure chip 510. The OEM access module 214 has an OEM (original equipment manufacturer) certification of the secure chip 510 using the root certificate.

[092] At step 508, a CSR module 216, to access the secure chip 510. The CSR access module 216 has a CSR certificate to ensure a unique and empowered identity of the secure chip 510 using the OEM certification.

[093] An authentication module 210 that establishes a first communication link with an operator server 112112 using the CSR certificate and initiates an USSD (unstructured supplementary service data) gateway 116 to establish a second communication link with a bank server 188 using authenticated banking credentials of a user 102.

[094] In one implementation, the GSM feature phone 104 may be an ordinary GSM feature phone or a modified GSM feature phone. Further, the hardware secure chip 510 ensures advanced security and encryption features, the fingerprint sensor 218 facilitates higher security for PIN-based authentication for Unstructured Supplementary Service Data transactions, and the modified camera or QR code reader easily reads Quick response (QR) codes.

[095] The hardware secure chip 510 is empowered by a root certificate authority with the root of trust which establishes a public key ensuring security through cryptography and computer security. The hardware secure chip 510 is then provided with an original equipment manufacturer certification which ensures that every GSM feature phone 104 with the hardware secure chip 510 is unique and uses stored security certifications for its exceptional encryption services. Thereafter, the hardware secure chip 510 is provided with a CSR certificate which ensures a unique and empowered identity of each individual hardware secure chip 510.

[096] A CSR or Certificate Signing Request is a block of encoded text that is given by Certificate Authority when applying for an SSL (security) Certificate, usually generated on the server where the certificate will be installed and contains information that will be included in the certificate, while also containing the public key that will be included in the certificate. A private key is usually created at the time of creation of the CSR, making a key pair. This ensures superior encryption features implemented in the GSM feature phone 104, which are not readily available in a regular GSM feature phone 104.

[097] Thereby, the system and method for providing an off-line banking application equips the user with the off-line banking application implemented the GSM feature phone which allows the user to avail various benefits of advanced banking including transactional and non-transactional banking activities, with a quick and easier access to the user’s bank accounts while maintaining quality security parameters.

[098] The various transactional banking activities that can be fulfilled by the system and method for providing an off-line banking application includes but is not limited to sending money through a mobile number, QR code, UPI identification number, saved beneficiary settings, and IFSC code or account number; and receiving money through a uniquely-generated QR code which links to a user’s bank account. Additionally, the various non-transactional banking activities that can be fulfilled by the system and method for providing an off-line banking application includes but is not limited to checking balance in a specified bank account, viewing a user’s profile, managing transactions and viewing an account summary, and changing the UPI PIN for a specific bank account.

[099] In one example, at step 504, a root module 212 to access a secure chip 510 of the mobile device 104. The secure chip 510 is empowered with a root certificate having a root of trust to establish a public key. The root of trust is empowered by ECC508A. At step 506, an OEM module 214 to access the secure chip 510. The OEM access module 214 has an OEM (original equipment manufacturer) certification of the secure chip 510 using the root certificate. The OEM Certificate is empowered by ECC508A. At step 508, a CSR module 216, to access the secure chip 510. The CSR access module 216 has a CSR certificate to ensure a unique and empowered identity of the secure chip 510 using the OEM certification. The specific production signers are empowered by the ECC508A. The hardware secure chips 510 (510a, 510b, 510c, …,, 510n) are CSR signed by the production signer and end devices secure chips 510 with an identity empowered by the ECC508A. An authentication module 210 that establishes a first communication link with an operator server 112 112 using the CSR certificate and initiates an USSD (unstructured supplementary service data) gateway 116 to establish a second communication link with a bank server 188 using authenticated banking credentials of a user 102.

[0100] FIGURE.6 illustrates an exemplary flowchart 600 of a method for an off-line banking application on a client device, in accordance with an embodiment of the present subject matter.

[0101] In one implementation, a method 600 for an off-line banking application on a client deviceis shown. The method may be described in the general context of computer executable instructions. Generally, computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, functions, etc., that perform particular functions or implement particular abstract data types. The method may also be practiced in a distributed computing environment where functions are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, computer executable instructions may be located in both local and remote computer storage media, including memory storage devices. The order in which the method is described and is not intended to be construed as a limitation, and any number of the described method blocks can be combined in any order to implement the method or alternate methods. Additionally, individual blocks may be deleted from the method without departing from the spirit and scope of the disclosure described herein. Furthermore, the method may be implemented in any suitable hardware, software, firmware, or combination thereof. However, for ease of explanation, in the embodiments described below, the method may be implemented in the above-described system.

[0102] At step/ block 602, send a request for initiating a first communication link with an operator server 112, the request has banking credentials of a user by a processor 202 of a system 106 of a client device 104.

[0103] At step/ block 604, receive a request for initiating a first communication link with a mobile device, the request has banking credentials of a user102 accessing the system 106 of the client device 104.

[0104] At step/ block 606, authenticate the banking credentials of the user 102 before initiating the first communication link for the system 106.

[0105] At step/ block 608, transmit the first communication link establishment confirmation to the mobile device using the authenticated banking credentials of the user102 accessing the system 106 of the client device 104.

[0106] At step/ block 610, receive the first communication link establishment confirmation from the operator server 112, the operator server 112 authenticates the banking credentials of the user 102 before initiating the first communication link by the processor 202 of the system 106 of the client device 104.

[0107] At step/ block 612, establish a second communication link with a bank server 118 as the expansion of the first communication link through the operator server 112, the operator server 112 initiates an USSD (unstructured supplementary service data) gateway 116 to establish the second communication link with the bank server 118 using the authenticated banking credentials of the user102 by the system 106.

[0108] In one implementation, the steps may be executed by an authentication module 210. Thus, the method 600 helps in an off-line banking application on a client device by providing asecure communication channel.

[0109] The foregoing descriptions of exemplary embodiments of the present disclosure have been presented for purposes of illustration and description. They are not intended to be exhaustive or to limit the disclosure to the precise forms disclosed, and obviously many modifications and variations are possible in light of the above teaching. The exemplary embodiments were chosen and described in order to best explain the principles of the disclosure and its practical application, to thereby enable others skilled in the art to best utilize the disclosure and various embodiments with various modifications as are suited to the particular use contemplated. It is understood that various omissions, substitutions of equivalents are contemplated as circumstance may suggest or render expedient, but is intended to cover the application or implementation without departing from the spirit or scope of the claims of the present disclosure.

[0110] Although implementations of system and method for an off-line banking application on a client device have been described in language specific to structural features and/or methods, it is to be understood that the appended claims are not necessarily limited to the specific features or methods described. Rather, the specific features and methods are disclosed as examples of implementations for an off-line banking application on a client device.

We Claim:

1. A method for an off-line banking application on a mobile device, comprising:
sending, by a processor (202), a request for initiating a first communication link with an operator server (112), wherein the request has banking credentials of a user (102);
receiving, by the processor (202), the first communication link establishment confirmation from the operator server (112), wherein the operator server (112) authenticates the banking credentials of the user (102) before initiating the first communication link;
establishing, by the processor (202), a second communication link with a bank server (118) as the expansion of the first communication link through the operator server (112), wherein the operator server (112) initiates an USSD (unstructured supplementary service data) gateway to establish the second communication link with the bank server (118) using the authenticated banking credentials of the user (102);
2. The method as claimed in claim 1, wherein the user (102) performs various transactional and non-transactional off-line banking activities using the mobile device (104).

3. The method as claimed in claim 1, wherein the user (102) accesses the bank server (118) in an off-line mode.

4. The method as claimed in claim 1, wherein the first communication link establishes a session key.

5. The method as claimed in claim 4, wherein the session key is valid for one transaction.

6. The method as claimed in claim 1, wherein the first communication link is established utilizing unstructured supplementary service data (USSD).

7. The method as claimed in claim 1, wherein the mobile device (104) sends the request for initiating the first communication link to the operator server (112) using a base station.

8. The method as claimed in claim 1, wherein the operator server (112) uses a root of trust, an OEM (original equipment manufacturer) certification, and a CSR certificate to authenticate the banking credentials of the user (102) before initiating the first communication link.

9. A method for an off-line banking application on an operator server comprising:
receiving, by a processor (202), a request for initiating a first communication link with a mobile device (104), wherein the request has banking credentials of a user (102);
authenticating, by the processor (202), the banking credentials of the user (102) before initiating the first communication link;
transmitting, by the processor (202), the first communication link establishment confirmation to the mobile device (104) using the authenticated banking credentials of the user (102);
establishing, by the processor (202), a second communication link with a bank server (118) as the expansion of the first communication link, wherein the operator server (112) initiates an USSD (unstructured supplementary service data) gateway (116) to establish the second communication link with the bank server (118) using the authenticated banking credentials of the user (102).
10. The method as claimed in claim 9, wherein the user (102) performs banking activities through the second communication link.

11. The method as claimed in claim 9, wherein the user (102) accesses the bank server (118) in an off-line mode.

12. The method as claimed in claim 9, wherein the mobile device (104) sends the request for initiating the first communication link to the operator server (112) using a base station.

13. The method as claimed in claim 9, wherein the operator server (112) uses a root of trust, an OEM (original equipment manufacturer) certification, and a CSR certificate to authenticate the banking credentials of the user (102) before initiating the first communication link.

14. A system for an off-line banking application on a mobile device, comprising:
a root module(212), to access a secure chip of the mobile device, wherein the secure chip is empowered with a root certificate having a root of trust to establish a public key;
an OEM module(214), to access the secure chip, wherein the OEM access module has an OEM (original equipment manufacturer) certification of the secure chip using the root certificate;
a CSR module(216), to access the secure chip, wherein the CSR access module has a CSR certificate to ensure a unique and empowered identity of the secure chip using the OEM certification;
an authentication module(210), wherein the authentication module establishes a first communication link with an operator server (112) using the CSR certificate and initiates an USSD (unstructured supplementary service data) gateway (116) to establish a second communication link with a bank server (118) using authenticated banking credentials of a user (102).
15. The system as claimed in claim 14, wherein the secure chip being a processor (202) having firmware.

16. The system as claimed in claim 14, wherein the public key ensures security through cryptography.

17. The system as claimed in claim 14, wherein the original equipment manufacturer certification of the secure chip is unique and uses stored security certifications.

18. The system as claimed in claim 14, comprising: a fingerprint sensor module (218), wherein the fingerprint sensor module (218) facilitates PIN-based authentication for unstructured supplementary service data transactions.

19. The system as claimed in claim 14, comprising: a QR module (220), wherein the QR module (220) reads quick response (QR) codes using a mobile device camera.

20. The system as claimed in claim 14, wherein the CSR module contains the public key included in the certificate and uses a private key to generate a unique public private key pair as a session key.